diff --git a/404.html b/404.html index e60e6f943..d91689a6e 100644 --- a/404.html +++ b/404.html @@ -4,14 +4,21 @@ Page Not Found | Podman - - - + + + + + + + + + +
-
Skip to main content
Not Found

We can't seal with it!

We could not find what you were looking for:   isn't a working link.
The content may have moved;  try a search for it

- - +
Skip to main content
Not Found

Seal-ly us! We can't find that page.

We could not find what you were looking for:   isn't a working link.
The content may have moved;  try a search for it

+ + \ No newline at end of file diff --git a/assets/js/005af5ea.6708c2e5.js b/assets/js/005af5ea.6708c2e5.js new file mode 100644 index 000000000..fc2af67ef --- /dev/null +++ b/assets/js/005af5ea.6708c2e5.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[48472],{3905:(e,n,t)=>{t.d(n,{Zo:()=>m,kt:()=>h});var a=t(67294);function r(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function o(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);n&&(a=a.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,a)}return t}function s(e){for(var n=1;n=0||(r[t]=e[t]);return r}(e,n);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(r[t]=e[t])}return r}var l=a.createContext({}),p=function(e){var n=a.useContext(l),t=n;return e&&(t="function"==typeof e?e(n):s(s({},n),e)),t},m=function(e){var n=p(e.components);return a.createElement(l.Provider,{value:n},e.children)},c="mdxType",d={inlineCode:"code",wrapper:function(e){var n=e.children;return a.createElement(a.Fragment,{},n)}},u=a.forwardRef((function(e,n){var t=e.components,r=e.mdxType,o=e.originalType,l=e.parentName,m=i(e,["components","mdxType","originalType","parentName"]),c=p(t),u=r,h=c["".concat(l,".").concat(u)]||c[u]||d[u]||o;return t?a.createElement(h,s(s({ref:n},m),{},{components:t})):a.createElement(h,s({ref:n},m))}));function h(e,n){var t=arguments,r=n&&n.mdxType;if("string"==typeof e||r){var o=t.length,s=new Array(o);s[0]=u;var i={};for(var l in n)hasOwnProperty.call(n,l)&&(i[l]=n[l]);i.originalType=e,i[c]="string"==typeof e?e:r,s[1]=i;for(var p=2;p{t.r(n),t.d(n,{assets:()=>l,contentTitle:()=>s,default:()=>d,frontMatter:()=>o,metadata:()=>i,toc:()=>p});var a=t(87462),r=(t(67294),t(3905));const o={title:"Podman v3.1.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman","hpc","kubernetes"]},s="Podman Release v3.1.0",i={permalink:"/release/2021/04/02/podman-release-v3.1.0",source:"@site/release/2021-04-02-podman-release-v3.1.0.md",title:"Podman v3.1.0 Released",description:"podman logo",date:"2021-04-02T00:00:00.000Z",formattedDate:"April 2, 2021",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"},{label:"hpc",permalink:"/release/tags/hpc"},{label:"kubernetes",permalink:"/release/tags/kubernetes"}],readingTime:1.57,hasTruncateMarker:!1,authors:[{name:"mheon"}],frontMatter:{title:"Podman v3.1.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman","hpc","kubernetes"]},prevItem:{title:"Podman v3.3.0 Released",permalink:"/release/2021/08/31/podman-release-v3.3.0"},nextItem:{title:"Podman v3.0.0 Released",permalink:"/release/2021/02/11/podman-release-v3.0.0"}},l={authorsImageUrls:[void 0]},p=[{value:"Podman 3.1 has been released!",id:"podman-31-has-been-released",level:2}],m={toc:p},c="wrapper";function d(e){let{components:n,...o}=e;return(0,r.kt)(c,(0,a.Z)({},m,o,{components:n,mdxType:"MDXLayout"}),(0,r.kt)("p",null,(0,r.kt)("img",{alt:"podman logo",src:t(1382).Z,width:"228",height:"61"})),(0,r.kt)("h2",{id:"podman-31-has-been-released"},"Podman 3.1 has been released!"),(0,r.kt)("p",null,"The new Podman release includes a number of exciting new features, including the ",(0,r.kt)("inlineCode",{parentName:"p"},"podman secret")," command for managing secrets, support for a volume chown option to fix permissions automatically, improved support for volumes in ",(0,r.kt)("inlineCode",{parentName:"p"},"podman generate kube"),", and over 60 bug fixes, many to the HTTP API. Read on for more details!"),(0,r.kt)("p",null,"Secrets support has been a frequent request for Podman, and 3.1.0 features the first step toward fulfilling it. Secrets add a way to easily add confidential data into containers, by having Podman-managed secret files, which can easily be added to containers. We have added a suite of new commands - ",(0,r.kt)("inlineCode",{parentName:"p"},"podman secret create"),", ",(0,r.kt)("inlineCode",{parentName:"p"},"podman secret ls"),", ",(0,r.kt)("inlineCode",{parentName:"p"},"podman secret inspect"),", and ",(0,r.kt)("inlineCode",{parentName:"p"},"podman secret rm")," - to manage these secrets, and a ",(0,r.kt)("inlineCode",{parentName:"p"},"--secret")," flag to ",(0,r.kt)("inlineCode",{parentName:"p"},"podman create")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"podman run")," to mount secrets into containers. Please note that the initial implementation of secrets does not encrypt secrets at rest - look for this in an upcoming release."),(0,r.kt)("p",null,"Podman can now automatically change volume ownership to match the user a container is running as. The new ",(0,r.kt)("inlineCode",{parentName:"p"},":U")," mount option for volumes made with the ",(0,r.kt)("inlineCode",{parentName:"p"},"-v")," flag to ",(0,r.kt)("inlineCode",{parentName:"p"},"podman create")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"podman run")," will chown paths mounted into containers to ensure that the user in the container can access the volume. This is very useful with rootless containers, where the rootless user namespace can make it difficult to tell what user on the container will access a directory."),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"podman generate kube")," command can now generate ",(0,r.kt)("inlineCode",{parentName:"p"},"PersistentVolumeClaim")," volumes for Podman named volumes attached to containers. These have been supported in ",(0,r.kt)("inlineCode",{parentName:"p"},"podman play kube")," since v2.2.0, but until now, Podman has not been able to create YAML with these volumes. This important addition restores symmetry between ",(0,r.kt)("inlineCode",{parentName:"p"},"generate kube")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"play kube"),"."),(0,r.kt)("p",null,"This release also includes numerous other changes, features, and fixes. Find out more in the ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/releases/tag/v3.1.0"},"release notes"),"."))}d.isMDXComponent=!0},1382:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/008e479d.b18f5aff.js b/assets/js/008e479d.c2ca6030.js similarity index 59% rename from assets/js/008e479d.b18f5aff.js rename to assets/js/008e479d.c2ca6030.js index fb029dcc3..5c5d8fa4b 100644 --- a/assets/js/008e479d.b18f5aff.js +++ b/assets/js/008e479d.c2ca6030.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[48111],{64630:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/19","page":19,"postsPerPage":10,"totalPages":26,"totalCount":255,"previousPage":"/blogs/page/18","nextPage":"/blogs/page/20","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[48111],{64630:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/19","page":19,"postsPerPage":10,"totalPages":25,"totalCount":246,"previousPage":"/blogs/page/18","nextPage":"/blogs/page/20","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/00b87587.644c3372.js b/assets/js/00b87587.644c3372.js new file mode 100644 index 000000000..24dc2154e --- /dev/null +++ b/assets/js/00b87587.644c3372.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[66513],{57305:e=>{e.exports=JSON.parse('{"permalink":"/release/tags/hpc","page":1,"postsPerPage":10,"totalPages":1,"totalCount":8,"blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/03cfa6f7.bad19c1e.js b/assets/js/03cfa6f7.bad19c1e.js new file mode 100644 index 000000000..670fb2f01 --- /dev/null +++ b/assets/js/03cfa6f7.bad19c1e.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[8654],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>f});var a=n(67294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var s=a.createContext({}),m=function(e){var t=a.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},p=function(e){var t=m(e.components);return a.createElement(s.Provider,{value:t},e.children)},c="mdxType",d={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},u=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,o=e.originalType,s=e.parentName,p=l(e,["components","mdxType","originalType","parentName"]),c=m(n),u=r,f=c["".concat(s,".").concat(u)]||c[u]||d[u]||o;return n?a.createElement(f,i(i({ref:t},p),{},{components:n})):a.createElement(f,i({ref:t},p))}));function f(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var o=n.length,i=new Array(o);i[0]=u;var l={};for(var s in t)hasOwnProperty.call(t,s)&&(l[s]=t[s]);l.originalType=e,l[c]="string"==typeof e?e:r,i[1]=l;for(var m=2;m{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>d,frontMatter:()=>o,metadata:()=>l,toc:()=>m});var a=n(87462),r=(n(67294),n(3905));const o={title:"Podman v1.3.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},i="Podman Release 1.3.0",l={permalink:"/release/2019/05/10/podman-release-v1.3.0",source:"@site/release/2019-05-10-podman-release-v1.3.0.md",title:"Podman v1.3.0 Released",description:"podman logo",date:"2019-05-10T00:00:00.000Z",formattedDate:"May 10, 2019",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"}],readingTime:1.115,hasTruncateMarker:!1,authors:[{name:"mheon"}],frontMatter:{title:"Podman v1.3.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman v1.5.0 Released",permalink:"/release/2019/08/14/podman-release-v1.5.0"},nextItem:{title:"Podman v1.2.0 Released",permalink:"/release/2019/04/10/podman-release-v1.2.0"}},s={authorsImageUrls:[void 0]},m=[{value:"Welcome to Podman 1.3.0!",id:"welcome-to-podman-130",level:2}],p={toc:m},c="wrapper";function d(e){let{components:t,...o}=e;return(0,r.kt)(c,(0,a.Z)({},p,o,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("p",null,(0,r.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,r.kt)("h2",{id:"welcome-to-podman-130"},"Welcome to Podman 1.3.0!"),(0,r.kt)("p",null,"Podman 1.3.0 has been released! We've focused firmly on stability with 1.3.0, fixing over 25 bugs and making major changes to improve the stability of rootless Podman and Podman volumes. This release also includes a number of new features, including the ",(0,r.kt)("inlineCode",{parentName:"p"},"podman generate systemd")," command to generate unit files to manage Podman containers, and the ",(0,r.kt)("inlineCode",{parentName:"p"},"--restart")," flag for ",(0,r.kt)("inlineCode",{parentName:"p"},"podman run")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"podman create")," to restart containers on error. We also picked up a fresh version of Buildah, 1.8.2, including numerous fixes and improvements for ",(0,r.kt)("inlineCode",{parentName:"p"},"podman build"),"."),(0,r.kt)("p",null,"The biggest new features in Podman 1.3.0 are for managing container restart. The ",(0,r.kt)("inlineCode",{parentName:"p"},"--restart")," flag allows Podman to restart containers when they exit, and the ",(0,r.kt)("inlineCode",{parentName:"p"},"podman generate systemd")," command makes unit files so you can leverage systemd to manage container lifecycle. These commands seem very similar, but are very different in practice. The ",(0,r.kt)("inlineCode",{parentName:"p"},"--restart")," flag is much simpler, but more limited - it restarts containers when they exit, but cannot deal with a system restart or dependencies between containers. If you need access to these more advanced features, ",(0,r.kt)("inlineCode",{parentName:"p"},"podman generate systemd")," will allow you to manage your containers via systemd, leveraging all of its service management capabilities."),(0,r.kt)("p",null,"As always, please visit our release notes on ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/RELEASE_NOTES.md"},"GitHub")," to see the full changelog."),(0,r.kt)("p",null,"You can find instructions for installing Podman ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/install.md"},"here")))}d.isMDXComponent=!0},1382:(e,t,n)=>{n.d(t,{Z:()=>a});const a=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/04de07fa.adfdb9ee.js b/assets/js/04de07fa.adfdb9ee.js new file mode 100644 index 000000000..c12d9adeb --- /dev/null +++ b/assets/js/04de07fa.adfdb9ee.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[54768],{3905:(e,a,t)=>{t.d(a,{Zo:()=>m,kt:()=>h});var n=t(67294);function o(e,a,t){return a in e?Object.defineProperty(e,a,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[a]=t,e}function r(e,a){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);a&&(n=n.filter((function(a){return Object.getOwnPropertyDescriptor(e,a).enumerable}))),t.push.apply(t,n)}return t}function i(e){for(var a=1;a=0||(o[t]=e[t]);return o}(e,a);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(o[t]=e[t])}return o}var l=n.createContext({}),d=function(e){var a=n.useContext(l),t=a;return e&&(t="function"==typeof e?e(a):i(i({},a),e)),t},m=function(e){var a=d(e.components);return n.createElement(l.Provider,{value:a},e.children)},p="mdxType",u={inlineCode:"code",wrapper:function(e){var a=e.children;return n.createElement(n.Fragment,{},a)}},c=n.forwardRef((function(e,a){var t=e.components,o=e.mdxType,r=e.originalType,l=e.parentName,m=s(e,["components","mdxType","originalType","parentName"]),p=d(t),c=o,h=p["".concat(l,".").concat(c)]||p[c]||u[c]||r;return t?n.createElement(h,i(i({ref:a},m),{},{components:t})):n.createElement(h,i({ref:a},m))}));function h(e,a){var t=arguments,o=a&&a.mdxType;if("string"==typeof e||o){var r=t.length,i=new Array(r);i[0]=c;var s={};for(var l in a)hasOwnProperty.call(a,l)&&(s[l]=a[l]);s.originalType=e,s[p]="string"==typeof e?e:o,i[1]=s;for(var d=2;d{t.r(a),t.d(a,{assets:()=>l,contentTitle:()=>i,default:()=>u,frontMatter:()=>r,metadata:()=>s,toc:()=>d});var n=t(87462),o=(t(67294),t(3905));const r={title:"Podman v1.1.0 Released",layout:"default",author:"tsweeney",categories:["releases"],tags:["community","open source","podman"]},i="Podman Release 1.1.0",s={permalink:"/release/2019/02/26/podman-release-v1.1.0",source:"@site/release/2019-02-26-podman-release-v1.1.0.md",title:"Podman v1.1.0 Released",description:"podman logo",date:"2019-02-26T00:00:00.000Z",formattedDate:"February 26, 2019",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"}],readingTime:6.435,hasTruncateMarker:!1,authors:[{name:"tsweeney"}],frontMatter:{title:"Podman v1.1.0 Released",layout:"default",author:"tsweeney",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman v1.1.1 Released",permalink:"/release/2019/03/01/podman-release-v1.1.1"},nextItem:{title:"Podman v1.0.0 Released",permalink:"/release/2019/01/16/podman-release-v1.0.0"}},l={authorsImageUrls:[void 0]},d=[{value:"Podman has gone 1.1!",id:"podman-has-gone-11",level:2},{value:"Changes",id:"changes",level:2},{value:"Features",id:"features",level:3},{value:"Bugfixes",id:"bugfixes",level:3},{value:"Misc",id:"misc",level:3}],m={toc:d},p="wrapper";function u(e){let{components:a,...r}=e;return(0,o.kt)(p,(0,n.Z)({},m,r,{components:a,mdxType:"MDXLayout"}),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"podman logo",src:t(1382).Z,width:"228",height:"61"})),(0,o.kt)("h2",{id:"podman-has-gone-11"},"Podman has gone 1.1!"),(0,o.kt)("p",null,"After releasing Podman v1.0 a number of new features were added and several bug fixes\nhave been added. Some of the new features include the ability to forward ports as\nrootless Podman, adding short options to some of the existing command options,\nadded ",(0,o.kt)("inlineCode",{parentName:"p"},"--all-tags")," to the the pull command, further changes for\nrootless containers and more. All the details follow!"),(0,o.kt)("h2",{id:"changes"},"Changes"),(0,o.kt)("h3",{id:"features"},"Features"),(0,o.kt)("ul",null,(0,o.kt)("li",{parentName:"ul"},"Added --latest and --all flags to podman mount and podman umount"),(0,o.kt)("li",{parentName:"ul"},"Rootless Podman can now forward ports into containers (using the same -p and -P flags as root Podman)"),(0,o.kt)("li",{parentName:"ul"},"Rootless Podman will now pull some configuration options (for example, OCI runtime path) from the default root libpod.conf if they are not explicitly set in the user's own libpod.conf ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2174"},"#2174")),(0,o.kt)("li",{parentName:"ul"},"Added an alias -f for the --format flag of the podman info and podman version commands"),(0,o.kt)("li",{parentName:"ul"},"Added an alias -s for the --size flag of the podman inspect command"),(0,o.kt)("li",{parentName:"ul"},"Added the podman system info and podman system prune commands"),(0,o.kt)("li",{parentName:"ul"},"Added the podman cp command to copy files between containers and the host ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/613"},"#613")),(0,o.kt)("li",{parentName:"ul"},"Added the --password-stdin flag to podman login"),(0,o.kt)("li",{parentName:"ul"},"Added the --all-tags flag to podman pull"),(0,o.kt)("li",{parentName:"ul"},"The --rm and --detach flags can now be used together with podman run"),(0,o.kt)("li",{parentName:"ul"},"The podman start and podman run commands for containers in pods will now start dependency containers if they are stopped"),(0,o.kt)("li",{parentName:"ul"},"Added the podman system renumber command to handle lock changes"),(0,o.kt)("li",{parentName:"ul"},"The --net=host and --dns flags for podman run and podman create no longer conflict"),(0,o.kt)("li",{parentName:"ul"},"Podman now handles mounting the shared /etc/resolv.conf from network namespaces created by ip netns add when they are passed in via podman run --net=ns:")),(0,o.kt)("h3",{id:"bugfixes"},"Bugfixes"),(0,o.kt)("ul",null,(0,o.kt)("li",{parentName:"ul"},"Fixed a bug with podman inspect where different information would be returned when the container was running versus when it was stopped"),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where errors in Go templates passed to podman inspect were silently ignored instead of reported to the user ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2159"},"#2159")),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where rootless Podman with --pid=host containers was incorrectly masking paths in /proc"),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where full errors starting rootless Podman were not reported when a refresh was requested"),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where Podman would override the config file-specified storage driver with the driver the backing database was created with without warning users"),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where podman prune would prune all images not in use by a container, as opposed to only untagged images, by default ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2192"},"#2192")),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where podman create --quiet and podman run --quiet were not properly suppressing output"),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where the table keyword in Go template output of podman ps was not working ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2221"},"#2221")),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where podman inspect on images pulled by digest would double-print @sha256 in output when printing digests ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2086"},"#2086")),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where podman container runlabel will return a non-0 exit code if the label does not exist"),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where container state was always reset to Created after a reboot ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/1703"},"#1703")),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where /dev/pts was unconditionally overridden in rootless Podman, which was unnecessary except in very specific cases"),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where Podman run as root was ignoring some options in /etc/containers/storage.conf ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2217"},"#2217")),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where Podman cleanup processes were not being given the proper OCI runtime path if a custom one was specified"),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where podman images --filter dangling=true would crash if no dangling images were present ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2246"},"#2246")),(0,o.kt)("li",{parentName:"ul"},'Fixed a bug where podman ps --format {% raw %}"{{.Mounts}}"{% endraw %} would not display a container\'s mounts ',(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2238"},"#2238")),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where podman pod stats was ignoring Go templates specified by --format ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2258"},"#2258")),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where podman generate kube would fail on containers with --user specified ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2304"},"#2304")),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where podman images displayed incorrect output for images pulled by digest ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2175"},"#2175")),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where podman port and podman ps did not properly display ports if the container joined a network namespace from a pod or another container ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/846"},"#846")),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where detaching from a container using the detach keys would cause Podman to hang until the container exited"),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where podman create --rm did not work with podman start --attach"),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where invalid named volumes specified in podman create and podman run could cause segfaults ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2301"},"#2301")),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where the runtime field in libpod.conf was being ignored. runtime is legacy and deprecated, but will continue to be respected for the foreseeable future"),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where podman login would sometimes report it logged in successfully when it did not"),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where podman pod create would not error on receiving unused CLI argument"),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where rootless podman run with the --pod argument would fail if the pod was stopped"),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where podman images did not print a trailing newline when not invoked on a TTY ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2388"},"#2388")),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where the --runtime option was sometimes not overriding libpod.conf"),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where podman pull and podman runlabel would sometimes exit with 0 when they should have exited with an error ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2405"},"#2405")),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where rootless podman export -o would fail ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2381"},"#2381")),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where read-only volumes would fail in rootless Podman when the volume originated on a filesystem mounted nosuid, nodev, or noexec ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2312"},"#2312")),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where some files used by checkpoint and restore received improper SELinux labels ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2334"},"#2334")),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where Podman's volume path was not properly changed when containers/storage changed location ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2395"},"#2395"))),(0,o.kt)("h3",{id:"misc"},"Misc"),(0,o.kt)("ul",null,(0,o.kt)("li",{parentName:"ul"},"Podman migrated to a new, shared memory locking model in this release. As part of this, if you are running Podman with pods or dependency containers (e.g. --net=container:), you should run the podman system renumber command to migrate your containers to the new model - please reference the podman-system-renumber(1) man page for further details"),(0,o.kt)("li",{parentName:"ul"},"Podman migrated to a new command-line parsing library, and the output format of help and usage text has somewhat changed as a result"),(0,o.kt)("li",{parentName:"ul"},"Updated Buildah to v1.7, picking up a number of bugfixes"),(0,o.kt)("li",{parentName:"ul"},"Updated containers/image library to v1.5, picking up a number of bugfixes and performance improvements to pushing images"),(0,o.kt)("li",{parentName:"ul"},"Updated containers/storage library to v1.10, picking up a number of bugfixes"),(0,o.kt)("li",{parentName:"ul"},"Work on the remote Podman client for interacting with Podman remotely over Varlink is progressing steadily, and many image and pod commands are supported"),(0,o.kt)("li",{parentName:"ul"},"Added path masking to mounts with the :z and :Z options, preventing users from accidentally performing an SELinux relabel of their entire home directory"),(0,o.kt)("li",{parentName:"ul"},"The podman container runlabel command will not pull an image if it does not contain the requested label"),(0,o.kt)("li",{parentName:"ul"},"Many commands' usage information now includes examples"),(0,o.kt)("li",{parentName:"ul"},"podman rm can now delete containers in containers/storage, which can be used to resolve some situations where Podman fails to remove a container"),(0,o.kt)("li",{parentName:"ul"},"The podman search command now searches multiple registries in parallel for improved performance"),(0,o.kt)("li",{parentName:"ul"},"The podman build command now defaults --pull-always to true"),(0,o.kt)("li",{parentName:"ul"},"Containers which share a network namespace (for example, when in a pod) will now share /etc/hosts and /etc/resolv.conf between all containers in the pod, causing changes in one container to propagate to all containers sharing their networks"),(0,o.kt)("li",{parentName:"ul"},"The podman rm and podman rmi commands now return 1 (instead of 127) when all specified container or images are missing")),(0,o.kt)("p",null,"As always, please visit our release notes on ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/RELEASE_NOTES.md"},"GitHub")," to see the full changelog."),(0,o.kt)("p",null,"You can find instructions for installing Podman ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/install.md"},"here")))}u.isMDXComponent=!0},1382:(e,a,t)=>{t.d(a,{Z:()=>n});const n=t.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/05d073aa.fa948632.js b/assets/js/05d073aa.0e67243e.js similarity index 59% rename from assets/js/05d073aa.fa948632.js rename to assets/js/05d073aa.0e67243e.js index 4f9f78645..2ad17ebad 100644 --- a/assets/js/05d073aa.fa948632.js +++ b/assets/js/05d073aa.0e67243e.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[26546],{3905:(e,t,r)=>{r.d(t,{Zo:()=>s,kt:()=>h});var n=r(67294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function o(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function c(e){for(var t=1;t=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var l=n.createContext({}),p=function(e){var t=n.useContext(l),r=t;return e&&(r="function"==typeof e?e(t):c(c({},t),e)),r},s=function(e){var t=p(e.components);return n.createElement(l.Provider,{value:t},e.children)},m="mdxType",u={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},f=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,o=e.originalType,l=e.parentName,s=i(e,["components","mdxType","originalType","parentName"]),m=p(r),f=a,h=m["".concat(l,".").concat(f)]||m[f]||u[f]||o;return r?n.createElement(h,c(c({ref:t},s),{},{components:r})):n.createElement(h,c({ref:t},s))}));function h(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=r.length,c=new Array(o);c[0]=f;var i={};for(var l in t)hasOwnProperty.call(t,l)&&(i[l]=t[l]);i.originalType=e,i[m]="string"==typeof e?e:a,c[1]=i;for(var p=2;p{r.r(t),r.d(t,{assets:()=>l,contentTitle:()=>c,default:()=>u,frontMatter:()=>o,metadata:()=>i,toc:()=>p});var n=r(87462),a=(r(67294),r(3905));const o={layout:"default",title:"New Blog from Emilien Macchi, Part 4!",categories:["new"]},c=void 0,i={permalink:"/blogs/2018/12/14/openstack-podman-healthchecks",source:"@site/blog/2018-12-14-openstack-podman-healthchecks.md",title:"New Blog from Emilien Macchi, Part 4!",description:'Emilien Macchi has posted a fourth blog on how his group is running Healthchecks for Podman containers: "OpenStack Containerization with Podman \u2013 Part 4 (Healthchecks)". Check it out!',date:"2018-12-14T00:00:00.000Z",formattedDate:"December 14, 2018",tags:[],readingTime:.14,hasTruncateMarker:!1,authors:[],frontMatter:{layout:"default",title:"New Blog from Emilien Macchi, Part 4!",categories:["new"]},prevItem:{title:"Software Factory Container With Buildah And Podman",permalink:"/blogs/2019/01/07/software-factory-podman"},nextItem:{title:"Podman v0.12.1.1 Released",permalink:"/blogs/2018/12/12/podman-alpha-v0.12.1.1"}},l={authorsImageUrls:[]},p=[],s={toc:p},m="wrapper";function u(e){let{components:t,...r}=e;return(0,a.kt)(m,(0,n.Z)({},s,r,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("p",null,(0,a.kt)("a",{parentName:"p",href:"https://twitter.com/EmilienMacchi"},"Emilien Macchi"),' has posted a fourth blog on how his group is running Healthchecks for Podman containers: "',(0,a.kt)("a",{parentName:"p",href:"https://my1.fr/blog/openstack-containerization-with-podman-part-4-healthchecks/"},"OpenStack Containerization with Podman \u2013 Part 4 (Healthchecks)"),'". Check it out!'))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[26546],{3905:(e,t,r)=>{r.d(t,{Zo:()=>s,kt:()=>h});var n=r(67294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function o(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function i(e){for(var t=1;t=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var l=n.createContext({}),p=function(e){var t=n.useContext(l),r=t;return e&&(r="function"==typeof e?e(t):i(i({},t),e)),r},s=function(e){var t=p(e.components);return n.createElement(l.Provider,{value:t},e.children)},m="mdxType",u={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},f=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,o=e.originalType,l=e.parentName,s=c(e,["components","mdxType","originalType","parentName"]),m=p(r),f=a,h=m["".concat(l,".").concat(f)]||m[f]||u[f]||o;return r?n.createElement(h,i(i({ref:t},s),{},{components:r})):n.createElement(h,i({ref:t},s))}));function h(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=r.length,i=new Array(o);i[0]=f;var c={};for(var l in t)hasOwnProperty.call(t,l)&&(c[l]=t[l]);c.originalType=e,c[m]="string"==typeof e?e:a,i[1]=c;for(var p=2;p{r.r(t),r.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>u,frontMatter:()=>o,metadata:()=>c,toc:()=>p});var n=r(87462),a=(r(67294),r(3905));const o={layout:"default",title:"New Blog from Emilien Macchi, Part 4!",categories:["new"]},i=void 0,c={permalink:"/blogs/2018/12/14/openstack-podman-healthchecks",source:"@site/blog/2018-12-14-openstack-podman-healthchecks.md",title:"New Blog from Emilien Macchi, Part 4!",description:'Emilien Macchi has posted a fourth blog on how his group is running Healthchecks for Podman containers: "OpenStack Containerization with Podman \u2013 Part 4 (Healthchecks)". Check it out!',date:"2018-12-14T00:00:00.000Z",formattedDate:"December 14, 2018",tags:[],readingTime:.14,hasTruncateMarker:!1,authors:[],frontMatter:{layout:"default",title:"New Blog from Emilien Macchi, Part 4!",categories:["new"]},prevItem:{title:"Software Factory Container With Buildah And Podman",permalink:"/blogs/2019/01/07/software-factory-podman"},nextItem:{title:"Simplifying Podman commands with labels",permalink:"/blogs/2018/12/03/podman-runlabel"}},l={authorsImageUrls:[]},p=[],s={toc:p},m="wrapper";function u(e){let{components:t,...r}=e;return(0,a.kt)(m,(0,n.Z)({},s,r,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("p",null,(0,a.kt)("a",{parentName:"p",href:"https://twitter.com/EmilienMacchi"},"Emilien Macchi"),' has posted a fourth blog on how his group is running Healthchecks for Podman containers: "',(0,a.kt)("a",{parentName:"p",href:"https://my1.fr/blog/openstack-containerization-with-podman-part-4-healthchecks/"},"OpenStack Containerization with Podman \u2013 Part 4 (Healthchecks)"),'". Check it out!'))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/ab8424a6.cca53d64.js b/assets/js/05e002f0.9d48ae86.js similarity index 52% rename from assets/js/ab8424a6.cca53d64.js rename to assets/js/05e002f0.9d48ae86.js index d2f11b40c..c0006c9ae 100644 --- a/assets/js/ab8424a6.cca53d64.js +++ b/assets/js/05e002f0.9d48ae86.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[62876],{3905:(e,t,r)=>{r.d(t,{Zo:()=>c,kt:()=>f});var n=r(67294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function o(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function s(e){for(var t=1;t=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var i=n.createContext({}),p=function(e){var t=n.useContext(i),r=t;return e&&(r="function"==typeof e?e(t):s(s({},t),e)),r},c=function(e){var t=p(e.components);return n.createElement(i.Provider,{value:t},e.children)},u="mdxType",m={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,o=e.originalType,i=e.parentName,c=l(e,["components","mdxType","originalType","parentName"]),u=p(r),d=a,f=u["".concat(i,".").concat(d)]||u[d]||m[d]||o;return r?n.createElement(f,s(s({ref:t},c),{},{components:r})):n.createElement(f,s({ref:t},c))}));function f(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=r.length,s=new Array(o);s[0]=d;var l={};for(var i in t)hasOwnProperty.call(t,i)&&(l[i]=t[i]);l.originalType=e,l[u]="string"==typeof e?e:a,s[1]=l;for(var p=2;p{r.r(t),r.d(t,{assets:()=>i,contentTitle:()=>s,default:()=>m,frontMatter:()=>o,metadata:()=>l,toc:()=>p});var n=r(87462),a=(r(67294),r(3905));const o={title:"Podman Alpha version 0.8.3 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},s=void 0,l={permalink:"/blogs/2018/08/20/podman-alpha-v0.8.3",source:"@site/blog/2018-08-20-podman-alpha-v0.8.3.md",title:"Podman Alpha version 0.8.3 Release Announcement",description:"podman logo",date:"2018-08-20T00:00:00.000Z",formattedDate:"August 20, 2018",tags:[{label:"community",permalink:"/blogs/tags/community"},{label:"open source",permalink:"/blogs/tags/open-source"},{label:"podman",permalink:"/blogs/tags/podman"}],readingTime:1.135,hasTruncateMarker:!0,authors:[{name:"bbaude"}],frontMatter:{title:"Podman Alpha version 0.8.3 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"What's NEW!",permalink:"/blogs/2018/09/10/welcome"},nextItem:{title:"Python3 support for Podman",permalink:"/blogs/2018/08/15/python-support-for-podman"}},i={authorsImageUrls:[void 0]},p=[],c={toc:p},u="wrapper";function m(e){let{components:t,...o}=e;return(0,a.kt)(u,(0,n.Z)({},c,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"podman logo",src:r(1382).Z,width:"228",height:"61"})),(0,a.kt)("h1",{id:"podman-release-083"},"Podman release 0.8.3"),(0,a.kt)("p",null,"Our release this week was very smooth. It seems like between CI infrastructure stability, last minute pull requests, and sometimes just plain bad luck, something always gives us trouble on Friday\u2019s. The Fedora packages are created and I see that they are getting their karma and working through the process already."),(0,a.kt)("p",null,"By the way, we moved! Our new upstream location is ",(0,a.kt)("a",{parentName:"p",href:"https://github.com/containers/podman"},"https://github.com/containers/podman"),". It seems to be a more natural fit for our project and more closely associates us with some of our sister projects."))}m.isMDXComponent=!0},1382:(e,t,r)=>{r.d(t,{Z:()=>n});const n=r.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[46265],{3905:(e,t,r)=>{r.d(t,{Zo:()=>c,kt:()=>f});var n=r(67294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function o(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function s(e){for(var t=1;t=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var i=n.createContext({}),p=function(e){var t=n.useContext(i),r=t;return e&&(r="function"==typeof e?e(t):s(s({},t),e)),r},c=function(e){var t=p(e.components);return n.createElement(i.Provider,{value:t},e.children)},u="mdxType",m={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,o=e.originalType,i=e.parentName,c=l(e,["components","mdxType","originalType","parentName"]),u=p(r),d=a,f=u["".concat(i,".").concat(d)]||u[d]||m[d]||o;return r?n.createElement(f,s(s({ref:t},c),{},{components:r})):n.createElement(f,s({ref:t},c))}));function f(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=r.length,s=new Array(o);s[0]=d;var l={};for(var i in t)hasOwnProperty.call(t,i)&&(l[i]=t[i]);l.originalType=e,l[u]="string"==typeof e?e:a,s[1]=l;for(var p=2;p{r.r(t),r.d(t,{assets:()=>i,contentTitle:()=>s,default:()=>m,frontMatter:()=>o,metadata:()=>l,toc:()=>p});var n=r(87462),a=(r(67294),r(3905));const o={title:"Podman Alpha version 0.8.3 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},s=void 0,l={permalink:"/release/2018/08/20/podman-alpha-v0.8.3",source:"@site/release/2018-08-20-podman-alpha-v0.8.3.md",title:"Podman Alpha version 0.8.3 Release Announcement",description:"podman logo",date:"2018-08-20T00:00:00.000Z",formattedDate:"August 20, 2018",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"}],readingTime:1.135,hasTruncateMarker:!0,authors:[{name:"bbaude"}],frontMatter:{title:"Podman Alpha version 0.8.3 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman v0.12.1.1 Released",permalink:"/release/2018/12/12/podman-alpha-v0.12.1.1"},nextItem:{title:"Podman Alpha version 0.8.1 Release Announcement",permalink:"/release/2018/08/08/podman-alpha-v0.8.1"}},i={authorsImageUrls:[void 0]},p=[],c={toc:p},u="wrapper";function m(e){let{components:t,...o}=e;return(0,a.kt)(u,(0,n.Z)({},c,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"podman logo",src:r(1382).Z,width:"228",height:"61"})),(0,a.kt)("h1",{id:"podman-release-083"},"Podman release 0.8.3"),(0,a.kt)("p",null,"Our release this week was very smooth. It seems like between CI infrastructure stability, last minute pull requests, and sometimes just plain bad luck, something always gives us trouble on Friday\u2019s. The Fedora packages are created and I see that they are getting their karma and working through the process already."),(0,a.kt)("p",null,"By the way, we moved! Our new upstream location is ",(0,a.kt)("a",{parentName:"p",href:"https://github.com/containers/podman"},"https://github.com/containers/podman"),". It seems to be a more natural fit for our project and more closely associates us with some of our sister projects."))}m.isMDXComponent=!0},1382:(e,t,r)=>{r.d(t,{Z:()=>n});const n=r.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/0602922c.263b5383.js b/assets/js/0602922c.263b5383.js new file mode 100644 index 000000000..2831bb2a8 --- /dev/null +++ b/assets/js/0602922c.263b5383.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[54915],{27067:e=>{e.exports=JSON.parse('{"title":"Recent posts","items":[{"title":"Podman v4.3.0 Released","permalink":"/release/2022/10/22/podman-release-v4.3.0"},{"title":"Netavark and Aardvark-dns 1.2.0 released","permalink":"/release/2022/09/28/updated-1.2.0"},{"title":"Podman v4.2.0 Released","permalink":"/release/2022/08/17/podman-release-v4.2.0"},{"title":"Podman v4.1.0 Released","permalink":"/release/2022/05/09/podman-release-v4.1.0"},{"title":"Podman v4.0.0 Released","permalink":"/release/2022/02/22/podman-release-v4.0.0"}]}')}}]); \ No newline at end of file diff --git a/assets/js/06d6451e.ad0fae39.js b/assets/js/06d6451e.4b534ee2.js similarity index 60% rename from assets/js/06d6451e.ad0fae39.js rename to assets/js/06d6451e.4b534ee2.js index 6f33ed927..0e3a48377 100644 --- a/assets/js/06d6451e.ad0fae39.js +++ b/assets/js/06d6451e.4b534ee2.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[62324],{3905:(e,n,t)=>{t.d(n,{Zo:()=>p,kt:()=>b});var r=t(67294);function a(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function o(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);n&&(r=r.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,r)}return t}function i(e){for(var n=1;n=0||(a[t]=e[t]);return a}(e,n);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(a[t]=e[t])}return a}var c=r.createContext({}),d=function(e){var n=r.useContext(c),t=n;return e&&(t="function"==typeof e?e(n):i(i({},n),e)),t},p=function(e){var n=d(e.components);return r.createElement(c.Provider,{value:n},e.children)},l="mdxType",s={inlineCode:"code",wrapper:function(e){var n=e.children;return r.createElement(r.Fragment,{},n)}},f=r.forwardRef((function(e,n){var t=e.components,a=e.mdxType,o=e.originalType,c=e.parentName,p=u(e,["components","mdxType","originalType","parentName"]),l=d(t),f=a,b=l["".concat(c,".").concat(f)]||l[f]||s[f]||o;return t?r.createElement(b,i(i({ref:n},p),{},{components:t})):r.createElement(b,i({ref:n},p))}));function b(e,n){var t=arguments,a=n&&n.mdxType;if("string"==typeof e||a){var o=t.length,i=new Array(o);i[0]=f;var u={};for(var c in n)hasOwnProperty.call(n,c)&&(u[c]=n[c]);u.originalType=e,u[l]="string"==typeof e?e:a,i[1]=u;for(var d=2;d{t.r(n),t.d(n,{assets:()=>c,contentTitle:()=>i,default:()=>s,frontMatter:()=>o,metadata:()=>u,toc:()=>d});var r=t(87462),a=(t(67294),t(3905));const o={layout:"default",title:"How Podman packaging works on Linux",categories:["new"]},i=void 0,u={permalink:"/blogs/2022/10/03/new",source:"@site/blog/2022-10-03-new.md",title:"How Podman packaging works on Linux",description:"Get a deep dive into Podman packages for Debian and Ubuntu using Fedora Sources, OBS and Debbuild. Learn More!.",date:"2022-10-03T00:00:00.000Z",formattedDate:"October 3, 2022",tags:[],readingTime:.1,hasTruncateMarker:!1,authors:[],frontMatter:{layout:"default",title:"How Podman packaging works on Linux",categories:["new"]},prevItem:{title:"How Podman packaging works on Linux",permalink:"/blogs/2022/10/03/debbuild"},nextItem:{title:"Netavark and Aardvark-dns 1.2.0 released",permalink:"/blogs/2022/09/28/updated-1.2.0"}},c={authorsImageUrls:[]},d=[{value:"Get a deep dive into Podman packages for Debian and Ubuntu using Fedora Sources, OBS and Debbuild. Learn More!.",id:"get-a-deep-dive-into-podman-packages-for-debian-and-ubuntu-using-fedora-sources-obs-and-debbuild-learn-more",level:2}],p={toc:d},l="wrapper";function s(e){let{components:n,...t}=e;return(0,a.kt)(l,(0,r.Z)({},p,t,{components:n,mdxType:"MDXLayout"}),(0,a.kt)("h2",{id:"get-a-deep-dive-into-podman-packages-for-debian-and-ubuntu-using-fedora-sources-obs-and-debbuild-learn-more"},"Get a deep dive into Podman packages for Debian and Ubuntu using Fedora Sources, OBS and Debbuild. ",(0,a.kt)("a",{parentName:"h2",href:"https://opensource.com/article/22/9/podman-packages-linux"},"Learn More!"),"."))}s.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[62324],{3905:(e,n,t)=>{t.d(n,{Zo:()=>p,kt:()=>m});var r=t(67294);function a(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function o(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);n&&(r=r.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,r)}return t}function i(e){for(var n=1;n=0||(a[t]=e[t]);return a}(e,n);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(a[t]=e[t])}return a}var c=r.createContext({}),l=function(e){var n=r.useContext(c),t=n;return e&&(t="function"==typeof e?e(n):i(i({},n),e)),t},p=function(e){var n=l(e.components);return r.createElement(c.Provider,{value:n},e.children)},d="mdxType",s={inlineCode:"code",wrapper:function(e){var n=e.children;return r.createElement(r.Fragment,{},n)}},f=r.forwardRef((function(e,n){var t=e.components,a=e.mdxType,o=e.originalType,c=e.parentName,p=u(e,["components","mdxType","originalType","parentName"]),d=l(t),f=a,m=d["".concat(c,".").concat(f)]||d[f]||s[f]||o;return t?r.createElement(m,i(i({ref:n},p),{},{components:t})):r.createElement(m,i({ref:n},p))}));function m(e,n){var t=arguments,a=n&&n.mdxType;if("string"==typeof e||a){var o=t.length,i=new Array(o);i[0]=f;var u={};for(var c in n)hasOwnProperty.call(n,c)&&(u[c]=n[c]);u.originalType=e,u[d]="string"==typeof e?e:a,i[1]=u;for(var l=2;l{t.r(n),t.d(n,{assets:()=>c,contentTitle:()=>i,default:()=>s,frontMatter:()=>o,metadata:()=>u,toc:()=>l});var r=t(87462),a=(t(67294),t(3905));const o={layout:"default",title:"How Podman packaging works on Linux",categories:["new"]},i=void 0,u={permalink:"/blogs/2022/10/03/new",source:"@site/blog/2022-10-03-new.md",title:"How Podman packaging works on Linux",description:"Get a deep dive into Podman packages for Debian and Ubuntu using Fedora Sources, OBS and Debbuild. Learn More!.",date:"2022-10-03T00:00:00.000Z",formattedDate:"October 3, 2022",tags:[],readingTime:.1,hasTruncateMarker:!1,authors:[],frontMatter:{layout:"default",title:"How Podman packaging works on Linux",categories:["new"]},prevItem:{title:"How Podman packaging works on Linux",permalink:"/blogs/2022/10/03/debbuild"},nextItem:{title:"Podman v4.2.0 Released",permalink:"/blogs/2022/08/17/new"}},c={authorsImageUrls:[]},l=[{value:"Get a deep dive into Podman packages for Debian and Ubuntu using Fedora Sources, OBS and Debbuild. Learn More!.",id:"get-a-deep-dive-into-podman-packages-for-debian-and-ubuntu-using-fedora-sources-obs-and-debbuild-learn-more",level:2}],p={toc:l},d="wrapper";function s(e){let{components:n,...t}=e;return(0,a.kt)(d,(0,r.Z)({},p,t,{components:n,mdxType:"MDXLayout"}),(0,a.kt)("h2",{id:"get-a-deep-dive-into-podman-packages-for-debian-and-ubuntu-using-fedora-sources-obs-and-debbuild-learn-more"},"Get a deep dive into Podman packages for Debian and Ubuntu using Fedora Sources, OBS and Debbuild. ",(0,a.kt)("a",{parentName:"h2",href:"https://opensource.com/article/22/9/podman-packages-linux"},"Learn More!"),"."))}s.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/077ee5ba.17a72363.js b/assets/js/077ee5ba.17a72363.js new file mode 100644 index 000000000..01c6c0b0a --- /dev/null +++ b/assets/js/077ee5ba.17a72363.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[36883],{3905:(e,n,t)=>{t.d(n,{Zo:()=>m,kt:()=>h});var a=t(67294);function r(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function o(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);n&&(a=a.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,a)}return t}function s(e){for(var n=1;n=0||(r[t]=e[t]);return r}(e,n);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(r[t]=e[t])}return r}var l=a.createContext({}),p=function(e){var n=a.useContext(l),t=n;return e&&(t="function"==typeof e?e(n):s(s({},n),e)),t},m=function(e){var n=p(e.components);return a.createElement(l.Provider,{value:n},e.children)},d="mdxType",c={inlineCode:"code",wrapper:function(e){var n=e.children;return a.createElement(a.Fragment,{},n)}},u=a.forwardRef((function(e,n){var t=e.components,r=e.mdxType,o=e.originalType,l=e.parentName,m=i(e,["components","mdxType","originalType","parentName"]),d=p(t),u=r,h=d["".concat(l,".").concat(u)]||d[u]||c[u]||o;return t?a.createElement(h,s(s({ref:n},m),{},{components:t})):a.createElement(h,s({ref:n},m))}));function h(e,n){var t=arguments,r=n&&n.mdxType;if("string"==typeof e||r){var o=t.length,s=new Array(o);s[0]=u;var i={};for(var l in n)hasOwnProperty.call(n,l)&&(i[l]=n[l]);i.originalType=e,i[d]="string"==typeof e?e:r,s[1]=i;for(var p=2;p{t.r(n),t.d(n,{assets:()=>l,contentTitle:()=>s,default:()=>c,frontMatter:()=>o,metadata:()=>i,toc:()=>p});var a=t(87462),r=(t(67294),t(3905));const o={title:"Podman v1.5.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},s="Podman Release 1.5.0",i={permalink:"/release/2019/08/14/podman-release-v1.5.0",source:"@site/release/2019-08-14-podman-release-v1.5.0.md",title:"Podman v1.5.0 Released",description:"podman logo",date:"2019-08-14T00:00:00.000Z",formattedDate:"August 14, 2019",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"}],readingTime:1.355,hasTruncateMarker:!1,authors:[{name:"mheon"}],frontMatter:{title:"Podman v1.5.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman v1.7.0 Released",permalink:"/release/2020/01/08/podman-release-v1.7.0"},nextItem:{title:"Podman v1.3.0 Released",permalink:"/release/2019/05/10/podman-release-v1.3.0"}},l={authorsImageUrls:[void 0]},p=[{value:"Podman has gone 1.5!",id:"podman-has-gone-15",level:2}],m={toc:p},d="wrapper";function c(e){let{components:n,...o}=e;return(0,r.kt)(d,(0,a.Z)({},m,o,{components:n,mdxType:"MDXLayout"}),(0,r.kt)("p",null,(0,r.kt)("img",{alt:"podman logo",src:t(1382).Z,width:"228",height:"61"})),(0,r.kt)("h2",{id:"podman-has-gone-15"},"Podman has gone 1.5!"),(0,r.kt)("p",null,"Podman 1.5.0 has been released! We\u2019ve made major improvements to ",(0,r.kt)("inlineCode",{parentName:"p"},"podman exec"),", ",(0,r.kt)("inlineCode",{parentName:"p"},"podman generate kube"),", and rootless containers in this release. Stability has also been a focus, and we\u2019ve fixed over 30 bugs and several performance issues. The new 1.5.0 release is available for Fedora and Ubuntu right now!"),(0,r.kt)("p",null,"With this new release, Podman has picked up a number of improvements to core container functionality. The ",(0,r.kt)("inlineCode",{parentName:"p"},"podman exec")," command has been completely reworked, including improved handling for attaching to containers. Expect to see more work on ",(0,r.kt)("inlineCode",{parentName:"p"},"exec")," in future releases. CGroups have also seen major work, with support for CGroup namespaces via the ",(0,r.kt)("inlineCode",{parentName:"p"},"--cgroupns")," flag to ",(0,r.kt)("inlineCode",{parentName:"p"},"podman create")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"podman run"),", and support for CGroups v2 when using the ",(0,r.kt)("inlineCode",{parentName:"p"},"crun")," OCI runtime - more details ",(0,r.kt)("a",{parentName:"p",href:"https://www.scrivano.org/2019/05/12/rootless-resources-management-with-podman-on-fedora-30/"},"here"),". The ",(0,r.kt)("inlineCode",{parentName:"p"},"podman generate kube")," command has also been improved and now includes volumes mounted into containers. Finally, we\u2019ve addressed several memory leaks and other performance issues, and Podman should be much more responsive on systems under high load."),(0,r.kt)("p",null,"Rootless containers have also been improved, featuring improved handling for privileged containers and the ability to use container health checks. Podman now has experimental support for running rootless containers with a single UID and GID using the new ",(0,r.kt)("inlineCode",{parentName:"p"},"ignore_chown_errors")," storage option. This allows Podman to be run without the ",(0,r.kt)("inlineCode",{parentName:"p"},"newuidmap")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"newgidmap")," binaries, and removes the need for any elevated privileges to start rootless containers. This approach is more limited (but more secure) than normal rootless containers."),(0,r.kt)("p",null,"As always, please visit our release notes on ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/RELEASE_NOTES.md"},"GitHub")," to see the full changelog."),(0,r.kt)("p",null,"You can find instructions for installing Podman ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/install.md"},"here"),"."))}c.isMDXComponent=!0},1382:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/07fcb413.d56f01ba.js b/assets/js/07fcb413.4ede1de5.js similarity index 58% rename from assets/js/07fcb413.d56f01ba.js rename to assets/js/07fcb413.4ede1de5.js index 9f3ee0e8a..85f4cd15a 100644 --- a/assets/js/07fcb413.d56f01ba.js +++ b/assets/js/07fcb413.4ede1de5.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[95142],{96807:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/4","page":4,"postsPerPage":10,"totalPages":26,"totalCount":255,"previousPage":"/blogs/page/3","nextPage":"/blogs/page/5","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[95142],{96807:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/4","page":4,"postsPerPage":10,"totalPages":25,"totalCount":246,"previousPage":"/blogs/page/3","nextPage":"/blogs/page/5","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/080a77b8.e5373f9a.js b/assets/js/080a77b8.a2386c12.js similarity index 59% rename from assets/js/080a77b8.e5373f9a.js rename to assets/js/080a77b8.a2386c12.js index b0a9f54de..3952824a8 100644 --- a/assets/js/080a77b8.e5373f9a.js +++ b/assets/js/080a77b8.a2386c12.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[14986],{17044:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/18","page":18,"postsPerPage":10,"totalPages":26,"totalCount":255,"previousPage":"/blogs/page/17","nextPage":"/blogs/page/19","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[14986],{17044:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/18","page":18,"postsPerPage":10,"totalPages":25,"totalCount":246,"previousPage":"/blogs/page/17","nextPage":"/blogs/page/19","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/08650cf2.b8a97d90.js b/assets/js/08650cf2.2334fecc.js similarity index 59% rename from assets/js/08650cf2.b8a97d90.js rename to assets/js/08650cf2.2334fecc.js index 8e74d506d..3ad327645 100644 --- a/assets/js/08650cf2.b8a97d90.js +++ b/assets/js/08650cf2.2334fecc.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[4714],{59696:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/17","page":17,"postsPerPage":10,"totalPages":26,"totalCount":255,"previousPage":"/blogs/page/16","nextPage":"/blogs/page/18","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[4714],{59696:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/17","page":17,"postsPerPage":10,"totalPages":25,"totalCount":246,"previousPage":"/blogs/page/16","nextPage":"/blogs/page/18","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/08efe41f.516aa3ec.js b/assets/js/08efe41f.a805c1a5.js similarity index 90% rename from assets/js/08efe41f.516aa3ec.js rename to assets/js/08efe41f.a805c1a5.js index baaf127c9..da520292b 100644 --- a/assets/js/08efe41f.516aa3ec.js +++ b/assets/js/08efe41f.a805c1a5.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[31921],{55227:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/blogs/tags/podman","allTagsPath":"/blogs/tags","count":190}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[31921],{55227:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/blogs/tags/podman","allTagsPath":"/blogs/tags","count":181}')}}]); \ No newline at end of file diff --git a/assets/js/09772b34.d99ab323.js b/assets/js/09772b34.d99ab323.js new file mode 100644 index 000000000..4027c89d2 --- /dev/null +++ b/assets/js/09772b34.d99ab323.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[22965],{66157:e=>{e.exports=JSON.parse('{"permalink":"/release/tags/podman","page":1,"postsPerPage":10,"totalPages":3,"totalCount":26,"nextPage":"/release/tags/podman/page/2","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/09ac5c49.46dad267.js b/assets/js/09ac5c49.46dad267.js deleted file mode 100644 index 3a0c5eb2b..000000000 --- a/assets/js/09ac5c49.46dad267.js +++ /dev/null @@ -1 +0,0 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[37184],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>f});var o=n(67294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);t&&(o=o.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,o)}return n}function l(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(o=0;o=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var s=o.createContext({}),p=function(e){var t=o.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},u=function(e){var t=p(e.components);return o.createElement(s.Provider,{value:t},e.children)},c="mdxType",m={inlineCode:"code",wrapper:function(e){var t=e.children;return o.createElement(o.Fragment,{},t)}},d=o.forwardRef((function(e,t){var n=e.components,r=e.mdxType,a=e.originalType,s=e.parentName,u=i(e,["components","mdxType","originalType","parentName"]),c=p(n),d=r,f=c["".concat(s,".").concat(d)]||c[d]||m[d]||a;return n?o.createElement(f,l(l({ref:t},u),{},{components:n})):o.createElement(f,l({ref:t},u))}));function f(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var a=n.length,l=new Array(a);l[0]=d;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i[c]="string"==typeof e?e:r,l[1]=i;for(var p=2;p{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>l,default:()=>m,frontMatter:()=>a,metadata:()=>i,toc:()=>p});var o=n(87462),r=(n(67294),n(3905));const a={title:"Podman Alpha version 0.8.1 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},l=void 0,i={permalink:"/blogs/2018/08/08/podman-alpha-v0.8.1",source:"@site/blog/2018-08-08-podman-alpha-v0.8.1.md",title:"Podman Alpha version 0.8.1 Release Announcement",description:"podman logo",date:"2018-08-08T00:00:00.000Z",formattedDate:"August 8, 2018",tags:[{label:"community",permalink:"/blogs/tags/community"},{label:"open source",permalink:"/blogs/tags/open-source"},{label:"podman",permalink:"/blogs/tags/podman"}],readingTime:.725,hasTruncateMarker:!0,authors:[{name:"bbaude"}],frontMatter:{title:"Podman Alpha version 0.8.1 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Python3 support for Podman",permalink:"/blogs/2018/08/15/python-support-for-podman"},nextItem:{title:"Podman Alpha version 0.7.2 Release Announcement",permalink:"/blogs/2018/07/16/podman-alpha-v0.7.2"}},s={authorsImageUrls:[void 0]},p=[{value:"Other notable benefits of this release are:",id:"other-notable-benefits-of-this-release-are",level:2}],u={toc:p},c="wrapper";function m(e){let{components:t,...a}=e;return(0,r.kt)(c,(0,o.Z)({},u,a,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("p",null,(0,r.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,r.kt)("h1",{id:"podman-release-081"},"Podman release 0.8.1"),(0,r.kt)("p",null,"Our latest podman release turned out to be a lot of internal plumbing. We had more than 50 commits but most were tweaks that most users would not notice. So I don\u2019t have a singular, hot feature to point you at."),(0,r.kt)("p",null,"That said, if you haven\u2019t tried the python client to for podman, I recommend you do. It allows you to interact with a remote podman instance via SSH."),(0,r.kt)("h2",{id:"other-notable-benefits-of-this-release-are"},"Other notable benefits of this release are:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"* Fixes to rootless containers including network support using slirp4netns written by Akihiro Suda\n* Adjustments to how images are pulled and their metadata\n* podman build now supports different isolation mechanims, to better run within a confined container.\n* Changes to our integration tests to speed them up\n* podman load now supports xz compression\n* Tidy up man pages\n")))}m.isMDXComponent=!0},1382:(e,t,n)=>{n.d(t,{Z:()=>o});const o=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/0a3ca7a0.3c1d805a.js b/assets/js/0a3ca7a0.3c1d805a.js deleted file mode 100644 index 5c8b81716..000000000 --- a/assets/js/0a3ca7a0.3c1d805a.js +++ /dev/null @@ -1 +0,0 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[28424],{85831:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/25","page":25,"postsPerPage":10,"totalPages":26,"totalCount":255,"previousPage":"/blogs/page/24","nextPage":"/blogs/page/26","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/0a3ca7a0.cc520127.js b/assets/js/0a3ca7a0.cc520127.js new file mode 100644 index 000000000..0c09587b2 --- /dev/null +++ b/assets/js/0a3ca7a0.cc520127.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[28424],{85831:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/25","page":25,"postsPerPage":10,"totalPages":25,"totalCount":246,"previousPage":"/blogs/page/24","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/0ca5e369.f79c83c5.js b/assets/js/0ca5e369.7bf91233.js similarity index 90% rename from assets/js/0ca5e369.f79c83c5.js rename to assets/js/0ca5e369.7bf91233.js index 8bb630e5e..d66def57e 100644 --- a/assets/js/0ca5e369.f79c83c5.js +++ b/assets/js/0ca5e369.7bf91233.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[83669],{77225:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/blogs/tags/podman","allTagsPath":"/blogs/tags","count":190}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[83669],{77225:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/blogs/tags/podman","allTagsPath":"/blogs/tags","count":181}')}}]); \ No newline at end of file diff --git a/assets/js/1095b338.f954c2a2.js b/assets/js/1095b338.685204a2.js similarity index 59% rename from assets/js/1095b338.f954c2a2.js rename to assets/js/1095b338.685204a2.js index 027438c8a..643e2ac3d 100644 --- a/assets/js/1095b338.f954c2a2.js +++ b/assets/js/1095b338.685204a2.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[90744],{79859:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/14","page":14,"postsPerPage":10,"totalPages":26,"totalCount":255,"previousPage":"/blogs/page/13","nextPage":"/blogs/page/15","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[90744],{79859:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/14","page":14,"postsPerPage":10,"totalPages":25,"totalCount":246,"previousPage":"/blogs/page/13","nextPage":"/blogs/page/15","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/1222082a.61817c64.js b/assets/js/1222082a.61817c64.js new file mode 100644 index 000000000..4f8e950f0 --- /dev/null +++ b/assets/js/1222082a.61817c64.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[22570],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>f});var r=n(67294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=r.createContext({}),p=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},u=function(e){var t=p(e.components);return r.createElement(s.Provider,{value:t},e.children)},c="mdxType",m={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,s=e.parentName,u=i(e,["components","mdxType","originalType","parentName"]),c=p(n),d=a,f=c["".concat(s,".").concat(d)]||c[d]||m[d]||o;return n?r.createElement(f,l(l({ref:t},u),{},{components:n})):r.createElement(f,l({ref:t},u))}));function f(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,l=new Array(o);l[0]=d;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i[c]="string"==typeof e?e:a,l[1]=i;for(var p=2;p{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>l,default:()=>m,frontMatter:()=>o,metadata:()=>i,toc:()=>p});var r=n(87462),a=(n(67294),n(3905));const o={title:"Podman Alpha version 0.8.1 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},l=void 0,i={permalink:"/release/2018/08/08/podman-alpha-v0.8.1",source:"@site/release/2018-08-08-podman-alpha-v0.8.1.md",title:"Podman Alpha version 0.8.1 Release Announcement",description:"podman logo",date:"2018-08-08T00:00:00.000Z",formattedDate:"August 8, 2018",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"}],readingTime:.725,hasTruncateMarker:!0,authors:[{name:"bbaude"}],frontMatter:{title:"Podman Alpha version 0.8.1 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman Alpha version 0.8.3 Release Announcement",permalink:"/release/2018/08/20/podman-alpha-v0.8.3"},nextItem:{title:"Podman Alpha version 0.7.2 Release Announcement",permalink:"/release/2018/07/16/podman-alpha-v0.7.2"}},s={authorsImageUrls:[void 0]},p=[{value:"Other notable benefits of this release are:",id:"other-notable-benefits-of-this-release-are",level:2}],u={toc:p},c="wrapper";function m(e){let{components:t,...o}=e;return(0,a.kt)(c,(0,r.Z)({},u,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,a.kt)("h1",{id:"podman-release-081"},"Podman release 0.8.1"),(0,a.kt)("p",null,"Our latest podman release turned out to be a lot of internal plumbing. We had more than 50 commits but most were tweaks that most users would not notice. So I don\u2019t have a singular, hot feature to point you at."),(0,a.kt)("p",null,"That said, if you haven\u2019t tried the python client to for podman, I recommend you do. It allows you to interact with a remote podman instance via SSH."),(0,a.kt)("h2",{id:"other-notable-benefits-of-this-release-are"},"Other notable benefits of this release are:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"* Fixes to rootless containers including network support using slirp4netns written by Akihiro Suda\n* Adjustments to how images are pulled and their metadata\n* podman build now supports different isolation mechanims, to better run within a confined container.\n* Changes to our integration tests to speed them up\n* podman load now supports xz compression\n* Tidy up man pages\n")))}m.isMDXComponent=!0},1382:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/12a06ad6.ddb92246.js b/assets/js/12a06ad6.efe61bad.js similarity index 81% rename from assets/js/12a06ad6.ddb92246.js rename to assets/js/12a06ad6.efe61bad.js index 1d59611de..950af1555 100644 --- a/assets/js/12a06ad6.ddb92246.js +++ b/assets/js/12a06ad6.efe61bad.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[10330],{61582:a=>{a.exports=JSON.parse('{"permalink":"/blogs/tags/podman/page/12","page":12,"postsPerPage":10,"totalPages":19,"totalCount":190,"previousPage":"/blogs/tags/podman/page/11","nextPage":"/blogs/tags/podman/page/13","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[10330],{61582:a=>{a.exports=JSON.parse('{"permalink":"/blogs/tags/podman/page/12","page":12,"postsPerPage":10,"totalPages":19,"totalCount":181,"previousPage":"/blogs/tags/podman/page/11","nextPage":"/blogs/tags/podman/page/13","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/146d05d7.3f173035.js b/assets/js/146d05d7.3f173035.js new file mode 100644 index 000000000..031ec32c7 --- /dev/null +++ b/assets/js/146d05d7.3f173035.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[23169],{3905:(e,t,n)=>{n.d(t,{Zo:()=>s,kt:()=>f});var o=n(67294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);t&&(o=o.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,o)}return n}function c(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(o=0;o=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var i=o.createContext({}),l=function(e){var t=o.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):c(c({},t),e)),n},s=function(e){var t=l(e.components);return o.createElement(i.Provider,{value:t},e.children)},u="mdxType",d={inlineCode:"code",wrapper:function(e){var t=e.children;return o.createElement(o.Fragment,{},t)}},m=o.forwardRef((function(e,t){var n=e.components,r=e.mdxType,a=e.originalType,i=e.parentName,s=p(e,["components","mdxType","originalType","parentName"]),u=l(n),m=r,f=u["".concat(i,".").concat(m)]||u[m]||d[m]||a;return n?o.createElement(f,c(c({ref:t},s),{},{components:n})):o.createElement(f,c({ref:t},s))}));function f(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var a=n.length,c=new Array(a);c[0]=m;var p={};for(var i in t)hasOwnProperty.call(t,i)&&(p[i]=t[i]);p.originalType=e,p[u]="string"==typeof e?e:r,c[1]=p;for(var l=2;l{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>c,default:()=>d,frontMatter:()=>a,metadata:()=>p,toc:()=>l});var o=n(87462),r=(n(67294),n(3905));const a={title:"Python3 support for Podman",layout:"default",author:"jwhonce",categories:["blogs"],tags:["podman","containers"]},c=void 0,p={permalink:"/blogs/2018/08/15/python-support-for-podman",source:"@site/blog/2018-08-15-python-support-for-podman.md",title:"Python3 support for Podman",description:"podman logo",date:"2018-08-15T00:00:00.000Z",formattedDate:"August 15, 2018",tags:[{label:"podman",permalink:"/blogs/tags/podman"},{label:"containers",permalink:"/blogs/tags/containers"}],readingTime:5.175,hasTruncateMarker:!0,authors:[{name:"jwhonce"}],frontMatter:{title:"Python3 support for Podman",layout:"default",author:"jwhonce",categories:["blogs"],tags:["podman","containers"]},prevItem:{title:"What's NEW!",permalink:"/blogs/2018/09/10/welcome"}},i={authorsImageUrls:[void 0]},l=[{value:"By Jhon Honce GitHub",id:"by-jhon-honce-github",level:2}],s={toc:l},u="wrapper";function d(e){let{components:t,...a}=e;return(0,r.kt)(u,(0,o.Z)({},s,a,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("p",null,(0,r.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,r.kt)("h1",{id:"python3-support-for-podman"},"Python3 support for Podman"),(0,r.kt)("h2",{id:"by-jhon-honce-github"},"By Jhon Honce ",(0,r.kt)("a",{parentName:"h2",href:"https://github.com/jwhonce"},"GitHub")),(0,r.kt)("p",null,"You\u2019ve learned of Podman and all it\u2019s coolness for running OCI-based containers, but you need a solution that is repeatable and scripted. Rather than just executing Podman commands, you want a stable API to call into and not need to screen scrape the output."),(0,r.kt)("p",null,"We heard you and now provide a Python package, python3-podman. This package allows you to access the facilities of a Podman service with #nobigfatdaemons."))}d.isMDXComponent=!0},1382:(e,t,n)=>{n.d(t,{Z:()=>o});const o=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/146d05d7.5575b62f.js b/assets/js/146d05d7.5575b62f.js deleted file mode 100644 index d91e9d1e6..000000000 --- a/assets/js/146d05d7.5575b62f.js +++ /dev/null @@ -1 +0,0 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[23169],{3905:(e,t,n)=>{n.d(t,{Zo:()=>s,kt:()=>f});var o=n(67294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);t&&(o=o.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,o)}return n}function p(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(o=0;o=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var c=o.createContext({}),i=function(e){var t=o.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):p(p({},t),e)),n},s=function(e){var t=i(e.components);return o.createElement(c.Provider,{value:t},e.children)},u="mdxType",m={inlineCode:"code",wrapper:function(e){var t=e.children;return o.createElement(o.Fragment,{},t)}},d=o.forwardRef((function(e,t){var n=e.components,r=e.mdxType,a=e.originalType,c=e.parentName,s=l(e,["components","mdxType","originalType","parentName"]),u=i(n),d=r,f=u["".concat(c,".").concat(d)]||u[d]||m[d]||a;return n?o.createElement(f,p(p({ref:t},s),{},{components:n})):o.createElement(f,p({ref:t},s))}));function f(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var a=n.length,p=new Array(a);p[0]=d;var l={};for(var c in t)hasOwnProperty.call(t,c)&&(l[c]=t[c]);l.originalType=e,l[u]="string"==typeof e?e:r,p[1]=l;for(var i=2;i{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>p,default:()=>m,frontMatter:()=>a,metadata:()=>l,toc:()=>i});var o=n(87462),r=(n(67294),n(3905));const a={title:"Python3 support for Podman",layout:"default",author:"jwhonce",categories:["blogs"],tags:["podman","containers"]},p=void 0,l={permalink:"/blogs/2018/08/15/python-support-for-podman",source:"@site/blog/2018-08-15-python-support-for-podman.md",title:"Python3 support for Podman",description:"podman logo",date:"2018-08-15T00:00:00.000Z",formattedDate:"August 15, 2018",tags:[{label:"podman",permalink:"/blogs/tags/podman"},{label:"containers",permalink:"/blogs/tags/containers"}],readingTime:5.175,hasTruncateMarker:!0,authors:[{name:"jwhonce"}],frontMatter:{title:"Python3 support for Podman",layout:"default",author:"jwhonce",categories:["blogs"],tags:["podman","containers"]},prevItem:{title:"Podman Alpha version 0.8.3 Release Announcement",permalink:"/blogs/2018/08/20/podman-alpha-v0.8.3"},nextItem:{title:"Podman Alpha version 0.8.1 Release Announcement",permalink:"/blogs/2018/08/08/podman-alpha-v0.8.1"}},c={authorsImageUrls:[void 0]},i=[{value:"By Jhon Honce GitHub",id:"by-jhon-honce-github",level:2}],s={toc:i},u="wrapper";function m(e){let{components:t,...a}=e;return(0,r.kt)(u,(0,o.Z)({},s,a,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("p",null,(0,r.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,r.kt)("h1",{id:"python3-support-for-podman"},"Python3 support for Podman"),(0,r.kt)("h2",{id:"by-jhon-honce-github"},"By Jhon Honce ",(0,r.kt)("a",{parentName:"h2",href:"https://github.com/jwhonce"},"GitHub")),(0,r.kt)("p",null,"You\u2019ve learned of Podman and all it\u2019s coolness for running OCI-based containers, but you need a solution that is repeatable and scripted. Rather than just executing Podman commands, you want a stable API to call into and not need to screen scrape the output."),(0,r.kt)("p",null,"We heard you and now provide a Python package, python3-podman. This package allows you to access the facilities of a Podman service with #nobigfatdaemons."))}m.isMDXComponent=!0},1382:(e,t,n)=>{n.d(t,{Z:()=>o});const o=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/14fe5d11.33a05c65.js b/assets/js/14fe5d11.33a05c65.js new file mode 100644 index 000000000..cbd8af43e --- /dev/null +++ b/assets/js/14fe5d11.33a05c65.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[80451],{78377:e=>{e.exports=JSON.parse('{"name":"docusaurus-plugin-content-blog","id":"release-anouncements"}')}}]); \ No newline at end of file diff --git a/assets/js/15f6fe0f.4888d15c.js b/assets/js/15f6fe0f.356ed2c6.js similarity index 59% rename from assets/js/15f6fe0f.4888d15c.js rename to assets/js/15f6fe0f.356ed2c6.js index 142b85dad..8c1fa359b 100644 --- a/assets/js/15f6fe0f.4888d15c.js +++ b/assets/js/15f6fe0f.356ed2c6.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[22970],{97564:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/13","page":13,"postsPerPage":10,"totalPages":26,"totalCount":255,"previousPage":"/blogs/page/12","nextPage":"/blogs/page/14","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[22970],{97564:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/13","page":13,"postsPerPage":10,"totalPages":25,"totalCount":246,"previousPage":"/blogs/page/12","nextPage":"/blogs/page/14","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/16029c63.0d6ec0f7.js b/assets/js/16029c63.0d6ec0f7.js new file mode 100644 index 000000000..5f8cd4acb --- /dev/null +++ b/assets/js/16029c63.0d6ec0f7.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[61766],{86039:e=>{e.exports=JSON.parse('{"blogPosts":[{"id":"/2022/12/07/new","metadata":{"permalink":"/blogs/2022/12/07/new","source":"@site/blog/2022-12-07-new.md","title":"Website Updates","description":"Several updates have been planned for this site for quite a while, and work has been ongoing. The first significant change that is happening is with our blog posts. A new WordPress-based site has been created for our posts at blog.podman.io. The new site has a fresh look and feel and shows the direction we\u2019re hoping to take this entire site eventually. You\'ll probably notice the similarities if you have tried Podman Desktop.","date":"2022-12-07T00:00:00.000Z","formattedDate":"December 7, 2022","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.82,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Website Updates","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"nextItem":{"title":"Netavark and Aardvark-dns v1.3.0 released","permalink":"/blogs/2022/11/11/nvav1.3"}},"content":"Several updates have been planned for this site for quite a while, and work has been ongoing. The first significant change that is happening is with our blog posts. A new WordPress-based site has been created for our posts at [blog.podman.io](https://blog.podman.io). The new site has a fresh look and feel and shows the direction we\u2019re hoping to take this entire site eventually. You\'ll probably notice the similarities if you have tried [Podman Desktop](https://podman-desktop.io/).\\n\\nWe are contemplating moving the blog posts from this site to the new one. At least for the moment, the blog posts created before today (December 7, 2022) can now be found under the \u201cArchived Blogs\u201d link on the left side menu. The \u201cBlogs\u201d link in that same menu will take you to the new site.\\n\\nWe hope you enjoy the new blog site and would love to hear from you about what you think about it. As on this site, blog posts from the community will always be gratefully accepted!"},{"id":"/2022/11/11/nvav1.3","metadata":{"permalink":"/blogs/2022/11/11/nvav1.3","source":"@site/blog/2022-11-11-nvav1.3.md","title":"Netavark and Aardvark-dns v1.3.0 released","description":"podman logo","date":"2022-11-11T00:00:00.000Z","formattedDate":"November 11, 2022","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"}],"readingTime":0.71,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Netavark and Aardvark-dns v1.3.0 released","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","podman"]},"prevItem":{"title":"Website Updates","permalink":"/blogs/2022/12/07/new"},"nextItem":{"title":"Podman v4.3.0 Released","permalink":"/blogs/2022/10/22/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Netavark and Aardvark-dns v1.3.0 release\\n\\nWe have cut new releases of the network stack components for [netavark](https://github.com/containers/netavark/releases/tag/v1.3.0)\\nand [aardvark-dns](https://github.com/containers/aardvark-dns/releases/tag/v1.3.0). Both netavark and aardvark-dns\\nversions 1.3.0 were released. As the process works, the upstream releases will slowly work their way into\\nLinux distributions.\\n\\nA basic summary of changes for both are as follows:\\n\\n### v1.3.0 Netavark\\n\\n- Housekeeping and code cleanup\\n- macvlan: remove tmp interface when name already used in netns\\n- Add support for route metrics\\n- netlink: return better error if ipv6 is disabled\\n- macvlan: fix name collision on hostns\\n- Ignore dns-enabled for macvlan (BZ2137320)\\n- better errors on teardown\\n- allow customer dns servers for containers\\n- do not set route for internal-only networks\\n- do not use ipv6 autoconf\\n\\n### v1.3.0 Aardvark-dns\\n\\n- allow one or more dns servers in the aardvark config"},{"id":"/2022/10/22/new","metadata":{"permalink":"/blogs/2022/10/22/new","source":"@site/blog/2022-10-22-new.md","title":"Podman v4.3.0 Released","description":"Podman has gone 4.3.0!","date":"2022-10-22T00:00:00.000Z","formattedDate":"October 22, 2022","tags":[],"readingTime":0.025,"hasTruncateMarker":false,"authors":[],"frontMatter":{"layout":"default","title":"Podman v4.3.0 Released","categories":["new"]},"prevItem":{"title":"Netavark and Aardvark-dns v1.3.0 released","permalink":"/blogs/2022/11/11/nvav1.3"},"nextItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2022/10/12/new"}},"content":"## [Podman has gone 4.3.0!](https://podman.io/releases/2022/10/22/podman-release-v4.3.0.html)"},{"id":"/2022/10/12/new","metadata":{"permalink":"/blogs/2022/10/12/new","source":"@site/blog/2022-10-12-new.md","title":"Podman Posts of Interest","description":"Time for another \\"Podman Posts of Interest\\" post.","date":"2022-10-12T00:00:00.000Z","formattedDate":"October 12, 2022","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.085,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Posts of Interest","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman v4.3.0 Released","permalink":"/blogs/2022/10/22/new"},"nextItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2022/10/12/podman-posts-of-interests"}},"content":"Time for another \\"Podman Posts of Interest\\" post.\\nCheckout the [Podman Posts of Interest](https://podman.io/blogs/2022/10/12/podman-posts-of-interests.html) for the links!"},{"id":"/2022/10/12/podman-posts-of-interests","metadata":{"permalink":"/blogs/2022/10/12/podman-posts-of-interests","source":"@site/blog/2022-10-12-podman-posts-of-interests.md","title":"Podman Posts of Interest","description":"podman logo","date":"2022-10-12T00:00:00.000Z","formattedDate":"October 12, 2022","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":2.58,"hasTruncateMarker":true,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Posts of Interest","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2022/10/12/new"},"nextItem":{"title":"How Podman packaging works on Linux","permalink":"/blogs/2022/10/03/debbuild"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman Posts of Interest\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nA number of blog posts have flung by and I have not had a chance to get individual\\nlink posts to them, so thought I would add a few here that have popped up recently,\\nlinks after the break!.\\n\\n\x3c!--truncate--\x3e\\n\\n- [Mehdi Haghgoo](https://fedoramagazine.org/author/powergame/) - [Manage containers on Fedora Linux with Podman Desktop](https://fedoramagazine.org/manage-containers-on-fedora-linux-with-podman-desktop/) - Learn about the opensource GUI application for managing containers on Linux, macOS, and Windows.\\n- [Aditya Rajan](https://opensource.com/users/adir) and [Giuseppe Scrivano](https://twitter.com/gscrivano) - [Use OCI containers to run WebAssembly workloads](https://opensource.com/article/22/10/wasm-containers) - Use crun to run Wasm/WASI workloads on Podman and Kubernetes.\\n- [Scott McCarty](https://twitter.com/fatherlinux) - [The ever-widening world of Wasm](https://www.infoworld.com/article/3674124/the-ever-widening-world-of-wasm.html) - Bringing WebAssembly and OCI containers together could enable us to run the same container image on any hardware or operating system we want\u2014wherever it runs best, fastest, or cheapest.\\n- [Erdem Yasar](https://twitter.com/erdemyasar) - [RHEL 8.7 and 9.1 are focusing on Podman containers](https://cloud7.news/linux/rhel-8-7-and-9-1-are-focusing-on-podman-containers/) - Red Hat announced the beta release of its Red Hat Enterprise Linux (RHEL) versions 8.7 and 9.1.\\n- [Mark Lameriks](https://technology.amis.nl/author/marc-lameriksamis-nl/) - [Adding Podman to my VM with Minikube Part 1](https://technology.amis.nl/recent/adding-podman-to-my-vm-with-minikube-part-1/) - Mark looks at using the Podman driver as an alternative runtime to the Docker driver in an environment with Minikube.\\n- [Mark Lameriks](https://technology.amis.nl/author/marc-lameriksamis-nl/) - [Adding Podman to my VM with Minikube Part 2](https://technology.amis.nl/platform/podman/adding-podman-to-my-vm-with-minikube-part-2/) - Mark looks at using the Podman driver as an alternative runtime to the Docker driver in an environment with Minikube.\\n- [Jack Wallen](https://www.techrepublic.com/meet-the-team/us/jack-wallen/) - [How to enable Podman sudo-less container management \\\\| #linux \\\\| #linuxsecurity](https://nationalcybersecuritynews.today/how-to-enable-podman-sudo-less-container-management-linux-linuxsecurity/) - Jack shows you how to setup a secure rootless environment with Podman.\\n- [Lokesh Mandvekar](https://twitter.com/rakevdnamhsekol) - [How Podman packaging works on Linux](https://opensource.com/article/22/9/podman-packages-linux) - Get a deep dive into Podman packages for Debian and Ubuntu using Fedora Sources, OBS, and Debbuild.\\n- [Srivalli Patchava](https://twitter.com/Srivallipatcha1) - [Podman vs Docker](https://hkrtrainings.com/podman-vs-docker) - Srivalli compare Podman vs Docker, the industry-standard container management tool for nearly a decade because these two systems have intrinsic distinctions yet are well-suited for collaboration.\\n- Pratham Patel - [Understanding the Differences Between Podman and Docker](https://linuxhandbook.com/docker-vs-podman/amp/) - Pratham investigates the advantages one holds over the other.\\n- Cameron Pavey - [Podman: The Rootless Docker Alternative](https://earthly.dev/blog/podman-rootless/?utm_campaign=meetedgar&utm_medium=social&utm_source=meetedgar.com) - Cameron explores how Podman can be a rootless alternative to Docker.\\n- [Trevor Bryant](https://www.redhat.com/en/authors/trevor-bryant) and [Samuel Walker]](https://www.redhat.com/en/authors/samuel-walker) - [Enhancing application container security and compliance with Podman ](https://www.redhat.com/en/blog/enhancing-application-container-security-and-compliance-podman) - A look into enhancing the security of OCI compliant containers by using Podman.\\n- [Will Dinyes](https://blog.min.io/author/will/) - [MinIO, Podman, and Apple Silicon](https://blog.min.io/minio-podman-and-apple-silicon/?utm_content=221575511&utm_medium=social&utm_source=twitter&hss_channel=tw-3017977255) - Getting MinIO containers working on a Mac using Podman.\\n- [Pradeesh Parameswaran](https://medium.com/@techpradeesh) - [Build A Python Flask Application Container Using Podman \u2014A Docker Alternative](https://medium.com/@techpradeesh/build-a-python-flask-application-container-using-podman-a-docker-alternative-3f6b6d798207) - Pradesh walks you through building a python flask application that runs as a container.\\n- [Valentin Rothberg](https://twitter.com/vlntnrthbrg), [Preethi Thomas](https://twitter.com/preethit), and [Dan Walsh](https://twitter.com/rhatdan) - [https://www.redhat.com/sysadmin/kubernetes-workloads-podman-systemd](How to run Kubernetes workloads in systemd with Podman) - Kubernetes YAML gives Podman a unified solution to declare container workloads across environments and simplify complexity for developers and sysadmins.\\n- [Cedric Clyburn](https://twitter.com/cedricclyburn) - [Containers without Docker (podman, buildah, and skopeo)](https://dev.to/cedricclyburn/containers-without-docker-podman-buildah-and-skopeo-1eal) - Cedric shows how to work with containers using Podman, Buildah, and Skopeo."},{"id":"/2022/10/03/debbuild","metadata":{"permalink":"/blogs/2022/10/03/debbuild","source":"@site/blog/2022-10-03-debbuild.md","title":"How Podman packaging works on Linux","description":"Get a deep dive into Podman packages for Debian and Ubuntu using Fedora Sources, OBS and Debbuild. Learn More!.","date":"2022-10-03T00:00:00.000Z","formattedDate":"October 3, 2022","tags":[],"readingTime":0.1,"hasTruncateMarker":false,"authors":[],"frontMatter":{"layout":"default","title":"How Podman packaging works on Linux","categories":["blogs"]},"prevItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2022/10/12/podman-posts-of-interests"},"nextItem":{"title":"How Podman packaging works on Linux","permalink":"/blogs/2022/10/03/new"}},"content":"## Get a deep dive into Podman packages for Debian and Ubuntu using Fedora Sources, OBS and Debbuild. [Learn More!](https://opensource.com/article/22/9/podman-packages-linux)."},{"id":"/2022/10/03/new","metadata":{"permalink":"/blogs/2022/10/03/new","source":"@site/blog/2022-10-03-new.md","title":"How Podman packaging works on Linux","description":"Get a deep dive into Podman packages for Debian and Ubuntu using Fedora Sources, OBS and Debbuild. Learn More!.","date":"2022-10-03T00:00:00.000Z","formattedDate":"October 3, 2022","tags":[],"readingTime":0.1,"hasTruncateMarker":false,"authors":[],"frontMatter":{"layout":"default","title":"How Podman packaging works on Linux","categories":["new"]},"prevItem":{"title":"How Podman packaging works on Linux","permalink":"/blogs/2022/10/03/debbuild"},"nextItem":{"title":"Podman v4.2.0 Released","permalink":"/blogs/2022/08/17/new"}},"content":"## Get a deep dive into Podman packages for Debian and Ubuntu using Fedora Sources, OBS and Debbuild. [Learn More!](https://opensource.com/article/22/9/podman-packages-linux)."},{"id":"/2022/08/17/new","metadata":{"permalink":"/blogs/2022/08/17/new","source":"@site/blog/2022-08-17-new.md","title":"Podman v4.2.0 Released","description":"Podman has gone 4.2.0!","date":"2022-08-17T00:00:00.000Z","formattedDate":"August 17, 2022","tags":[],"readingTime":0.025,"hasTruncateMarker":false,"authors":[],"frontMatter":{"layout":"default","title":"Podman v4.2.0 Released","categories":["new"]},"prevItem":{"title":"How Podman packaging works on Linux","permalink":"/blogs/2022/10/03/new"},"nextItem":{"title":"Podman Windows Installer","permalink":"/blogs/2022/06/08/new"}},"content":"## [Podman has gone 4.2.0!](https://podman.io/releases/2022/08/17/podman-release-v4.2.0.html)"},{"id":"/2022/06/08/new","metadata":{"permalink":"/blogs/2022/06/08/new","source":"@site/blog/2022-06-08-new.md","title":"Podman Windows Installer","description":"If you want to run Podman on Windows, check out this Post!","date":"2022-06-08T00:00:00.000Z","formattedDate":"June 8, 2022","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.06,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Windows Installer","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman v4.2.0 Released","permalink":"/blogs/2022/08/17/new"},"nextItem":{"title":"Podman Windows Installer","permalink":"/blogs/2022/06/08/podman-on-windows"}},"content":"If you want to run Podman on Windows, check out this [Post](https://www.redhat.com/sysadmin/run-podman-windows)!"},{"id":"/2022/06/08/podman-on-windows","metadata":{"permalink":"/blogs/2022/06/08/podman-on-windows","source":"@site/blog/2022-06-08-podman-on-windows.md","title":"Podman Windows Installer","description":"podman logo","date":"2022-06-08T00:00:00.000Z","formattedDate":"June 8, 2022","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.46,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Windows Installer","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman Windows Installer","permalink":"/blogs/2022/06/08/new"},"nextItem":{"title":"Podman v4.1.0 Released","permalink":"/blogs/2022/05/09/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman Windows Installer\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nIf you are looking into running Podman on Windows, Tom Sweeney\'s latest blog post on\\n[EnableSysadmin](https://www.redhat.com/sysadmin/) shows you how easy it is now. The\\n[Run Podman on Windows: How-to instructions](https://www.redhat.com/sysadmin/run-podman-windows)\\nruns you through the four steps that take five minutes to complete. After that is done,\\nyou can then run Podman from your favorite Windows terminal without first having to get into\\na Virtual Machine. As a bonus, there\'s a link to a walk through video tutorial included\\nin the post."},{"id":"/2022/05/09/new","metadata":{"permalink":"/blogs/2022/05/09/new","source":"@site/blog/2022-05-09-new.md","title":"Podman v4.1.0 Released","description":"Podman has gone 4.1.0!","date":"2022-05-09T00:00:00.000Z","formattedDate":"May 9, 2022","tags":[],"readingTime":0.025,"hasTruncateMarker":false,"authors":[],"frontMatter":{"layout":"default","title":"Podman v4.1.0 Released","categories":["new"]},"prevItem":{"title":"Podman Windows Installer","permalink":"/blogs/2022/06/08/podman-on-windows"},"nextItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2022/05/08/new"}},"content":"## [Podman has gone 4.1.0!](https://podman.io/releases/2022/05/09/podman-release-v4.1.0.html)"},{"id":"/2022/05/08/new","metadata":{"permalink":"/blogs/2022/05/08/new","source":"@site/blog/2022-05-08-new.md","title":"Podman Posts of Interest","description":"Time for another \\"Podman Posts of Interest\\" post.","date":"2022-05-08T00:00:00.000Z","formattedDate":"May 8, 2022","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.085,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Posts of Interest","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman v4.1.0 Released","permalink":"/blogs/2022/05/09/new"},"nextItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2022/05/08/podman-posts-of-interests"}},"content":"Time for another \\"Podman Posts of Interest\\" post.\\nCheckout the [Podman Posts of Interest](https://podman.io/blogs/2022/05/08/podman-posts-of-interests.html) for the links!"},{"id":"/2022/05/08/podman-posts-of-interests","metadata":{"permalink":"/blogs/2022/05/08/podman-posts-of-interests","source":"@site/blog/2022-05-08-podman-posts-of-interests.md","title":"Podman Posts of Interest","description":"podman logo","date":"2022-05-08T00:00:00.000Z","formattedDate":"May 8, 2022","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":1.725,"hasTruncateMarker":true,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Posts of Interest","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2022/05/08/new"},"nextItem":{"title":"Podman, Buildah and Skopeo on Ubuntu 22.04 LTS","permalink":"/blogs/2022/04/05/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman Posts of Interest\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nA number of blog posts have flung by and I have not had a chance to get individual\\nlink posts to them, so thought I would add a few here that have popped up recently,\\nlinks after the break!.\\n\\n\x3c!--truncate--\x3e\\n\\n- [Charlie Doern](https://twitter.com/CharlieDoern) - [How Podman can transfer container images without a registry](https://www.redhat.com/sysadmin/podman-transfer-container-images-without-registry) - The new \'podman image scp\' command makes it easy to transfer container images between users on the same system or network.\\n- [Matt Heon](https://github.com/mheon) - [Podman 4.0\'s new network stack: What you need to know](https://www.redhat.com/sysadmin/podman-new-network-stack) - Podman\'s new Netavark and Aardvark-based stack offers three main advantages over the existing CNI-based stack.\\n- [Valentin Rothberg](https://twitter.com/vlntnrthbrg) - [How to run pods as systemd services with Podman](https://www.redhat.com/sysadmin/podman-run-pods-systemd-services) - Extending traditional Linux system administration practices with the modern world of containers.\\n- [Heyan Maurya](https://www.how2shout.com/linux/author/heyan/) - [How to install Podman on Ubuntu 22.04 LTS Jammy Linux](https://www.how2shout.com/linux/how-to-install-podman-on-ubuntu-22-04-lts-jammy-linux/) - Follow the steps in this tutorial to install the Podman container tool on Ubuntu 22.04 LTS Jammy JellyFish Linux.\\n- [Dan Walsh](https://twitter.com/rhatdan) - [Container permission denied: How to diagnose this error](https://www.redhat.com/sysadmin/container-permission-denied-errors) - Learn what is causing a container permission eeror and how to work around the error properly!\\n- [Brent Baude](https://twitter.com/bbaude) - [5 underused Podman features to try now](https://www.redhat.com/sysadmin/podman-features-2?utm_source=dlvr.it&utm_medium=twitter) - Simplify how you interact with containers by incorporating pods, init containers, additional image stores, system reset, and play kube into your work.\\n- [Red Hat Developer](https://developers.redhat.com/) - [Podman basics: Resources for beginners and experts](https://developers.redhat.com/articles/2022/05/02/podman-basics-resources-beginners-and-experts#) - This article offers resources both for developers getting started with Podman and for those seeking more advanced information.\\n- [Jack Chang](https://medium.com/@yunglinchang) - [Seal the Containerized ML Deal With Podman](https://towardsai.net/p/machine-learning/seal-the-containerized-ml-deal-with-podman?utm_source=twitter&utm_medium=social&utm_campaign=rop-content-recycle) - A movie recommendation system using Podman.\\n- [Lokesh Mandvekar](https://opensource.com/users/lsm5) - [What Linux users and packagers need to know about Podman 4.0 on Fedora](https://opensource.com/article/22/4/fedora-podman-40?sc_cid=7016000000127ECAAY) - New Podman features offer better support for containers and improved performance.\\n- [Dan Walsh](https://twitter.com/rhatdan) - [5 Podman features to try now](https://www.redhat.com/sysadmin/podman-features-1) - Improve how you use containers with these new Podman features: --latest, --replace, --all, --ignore, and --tz."},{"id":"/2022/04/05/new","metadata":{"permalink":"/blogs/2022/04/05/new","source":"@site/blog/2022-04-05-new.md","title":"Podman, Buildah and Skopeo on Ubuntu 22.04 LTS","description":"Podman, Buildah, and Skopeo will be included in Ubuntu 22.04 LTS Learn More!.","date":"2022-04-05T00:00:00.000Z","formattedDate":"April 5, 2022","tags":[],"readingTime":0.07,"hasTruncateMarker":false,"authors":[],"frontMatter":{"layout":"default","title":"Podman, Buildah and Skopeo on Ubuntu 22.04 LTS","categories":["new"]},"prevItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2022/05/08/podman-posts-of-interests"},"nextItem":{"title":"Podman, Buildah and Skopeo on Ubuntu 22.04 LTS","permalink":"/blogs/2022/04/05/ubuntu-2204-lts-kubic"}},"content":"## Podman, Buildah, and Skopeo will be included in Ubuntu 22.04 LTS [Learn More!](https://podman.io/blogs/2022/04/05/ubuntu-2204-lts-kubic.html)."},{"id":"/2022/04/05/ubuntu-2204-lts-kubic","metadata":{"permalink":"/blogs/2022/04/05/ubuntu-2204-lts-kubic","source":"@site/blog/2022-04-05-ubuntu-2204-lts-kubic.md","title":"Podman, Buildah and Skopeo on Ubuntu 22.04 LTS","description":"podman logo","date":"2022-04-05T00:00:00.000Z","formattedDate":"April 5, 2022","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"skopeo","permalink":"/blogs/tags/skopeo"},{"label":"ubuntu","permalink":"/blogs/tags/ubuntu"},{"label":"kubic","permalink":"/blogs/tags/kubic"}],"readingTime":0.575,"hasTruncateMarker":false,"authors":[{"name":"lsm5"}],"frontMatter":{"title":"Podman, Buildah and Skopeo on Ubuntu 22.04 LTS","layout":"default","author":"lsm5","categories":["blogs"],"tags":["containers","podman","buildah","skopeo","ubuntu","kubic"]},"prevItem":{"title":"Podman, Buildah and Skopeo on Ubuntu 22.04 LTS","permalink":"/blogs/2022/04/05/new"},"nextItem":{"title":"Netavark and Aardvark-dns v1.0.2 released","permalink":"/blogs/2022/03/23/nvav1.0.2"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman, Buildah and Skopeo on Ubuntu 22.04 LTS\\n\\n[Ubuntu 22.04 LTS Beta](https://releases.ubuntu.com/jammy/) is available for testing as of March 31st.\\nThis is the first LTS release with [Podman](https://packages.ubuntu.com/jammy/podman),\\n[Buildah](https://packages.ubuntu.com/jammy/buildah) and [Skopeo](https://packages.ubuntu.com/jammy/skopeo) in\\nthe default repos, thanks to the amazing work of Reinhard Tartler and team.\\n\\nThe package versions available currently are: Podman 3.4, Buildah 1.23 and Skopeo 1.4.\\n\\nThere won\'t be any further updates to the Kubic repos as far as Podman, Buildah and Skopeo are concerned,\\nso users are recommended to use the default repos on 22.04 LTS.\\n\\nIf you\'re currently using packages from the Kubic repos, it\u2019s highly recommended to uninstall the Kubic\\npackages prior to upgrading to 22.04 LTS."},{"id":"/2022/03/23/nvav1.0.2","metadata":{"permalink":"/blogs/2022/03/23/nvav1.0.2","source":"@site/blog/2022-03-23-nvav1.0.2.md","title":"Netavark and Aardvark-dns v1.0.2 released","description":"podman logo","date":"2022-03-23T00:00:00.000Z","formattedDate":"March 23, 2022","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"}],"readingTime":0.315,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Netavark and Aardvark-dns v1.0.2 released","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","podman"]},"prevItem":{"title":"Podman, Buildah and Skopeo on Ubuntu 22.04 LTS","permalink":"/blogs/2022/04/05/ubuntu-2204-lts-kubic"},"nextItem":{"title":"Podman 4.0.2 is available on Homebrew","permalink":"/blogs/2022/03/15/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Netavark and Aardvark-dns v1.0.2 release\\n\\nThe Podman development team has released new versions of both\\n[Netavark](https://github.com/containers/netavark/releases/tag/v1.0.2) and\\n[Aardvark-dns](https://github.com/containers/aardvark-dns/releases/tag/v1.0.2). The releases mostly consist of\\nupdated dependency libraries and bugfixes. Additionally, netavark is now capable of having a statically addressed\\nmacvlan without a gateway address. New packages for Fedora 36 and the\\n[Podman4 COPR](https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman4/) are being built and should be\\navailable shortly."},{"id":"/2022/03/15/new","metadata":{"permalink":"/blogs/2022/03/15/new","source":"@site/blog/2022-03-15-new.md","title":"Podman 4.0.2 is available on Homebrew","description":"Podman v4.0.2 is now on Homebrew! Learn More!.","date":"2022-03-15T00:00:00.000Z","formattedDate":"March 15, 2022","tags":[],"readingTime":0.045,"hasTruncateMarker":false,"authors":[],"frontMatter":{"layout":"default","title":"Podman 4.0.2 is available on Homebrew","categories":["new"]},"prevItem":{"title":"Netavark and Aardvark-dns v1.0.2 released","permalink":"/blogs/2022/03/23/nvav1.0.2"},"nextItem":{"title":"Podman v4.0.2 is available in Homebrew","permalink":"/blogs/2022/03/15/podman4.0.2brew"}},"content":"## Podman v4.0.2 is now on Homebrew! [Learn More!](https://podman.io/blogs/2022/03/15/podman4.0.2brew.html)."},{"id":"/2022/03/15/podman4.0.2brew","metadata":{"permalink":"/blogs/2022/03/15/podman4.0.2brew","source":"@site/blog/2022-03-15-podman4.0.2brew.md","title":"Podman v4.0.2 is available in Homebrew","description":"podman logo","date":"2022-03-15T00:00:00.000Z","formattedDate":"March 15, 2022","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"macOS","permalink":"/blogs/tags/mac-os"}],"readingTime":0.5,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Podman v4.0.2 is available in Homebrew","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","podman","macOS"]},"prevItem":{"title":"Podman 4.0.2 is available on Homebrew","permalink":"/blogs/2022/03/15/new"},"nextItem":{"title":"Podman 4 is not in Fedora 35","permalink":"/blogs/2022/03/06/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman v4.0.2 is available in Homebrew\\n\\n[Homebrew](https://brew.sh/), also known as `brew`, now has the Podman v4.0.2 available. Updating should be trivial\\nbut please make sure that Qemu is also upgraded alongside Podman. One cool feature that the community helped us\\ndeliver is the ability to mount volumes from MacOS into the virtual machine. We decided to backport some code to\\nmake it available to users more quickly. As such, it is possible if not likely that there will be more\\nchanges around volume mounts in subsequent Podman releases (i.e. default mounts, technology used to make the mount)."},{"id":"/2022/03/06/new","metadata":{"permalink":"/blogs/2022/03/06/new","source":"@site/blog/2022-03-06-new.md","title":"Podman 4 is not in Fedora 35","description":"Learn why Podman 4 is not in Fedora 35 in this blog post from Brent Baude.","date":"2022-03-06T00:00:00.000Z","formattedDate":"March 6, 2022","tags":[],"readingTime":0.085,"hasTruncateMarker":false,"authors":[],"frontMatter":{"layout":"default","title":"Podman 4 is not in Fedora 35","categories":["new"]},"prevItem":{"title":"Podman v4.0.2 is available in Homebrew","permalink":"/blogs/2022/03/15/podman4.0.2brew"},"nextItem":{"title":"Podman 4 is not in Fedora 35","permalink":"/blogs/2022/03/06/why_no_podman4_f35"}},"content":"## Learn why [Podman 4 is not in Fedora 35](https://podman.io/blogs/2022/03/06/why_no_podman4_f35.html) in this blog post from [Brent Baude](https://twitter.com/bbaude)."},{"id":"/2022/03/06/why_no_podman4_f35","metadata":{"permalink":"/blogs/2022/03/06/why_no_podman4_f35","source":"@site/blog/2022-03-06-why_no_podman4_f35.md","title":"Podman 4 is not in Fedora 35","description":"podman logo","date":"2022-03-06T00:00:00.000Z","formattedDate":"March 6, 2022","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"}],"readingTime":1.145,"hasTruncateMarker":true,"authors":[{"name":"baude"}],"frontMatter":{"title":"Podman 4 is not in Fedora 35","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","podman"]},"prevItem":{"title":"Podman 4 is not in Fedora 35","permalink":"/blogs/2022/03/06/new"},"nextItem":{"title":"Podman v4.0.0 Released","permalink":"/blogs/2022/02/22/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman 4 is not in Fedora 35\\n\\nPodman 4 will not officially ship in Fedora 35 because it has breaking changes from Podman 3. Fedora has well-founded\\npolicies that forbid updating a package in a Fedora release, like 35, that has breaking changes. This is true for\\nmost Linux distributions that are dependent on release versions.\\n\\n\x3c!--truncate--\x3e\\n\\nHowever, the Podman team has set up a COPR (Cool Other Package Repo) so that you can still install Podman and its\\ndependencies on Fedora 35. It is called [rhcontainerbot/podman4](https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman4/).\\nCOPRs are not officially supported by Fedora or its infrastructure. The podman4 COPR also has builds for\\nFedora 36 and CentOS 9 stream. There are even Fedora 36 builds as well.\\n\\n## Using podman4 COPR\\n\\nAdding the podman4 COPR is very easy. Instructions for doing so can be found on the\\n[rhcontainerbot/podman4](https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman4/) project site. But for\\na quick start, it is simply:\\n\\n```\\n $ sudo dnf copr enable rhcontainerbot/podman4\\n```\\n\\nOnce that command completes, you can install Podman.\\n\\n```\\n $ sudo dnf install podman\\n```\\n\\n_Note_: If you are upgrading an existing Podman 3 install and wish to run Podman 4\'s new network stack, be certain\\nyou that the aardvark and netavark packages are also installed (they are part of the same COPR). You will also\\nneed to then run `podman system reset --force` before running any new containers."},{"id":"/2022/02/22/new","metadata":{"permalink":"/blogs/2022/02/22/new","source":"@site/blog/2022-02-22-new.md","title":"Podman v4.0.0 Released","description":"Podman has gone 4.0.0!","date":"2022-02-22T00:00:00.000Z","formattedDate":"February 22, 2022","tags":[],"readingTime":0.025,"hasTruncateMarker":false,"authors":[],"frontMatter":{"layout":"default","title":"Podman v4.0.0 Released","categories":["new"]},"prevItem":{"title":"Podman 4 is not in Fedora 35","permalink":"/blogs/2022/03/06/why_no_podman4_f35"},"nextItem":{"title":"Testing Podman 4 with the new network stack","permalink":"/blogs/2022/02/04/network-usage"}},"content":"## [Podman has gone 4.0.0!](https://podman.io/releases/2022/02/22/podman-release-v4.0.0.html)"},{"id":"/2022/02/04/network-usage","metadata":{"permalink":"/blogs/2022/02/04/network-usage","source":"@site/blog/2022-02-04-network-usage.md","title":"Testing Podman 4 with the new network stack","description":"podman logo","date":"2022-02-04T00:00:00.000Z","formattedDate":"February 4, 2022","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"},{"label":"rootless","permalink":"/blogs/tags/rootless"},{"label":"sudo","permalink":"/blogs/tags/sudo"},{"label":"network","permalink":"/blogs/tags/network"},{"label":"netavark","permalink":"/blogs/tags/netavark"},{"label":"aardvark","permalink":"/blogs/tags/aardvark"},{"label":"aardvark-dns","permalink":"/blogs/tags/aardvark-dns"}],"readingTime":1.465,"hasTruncateMarker":true,"authors":[{"name":"baude"}],"frontMatter":{"title":"Testing Podman 4 with the new network stack","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac","rootless","sudo","network","netavark","aardvark","aardvark-dns"]},"prevItem":{"title":"Podman v4.0.0 Released","permalink":"/blogs/2022/02/22/new"},"nextItem":{"title":"Testing Podman 4 with new network stack","permalink":"/blogs/2022/02/04/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Testing Podman 4 with the new network stack\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\nPodman 4.0 will implement a new network stack instead of CNI plugins. There are two components to the new stack:\\n\\n\x3c!--truncate--\x3e\\n\\n- Netavark performs interface setup, IP address/etc assignment, NAT, and port mapping.\\n- Aardvark-dns that replaces the previous DNS name custom plugin. Aardvark-dns is a DNS server that provides name resolution and forwarding for container networks.\\n\\n> **Warning**: Before testing Podman 4 and the new network stack, you will have to destroy all your current containers, images, and network. Consider exporting/saving any import containers or images.\\n\\nIf you have run Podman 3.x before upgrading to Podman 4, Podman will continue to use CNI plugins as it had before. There is a marker in Podman\'s local storage that indicates this. In order to begin using Podman 4, you need to destroy that marker with podman system reset. This will destroy the marker, all of the images, all of the networks, and all of the containers.\\n\\n## Setting up Podman 4 with netavark and aardvark-dns on Fedora\\n\\nIf this is an upgrade to a current Podman install, destroy all current images, containers, and defined networks.\\n\\n> $ podman system reset --force\\n\\nEnsure you have the DNF copr extension.\\n\\n> $ sudo dnf install \'dnf-command(copr)\'\\n\\nAdd the podman4 test COPR to your system\\n\\n> $ sudo dnf copr enable rhcontainerbot/podman4\\n\\nIf you have never installed Podman, replace `upgrade` with `install` in the following command.\\n\\n> $ sudo dnf upgrade podman\\n\\nIf Podman was upgraded, you may have to install netavark explicitly. Otherwise, the Podman package will continue to use CNI.\\n\\n> $ sudo dnf install netavark aardvark-dns\\n\\nIf you find bugs, please report them to our [github issues page](https://github.com/containers/podman/issues)."},{"id":"/2022/02/04/new","metadata":{"permalink":"/blogs/2022/02/04/new","source":"@site/blog/2022-02-04-new.md","title":"Testing Podman 4 with new network stack","description":"The recent Podman v4.0 RC4 release containers the new network stack. Brent has just posted a new blog post: Testing Podman 4 with new network stack, to help you speed up your testing of the new stack. If you find any issues, please note them on the Podman issues on GitHub.","date":"2022-02-04T00:00:00.000Z","formattedDate":"February 4, 2022","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"},{"label":"rootless","permalink":"/blogs/tags/rootless"},{"label":"sudo","permalink":"/blogs/tags/sudo"},{"label":"network","permalink":"/blogs/tags/network"},{"label":"netavark","permalink":"/blogs/tags/netavark"},{"label":"aardvark","permalink":"/blogs/tags/aardvark"},{"label":"aardvark-dns","permalink":"/blogs/tags/aardvark-dns"}],"readingTime":0.255,"hasTruncateMarker":false,"authors":[{"name":"bbaude"}],"frontMatter":{"title":"Testing Podman 4 with new network stack","layout":"default","author":"bbaude","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac","rootless","sudo","network","netavark","aardvark","aardvark-dns"]},"prevItem":{"title":"Testing Podman 4 with the new network stack","permalink":"/blogs/2022/02/04/network-usage"},"nextItem":{"title":"Build Kubernetes pods with Podman play kube","permalink":"/blogs/2021/10/28/build-kubernetes-pods-with-podman-play-kube"}},"content":"The recent Podman v4.0 RC4 release containers the new network stack. Brent has just posted a new blog post: [Testing Podman 4 with new network stack](https://podman.io/blogs/2022/02/04/network-usage.html), to help you speed up your testing of the new stack. If you find any issues, please note them on the Podman [issues](https://github.com/containers/podman/issues) on GitHub."},{"id":"/2021/10/28/build-kubernetes-pods-with-podman-play-kube","metadata":{"permalink":"/blogs/2021/10/28/build-kubernetes-pods-with-podman-play-kube","source":"@site/blog/2021-10-28-build-kubernetes-pods-with-podman-play-kube.md","title":"Build Kubernetes pods with Podman play kube","description":"podman logo","date":"2021-10-28T00:00:00.000Z","formattedDate":"October 28, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"sudo","permalink":"/blogs/tags/sudo"},{"label":"rootless","permalink":"/blogs/tags/rootless"}],"readingTime":0.235,"hasTruncateMarker":false,"authors":[{"name":"bbaude"}],"frontMatter":{"title":"Build Kubernetes pods with Podman play kube","layout":"default","author":"bbaude","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","sudo","rootless"]},"prevItem":{"title":"Testing Podman 4 with new network stack","permalink":"/blogs/2022/02/04/new"},"nextItem":{"title":"Build Kubernetes pods with Podman play kube","permalink":"/blogs/2021/10/28/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Build Kubernetes pods with Podman play kube\\nThe `podman play kube` command has `docker compose` features in it to make it easier to transition your compose workloads. Brent Baude explains how in the recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [https://www.redhat.com/sysadmin/podman-play-kube-updates](https://www.redhat.com/sysadmin/podman-play-kube-updates)."},{"id":"/2021/10/28/new","metadata":{"permalink":"/blogs/2021/10/28/new","source":"@site/blog/2021-10-28-new.md","title":"Build Kubernetes pods with Podman play kube","description":"The podman play kube command has docker compose features in it to make it easier to transition your compose workloads. Brent Baude explains how in the recent blog post on the Red Hat Enable Sysadmin site, https://www.redhat.com/sysadmin/podman-play-kube-updates.","date":"2021-10-28T00:00:00.000Z","formattedDate":"October 28, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"},{"label":"rootless","permalink":"/blogs/tags/rootless"},{"label":"sudo","permalink":"/blogs/tags/sudo"}],"readingTime":0.185,"hasTruncateMarker":false,"authors":[{"name":"bbaude"}],"frontMatter":{"title":"Build Kubernetes pods with Podman play kube","layout":"default","author":"bbaude","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac","rootless","sudo"]},"prevItem":{"title":"Build Kubernetes pods with Podman play kube","permalink":"/blogs/2021/10/28/build-kubernetes-pods-with-podman-play-kube"},"nextItem":{"title":"How Podman runs on Macs and other container FAQs","permalink":"/blogs/2021/10/27/how-podman-runs-on-macs"}},"content":"The `podman play kube` command has `docker compose` features in it to make it easier to transition your compose workloads. Brent Baude explains how in the recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [https://www.redhat.com/sysadmin/podman-play-kube-updates](https://www.redhat.com/sysadmin/podman-play-kube-updates)."},{"id":"/2021/10/27/how-podman-runs-on-macs","metadata":{"permalink":"/blogs/2021/10/27/how-podman-runs-on-macs","source":"@site/blog/2021-10-27-how-podman-runs-on-macs.md","title":"How Podman runs on Macs and other container FAQs","description":"podman logo","date":"2021-10-27T00:00:00.000Z","formattedDate":"October 27, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"sudo","permalink":"/blogs/tags/sudo"},{"label":"rootless","permalink":"/blogs/tags/rootless"}],"readingTime":0.24,"hasTruncateMarker":false,"authors":[{"name":"bbaude"}],"frontMatter":{"title":"How Podman runs on Macs and other container FAQs","layout":"default","author":"bbaude","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","sudo","rootless"]},"prevItem":{"title":"Build Kubernetes pods with Podman play kube","permalink":"/blogs/2021/10/28/new"},"nextItem":{"title":"How Podman runs on Macs and other container FAQs","permalink":"/blogs/2021/10/27/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# How Podman runs on Macs and other container FAQs\\nBrent Baude clears up the confusion about Podman\'s machine architecture and other frequently asked questions in this recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [How Podman runs on Macs and other container FAQs](https://www.redhat.com/sysadmin/podman-mac-machine-architecture)."},{"id":"/2021/10/27/new","metadata":{"permalink":"/blogs/2021/10/27/new","source":"@site/blog/2021-10-27-new.md","title":"How Podman runs on Macs and other container FAQs","description":"Brent Baude clears up the confusion about Podman\'s machine architecture and other frequently asked questions in this recent blog post on the Red Hat Enable Sysadmin site, How Podman runs on Macs and other container FAQs.","date":"2021-10-27T00:00:00.000Z","formattedDate":"October 27, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"},{"label":"rootless","permalink":"/blogs/tags/rootless"},{"label":"sudo","permalink":"/blogs/tags/sudo"}],"readingTime":0.18,"hasTruncateMarker":false,"authors":[{"name":"bbaude"}],"frontMatter":{"title":"How Podman runs on Macs and other container FAQs","layout":"default","author":"bbaude","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac","rootless","sudo"]},"prevItem":{"title":"How Podman runs on Macs and other container FAQs","permalink":"/blogs/2021/10/27/how-podman-runs-on-macs"},"nextItem":{"title":"Why can\'t I use sudo with rootless Podman?","permalink":"/blogs/2021/10/16/new"}},"content":"Brent Baude clears up the confusion about Podman\'s machine architecture and other frequently asked questions in this recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [How Podman runs on Macs and other container FAQs](https://www.redhat.com/sysadmin/podman-mac-machine-architecture)."},{"id":"/2021/10/16/new","metadata":{"permalink":"/blogs/2021/10/16/new","source":"@site/blog/2021-10-16-new.md","title":"Why can\'t I use sudo with rootless Podman?","description":"So why can\'t I use sudo with rootless Podman? Matt Heon explains why and how you can safely work around the \\"need\\" if you have it in a recent blog post on the Red Hat Enable Sysadmin site, Why can\'t I use sudo with rootless Podman.","date":"2021-10-16T00:00:00.000Z","formattedDate":"October 16, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"},{"label":"rootless","permalink":"/blogs/tags/rootless"},{"label":"sudo","permalink":"/blogs/tags/sudo"}],"readingTime":0.23,"hasTruncateMarker":false,"authors":[{"name":"mheon"}],"frontMatter":{"title":"Why can\'t I use sudo with rootless Podman?","layout":"default","author":"mheon","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac","rootless","sudo"]},"prevItem":{"title":"How Podman runs on Macs and other container FAQs","permalink":"/blogs/2021/10/27/new"},"nextItem":{"title":"Why can\'t I use sudo with rootless Podman?","permalink":"/blogs/2021/10/16/sudo-with-rootless-podman"}},"content":"So why can\'t I use sudo with rootless Podman? Matt Heon explains why and how you can safely work around the \\"need\\" if you have it in a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [Why can\'t I use sudo with rootless Podman](https://www.redhat.com/sysadmin/sudo-rootless-podman)."},{"id":"/2021/10/16/sudo-with-rootless-podman","metadata":{"permalink":"/blogs/2021/10/16/sudo-with-rootless-podman","source":"@site/blog/2021-10-16-sudo-with-rootless-podman.md","title":"Why can\'t I use sudo with rootless Podman?","description":"podman logo","date":"2021-10-16T00:00:00.000Z","formattedDate":"October 16, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"sudo","permalink":"/blogs/tags/sudo"},{"label":"rootless","permalink":"/blogs/tags/rootless"}],"readingTime":0.285,"hasTruncateMarker":false,"authors":[{"name":"mheon"}],"frontMatter":{"title":"Why can\'t I use sudo with rootless Podman?","layout":"default","author":"mheon","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","sudo","rootless"]},"prevItem":{"title":"Why can\'t I use sudo with rootless Podman?","permalink":"/blogs/2021/10/16/new"},"nextItem":{"title":"Working with container image manifest lists","permalink":"/blogs/2021/10/11/multiarch"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Why can\'t I use sudo with rootless Podman?\\nSo why can\'t I use sudo with rootless Podman? Matt Heon explains why and how you can safely work around the \\"need\\" if you have it in a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [Why can\'t I use sudo with rootless Podman](https://www.redhat.com/sysadmin/sudo-rootless-podman)."},{"id":"/2021/10/11/multiarch","metadata":{"permalink":"/blogs/2021/10/11/multiarch","source":"@site/blog/2021-10-11-multiarch.md","title":"Working with container image manifest lists","description":"podman logo","date":"2021-10-11T00:00:00.000Z","formattedDate":"October 11, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"skopeo","permalink":"/blogs/tags/skopeo"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"multiarch","permalink":"/blogs/tags/multiarch"}],"readingTime":5.695,"hasTruncateMarker":true,"authors":[{"name":"cevich"}],"frontMatter":{"title":"Working with container image manifest lists","layout":"default","author":"cevich","categories":["blogs"],"tags":["containers","podman","buildah","skopeo","images","multiarch"]},"prevItem":{"title":"Why can\'t I use sudo with rootless Podman?","permalink":"/blogs/2021/10/16/sudo-with-rootless-podman"},"nextItem":{"title":"Working with container image manifest lists","permalink":"/blogs/2021/10/11/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Working with container image manifest lists\\n\\n## By Chris Evich [GitHub](https://github.com/cevich)\\n\\nIn this article, I will be using\\n[Podman](https://github.com/containers/podman),\\n[Buildah](https://github.com/containers/buildah),\\nand\\n[Skopeo](https://github.com/containers/skopeo)\\ncontainer tools to produce an image that supports multiple architectures\\nunder a single \\"name\\".\\n\\n\x3c!--truncate--\x3e\\n\\nSimply put, a _manifest list_ is just a collection of images with some\\nadditional metadata. While in principle any set of images can be in a\\nmanifest list, the intended use is housing multi-platform and/or multi-arch\\nimages. Otherwise, manifest lists mostly look and feel like regular container\\nimages. You can pull, tag, and run them as you\'d expect, with only a few\\nexceptions.\\n\\nTwo and a half things will likely catch you off-guard:\\n\\n- Pushing manifest lists to registries\\n- Removing manifest lists from local storage.\\n- The `podman tag` command is broken for manifest lists in `v3.4`, but\\n works in Buildah `v1.23.1`.\\n\\nDue to the way image-name references are internally processed, you should\\n**not** use the usual `podman push` and `podman rmi` subcommands.\\n**THEY WILL NOT DO WHAT YOU EXPECT!** Instead, you\'ll want to use\\n[`podman manifest push --all `](https://docs.podman.io/en/latest/markdown/podman-manifest-push.1.html) and\\n[`podman manifest rm `](https://docs.podman.io/en/latest/markdown/podman-manifest-rm.1.html)\\n(similarly for `buildah`). These will push/remove the manifest list\\nitself instead of the contents. Similarly for tagging if you\'re on Podman `v3.4`,\\nuse the `buildah tag` command instead.\\n\\nGreat, so manifest lists sound awesome; I can pull, and run them.\\nI can delete them with `podman manifest rm`, push with\\n`podman manifest push --all `, and `tag` with Buildah,\\nbut how can I create them?\\n\\n## Easy Mode\\n\\nThe simplest way to create a multi-arch manifest list is by enabling\\nemulation to support any non-native `RUN` instructions. This is done\\nby installing the `qemu-user-static` package (or equivalent) for your\\ndistribution. Also ensure the related `systemd-binfmt.service` is\\nenabled/started. Not all distributions support these, so skip to the\\nnext sections for details on other methods if required.\\n\\nAssuming emulation is in place, let\u2019s look at this example _Containerfile_:\\n\\n```Dockerfile\\nFROM registry.access.redhat.com/ubi8:latest\\nRUN uname -a\\n```\\n\\nBuilding a multi-arch manifest for this can be done with one build command.\\nThis is thanks to features of recent versions of Buildah (`v1.23` and later)\\nand Podman (`v3.4` and later):\\n\\n```bash\\n$ platarch=linux/amd64,linux/ppc64le,linux/arm64,linux/s390x\\n$ buildah build --jobs=4 --platform=$platarch --manifest shazam .\\n```\\n\\nThe key options used here are:\\n\\n- `--manifest` - Add the resulting image into the named manifest list (`shazam`),\\n creating it if it doesn\'t already exist.\\n- `--platform` - Accepts a comma-separated list of `platform/architecture`\\n tuples (`linux/amd64,linux/ppc64le,linux/arm64,linux/s390x`).\\n- `--jobs` - Optional, causes the builds to execute in parallel using\\n the specified number of threads (`4`). i.e., the build finishes much\\n faster.\\n\\n_Note_: Even this simple `Containerfile` and build command will produce\\nquite a lot of output. Assuming it\'s successful, you may use the following\\ncommand to examine the architectures:\\n\\n```bash\\n$ skopeo inspect --raw containers-storage:localhost/shazam | \\\\\\n jq \'.manifests[].platform.architecture\'\\n```\\n\\nSimilarly,\\n[`skopeo inspect`](https://github.com/containers/skopeo/blob/main/docs/skopeo-inspect.1.md)\\ncan be used to examine manifest lists on registry servers - just swap\\n`containers-storage:` with `docker://`. This is very useful for\\ndetermining if a base image is a manifest list, and if it is, which\\narchitecture the images were built for. Querying metadata in this\\nway doesn\'t require pulling down all the data, so it\'s quite fast.\\n\\nLastly and as mentioned at the beginning, pushing and removing manifest\\nlists is special. You **must** use `manifest push` or `manifest rm` sub-commands.\\nOtherwise, Podman will act on the contents rather than the manifest list\\nitself. Then for push, you must specify both the source and destination.\\nA somewhat contrived example might be:\\n\\n```bash\\n$ buildah tag localhost/shazam quay.io/example/shazam\\n$ podman manifest rm localhost/shazam\\n$ podman manifest push --all quay.io/example/shazam docker://quay.io/example/shazam\\n```\\n\\nIf you don\'t specify both the source and push destination, you\'ll\\nget an error message. In case you\'re wondering, the `--all` argument is\\nrequired. This tells Podman to push the manifest list AND the contents,\\nwhich is nearly always what you want to do. If you don\u2019t use the `--all`\\noption, only the native architecture will be sent without any warning or\\nother indications.\\n\\n## Cheat Mode\\n\\nIn the case of public automation services, where convenience and ease of\\nmaintenance are essential, [there are a set of container images that will\\nenable and configure `qermu-user-static` for\\nyou](https://github.com/orgs/multiarch/repositories).\\nThese images must be run in `--privileged` mode but will make\\n[setting things up in the automation system very easy (docs)](https://github.com/multiarch/qemu-user-static#getting-started).\\nOnce set up, the image-build method is precisely the same as the above section.\\n\\nThat said, this is not an endorsement, and you will need to perform your own due\\ndiligence. I only mention it in this article because if I don\'t, somebody is\\nbound to bring it up. It\'s likely a fine setup for small, non-critical cases.\\nBut this will probably be a \\"no-go\\", where provenance and security are critical.\\nSo, if that applies to you, continue on to the next section.\\n\\n## Safe Mode\\n\\nIn highly secure, locked-down, production environments using commercially\\nsupported distributions, additional safety is often paramount over the\\nconvenience of emulation. Additionally if the build is simply too complex,\\nemulation-slow, or involves multiple incompatible platforms (i.e., Windows\\nand Darwin) then it simply may not be practical.\\n\\nIn these cases, essentially you need to perform the builds separately,\\ncollect the images on one system, then combine them all into a manifest\\nlist as a separate step.\\n\\nFor example, let\'s assume that you\'ve built the `shazam` image on several\\nlinux hosts, tagged each of them with their architecture name, and pushed them\\nup to the `quay.io/example/shazam` repository. Combining them into a\\nmanifest list might look like this:\\n\\n```bash\\n$ REPO=quay.io/example/shazam\\n$ podman manifest create $REPO:latest\\n$ for IMGTAG in amd64 s390x ppc64le arm64; do \\\\\\n podman manifest add $REPO:latest docker://$REPO:IMGTAG; \\\\\\n done\\n$ podman manifest push --all $REPO:latest docker://$REPO:latest\\n```\\n\\n_Note:_ For the\\n[`manifest add`](https://docs.podman.io/en/latest/markdown/podman-manifest-add.1.html)\\nsub-command, the **target manifest list name comes first, then the image to add**.\\nIn the above example, the command inside the loop will pull down the\\nplatform-tagged image (metadata) and add it into the new manifest list. There\\nis no need for a separate\\n[pull](https://docs.podman.io/en/latest/markdown/podman-pull.1.html)\\noperation, and Podman will automatically figure out the constituent architecture\\nand platform information. If not, there are\\n[options to specify them manually](https://docs.podman.io/en/latest/markdown/podman-manifest-add.1.html#arch)\\nduring the `manifest add` operation. Lastly, in case of an accident, you\'ll\\nfind a\\n[`manifest remove`](https://docs.podman.io/en/latest/markdown/podman-manifest-remove.1.html)\\nsub-command (**same argument-order as `manifest add`**).\\n\\n## Conclusion\\n\\nWhile countless additional details are available in the man pages, this basic\\nknowledge should cover `90%` of your needs. With these essential tricks in\\nhand, producing your own multi-arch and/or multi-platform manifest lists\\nis just a matter of practice (or some new bash scripts).\\n\\nPlease also remember to pay attention to the tooling versions, as several\\nbugs and deficiencies are present in earlier editions. On that same note,\\nif you do encounter any strange or unexpected behavior, please reach out\\nto the [upstream community for assistance](https://podman.io/community/#slack-irc-matrix-and-discord)."},{"id":"/2021/10/11/new","metadata":{"permalink":"/blogs/2021/10/11/new","source":"@site/blog/2021-10-11-new.md","title":"Working with container image manifest lists","description":"In this article Chris Evich uses","date":"2021-10-11T00:00:00.000Z","formattedDate":"October 11, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"skopeo","permalink":"/blogs/tags/skopeo"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"multiarch","permalink":"/blogs/tags/multiarch"}],"readingTime":0.145,"hasTruncateMarker":false,"authors":[{"name":"cevich"}],"frontMatter":{"title":"Working with container image manifest lists","layout":"default","author":"cevich","categories":["new"],"tags":["containers","podman","buildah","skopeo","images","multiarch"]},"prevItem":{"title":"Working with container image manifest lists","permalink":"/blogs/2021/10/11/multiarch"},"nextItem":{"title":"Podman remote clients for macOS and Windows","permalink":"/blogs/2021/10/04/m1macs"}},"content":"In this article Chris Evich uses\\n[Podman](https://github.com/containers/podman),\\n[Buildah](https://github.com/containers/buildah),\\nand\\n[Skopeo](https://github.com/containers/skopeo)\\nto produce an image that supports multiple architectures\\nunder a single \\"name\\".\\n[Working with container image manifest lists](https://podman.io/blogs/2021/10/11/multiarch.html) post!"},{"id":"/2021/10/04/m1macs","metadata":{"permalink":"/blogs/2021/10/04/m1macs","source":"@site/blog/2021-10-04-m1macs.md","title":"Podman remote clients for macOS and Windows","description":"podman logo","date":"2021-10-04T00:00:00.000Z","formattedDate":"October 4, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.635,"hasTruncateMarker":true,"authors":[{"name":"baude"}],"frontMatter":{"title":"Podman remote clients for macOS and Windows","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Working with container image manifest lists","permalink":"/blogs/2021/10/11/new"},"nextItem":{"title":"Podman on Apple silicon","permalink":"/blogs/2021/10/04/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman on Apple Silicon\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\nThe Podman development team is happy to announce that Podman machine is now supported\\non Apple silicon hardware like the M1s.\\n\\n\x3c!--truncate--\x3e\\n\\nThe initial versions of Podman machine only supported Intel-based Apple machines. We could not support\\nthe Apple M1s because we needed some changes to occur in upstream projects that we depend on. Now that those\\nthings are fixed, we support Apple silicon hardware with Podman 3.4.\\n\\nIn the last two weeks, we were able to clear the final hurdles to support Podman machine on Apple Silicon. Many\\nthanks to the QEMU maintainers and the maintainers of brew. And last but not least, the Fedora FCOS team\\nwhich officially supports the aarch64 architecture now."},{"id":"/2021/10/04/new","metadata":{"permalink":"/blogs/2021/10/04/new","source":"@site/blog/2021-10-04-new.md","title":"Podman on Apple silicon","description":"Brent Baude Podman machine on Applie silicon is now supported! Read all about it on the Podman on Apple M1s post!","date":"2021-10-04T00:00:00.000Z","formattedDate":"October 4, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"},{"label":"buildah","permalink":"/blogs/tags/buildah"}],"readingTime":0.105,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Podman on Apple silicon","layout":"default","author":"baude","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac","buildah"]},"prevItem":{"title":"Podman remote clients for macOS and Windows","permalink":"/blogs/2021/10/04/m1macs"},"nextItem":{"title":"Podman on Macs Update","permalink":"/blogs/2021/09/06/new"}},"content":"Brent Baude Podman machine on Applie silicon is now supported! Read all about it on the [Podman on Apple M1s](https://podman.io/blogs/2021/10/04/m1macs.html) post!"},{"id":"/2021/09/06/new","metadata":{"permalink":"/blogs/2021/09/06/new","source":"@site/blog/2021-09-06-new.md","title":"Podman on Macs Update","description":"Brent Baude checks in with an update on Podman on macOS and Windows. Read all about it on the Podman on Macs Update post!","date":"2021-09-06T00:00:00.000Z","formattedDate":"September 6, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"},{"label":"buildah","permalink":"/blogs/tags/buildah"}],"readingTime":0.12,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Podman on Macs Update","layout":"default","author":"baude","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac","buildah"]},"prevItem":{"title":"Podman on Apple silicon","permalink":"/blogs/2021/10/04/new"},"nextItem":{"title":"Podman remote clients for macOS and Windows","permalink":"/blogs/2021/09/06/podman-on-macs"}},"content":"Brent Baude checks in with an update on Podman on macOS and Windows. Read all about it on the [Podman on Macs Update](https://podman.io/blogs/2021/09/06/podman-on-macs.html) post!"},{"id":"/2021/09/06/podman-on-macs","metadata":{"permalink":"/blogs/2021/09/06/podman-on-macs","source":"@site/blog/2021-09-06-podman-on-macs.md","title":"Podman remote clients for macOS and Windows","description":"podman logo","date":"2021-09-06T00:00:00.000Z","formattedDate":"September 6, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":2.63,"hasTruncateMarker":true,"authors":[{"name":"baude"}],"frontMatter":{"title":"Podman remote clients for macOS and Windows","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman on Macs Update","permalink":"/blogs/2021/09/06/new"},"nextItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2021/09/03/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman on Macs Update\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\nThe Podman team values the local development experience, and we think containers are a crucial part of that. We\u2019ve been brainstorming, discussing, and testing solutions to bring a great Podman experience to Mac and Windows. We are constantly looking for ways to improve it. In particular, the latest release of Podman has support for ~~Intel~~(as of Podman v3.4) Macs. We have been hearing good feedback for a few weeks now, but up until this point, we haven\u2019t published a lot of documentation.\\n\\n\x3c!--truncate--\x3e\\n\\nRecently, we have been getting an influx of questions about Podman and Podman desktop, specifically around Macs. Coincidentally, we have a really elegant solution which we\u2019d like to introduce. In the recently released Podman-3.3.1, we now have support for Intel-based Macs. It is command-line driven and can be installed through brew (aka [Homebrew](https://brew.sh/)).\\n\\n### User Experience on macOS\\n\\nThe user-experience is quite simple:\\n\\n1. Install brew (as it is described on their [homepage](https://brew.sh/))\\n2. Install podman from brew: `brew install podman`\\n3. Initialize a podman machine: `podman machine init`\\n4. Start the machine: `podman machine start`\\n5. Use podman as you normally would.\\n\\nIt is worth running `podman machine --help` to familiarize yourself with the other commands used to manage machines.\\n\\nPlease note that Podman machine is still under development. While we support port forwarding on Macs and Linux, we have not implemented a solution for file sharing and bind mounts. We are currently researching the various technologies to do so as we want to choose a performant approach.\\n\\n~~Podman machine is currently only supported on Linux and Intel Macs. As for the new Macs that are based on Apple Silicon, we are now waiting for two things. First, we need some patches from upstream qemu to get merged and released. While we wait for the upstream patches, we are working on a possible work-around for qemu. If that is successful, we will re-enable the M1 support in Podman and get brew updated. The second is we need [Fedora CoreOS](https://getfedora.org/en/coreos) aarch64 images to be indexed, which should be occurring very shortly.~~ Podman 3.4, Oct-10-2021\\n\\n### User Experience on Windows\\n\\nWe currently support the Windows platform with a remote client that can be downloaded from our [GitHub releases page](https://github.com/containers/podman/releases). That remote client requires a Linux server with Podman and its service running. We also have user reports that running Podman in WSL is quite tenable. Consider the WSL option if you do not have available Linux servers with Podman installed.\\n\\nWe intend to develop a desktop for the Mac and Windows experience for Podman. Early design work is under consideration. No timeline has been identified yet.\\n\\n### Questions?\\n\\nRemember, our development team can be found in our [Matrix room](https://matrix.to/#/#podman:matrix.org) which has been bridged to the #podman channel on [libera IRC](https://libera.chat/) as well as our [Discord server](https://discord.gg/x5GzFF6QH4). You can also get in touch with us via our [project page](https://github.com/containers/podman) by opening issues, PR\u2019s and discussions. We love to hear from people!\\n\\nPodman is an open-source project. We are always looking for contributors to help us accelerate features into the Podman and container world."},{"id":"/2021/09/03/new","metadata":{"permalink":"/blogs/2021/09/03/new","source":"@site/blog/2021-09-03-new.md","title":"Podman Posts of Interest","description":"I\'ve been lagging a bit in getting posts up on this site that have landed elsewhere, so time for","date":"2021-09-03T00:00:00.000Z","formattedDate":"September 3, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.17,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Posts of Interest","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman remote clients for macOS and Windows","permalink":"/blogs/2021/09/06/podman-on-macs"},"nextItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2021/09/03/podman-posts-of-interests"}},"content":"I\'ve been lagging a bit in getting posts up on this site that have landed elsewhere, so time for\\nanother \\"Podman Posts of Interest\\" post.\\nCheckout the [Podman Posts of Interest](https://podman.io/blogs/2021/09/03/podman-posts-of-interests.html) for the links!"},{"id":"/2021/09/03/podman-posts-of-interests","metadata":{"permalink":"/blogs/2021/09/03/podman-posts-of-interests","source":"@site/blog/2021-09-03-podman-posts-of-interests.md","title":"Podman Posts of Interest","description":"podman logo","date":"2021-09-03T00:00:00.000Z","formattedDate":"September 3, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.81,"hasTruncateMarker":true,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Posts of Interest","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2021/09/03/new"},"nextItem":{"title":"How to use Podman inside of a container","permalink":"/blogs/2021/07/02/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman Posts of Interest\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nA number of blog posts have flung by and I have not had a chance to get individual\\nlink posts to them, so thought I would add a few here that have popped up recently,\\nlinks after the break!.\\n\\n\x3c!--truncate--\x3e\\n\\n- [Tony Kay](https://github.com/tonykay) - [Running Podman Machine on the Mac M1](https://www.cloudassembler.com/post/podman-machine-mac-m1/) - Tony walks you through all the steps that you\'ll need in order to run Podman on a M1 Mac.\\n- [Abhijeet Kasurde](https://medium.com/@AbhijeetKasurde) - [Running Podman machine on macOS](https://medium.com/@AbhijeetKasurde/running-podman-machine-on-macos-1f3fb0dbf73d) - Abhijeet also walks you through the steps of setting up qemu and Podman machine to run Podman on your Mac.\\n- [Sumantro Mukherjee](https://twitter.com/Bytesofbinary) - [Run a Linux virtual machine in Podman](https://opensource.com/article/21/7/linux-podman) - Sumantro shows you how to use Podman machine to run Fedora CoreOS.\\n- https://github.com/bowmanjd - [Install Docker on Windows (WSL) without Docker Desktop](https://dev.to/bowmanjd/install-docker-on-windows-wsl-without-docker-desktop-34m9) Jonathan shows you how to run Docker or Podman on Windows without Docker Desktop."},{"id":"/2021/07/02/new","metadata":{"permalink":"/blogs/2021/07/02/new","source":"@site/blog/2021-07-02-new.md","title":"How to use Podman inside of a container","description":"Do you want to know how to use Podman inside of a container? Dan Walsh and Urvashi Mohnani show you how to in a recent blog post on the Red Hat Enable Sysadmin site, How to use Podman inside of a container.","date":"2021-07-02T00:00:00.000Z","formattedDate":"July 2, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.21,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"How to use Podman inside of a container","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2021/09/03/podman-posts-of-interests"},"nextItem":{"title":"How to use Podman inside of a container","permalink":"/blogs/2021/07/02/podman-inside-container"}},"content":"Do you want to know how to use Podman inside of a container? [Dan Walsh](https://twitter.com/rhatdan) and [Urvashi Mohnani](https://twitter.com/umohnani8) show you how to in a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [How to use Podman inside of a container](https://www.redhat.com/sysadmin/podman-inside-container)."},{"id":"/2021/07/02/podman-inside-container","metadata":{"permalink":"/blogs/2021/07/02/podman-inside-container","source":"@site/blog/2021-07-02-podman-inside-container.md","title":"How to use Podman inside of a container","description":"podman logo","date":"2021-07-02T00:00:00.000Z","formattedDate":"July 2, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.265,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"How to use Podman inside of a container","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"How to use Podman inside of a container","permalink":"/blogs/2021/07/02/new"},"nextItem":{"title":"How to use Podman inside of Kubernetes","permalink":"/blogs/2021/07/01/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# How to use Podman inside of a container\\n\\nDo you want to know how to use Podman inside of a container? [Dan Walsh](https://twitter.com/rhatdan) and [Urvashi Mohnani](https://twitter.com/umohnani8) show you how to in a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [How to use Podman inside of a container](https://www.redhat.com/sysadmin/podman-inside-container)."},{"id":"/2021/07/01/new","metadata":{"permalink":"/blogs/2021/07/01/new","source":"@site/blog/2021-07-01-new.md","title":"How to use Podman inside of Kubernetes","description":"Do you want to know how to use Podman inside of Kubernetes? Urvashi Mohnani and Dan Walsh show you how to in a recent blog post on the Red Hat Enable Sysadmin site, How to use Podman inside of Kubernetes.","date":"2021-07-01T00:00:00.000Z","formattedDate":"July 1, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.2,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"How to use Podman inside of Kubernetes","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"How to use Podman inside of a container","permalink":"/blogs/2021/07/02/podman-inside-container"},"nextItem":{"title":"How to use Podman inside of Kubernetes","permalink":"/blogs/2021/07/01/podman-inside-kubernets"}},"content":"Do you want to know how to use Podman inside of Kubernetes? [Urvashi Mohnani](https://twitter.com/umohnani8) and [Dan Walsh](https://twitter.com/rhatdan) show you how to in a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [How to use Podman inside of Kubernetes](https://www.redhat.com/sysadmin/podman-inside-kubernetes)."},{"id":"/2021/07/01/podman-inside-kubernets","metadata":{"permalink":"/blogs/2021/07/01/podman-inside-kubernets","source":"@site/blog/2021-07-01-podman-inside-kubernets.md","title":"How to use Podman inside of Kubernetes","description":"podman logo","date":"2021-07-01T00:00:00.000Z","formattedDate":"July 1, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.25,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"How to use Podman inside of Kubernetes","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac","kubernetes"]},"prevItem":{"title":"How to use Podman inside of Kubernetes","permalink":"/blogs/2021/07/01/new"},"nextItem":{"title":"How to Install and Use Podman on Ubuntu 20.04","permalink":"/blogs/2021/06/16/install-podman-on-ubuntu"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# How to use Podman inside of Kubernetes\\n\\nDo you want to know how to use Podman inside of Kubernetes? [Urvashi Mohnani](https://twitter.com/umohnani8) and [Dan Walsh](https://twitter.com/rhatdan) show you how to in a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [How to use Podman inside of Kubernetes](https://www.redhat.com/sysadmin/podman-inside-kubernetes)."},{"id":"/2021/06/16/install-podman-on-ubuntu","metadata":{"permalink":"/blogs/2021/06/16/install-podman-on-ubuntu","source":"@site/blog/2021-06-16-install-podman-on-ubuntu.md","title":"How to Install and Use Podman on Ubuntu 20.04","description":"podman logo","date":"2021-06-16T00:00:00.000Z","formattedDate":"June 16, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.27,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"How to Install and Use Podman on Ubuntu 20.04","layout":"default","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"How to use Podman inside of Kubernetes","permalink":"/blogs/2021/07/01/podman-inside-kubernets"},"nextItem":{"title":"How to Install and Use Podman on Ubuntu 20.04","permalink":"/blogs/2021/06/16/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\nHitesh Jethva posted a blog post on the [Atlantic.Net](https://www.atlantic.net/) site talking about [How to Install and Use Podman on Ubuntu 20.04](https://www.atlantic.net/dedicated-server-hosting/how-to-install-and-use-podman-on-ubuntu-20-04/). In the post Hitesh walks through all the steps necessary from \'A\' to \'Z\' to get Podman up and running on Ubuntu 20.04 and how to do some initial Podman commands."},{"id":"/2021/06/16/new","metadata":{"permalink":"/blogs/2021/06/16/new","source":"@site/blog/2021-06-16-new.md","title":"How to Install and Use Podman on Ubuntu 20.04","description":"Hitesh Jethva posted a blog post on the Atlantic.Net site talking about How to Install and Use Podman on Ubuntu 20.04. In the post Hitesh walks through all the steps necessary from \'A\' to \'Z\' to get Podman up and running on Ubuntu 20.04 and how to do some initial Podman commands.","date":"2021-06-16T00:00:00.000Z","formattedDate":"June 16, 2021","tags":[],"readingTime":0.26,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"How to Install and Use Podman on Ubuntu 20.04","layout":"default","categories":["new"]},"prevItem":{"title":"How to Install and Use Podman on Ubuntu 20.04","permalink":"/blogs/2021/06/16/install-podman-on-ubuntu"},"nextItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2021/06/13/new"}},"content":"Hitesh Jethva posted a blog post on the [Atlantic.Net](https://www.atlantic.net/) site talking about [How to Install and Use Podman on Ubuntu 20.04](https://www.atlantic.net/dedicated-server-hosting/how-to-install-and-use-podman-on-ubuntu-20-04/). In the post Hitesh walks through all the steps necessary from \'A\' to \'Z\' to get Podman up and running on Ubuntu 20.04 and how to do some initial Podman commands."},{"id":"/2021/06/13/new","metadata":{"permalink":"/blogs/2021/06/13/new","source":"@site/blog/2021-06-13-new.md","title":"Podman Posts of Interest","description":"I\'ve been lagging a bit in getting posts up on this site that have landed elsewhere, so time for","date":"2021-06-13T00:00:00.000Z","formattedDate":"June 13, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.17,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Posts of Interest","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"How to Install and Use Podman on Ubuntu 20.04","permalink":"/blogs/2021/06/16/new"},"nextItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2021/06/13/podman-posts-of-interests"}},"content":"I\'ve been lagging a bit in getting posts up on this site that have landed elsewhere, so time for\\nanother \\"Podman Posts of Interest\\" post.\\nCheckout the [Podman Posts of Interest](https://podman.io/blogs/2021/06/13/podman-posts-of-interests.html) for the links!"},{"id":"/2021/06/13/podman-posts-of-interests","metadata":{"permalink":"/blogs/2021/06/13/podman-posts-of-interests","source":"@site/blog/2021-06-13-podman-posts-of-interests.md","title":"Podman Posts of Interest","description":"podman logo","date":"2021-06-13T00:00:00.000Z","formattedDate":"June 13, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":1.685,"hasTruncateMarker":true,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Posts of Interest","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2021/06/13/new"},"nextItem":{"title":"Podman 3 and Docker Compose - How Does the Dockerless Compose Work?","permalink":"/blogs/2021/05/26/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman Posts of Interest\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nA number of blog posts have flung by and I have not had a chance to get individual\\nlink posts to them, so thought I would add a few here that have popped up recently,\\nlinks after the break!.\\n\\n\x3c!--truncate--\x3e\\n\\n- [Ashley Cui](https://twitter.com/cuicodes) - [Exploring the new Podman secret command](https://www.redhat.com/sysadmin/new-podman-secrets-command) - Ashely strikes again with another great article. This time she\'s talking all about the new Podman secret command and how you can store sensitive information in your image, yet not have it be exposed without your container.\\n- [cfillekes](https://cfillekes-25575.medium.com) - [Building and Publishing Multi-Arch Images and Image Manifests with Red Hat Buildah and Podman](https://medium.com/qiskit-openshift-multi-arch/building-and-publishing-multi-arch-images-and-image-manifests-with-red-hat-buildah-and-podman-927c717adaf3) - Want to learn how to use the `--platform` flag in Podman and Buildah to build Multi-Arch images? Then this is the post for you!\\n- [Dan Walsh](https://twitter.com/rhatdan) - [New container feature: Volatile overlay mounts](https://www.redhat.com/sysadmin/container-volatile-overlay-mounts) - How to use volatile mounts in a container to increase performance and clean up unnecessary clutter.\\n- [James Walker](https://www.cloudsavvyit.com/author/jameswalker/) - [What Is Podman and How Does It Differ from Docker?](https://www.cloudsavvyit.com/11575/what-is-podman-and-how-does-it-differ-from-docker/) - James walks you through the differences between the two container tools.\\n- [Dan Walsh](https://twitter.com/rhatdan) - [Using files and devices in Podman rootless containers](https://www.redhat.com/sysadmin/files-devices-podman) - Dan talks about the `k--group-add keep-groups` feature and how it allows rootless containers to maintain the groups of its parent process.\\n- [Sarthak Jain](https://www.redhat.com/sysadmin/users/sarthak-jain) - [How to automate Podman installation and deployment using Ansible](https://www.redhat.com/sysadmin/automate-podman-ansible) - Sarthak shows you how to automate Podman with Ansible.\\n- [Eduardo Medeiros](https://twitter.com/xedux) - [How to create container images with ansible-bender](https://blog.emedeiros.me/archives/2021/05/05/how-to-create-container-images-with-ansible-bender.html) - Eduardo shows how to use Ansible Bender along with Podman and Buildah to build container images.\\n- [Daniel Schier](https://twitter.com/daniel_wtd) - [Podman Networking - Part 2](https://blog.while-true-do.io/podman-networking-2/) - Daniel shows how the `podman network` command can be used for external and internal networks.\\n- [Thomas Tuffin](https://www.redhat.com/sysadmin/users/thomas-tuffin) - [Home automation: Running Home Assistant with Podman](https://www.redhat.com/sysadmin/automate-your-home) - An intro to the Home Assistant open source project, what it can do, and a basic setup using a container."},{"id":"/2021/05/26/new","metadata":{"permalink":"/blogs/2021/05/26/new","source":"@site/blog/2021-05-26-new.md","title":"Podman 3 and Docker Compose - How Does the Dockerless Compose Work?","description":"One of the main Podman 3 features is the support of Docker Compose. You can take any of your existing docker-compose.yml and just use it with Podman.","date":"2021-05-26T00:00:00.000Z","formattedDate":"May 26, 2021","tags":[],"readingTime":0.235,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Podman 3 and Docker Compose - How Does the Dockerless Compose Work?","layout":"default","categories":["new"]},"prevItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2021/06/13/podman-posts-of-interests"},"nextItem":{"title":"Podman 3 and Docker Compose - How Does the Dockerless Compose Work?","permalink":"/blogs/2021/05/26/podman-3-compose"}},"content":"One of the main Podman 3 features is the support of Docker Compose. You can take any of your existing docker-compose.yml and just use it with Podman.\\n\\n[In this video](https://www.youtube.com/watch?v=15PFfjuxtvM), Kirill Shirinkin shows how he moved from Docker to Podman in a real docker-composed application.\\n\\n[Watch now](https://www.youtube.com/watch?v=15PFfjuxtvM)."},{"id":"/2021/05/26/podman-3-compose","metadata":{"permalink":"/blogs/2021/05/26/podman-3-compose","source":"@site/blog/2021-05-26-podman-3-compose.md","title":"Podman 3 and Docker Compose - How Does the Dockerless Compose Work?","description":"podman logo","date":"2021-05-26T00:00:00.000Z","formattedDate":"May 26, 2021","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"systemd","permalink":"/blogs/tags/systemd"},{"label":"video","permalink":"/blogs/tags/video"},{"label":"docker","permalink":"/blogs/tags/docker"}],"readingTime":0.335,"hasTruncateMarker":false,"authors":[{"name":"kshirinkin"}],"frontMatter":{"title":"Podman 3 and Docker Compose - How Does the Dockerless Compose Work?","layout":"default","author":"kshirinkin","categories":["blogs"],"tags":["podman","containers","systemd","video","docker"]},"prevItem":{"title":"Podman 3 and Docker Compose - How Does the Dockerless Compose Work?","permalink":"/blogs/2021/05/26/new"},"nextItem":{"title":"May the Fourth be with you via Podman!","permalink":"/blogs/2021/05/04/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n## Podman 3 and Docker Compose - How Does the Dockerless Compose Work?\\n\\n## By Kirill Shirinkin [GitHub](https://github.com/Fodoj)\\n\\nOne of the main Podman 3 features is the support of Docker Compose. You can take any of your existing docker-compose.yml and just use it with Podman.\\n\\n[In this video](https://www.youtube.com/watch?v=15PFfjuxtvM), Kirill Shirinkin shows how he moved from Docker to Podman in a real docker-composed application.\\n\\n[Watch now](https://www.youtube.com/watch?v=15PFfjuxtvM)."},{"id":"/2021/05/04/new","metadata":{"permalink":"/blogs/2021/05/04/new","source":"@site/blog/2021-05-04-new.md","title":"May the Fourth be with you via Podman!","description":"By Tom Sweeney GitHub","date":"2021-05-04T00:00:00.000Z","formattedDate":"May 4, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.265,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"May the Fourth be with you via Podman!","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman 3 and Docker Compose - How Does the Dockerless Compose Work?","permalink":"/blogs/2021/05/26/podman-3-compose"},"nextItem":{"title":"May the Fourth be with you via Podman!","permalink":"/blogs/2021/05/04/star-wars-in-podman"}},"content":"## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nMy latest blog post has just hit [Enable Sysadmin](https://www.redhat.com/sysadmin/). In the\\n[May the Fourth be with you via Podman](https://www.redhat.com/sysadmin/may-fourth-podman) post,\\nI delve into running an Ascii movie featureing the first Star Wars Movie inside of a container\\nrun by Podman.\\n\\nEnjoy and May the Fourth be with you!"},{"id":"/2021/05/04/star-wars-in-podman","metadata":{"permalink":"/blogs/2021/05/04/star-wars-in-podman","source":"@site/blog/2021-05-04-star-wars-in-podman.md","title":"May the Fourth be with you via Podman!","description":"podman logo","date":"2021-05-04T00:00:00.000Z","formattedDate":"May 4, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.275,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"May the Fourth be with you via Podman!","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"May the Fourth be with you via Podman!","permalink":"/blogs/2021/05/04/new"},"nextItem":{"title":"Podman v3.1.0 Released","permalink":"/blogs/2021/04/02/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nMy latest blog post has just hit [Enable Sysadmin](https://www.redhat.com/sysadmin/). In the\\n[May the Fourth be with you via Podman](https://www.redhat.com/sysadmin/may-fourth-podman) post,\\nI delve into running an Ascii movie featureing the first Star Wars Movie inside of a container\\nrun by Podman.\\n\\nEnjoy and May the Fourth be with you!"},{"id":"/2021/04/02/new","metadata":{"permalink":"/blogs/2021/04/02/new","source":"@site/blog/2021-04-02-new.md","title":"Podman v3.1.0 Released","description":"Podman has gone 3.1.0!","date":"2021-04-02T00:00:00.000Z","formattedDate":"April 2, 2021","tags":[],"readingTime":0.025,"hasTruncateMarker":false,"authors":[],"frontMatter":{"layout":"default","title":"Podman v3.1.0 Released","categories":["new"]},"prevItem":{"title":"May the Fourth be with you via Podman!","permalink":"/blogs/2021/05/04/star-wars-in-podman"},"nextItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2021/03/27/new"}},"content":"## [Podman has gone 3.1.0!](https://podman.io/releases/2021/04/02/podman-release-v3.1.0.html)"},{"id":"/2021/03/27/new","metadata":{"permalink":"/blogs/2021/03/27/new","source":"@site/blog/2021-03-27-new.md","title":"Podman Posts of Interest","description":"This past week I ran into three blog posts concerning Podman and thought I\'d do","date":"2021-03-27T00:00:00.000Z","formattedDate":"March 27, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.175,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Posts of Interest","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman v3.1.0 Released","permalink":"/blogs/2021/04/02/new"},"nextItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2021/03/27/podman-posts-of-interests"}},"content":"This past week I ran into three blog posts concerning Podman and thought I\'d do\\nanother \\"Podman Posts of Interest\\" post in case you missed them.\\nCheckout the [Podman Posts of Interest](https://podman.io/blogs/2021/03/27/podman-posts-of-interests.html) for the links!"},{"id":"/2021/03/27/podman-posts-of-interests","metadata":{"permalink":"/blogs/2021/03/27/podman-posts-of-interests","source":"@site/blog/2021-03-27-podman-posts-of-interests.md","title":"Podman Posts of Interest","description":"podman logo","date":"2021-03-27T00:00:00.000Z","formattedDate":"March 27, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.655,"hasTruncateMarker":true,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Posts of Interest","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2021/03/27/new"},"nextItem":{"title":"Announcement: Support for Older Distros on Kubic Project/OBS","permalink":"/blogs/2021/03/02/podman-support-for-older-distros"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman Posts of Interest\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nA number of blog posts have flung by and I have not had a chance to get individual\\nlink posts to them, so thought I would add a few here that have popped up recently,\\nlinks after the break!.\\n\\n\x3c!--truncate--\x3e\\n\\n- [Oracle-Base](https://oracle-base.com/) - [Podman : Install Podman on Oracle Linux 8 (OL8)](https://oracle-base.com/articles/linux/podman-install-on-oracle-linux-ol8#install-podman) - A nice first look at Podman on Oracle Linux 8 from install to basic usage including rootless.\\n- [Dave Meurer](https://twitter.com/davemeurer) - [How to replace Docker with Podman on a Mac](https://www.redhat.com/sysadmin/replace-docker-podman-macos) - Dave shows you what you need to know about Podman on Mac.\\n- [Mohit Goyal](https://mohitgoyal.co/about/) - [Installing and Working with Podman as Container Engine](https://mohitgoyal.co/2021/03/15/installing-and-working-with-podman-as-container-engine/) - Walks you through the installation and basic usage of Podman."},{"id":"/2021/03/02/podman-support-for-older-distros","metadata":{"permalink":"/blogs/2021/03/02/podman-support-for-older-distros","source":"@site/blog/2021-03-02-podman-support-for-older-distros.md","title":"Announcement: Support for Older Distros on Kubic Project/OBS","description":"podman logo","date":"2021-03-02T00:00:00.000Z","formattedDate":"March 2, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"distro","permalink":"/blogs/tags/distro"},{"label":"linux","permalink":"/blogs/tags/linux"},{"label":"centos","permalink":"/blogs/tags/centos"},{"label":"ubuntu","permalink":"/blogs/tags/ubuntu"},{"label":"debian","permalink":"/blogs/tags/debian"}],"readingTime":1.27,"hasTruncateMarker":true,"authors":[{"name":"lsm5"}],"frontMatter":{"title":"Announcement: Support for Older Distros on Kubic Project/OBS","layout":"default","author":"lsm5","categories":["blogs"],"tags":["containers","podman","distro","linux","centos","ubuntu","debian"]},"prevItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2021/03/27/podman-posts-of-interests"},"nextItem":{"title":"Easy Development Dependency Management With Podman and Tent","permalink":"/blogs/2021/02/08/easy-development-dependency-management-with-podman-and-tent"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Announcement: Support for Older Distros on Kubic Project/OBS\\n\\n## By Lokesh Mandvekar [GitHub](https://github.com/lsm5)\\n\\nThe Podman Community [builds and supports packages](https://podman.io/getting-started/installation)\\nfor a wide variety of Linux distributions and operating systems. These builds are\\nprovided in the public Open Build Service hosted by openSUSE.\\n[These pre-built packages](https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/)\\nhave made it easier for new users to test the latest-greatest\\nversions of Podman and allow for using it on distributions that do not yet provide\\nit in their main repositories.\\n\\n\x3c!--truncate--\x3e\\n\\nAs Podman matures, we are constantly looking for ways to focus on improvement to\\nthe project versus just maintenance. One area of focus is around trimming down the\\nmatrix of packages we build for different Linux distros. This is made easier by the\\nfact that Podman is now supported natively in many major Linux distributions.\\nFor instance, Podman is in the main repositories in Ubuntu 20.10 and future versions.\\nAlso, Podman is going to be released with Debian 11.\\n\\nWith the launch of Podman 3.0, we will be trimming support for the latest builds of\\nPodman for a number of older distributions. There are technical reasons that make it\\nbarely possible to support a modern container engine such as Podman on too old\\nsystems, where the kernel and certain core libraries may be too old.\\n\\nPodman 3.0 will be the last major build on CentOS 7, Debian 10 and Ubuntu 18.04.\\nAfter this release, we recommend users who need the latest versions of Podman to move\\nto newer versions of their Linux distribution."},{"id":"/2021/02/08/easy-development-dependency-management-with-podman-and-tent","metadata":{"permalink":"/blogs/2021/02/08/easy-development-dependency-management-with-podman-and-tent","source":"@site/blog/2021-02-08-easy-development-dependency-management-with-podman-and-tent.md","title":"Easy Development Dependency Management With Podman and Tent","description":"podman logo","date":"2021-02-08T00:00:00.000Z","formattedDate":"February 8, 2021","tags":[{"label":"tent","permalink":"/blogs/tags/tent"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"dependency-management","permalink":"/blogs/tags/dependency-management"},{"label":"linux","permalink":"/blogs/tags/linux"}],"readingTime":4.705,"hasTruncateMarker":true,"authors":[{"name":"fhsinchy"}],"frontMatter":{"title":"Easy Development Dependency Management With Podman and Tent","layout":"default","author":"fhsinchy","categories":["blogs"],"tags":["tent","hpc","podman","containers","dependency-management","linux"]},"prevItem":{"title":"Announcement: Support for Older Distros on Kubic Project/OBS","permalink":"/blogs/2021/03/02/podman-support-for-older-distros"},"nextItem":{"title":"Easy Development Dependency Management With Podman and Tent","permalink":"/blogs/2021/02/08/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Easy Development Dependency Management With Podman and Tent\\n\\n## By Farhan Hasin Chowdhury [GitHub](https://github.com/fhsinchy)\\n\\nInstalling and managing development dependencies for various project is a chore and one thing that can improve your everyday workflow is the usage of containers.\\n\\n[Tent](https://github.com/fhsinchy/tent/) is a CLI tool for running development dependencies such as MySQL, Mongo, ElasticSearch etc inside pre-configured containers using simple one-liners.\\n\\n\x3c!--truncate--\x3e\\n\\nRunning containers can be accessed via their exposed ports and can be paired with any other application on your system.\\n\\nStarting a service such as `mysql` is as simple as executing `tent start mysql` and you\'ll never have to look back at it.\\n\\nBut `mysql` is not the only available service. A list of all the available services can be found on: [services.go](https://github.com/fhsinchy/tent/blob/master/store/services.go)\\n\\nTent is heavily inspired from [tighten/takeout](https://github.com/tighten/takeout) and is an experimental project. Hence, care should be taken if you\'re using it in a critical environment.\\n\\n## Dependencies\\n\\n- Linux\\n- [Podman](https://podman.io/getting-started/installation) Installed\\n- Podman System Service Running\\n\\nIf you have Podman installed, you can start the system service as follows:\\n\\n```bash\\n## starts the podman system service\\nsystemctl --user start podman.socket\\n\\n## enables the podman system service, so it doesn\'t close on every reboot\\nsystemctl --user enable podman.socket\\n\\n## stops the podman system service\\nsystemctl --user stop podman.socket\\n\\n## disables the podman system service, so it doesn\'t start on every reboot\\nsystemctl --user disable podman.socket\\n```\\n\\nTent assumes that you\'re running the service in non-root mode, hence the `--user` argument is necessary in the above commands.\\n\\n## Installation\\n\\nVisit the [tent release page](https://github.com/fhsinchy/tent/releases/) and download the `tent` binary to your computer. Open up your terminal where you\'ve donwloaded the file and execute following commands:\\n\\n```bash\\nchmod +x ./tent\\n\\nsudo mv ./tent /usr/local/bin\\n```\\n\\nNow the `tent` command should be available everywhere in your system.\\n\\n## Build From Source\\n\\nIf you\'re on a Fedora system, the following command should install the necessary development dependencies.\\n\\n```bash\\nsudo dnf groupinstall \\"Development Tools\\" -y && sudo dnf install golang btrfs-progs-devel gpgme-devel device-mapper-devel -y\\n```\\n\\nAnd on a Ubuntu system, the following command should install the necessary development dependencies.\\n\\n```bash\\nsudo apt install build-essential golang-go libbtrfs-dev libgpgme-dev libdevmapper-dev -y\\n```\\n\\nIf you\'re on a different system you, may look for equivalent package on the respective package repositories.\\n\\nNow build and install the application as follows:\\n\\n```bash\\ngit clone https://github.com/fhsinchy/tent.git ~/tent\\n\\ncd ~/tent\\n\\nmake install\\n```\\n\\n## Usage\\n\\nThe `tent` binary has following commands:\\n\\n- `tent start ` - starts a container for the given service\\n- `tent stop ` - stops and removes a container for the given service\\n- `tent list` - lists all running containers\\n\\nMost of the services in `tent` utilizes volumes for persisting data, so even if you stop a service, it\'s data will be persisted in a volume for later usage. These volumes can listed by executing `podman volume ls` and can be managed like any other podman volume.\\n\\n### Start a Service\\n\\nThe generic syntax for the `start` command is as follows:\\n\\n```bash\\ntent start \\n\\n## starts mysql and prompts you where necessary\\ntent start mysql\\n\\n## starts redis and mongo and prompts you where necessary\\ntent start redis mongo\\n```\\n\\n### Start Service with Default Configuration\\n\\nThe `--default` flag for the `start` command can be used to skip all the prompts and start a service with default configuration\\n\\n```bash\\ntent start --default\\n\\n## starts mysql with the default configuration\\ntent start mysql --default\\n\\n## starts redis and mongo with default configuration\\ntent start redis mongo --default\\n```\\n\\n### Stop a Service\\n\\nThe generic syntax for the `stop` command is as follows:\\n\\n```bash\\ntent stop \\n\\n## stops mysql and removes the container\\n## prompts you if multiple containers are found\\ntent stop mysql\\n\\n## stops all mysql containers and removes them\\ntent stop mysql --all\\n\\n## stops redis and mongo then removes the containers.\\n## prompts you if multiple containers are found for any of the given services.\\ntent stop redis mongo\\n\\n## stops all redis and mongo conainers and then removes them\\ntent stop redis mongo --all\\n```\\n\\n### Stop all Services\\n\\nThe `--all` flag for the `stop` command can be used to stop and remove all running tent containers at once\\n\\n```bash\\ntent stop --all\\n```\\n\\n## Running Multiple Versions\\n\\nGiven all the services are running inside containers, you can spin up multiple versions of the same service as long as you\'re keeping the port different.\\n\\nRun `tent start mysql` twice; the first time, use the `--default` flag, and the second time, put `5.7` as tag and `3307` as host port.\\n\\nNow, if you run `tent list`, you\'ll see both services running at the same time.\\n\\n```bash\\n+--------------+----------------+---------------+---------------+\\n| CONTAINER | Image | PORTS |\\n+--------------+----------------+---------------+---------------+\\n| tent-mysql-5.7-3307 | docker.io/mysql:5.7 | 3307->3306/tcp |\\n| tent-mysql-latest-3306 | docker.io/mysql:5.7 | 3306->3306/tcp |\\n+--------------+----------------+---------------+---------------+\\n```\\n\\n## Container Management\\n\\nContainers started by `tent` are regular containers with some pre-set configurations. So you can use regular `podman` commands such as `ls`, `inspect`, `logs` etc on them. Although `tent` comes with a `list` command, using the `podman` commands will result in more informative results. The target of `tent` is to provide plug and play containers, not to become a full-fledged `podman` cli.\\n\\n## Contribution\\n\\nTent is an open-source project and contributions are more than welcomed. If you\'re a Go programmer do take some time to go through the source-code, see if you can improve any part of the program, the maintainer will be more than happy to co-operate. And if you like the project, don\'t forget to leave a star and share with other fellow developers to show your appreciation."},{"id":"/2021/02/08/new","metadata":{"permalink":"/blogs/2021/02/08/new","source":"@site/blog/2021-02-08-new.md","title":"Easy Development Dependency Management With Podman and Tent","description":"Tent is an open-source CLI tool for running development dependencies such as MySQL, Mongo, ElasticSearch etc inside pre-configured containers using simple one-liners. Developed using Go and the official golang bindings, tent is fast, reliable and secure. Checkout Easy Development Dependency Management With Podman and Tent to learn about the project.","date":"2021-02-08T00:00:00.000Z","formattedDate":"February 8, 2021","tags":[{"label":"tent","permalink":"/blogs/tags/tent"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"dependency-management","permalink":"/blogs/tags/dependency-management"},{"label":"linux","permalink":"/blogs/tags/linux"}],"readingTime":0.25,"hasTruncateMarker":false,"authors":[{"name":"fhsinchy"}],"frontMatter":{"title":"Easy Development Dependency Management With Podman and Tent","layout":"default","author":"fhsinchy","categories":["new"],"tags":["tent","hpc","podman","containers","dependency-management","linux"]},"prevItem":{"title":"Easy Development Dependency Management With Podman and Tent","permalink":"/blogs/2021/02/08/easy-development-dependency-management-with-podman-and-tent"},"nextItem":{"title":"From Docker Compose to Kubernetes with Podman","permalink":"/blogs/2021/01/26/docker-compose-to-podman"}},"content":"[Tent](https://github.com/fhsinchy/tent/) is an open-source CLI tool for running development dependencies such as MySQL, Mongo, ElasticSearch etc inside pre-configured containers using simple one-liners. Developed using [Go](https://go.dev) and the official [golang bindings](https://pkg.go.dev/github.com/containers/podman/v2@v2.2.1/pkg/bindings), `tent` is fast, reliable and secure. Checkout [Easy Development Dependency Management With Podman and Tent](https://podman.io/blogs/2021/02/08/easy-development-dependency-management-with-podman-and-tent.html) to learn about the project."},{"id":"/2021/01/26/docker-compose-to-podman","metadata":{"permalink":"/blogs/2021/01/26/docker-compose-to-podman","source":"@site/blog/2021-01-26-docker-compose-to-podman.md","title":"From Docker Compose to Kubernetes with Podman","description":"podman logo","date":"2021-01-26T00:00:00.000Z","formattedDate":"January 26, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"},{"label":"docker compose","permalink":"/blogs/tags/docker-compose"},{"label":"compose","permalink":"/blogs/tags/compose"}],"readingTime":0.4,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"From Docker Compose to Kubernetes with Podman","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","podman","networking","pod","oci","api","kubernetes","kube","v2","hpc","windows","mac","docker compose","compose"]},"prevItem":{"title":"Easy Development Dependency Management With Podman and Tent","permalink":"/blogs/2021/02/08/new"},"nextItem":{"title":"From Docker Compose to Kubernetes with Podman","permalink":"/blogs/2021/01/26/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# From Docker Compose to Kubernetes with Podman\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\nIf you want to know how to use Podman v3.0 to convert Docker Compose YAML to a format that Podman recognizes, [Brent Baude](https://twitter.com/bbaude) explains the \\"how to\\" in a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [From Docker Compose to Kubernetes with Podman](https://www.redhat.com/sysadmin/compose-kubernetes-podman). This functionality is now available in the upstream version of Podman if you want to take a sneak peak."},{"id":"/2021/01/26/new","metadata":{"permalink":"/blogs/2021/01/26/new","source":"@site/blog/2021-01-26-new.md","title":"From Docker Compose to Kubernetes with Podman","description":"If you want to know how to use Podman v3.0 to convert Docker Compose YAML to a format that Podman recognizes, Brent Baude explains the \\"how to\\" in a recent blog post on the Red Hat Enable Sysadmin site, From Docker Compose to Kubernetes with Podman. This functionality is now available in the upstream version of Podman if you want to take a sneak peak.","date":"2021-01-26T00:00:00.000Z","formattedDate":"January 26, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"},{"label":"docker compose","permalink":"/blogs/tags/docker-compose"},{"label":"compose","permalink":"/blogs/tags/compose"}],"readingTime":0.325,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"From Docker Compose to Kubernetes with Podman","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","oci","api","kubernetes","kube","v2","hpc","windows","mac","docker compose","compose"]},"prevItem":{"title":"From Docker Compose to Kubernetes with Podman","permalink":"/blogs/2021/01/26/docker-compose-to-podman"},"nextItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2021/01/23/new"}},"content":"If you want to know how to use Podman v3.0 to convert Docker Compose YAML to a format that Podman recognizes, [Brent Baude](https://twitter.com/bbaude) explains the \\"how to\\" in a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [From Docker Compose to Kubernetes with Podman](https://www.redhat.com/sysadmin/compose-kubernetes-podman). This functionality is now available in the upstream version of Podman if you want to take a sneak peak."},{"id":"/2021/01/23/new","metadata":{"permalink":"/blogs/2021/01/23/new","source":"@site/blog/2021-01-23-new.md","title":"Podman Posts of Interest","description":"I\'ve run across a few posts over the past few weeks concerning Podman and have","date":"2021-01-23T00:00:00.000Z","formattedDate":"January 23, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.23,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Posts of Interest","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"From Docker Compose to Kubernetes with Podman","permalink":"/blogs/2021/01/26/new"},"nextItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2021/01/23/podman-posts-of-interests"}},"content":"I\'ve run across a few posts over the past few weeks concerning Podman and have\\nbeen busy getting other work done. So now I have a few moments and thought I\'d add some links\\nto the posts. Checkout the [Podman Posts of Interest](https://podman.io/blogs/2021/01/23/podman-posts-of-interests.html) for the links!"},{"id":"/2021/01/23/podman-posts-of-interests","metadata":{"permalink":"/blogs/2021/01/23/podman-posts-of-interests","source":"@site/blog/2021-01-23-podman-posts-of-interests.md","title":"Podman Posts of Interest","description":"podman logo","date":"2021-01-23T00:00:00.000Z","formattedDate":"January 23, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.855,"hasTruncateMarker":true,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Posts of Interest","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2021/01/23/new"},"nextItem":{"title":"Podman: Managing pods and containers in a local container runtime","permalink":"/blogs/2021/01/15/managing-pods"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman Posts of Interest\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nA number of blog posts have flung by and I have not had a chance to get individual\\nlink posts to them, so thought I would add a few here that have popped up recently,\\nlinks after the break!.\\n\\n\x3c!--truncate--\x3e\\n\\n- [Paul Ferrill](https://www.techtarget.com/contributor/Paul-Ferrill) - [Compare Docker vs. Podman for container management](https://searchservervirtualization.techtarget.com/tip/Compare-Docker-vs-Podman-for-container-management) - Compares Docker and Podman and shows the difference in security between the two.\\n- [Pietro Bertera](https://twitter.com/pbertera) - [Painless services: implementing serverless with rootless Podman and systemd](https://www.redhat.com/en/blog/painless-services-implementing-serverless-rootless-podman-and-systemd) - Talks about creating a service using systemd and Podman.\\n- [Jack Wallen](https://twitter.com/JackOfAllTech1) - [How to install Podman on Ubuntu](https://www.techrepublic.com/article/how-to-install-podman-on-ubuntu/) - As the title suggests, Jack walks you through the Podman installation process on Ubuntu.\\n- [Jack Wallen](https://twitter.com/JackOfAllTech1) - [Tutorial: Host a Local Podman Image Registry](https://thenewstack.io/tutorial-host-a-local-podman-image-registry/) - Jack walks you through setting up a local container image registry using Podman.\\n- [Baeldung](https://twitter.com/baeldung) - [An Introduction to Podman](https://www.baeldung.com/podman-intro) - This is a nice walk through Podman for someone new to the tool."},{"id":"/2021/01/15/managing-pods","metadata":{"permalink":"/blogs/2021/01/15/managing-pods","source":"@site/blog/2021-01-15-managing-pods.md","title":"Podman: Managing pods and containers in a local container runtime","description":"podman logo","date":"2021-01-15T00:00:00.000Z","formattedDate":"January 15, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"},{"label":"docker compose","permalink":"/blogs/tags/docker-compose"},{"label":"compose","permalink":"/blogs/tags/compose"}],"readingTime":0.405,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Podman: Managing pods and containers in a local container runtime","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","podman","networking","pod","oci","api","kubernetes","kube","v2","hpc","windows","mac","docker compose","compose"]},"prevItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2021/01/23/podman-posts-of-interests"},"nextItem":{"title":"Podman: Managing pods and containers in a local container runtime","permalink":"/blogs/2021/01/15/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman: Managing pods and containers in a local container runtime\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\nPodman has the ability to handle pod deployment which is a differentiator from other container runtimes. [Brent Baude](https://twitter.com/bbaude) explains the how to in a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [Podman: Managing pods and containers in a local container runtime](https://developers.redhat.com/blog/2019/01/15/podman-managing-containers-pods/). This functionality is now available in the upstream version of Podman if you want to take a sneak peak."},{"id":"/2021/01/15/new","metadata":{"permalink":"/blogs/2021/01/15/new","source":"@site/blog/2021-01-15-new.md","title":"Podman: Managing pods and containers in a local container runtime","description":"Podman has the ability to handle pod deployment which is a differentiator from other container runtimes. Brent Baude explains the how to in a recent blog post on the Red Hat Enable Sysadmin site, Podman: Managing pods and containers in a local container runtime. This functionality is now available in the upstream version of Podman if you want to take a sneak peak.","date":"2021-01-15T00:00:00.000Z","formattedDate":"January 15, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"},{"label":"docker compose","permalink":"/blogs/tags/docker-compose"},{"label":"compose","permalink":"/blogs/tags/compose"}],"readingTime":0.315,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman: Managing pods and containers in a local container runtime","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","oci","api","kubernetes","kube","v2","hpc","windows","mac","docker compose","compose"]},"prevItem":{"title":"Podman: Managing pods and containers in a local container runtime","permalink":"/blogs/2021/01/15/managing-pods"},"nextItem":{"title":"Using Podman and Docker Compose","permalink":"/blogs/2021/01/11/new"}},"content":"Podman has the ability to handle pod deployment which is a differentiator from other container runtimes. [Brent Baude](https://twitter.com/bbaude) explains the how to in a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [Podman: Managing pods and containers in a local container runtime](https://developers.redhat.com/blog/2019/01/15/podman-managing-containers-pods/). This functionality is now available in the upstream version of Podman if you want to take a sneak peak."},{"id":"/2021/01/11/new","metadata":{"permalink":"/blogs/2021/01/11/new","source":"@site/blog/2021-01-11-new.md","title":"Using Podman and Docker Compose","description":"One of the questions that the Podman development team has been hearing a lot over the past year or so is \\"Does Podman support Docker Compose? Up until recently, the answer was \\"not yet\\". With the soon to be released Podman v3.0, that answer changes to \\"NOW!\\" Brent Baude explains the how to in a recent blog post on the Red Hat Enable Sysadmin site, Using Podman and Docker Compose. This functionality is now available in the upstream version of Podman if you want to take a real sneak peak.","date":"2021-01-11T00:00:00.000Z","formattedDate":"January 11, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"},{"label":"docker compose","permalink":"/blogs/tags/docker-compose"},{"label":"compose","permalink":"/blogs/tags/compose"}],"readingTime":0.45,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Using Podman and Docker Compose","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","oci","api","kubernetes","kube","v2","hpc","windows","mac","docker compose","compose"]},"prevItem":{"title":"Podman: Managing pods and containers in a local container runtime","permalink":"/blogs/2021/01/15/new"},"nextItem":{"title":"Using Podman and Docker Compose","permalink":"/blogs/2021/01/11/podman-compose"}},"content":"One of the questions that the Podman development team has been hearing a lot over the past year or so is \\"Does Podman support Docker Compose? Up until recently, the answer was \\"not yet\\". With the soon to be released Podman v3.0, that answer changes to \\"NOW!\\" [Brent Baude](https://twitter.com/bbaude) explains the how to in a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [Using Podman and Docker Compose](https://www.redhat.com/sysadmin/podman-docker-compose). This functionality is now available in the upstream version of Podman if you want to take a real sneak peak."},{"id":"/2021/01/11/podman-compose","metadata":{"permalink":"/blogs/2021/01/11/podman-compose","source":"@site/blog/2021-01-11-podman-compose.md","title":"Using Podman and Docker Compose","description":"podman logo","date":"2021-01-11T00:00:00.000Z","formattedDate":"January 11, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"},{"label":"docker compose","permalink":"/blogs/tags/docker-compose"},{"label":"compose","permalink":"/blogs/tags/compose"}],"readingTime":0.515,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Using Podman and Docker Compose","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","podman","networking","pod","oci","api","kubernetes","kube","v2","hpc","windows","mac","docker compose","compose"]},"prevItem":{"title":"Using Podman and Docker Compose","permalink":"/blogs/2021/01/11/new"},"nextItem":{"title":"Containers com Podman","permalink":"/blogs/2020/12/23/containers-com-podman"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Using Podman and Docker Compose\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\nOne of the questions that the Podman development team has been hearing a lot over the past year or so is \\"Does Podman support Docker Compose? Up until recently, the answer was \\"not yet\\". With the soon to be released Podman v3.0, that answer changes to \\"NOW!\\" [Brent Baude](https://twitter.com/bbaude) explains the how to in a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [Using Podman and Docker Compose](https://www.redhat.com/sysadmin/podman-docker-compose). This functionality is now available in the upstream version of Podman if you want to take a real sneak peak."},{"id":"/2020/12/23/containers-com-podman","metadata":{"permalink":"/blogs/2020/12/23/containers-com-podman","source":"@site/blog/2020-12-23-containers-com-podman.md","title":"Containers com Podman","description":"podman logo","date":"2020-12-23T00:00:00.000Z","formattedDate":"December 23, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.29,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Containers com Podman","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Using Podman and Docker Compose","permalink":"/blogs/2021/01/11/podman-compose"},"nextItem":{"title":"Containers com Podman","permalink":"/blogs/2020/12/23/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\nComo est\xe1 o seu portugu\xeas? Well if it\'s better than mine, check out Daniel Lara\'s [video](https://www.youtube.com/watch?v=Jjyrhbc4QkQ&t=1422s) on\\nYouTube. He walks through running Containers using Podman, creating pods, generating YAML for Kubernetes and more! Daniel uses a number of great examples, so it is pretty\\neasy to follow along even if your Portugese is like mine. Apreciar!"},{"id":"/2020/12/23/new","metadata":{"permalink":"/blogs/2020/12/23/new","source":"@site/blog/2020-12-23-new.md","title":"Containers com Podman","description":"Como est\xe1 o seu portugu\xeas? Well if it\'s better than mine, check out Daniel Lara\'s video on","date":"2020-12-23T00:00:00.000Z","formattedDate":"December 23, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.28,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Containers com Podman","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Containers com Podman","permalink":"/blogs/2020/12/23/containers-com-podman"},"nextItem":{"title":"Container images, multi-architecture, manifests, ids, digests \u2013 what\u2019s behind?","permalink":"/blogs/2020/12/22/behind-container-images"}},"content":"Como est\xe1 o seu portugu\xeas? Well if it\'s better than mine, check out Daniel Lara\'s [video](https://www.youtube.com/watch?v=Jjyrhbc4QkQ&t=1422s) on\\nYouTube. He walks through running Containers using Podman, creating pods, generating YAML for Kubernetes and more! Daniel uses a number of great examples, so it is pretty\\neasy to follow along even if your Portugese is like mine. Apreciar!"},{"id":"/2020/12/22/behind-container-images","metadata":{"permalink":"/blogs/2020/12/22/behind-container-images","source":"@site/blog/2020-12-22-behind-container-images.md","title":"Container images, multi-architecture, manifests, ids, digests \u2013 what\u2019s behind?","description":"podman logo","date":"2020-12-22T00:00:00.000Z","formattedDate":"December 22, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.355,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Container images, multi-architecture, manifests, ids, digests \u2013 what\u2019s behind?","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Containers com Podman","permalink":"/blogs/2020/12/23/new"},"nextItem":{"title":"Container images, multi-architecture, manifests, ids, digests \u2013 what\u2019s behind?","permalink":"/blogs/2020/12/22/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n[Robert Bohne](https://twitter.com/RobertBohne) has a nice [post](https://www.opensourcerers.org/2020/11/16/container-images-multi-architecture-manifests-ids-digests-whats-behind/) on\\n[opensourcers.org](https://www.opensourcerers.org) which talks about the basics of containers, how digests and manifests come into play,\\nworking with and creating multi-architecture images and more! It is a really nice discussion of all the pieces and parts of a container image for someone new to the technology right through\\npeople who are a lot more experienced, but might not know every nook and cranny."},{"id":"/2020/12/22/new","metadata":{"permalink":"/blogs/2020/12/22/new","source":"@site/blog/2020-12-22-new.md","title":"Container images, multi-architecture, manifests, ids, digests \u2013 what\u2019s behind?","description":"Robert Bohne has a nice post on","date":"2020-12-22T00:00:00.000Z","formattedDate":"December 22, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.345,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Container images, multi-architecture, manifests, ids, digests \u2013 what\u2019s behind?","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Container images, multi-architecture, manifests, ids, digests \u2013 what\u2019s behind?","permalink":"/blogs/2020/12/22/behind-container-images"},"nextItem":{"title":"Podman v2.2.0 Released","permalink":"/blogs/2020/12/14/new"}},"content":"[Robert Bohne](https://twitter.com/RobertBohne) has a nice [post](https://www.opensourcerers.org/2020/11/16/container-images-multi-architecture-manifests-ids-digests-whats-behind/) on\\n[opensourcers.org](https://www.opensourcerers.org) which talks about the basics of containers, how digests and manifests come into play,\\nworking with and creating multi-architecture images and more! It is a really nice discussion of all the pieces and parts of a container image for someone new to the technology right through\\npeople who are a lot more experienced, but might not know every nook and cranny."},{"id":"/2020/12/14/new","metadata":{"permalink":"/blogs/2020/12/14/new","source":"@site/blog/2020-12-14-new.md","title":"Podman v2.2.0 Released","description":"Podman has gone 2.2.0!","date":"2020-12-14T00:00:00.000Z","formattedDate":"December 14, 2020","tags":[],"readingTime":0.025,"hasTruncateMarker":false,"authors":[],"frontMatter":{"layout":"default","title":"Podman v2.2.0 Released","categories":["new"]},"prevItem":{"title":"Container images, multi-architecture, manifests, ids, digests \u2013 what\u2019s behind?","permalink":"/blogs/2020/12/22/new"},"nextItem":{"title":"Podman API v1.0 and libpod.conf Removal Notice","permalink":"/blogs/2020/12/11/new"}},"content":"## [Podman has gone 2.2.0!](https://podman.io/releases/2020/12/14/podman-release-v2.2.0.html)"},{"id":"/2020/12/11/new","metadata":{"permalink":"/blogs/2020/12/11/new","source":"@site/blog/2020-12-11-new.md","title":"Podman API v1.0 and libpod.conf Removal Notice","description":"A Podman API v1.0 and libpod.conf Removal Notice has just been posted. The Podman v1.0 API based on the varlink library and the libpod.conf file have both been removed from upstream Podman. Please see the notice for more details.","date":"2020-12-11T00:00:00.000Z","formattedDate":"December 11, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"rest","permalink":"/blogs/tags/rest"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"varlink","permalink":"/blogs/tags/varlink"}],"readingTime":0.195,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman API v1.0 and libpod.conf Removal Notice","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","rest","rest-api","v2","hpc","varlink"]},"prevItem":{"title":"Podman v2.2.0 Released","permalink":"/blogs/2020/12/14/new"},"nextItem":{"title":"Podman API v1.0 Deprecation and Removal Notice","permalink":"/blogs/2020/12/11/remove-varlink-libpod-conf-notice"}},"content":"A [Podman API v1.0 and libpod.conf Removal Notice](https://podman.io/blogs/2020/12/11/remove-varlink-libpod-conf-notice.html) has just been posted. The Podman v1.0 API based on the varlink library and the libpod.conf file have both been removed from upstream Podman. Please see the notice for more details."},{"id":"/2020/12/11/remove-varlink-libpod-conf-notice","metadata":{"permalink":"/blogs/2020/12/11/remove-varlink-libpod-conf-notice","source":"@site/blog/2020-12-11-remove-varlink-libpod-conf-notice.md","title":"Podman API v1.0 Deprecation and Removal Notice","description":"podman logo","date":"2020-12-11T00:00:00.000Z","formattedDate":"December 11, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"github","permalink":"/blogs/tags/github"},{"label":"varlink","permalink":"/blogs/tags/varlink"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"}],"readingTime":1.715,"hasTruncateMarker":true,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman API v1.0 Deprecation and Removal Notice","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["podman","containers","v2","github","varlink","rest-api"]},"prevItem":{"title":"Podman API v1.0 and libpod.conf Removal Notice","permalink":"/blogs/2020/12/11/new"},"nextItem":{"title":"Using Podman and systemd to manage container lifecycle","permalink":"/blogs/2020/12/09/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman API v1.0 and libpod.conf Removal Notice\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nOn August 1, 2020, the Podman team posted a [Podman API v1.0 Deprecation and Removal notice](https://podman.io/blogs/2020/08/01/deprecate-and-remove-varlink-notice.html). As noted in that document, the Podman API v1.0 relied on the [varlink library](https://github.com/varlink/libvarlink) to handle the underlying client/server calls from the Podman client to the host where the Podman service was running. The support for the varlink library was greatly reduced in the spring of 2020. This led the Podman team to investigate the use of other client/server technologies and it was decided to develop a RESTful API for Podman using the native Go libraries.\\n\\n\x3c!--truncate--\x3e\\n\\nThis new Podman v2.0 RESTful API was released along with Podman v2.0 in June of 2020 and replaces the Podman API v1.0. As of that time the Podman API v1.0 for Podman was considered to be deprecated. The Podman team noted that the Podman v1.0 (varlink) API would be removed from the Podman project in a future release and that a one month notice would be sent to the community before the version of Podman without the v1.0 API was released. This note represents that notice.\\n\\nThe Podman API v1.0 was just recently [removed](https://github.com/containers/podman/pull/8400) from the upstream repository on [GitHub](https://github.com/containers/podman) as work has started on the next release of Podman, v3.0. Podman v3.0 is expected to be released on Fedora 33 in late January 2021 and then later next year in RHEL 8.4 and other distributions.\\n\\nAt the same time as the removal of the Podman v1.0 API, the `libpod.conf` file has also been removed and it too will no longer be included with Podman starting in Podman v3.0. The functionality of this file has been replaced by [containers.conf](https://github.com/containers/common/blob/main/docs/containers.conf.5.md). If there have been modifications made to the `libpod.conf` file in your environment, you should be able to make the same changes in `containers.conf` and they will be honored.\\n\\nIf you have any questions or concerns about this notification, please send a note to the Podman [mailing list](https://lists.podman.io/admin/lists/podman.lists.podman.io/) or create an issue on Podman\u2019s [GitHub](https://github.com/containers/podman/issues) repository."},{"id":"/2020/12/09/new","metadata":{"permalink":"/blogs/2020/12/09/new","source":"@site/blog/2020-12-09-new.md","title":"Using Podman and systemd to manage container lifecycle","description":"Ed Haynes has put together a demo of using Podman and systemd to manage a container lifecycle that\'s available","date":"2020-12-09T00:00:00.000Z","formattedDate":"December 9, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.205,"hasTruncateMarker":false,"authors":[{"name":"ehaynes"}],"frontMatter":{"title":"Using Podman and systemd to manage container lifecycle","layout":"default","author":"ehaynes","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman API v1.0 Deprecation and Removal Notice","permalink":"/blogs/2020/12/11/remove-varlink-libpod-conf-notice"},"nextItem":{"title":"Using Podman and systemd to manage container lifecycle","permalink":"/blogs/2020/12/09/podman-systemd-demo"}},"content":"Ed Haynes has put together a demo of using Podman and systemd to manage a container lifecycle that\'s available\\non GitHub. He\'s written up a [post](https://podman.io/blogs/2020/12/09/podman-systemd-demo.html) that does a nice\\njob of walking through setting up the demo and running it."},{"id":"/2020/12/09/podman-systemd-demo","metadata":{"permalink":"/blogs/2020/12/09/podman-systemd-demo","source":"@site/blog/2020-12-09-podman-systemd-demo.md","title":"Using Podman and systemd to manage container lifecycle","description":"podman logo","date":"2020-12-09T00:00:00.000Z","formattedDate":"December 9, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"linux","permalink":"/blogs/tags/linux"}],"readingTime":2.98,"hasTruncateMarker":true,"authors":[{"name":"ehaynes"}],"frontMatter":{"title":"Using Podman and systemd to manage container lifecycle","layout":"default","author":"ehaynes","categories":["blogs"],"tags":["containers","podman","api","kubernetes","linux"]},"prevItem":{"title":"Using Podman and systemd to manage container lifecycle","permalink":"/blogs/2020/12/09/new"},"nextItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2020/12/07/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Using Podman and systemd to manage container lifecycle\\n\\n## By Ed Haynes [GitHub](https://github.com/ehaynes)\\n\\nMy background is in industrial automation, and in most cases, the edge devices in the factory are too underpowered to run Kubernetes as a method to manage the lifecycle of containers. The workloads have a very long lifecycle, and generally are \\"tied\\" to the edge device. There is a lot of value in containerizing applications on these edge devices, however, as it decouples the application dependencies from the OS and provides a level of isolation between applications. This demo will show how using Podman in conjunction with systemd provides an elegant solution for this sort of use case. In addition, this will be done as a \\"rootless\\" user - a key benefit of Podman that helps keep the device secure.\\n\\n\x3c!--truncate--\x3e\\n\\nFor my demo, I used a minimal Fedora33 install with Podman installed. To simplify my lifecycle (which in industrial can be 10+ years) I want to keep the base OS as minimal and clean as possible and keep all application dependencies in the containers. I will be creating a redis in-memory keystore database as my containerized application and use the \\"podman generate systemd\\" utility to generate the systemd unit file. This file lets systemd know what your policies are for your application - whether it should start at boot or restart when it fails. In my case I want my application available at boot and also want it to restart in case of failure. I enable and start the systemd service with the --user flag, again I don\'t want root access for security reasons on this device.\\n\\nI provide a test script to test the redis container API. While I could have installed the redis-cli on my base Fedora33 OS to do this testing this would violate my desire to keep the base OS as minimal as possible. I pass values to the redis container\'s port via \\"nc\\" to set a key index of \\"frog\\" to 56. I then show via getting that index that the value is properly set. Now for the interesting part. I use pkill to kill the redis database and then show how systemd restarts the failed container. You can also reboot the OS and find your application running at startup.\\n\\nTo tidy things up I provide a cleanup script which stops the service and cleans up the container so you can start the demo from the top if you like.\\n\\nTo run this demo yourself (I\'ve tested on Fedora33, Red Hat 8.3, and Ubuntu 20.10) ensure Podman and git are installed on your OS\\n\\nAlso remember this is all done as a standard user - no root!\\n\\ngit clone https://github.com/edhaynes/podman_systemd_usermode_demo.git\\n\\n```console\\ncd podman_systemd_usermode_demo\\n\\n./launch_redis_container.sh\\n```\\n\\n\\"launch_redis_container.sh\\" launches redis container, adds usermode systemd entry, enables and starts it. You will need to hit \\"q\\" to get out of the shown status.\\n\\nYou should see something like:\\n\\n```console\\nredis_server.service - Podman container-redis_ Loaded: loaded\\n\\n Active: active (running) since Wed 2020-12-09 09:22:40 EST; 1h 58min ago\\n```\\n\\nNow that redis is running you can run the test script that sets a key value, retrieves it, and then kills the redis container. systemd will then restart the container and you can see all is working again. Do this with:\\n\\n```console\\n./test_redis_container.sh\\n```\\n\\nOnce you are done experimenting with it you can run the cleanup script to stop the systemd service, remove it and stop / remove the container.\\n\\n```console\\n./cleanup.sh\\n```\\n\\nHope you enjoyed this demo and any comments or suggestions please make them in the [GitHub](https://github.com/edhaynes/podman_systemd_usermode_demo.git) repository."},{"id":"/2020/12/07/new","metadata":{"permalink":"/blogs/2020/12/07/new","source":"@site/blog/2020-12-07-new.md","title":"Podman Posts of Interest","description":"I\'ve run across a number of posts over the past few weeks concerning Podman and have","date":"2020-12-07T00:00:00.000Z","formattedDate":"December 7, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.235,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Posts of Interest","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Using Podman and systemd to manage container lifecycle","permalink":"/blogs/2020/12/09/podman-systemd-demo"},"nextItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2020/12/07/podman-posts-of-interests"}},"content":"I\'ve run across a number of posts over the past few weeks concerning Podman and have\\nbeen busy getting other work done. So now I have a few moments and thought I\'d add some links\\nto the posts. Checkout the [Podman Posts of Interest](https://podman.io/blogs/2020/12/07/podman-posts-of-interests.html) for the links!"},{"id":"/2020/12/07/podman-posts-of-interests","metadata":{"permalink":"/blogs/2020/12/07/podman-posts-of-interests","source":"@site/blog/2020-12-07-podman-posts-of-interests.md","title":"Podman Posts of Interest","description":"podman logo","date":"2020-12-07T00:00:00.000Z","formattedDate":"December 7, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":1.265,"hasTruncateMarker":true,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Posts of Interest","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2020/12/07/new"},"nextItem":{"title":"Container image short names in Podman","permalink":"/blogs/2020/12/01/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman Posts of Interest\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nA number of blog posts have flung by and I have not had a chance to get individual\\nlink posts to them, so thought I would add a few here that have popped up recently,\\nlinks after the break!.\\n\\n\x3c!--truncate--\x3e\\n\\n- mkdev - (Video) [Buildah, Dive, Skopeo: 3 Container Tools for building images on Kubernetes Cluster, with Gitlab CI](https://www.youtube.com/watch?v=aViKsSEGwOc&feature=emb_logo) - A video showing how these tools can be lightweight replacements for Docker.\\n- Scott McCarty - [Updates to Container Tools in Red Hat Enterprise Linux 8.3](https://www.redhat.com/en/blog/updates-container-tools-red-hat-enterprise-linux-83) - Our own [Scott McCarty](https://twitter.com/fatherlinux) previews the new container capabilities in Red Hat Enterprise Linux 8.3.\\n- Anais Urlichs - [Docker Images Without Docker \u2014 A Practical Guide](https://codefresh.io/devops/docker-images-without-docker-practical-guide/) - [Anais](https://codefresh.io/author/anais-codefresh/) Talks about how the Docker Daemon runs as root, why that\'s a problem, and how Buildah and Podman avoids that.\\n- hostnextra.com site - [Easy to Install Podman on Ubuntu 20.04](https://www.hostnextra.com/kb/easy-to-install-podman-on-ubuntu-20-04/) - Like the title says, how to easily install Podman on Ubuntu 20.04.\\n- Prakhar Sethi - [Rootless containers with Podman: The basics](https://developers.redhat.com/blog/2020/09/25/rootless-containers-with-podman-the-basics/) - Prakhar introduces rootless containers with Podman.\\n- Damian Velazquez Cafaro - [A Spotlight on Podman](https://caylent.com/spotlight-on-podman) - Damian provides a nice overview on Podman.\\n- Cedric Clyburn - [Transitioning from Docker to Podman](https://developers.redhat.com/blog/2020/11/19/transitioning-from-docker-to-podman/?utm_campaign=VSHNtimer&utm_content=147487702&utm_medium=social&utm_source=twitter&hss_channel=tw-2851142013) - [Cedric](https://developers.redhat.com/blog/author/cclyburn/) gives a nice overview of Podman and how you can transition to it from Docker.\\n- Herv\xe9 Beraud - [Using Podman to run OpenStack OSLO.Messaging\'s Simulator](https://herve.beraud.io/openstack/oslo.messaging/podman/rabbitmq/2020/12/04/using-podman-to-run-openstack-oslo-messaging-simulator.html)- [Herv\xe9](https://herve.beraud.io/) shows you how to run the simulator using Podman!"},{"id":"/2020/12/01/new","metadata":{"permalink":"/blogs/2020/12/01/new","source":"@site/blog/2020-12-01-new.md","title":"Container image short names in Podman","description":"Do you like you container names to be short, sweet and yet secure? Valentin Rothberg shows you how in a recent blog post on the Red Hat Enable Sysadmin site, Container image short names in Podman. This functionality is now available in the upstream version of Podman and is targeted for Podman v3.0.","date":"2020-12-01T00:00:00.000Z","formattedDate":"December 1, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.265,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Container image short names in Podman","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2020/12/07/podman-posts-of-interests"},"nextItem":{"title":"Container image short names in Podman","permalink":"/blogs/2020/12/01/short-container-names"}},"content":"Do you like you container names to be short, sweet and yet secure? [Valentin Rothberg](https://twitter.com/vlntnrthbrg) shows you how in a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [Container image short names in Podman](https://www.redhat.com/sysadmin/container-image-short-names). This functionality is now available in the upstream version of Podman and is targeted for Podman v3.0."},{"id":"/2020/12/01/short-container-names","metadata":{"permalink":"/blogs/2020/12/01/short-container-names","source":"@site/blog/2020-12-01-short-container-names.md","title":"Container image short names in Podman","description":"podman logo","date":"2020-12-01T00:00:00.000Z","formattedDate":"December 1, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.335,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Container image short names in Podman","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Container image short names in Podman","permalink":"/blogs/2020/12/01/new"},"nextItem":{"title":"The history of an API: GitLab Runner and Podman","permalink":"/blogs/2020/11/13/gitlab-runner-and-podman"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Container image short names in Podman\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nDo you like you container names to be short, sweet and yet secure? [Valentin Rothberg](https://twitter.com/vlntnrthbrg) shows you how in a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [Container image short names in Podman](https://www.redhat.com/sysadmin/container-image-short-names). This functionality is now available in the upstream version of Podman and is targeted for Podman v3.0."},{"id":"/2020/11/13/gitlab-runner-and-podman","metadata":{"permalink":"/blogs/2020/11/13/gitlab-runner-and-podman","source":"@site/blog/2020-11-13-gitlab-runner-and-podman.md","title":"The history of an API: GitLab Runner and Podman","description":"podman logo","date":"2020-11-13T00:00:00.000Z","formattedDate":"November 13, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"},{"label":"GitLab","permalink":"/blogs/tags/git-lab"},{"label":"Runner","permalink":"/blogs/tags/runner"}],"readingTime":0.44,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"The history of an API: GitLab Runner and Podman","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac","GitLab","Runner"]},"prevItem":{"title":"Container image short names in Podman","permalink":"/blogs/2020/12/01/short-container-names"},"nextItem":{"title":"The history of an API: GitLab Runner and Podman","permalink":"/blogs/2020/11/13/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# The history of an API: GitLab Runner and Podman\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nIn a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [The history of an API: GitLab Runner and Podman](https://www.redhat.com/sysadmin/history-api), Pablo Greco from the CentOS QA team in Buenos Aires, Argentia documented his journey through a Podman and GitLab Runner integration. When Podman v2.2 arrives, GitLab Runner will be able to run with Podman right out of the box. Give the article a read to see how he got there."},{"id":"/2020/11/13/new","metadata":{"permalink":"/blogs/2020/11/13/new","source":"@site/blog/2020-11-13-new.md","title":"The history of an API: GitLab Runner and Podman","description":"In a recent blog post on the Red Hat Enable Sysadmin site, The history of an API: GitLab Runner and Podman, Pablo Greco from the CentOS QA team in Buenos Aires, Argentia documented his journey through a Podman and GitLab Runner integration. When Podman v2.2 arrives, GitLab Runner will be able to run with Podman right out of the box. Give the article a read to see how he got there.","date":"2020-11-13T00:00:00.000Z","formattedDate":"November 13, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"},{"label":"GitLab","permalink":"/blogs/tags/git-lab"},{"label":"Runner","permalink":"/blogs/tags/runner"}],"readingTime":0.355,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"The history of an API: GitLab Runner and Podman","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac","GitLab","Runner"]},"prevItem":{"title":"The history of an API: GitLab Runner and Podman","permalink":"/blogs/2020/11/13/gitlab-runner-and-podman"},"nextItem":{"title":"Exploring Podman RESTful API using Python and Bash","permalink":"/blogs/2020/10/17/expoloring-restful-api"}},"content":"In a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [The history of an API: GitLab Runner and Podman](https://www.redhat.com/sysadmin/history-api), Pablo Greco from the CentOS QA team in Buenos Aires, Argentia documented his journey through a Podman and GitLab Runner integration. When Podman v2.2 arrives, GitLab Runner will be able to run with Podman right out of the box. Give the article a read to see how he got there."},{"id":"/2020/10/17/expoloring-restful-api","metadata":{"permalink":"/blogs/2020/10/17/expoloring-restful-api","source":"@site/blog/2020-10-17-expoloring-restful-api.md","title":"Exploring Podman RESTful API using Python and Bash","description":"podman logo","date":"2020-10-17T00:00:00.000Z","formattedDate":"October 17, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"},{"label":"restful","permalink":"/blogs/tags/restful"},{"label":"REST","permalink":"/blogs/tags/rest"}],"readingTime":0.36,"hasTruncateMarker":false,"authors":[{"name":"jwhonce"}],"frontMatter":{"title":"Exploring Podman RESTful API using Python and Bash","layout":"default","author":"jwhonce","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac","restful","REST"]},"prevItem":{"title":"The history of an API: GitLab Runner and Podman","permalink":"/blogs/2020/11/13/new"},"nextItem":{"title":"Exploring Podman RESTful API using Python and Bash","permalink":"/blogs/2020/10/17/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Exploring Podman RESTful API using Python and Bash\\n\\n## By Jhon Honce [GitHub](https://github.com/jwhonce)\\n\\nIn a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [Exploring Podman RESTful API using Python and Bash](https://www.redhat.com/sysadmin/podman-python-bash), Jhon Honce nicely demonstrates the new Podman REST API using code examples in Python and shell commands. Additional notes are included in the code comments. The provided code was written to be clear vs. production quality."},{"id":"/2020/10/17/new","metadata":{"permalink":"/blogs/2020/10/17/new","source":"@site/blog/2020-10-17-new.md","title":"Exploring Podman RESTful API using Python and Bash","description":"In a recent blog post on the Red Hat Enable Sysadmin site, Exploring Podman RESTful API using Python and Bash, Jhon Honce nicely demonstrates the new Podman REST API using code examples in Python and shell commands. Additional notes are included in the code comments. The provided code was written to be clear vs. production quality.","date":"2020-10-17T00:00:00.000Z","formattedDate":"October 17, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"},{"label":"restful","permalink":"/blogs/tags/restful"},{"label":"REST","permalink":"/blogs/tags/rest"}],"readingTime":0.28,"hasTruncateMarker":false,"authors":[{"name":"jwhonce"}],"frontMatter":{"title":"Exploring Podman RESTful API using Python and Bash","layout":"default","author":"jwhonce","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac","restful","REST"]},"prevItem":{"title":"Exploring Podman RESTful API using Python and Bash","permalink":"/blogs/2020/10/17/expoloring-restful-api"},"nextItem":{"title":"Podman v2.1.0 Released","permalink":"/blogs/2020/10/05/new"}},"content":"In a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [Exploring Podman RESTful API using Python and Bash](https://www.redhat.com/sysadmin/podman-python-bash), Jhon Honce nicely demonstrates the new Podman REST API using code examples in Python and shell commands. Additional notes are included in the code comments. The provided code was written to be clear vs. production quality."},{"id":"/2020/10/05/new","metadata":{"permalink":"/blogs/2020/10/05/new","source":"@site/blog/2020-10-05-new.md","title":"Podman v2.1.0 Released","description":"Podman has gone 2.1.0!","date":"2020-10-05T00:00:00.000Z","formattedDate":"October 5, 2020","tags":[],"readingTime":0.025,"hasTruncateMarker":false,"authors":[],"frontMatter":{"layout":"default","title":"Podman v2.1.0 Released","categories":["new"]},"prevItem":{"title":"Exploring Podman RESTful API using Python and Bash","permalink":"/blogs/2020/10/17/new"},"nextItem":{"title":"Podman Community Meeting - October 6, 2020","permalink":"/blogs/2020/09/30/Oct-6-Agenda"}},"content":"## [Podman has gone 2.1.0!](https://podman.io/releases/2020/10/05/podman-release-v2.1.0.html)"},{"id":"/2020/09/30/Oct-6-Agenda","metadata":{"permalink":"/blogs/2020/09/30/Oct-6-Agenda","source":"@site/blog/2020-09-30-Oct-6-Agenda.md","title":"Podman Community Meeting - October 6, 2020","description":"podman logo","date":"2020-09-30T00:00:00.000Z","formattedDate":"September 30, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"bindings","permalink":"/blogs/tags/bindings"},{"label":"go","permalink":"/blogs/tags/go"}],"readingTime":0.895,"hasTruncateMarker":true,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Community Meeting - October 6, 2020","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["podman","containers","v2","bindings","go"]},"prevItem":{"title":"Podman v2.1.0 Released","permalink":"/blogs/2020/10/05/new"},"nextItem":{"title":"Podman Community Meeting - October 6, 2020","permalink":"/blogs/2020/09/30/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman Community Meeting - October 6, 2020\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nThe first Podman Community Meeting is coming up at 11:00 a.m. Eastern on\\nOctober 6th, 2020. We plan to hold the meeting on Bluejeans and will be\\nholding them going forward on the first Tuesday of every month.\\nAll are welcome and it\'s free of charge! The agenda after the break and\\nhope to see a lot of you there.\\n\\n\x3c!--truncate--\x3e\\n\\nPodman Community Meeting Agenda\\nTuesday October 6, 2020\\n11:00 a.m. to 12:p.m. Eastern (UTC\u221204:00)\\nBluejeans: https://bluejeans.com/796412039\\n(If you have trouble connecting, please reach out in IRC libera.chat #podman)\\n\\n| Agenda: | |\\n| -------------- | --------------------------------------------------------- |\\n| 11:00 to 11:05 | Welcoming Remarks |\\n| 11:10 to 11:20 | Introductions - All Attendees |\\n| 11:20 to 11:30 | Upcoming Podman Release Features and Schedule - Matt Heon |\\n| 11:30 to 11:40 | Podman 3.0 Planning - Dan Walsh |\\n| 11:40 to 12:00 | Open Forum/Questions and Answers Session |\\n\\nNext Meeting: Tuesday November 3, 2020 11:00 a.m. Eastern (UTC-04:00)"},{"id":"/2020/09/30/new","metadata":{"permalink":"/blogs/2020/09/30/new","source":"@site/blog/2020-09-30-new.md","title":"Podman Community Meeting - October 6, 2020","description":"The first Podman Community meeting will be on Tuesday","date":"2020-09-30T00:00:00.000Z","formattedDate":"September 30, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"go","permalink":"/blogs/tags/go"},{"label":"images","permalink":"/blogs/tags/images"}],"readingTime":0.16,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Community Meeting - October 6, 2020","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","api","v2","go","images"]},"prevItem":{"title":"Podman Community Meeting - October 6, 2020","permalink":"/blogs/2020/09/30/Oct-6-Agenda"},"nextItem":{"title":"DevConf US 2020 Containers Technologies Talk","permalink":"/blogs/2020/09/28/devconf-ctr-tech"}},"content":"The first Podman Community meeting will be on Tuesday\\nOctober 6 at 11:00 a.m. Eastern. It will be a video conference\\nusing BlueJeans and all of the details are on this\\n[post](https://podman.io/blogs/2020/09/30/Oct-6-Agenda.html)."},{"id":"/2020/09/28/devconf-ctr-tech","metadata":{"permalink":"/blogs/2020/09/28/devconf-ctr-tech","source":"@site/blog/2020-09-28-devconf-ctr-tech.md","title":"DevConf US 2020 Containers Technologies Talk","description":"podman logo","date":"2020-09-28T00:00:00.000Z","formattedDate":"September 28, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.35,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"DevConf US 2020 Containers Technologies Talk","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman Community Meeting - October 6, 2020","permalink":"/blogs/2020/09/30/new"},"nextItem":{"title":"DevConf US 2020 Containers Technologies Talk","permalink":"/blogs/2020/09/28/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# DevConf US 2020 Containers Technologies Talk\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nIn case you missed [Kedar Kulkarni\'s](https://github.com/kedark3) excellent talk at [DevConf.US 2020](https://www.devconf.info/us/), \\"Docker, Podman, Buildah, Skopeo, and what else?\\", check out the [video](https://www.youtube.com/watch?v=5g2F0vSWY3U&feature=youtu.be) on YouTube. There were also a number of other interesting talks at DevConf.US 2020 that you might be interested in, you\'ll be able to find links to the talks at the DevConf.US site above."},{"id":"/2020/09/28/new","metadata":{"permalink":"/blogs/2020/09/28/new","source":"@site/blog/2020-09-28-new.md","title":"DevConf US 2020 Containers Technologies Talk","description":"By Tom Sweeney GitHub","date":"2020-09-28T00:00:00.000Z","formattedDate":"September 28, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.305,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"DevConf US 2020 Containers Technologies Talk","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"DevConf US 2020 Containers Technologies Talk","permalink":"/blogs/2020/09/28/devconf-ctr-tech"},"nextItem":{"title":"Podman Security Announcement","permalink":"/blogs/2020/09/22/security"}},"content":"## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nIn case you missed [Kedar Kulkarni\'s](https://github.com/kedark3) excellent talk at [DevConf.US 2020](https://www.devconf.info/us/), \\"Docker, Podman, Buildah, Skopeo, and what else?\\", check out the [video](https://www.youtube.com/watch?v=5g2F0vSWY3U&feature=youtu.be) on YouTube. There were also a number of other interesting talks at DevConf.US 2020 that you might be interested in, you\'ll be able to find links to the talks at the DevConf.US site above."},{"id":"/2020/09/22/security","metadata":{"permalink":"/blogs/2020/09/22/security","source":"@site/blog/2020-09-22-security.md","title":"Podman Security Announcement","description":"podman logo","date":"2020-09-22T00:00:00.000Z","formattedDate":"September 22, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"security","permalink":"/blogs/tags/security"}],"readingTime":0.665,"hasTruncateMarker":false,"authors":[{"name":"mheon"}],"frontMatter":{"title":"Podman Security Announcement","layout":"default","author":"mheon","categories":["blogs"],"tags":["podman","containers","security"]},"prevItem":{"title":"DevConf US 2020 Containers Technologies Talk","permalink":"/blogs/2020/09/28/new"},"nextItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2020/09/18/multi-blog-posts"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman Security Issue\\n\\nToday, we\'re releasing updates to fix [CVE-2020-14370](https://access.redhat.com/security/cve/cve-2020-14370), a security issue in Podman. This is a medium-severity information disclosure vulnerability that affects containers created using Podman\u2019s Varlink API or the Docker-compatible version of its REST API. If two or more containers are created using these APIs, and the first container had environment variables added to it when it was created, all subsequent containers created using the Varlink or Docker-compatible REST APIs will also have these environment variables added. This effect does not persist after restarting the Podman API service.\\n\\nPodman v2.0.5 and higher contain a fix for the CVE. If you use either of these APIs, please update to Podman v2.0.5 or later. We will also be patching the long-term support v1.6.4 release used in RHEL and CentOS."},{"id":"/2020/09/18/multi-blog-posts","metadata":{"permalink":"/blogs/2020/09/18/multi-blog-posts","source":"@site/blog/2020-09-18-multi-blog-posts.md","title":"Podman Posts of Interest","description":"podman logo","date":"2020-09-18T00:00:00.000Z","formattedDate":"September 18, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.685,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Podman Posts of Interest","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman Security Announcement","permalink":"/blogs/2020/09/22/security"},"nextItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2020/09/18/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman Posts of Interest\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\n- Brian Smith - [Rootless containers using Podman](https://www.redhat.com/sysadmin/rootless-containers-podman) - Watch this two-part video series on understanding root inside and outside of containers and how user namespaces work.\\n- Jack Wallen - [How to install Podman support in Cockpit](https://www.techrepublic.com/article/how-to-install-podman-support-in-cockpit/) - Learn how to add Cockpit support to manage images and containers.\\n- Dan Walsh - [SELinux changes for KVM-separated (Kata) containers](https://www.redhat.com/sysadmin/selinux-kata-containers?sc_cid=701f2000000txokAAA&utm_source=bambu&utm_medium=social&utm_campaign=abm) - Understanding SELinux types that improve security in container engines such as Podman and CRI-O.\\n- Brian Smith - [Scanning containers for vulnerabilities with OpenSCAP and Podman](https://www.redhat.com/sysadmin/container-vulnerabilities-openscap) - Containers are no more secure than physical machines. Find out how to scan yours for vulnerabilities.\\n- Brian Smith - (Video)[Managing Containers in Podman with systemd Unit Files](https://www.youtube.com/watch?v=AGkM2jGT61Y)\\n- Mrivik - (asciinema)[GIMP working on rootless Podman container](https://asciinema.org/a/FKU4CaX96MgnlZQ8aTBBMPIv2)"},{"id":"/2020/09/18/new","metadata":{"permalink":"/blogs/2020/09/18/new","source":"@site/blog/2020-09-18-new.md","title":"Podman Posts of Interest","description":"I\'ve run across a number of posts over the past few weeks concerning Podman and have","date":"2020-09-18T00:00:00.000Z","formattedDate":"September 18, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.82,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Posts of Interest","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2020/09/18/multi-blog-posts"},"nextItem":{"title":"Podman remote clients for macOS and Windows","permalink":"/blogs/2020/09/02/new"}},"content":"I\'ve run across a number of posts over the past few weeks concerning Podman and have\\nbeen busy getting other work done. So now I have a few moments and thought I\'d add some links\\nto the posts. Enjoy!\\n\\n- Brian Smith - [Rootless containers using Podman](https://www.redhat.com/sysadmin/rootless-containers-podman) - Watch this two-part video series on understanding root inside and outside of containers and how user namespaces work.\\n- Jack Wallen - [How to install Podman support in Cockpit](https://www.techrepublic.com/article/how-to-install-podman-support-in-cockpit/) - Learn how to add Cockpit support to manage images and containers.\\n- Dan Walsh - [SELinux changes for KVM-separated (Kata) containers](https://www.redhat.com/sysadmin/selinux-kata-containers?sc_cid=701f2000000txokAAA&utm_source=bambu&utm_medium=social&utm_campaign=abm) - Understanding SELinux types that improve security in container engines such as Podman and CRI-O.\\n- Brian Smith - [Scanning containers for vulnerabilities with OpenSCAP and Podman](https://www.redhat.com/sysadmin/container-vulnerabilities-openscap) - Containers are no more secure than physical machines. Find out how to scan yours for vulnerabilities.\\n- Brian Smith - (Video)[Managing Containers in Podman with systemd Unit Files](https://www.youtube.com/watch?v=AGkM2jGT61Y)\\n- Mrivik - (asciinema)[GIMP working on rootless Podman container](https://asciinema.org/a/FKU4CaX96MgnlZQ8aTBBMPIv2)"},{"id":"/2020/09/02/new","metadata":{"permalink":"/blogs/2020/09/02/new","source":"@site/blog/2020-09-02-new.md","title":"Podman remote clients for macOS and Windows","description":"In a recent blog post on the Red Hat Enable Sysadmin site, Podman remote clients for macOS and Windows, Brent Baude and Ashley Cui walk you through setting up a remote client on either Windows or macOS to let you manage your containers and images on your Linux backend. The post covers installation, ssh setup, creating the initial connection and finally how to use the client. Give it a quick look!","date":"2020-09-02T00:00:00.000Z","formattedDate":"September 2, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.355,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Podman remote clients for macOS and Windows","layout":"default","author":"baude","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2020/09/18/new"},"nextItem":{"title":"Podman remote clients for macOS and Windows","permalink":"/blogs/2020/09/02/running_windows_or_mac"}},"content":"In a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [Podman remote clients for macOS and Windows](https://www.redhat.com/sysadmin/podman-clients-macos-windows), Brent Baude and [Ashley Cui](https://twitter.com/cuicodes) walk you through setting up a remote client on either Windows or macOS to let you manage your containers and images on your Linux backend. The post covers installation, ssh setup, creating the initial connection and finally how to use the client. Give it a quick look!"},{"id":"/2020/09/02/running_windows_or_mac","metadata":{"permalink":"/blogs/2020/09/02/running_windows_or_mac","source":"@site/blog/2020-09-02-running_windows_or_mac.md","title":"Podman remote clients for macOS and Windows","description":"podman logo","date":"2020-09-02T00:00:00.000Z","formattedDate":"September 2, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.43,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Podman remote clients for macOS and Windows","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman remote clients for macOS and Windows","permalink":"/blogs/2020/09/02/new"},"nextItem":{"title":"The podman play kube command now supports deployments","permalink":"/blogs/2020/08/31/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman remote clients for macOS and Windows\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\nIn a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [Podman remote clients for macOS and Windows](https://www.redhat.com/sysadmin/podman-clients-macos-windows), Brent Baude and [Ashley Cui](https://twitter.com/cuicodes) walk you through setting up a remote client on either Windows or macOS to let you manage your containers and images on your Linux backend. The post covers installation, ssh setup, creating the initial connection and finally how to use the client. Give it a quick look!"},{"id":"/2020/08/31/new","metadata":{"permalink":"/blogs/2020/08/31/new","source":"@site/blog/2020-08-31-new.md","title":"The podman play kube command now supports deployments","description":"In a recent blog post on the Red Hat Enable Sysadmin site, The podman play kube command now supports deployments, you can now learn all about the recent features added to Podman to interact with Kubernetes objects. The podman generate kube command allows you to export your existing containers into Kubernetes Pod YAML. This YAML can then be imported into OpenShift or a Kubernetes cluster. The podman play kube does the opposite, it allows you to take a Kubernetes YAML and run it in Podman. Learn all of the details and more in the blog post!","date":"2020-08-31T00:00:00.000Z","formattedDate":"August 31, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"}],"readingTime":0.48,"hasTruncateMarker":false,"authors":[{"name":"mheon"}],"frontMatter":{"title":"The podman play kube command now supports deployments","layout":"default","author":"mheon","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc"]},"prevItem":{"title":"Podman remote clients for macOS and Windows","permalink":"/blogs/2020/09/02/running_windows_or_mac"},"nextItem":{"title":"The podman play kube command now supports deployments","permalink":"/blogs/2020/08/31/podman-and-kubernetes"}},"content":"In a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [The podman play kube command now supports deployments](https://www.redhat.com/sysadmin/podman-play-kube), you can now learn all about the recent features added to Podman to interact with Kubernetes objects. The `podman generate kube` command allows you to export your existing containers into Kubernetes Pod YAML. This YAML can then be imported into OpenShift or a Kubernetes cluster. The `podman play kube` does the opposite, it allows you to take a Kubernetes YAML and run it in Podman. Learn all of the details and more in the blog post!"},{"id":"/2020/08/31/podman-and-kubernetes","metadata":{"permalink":"/blogs/2020/08/31/podman-and-kubernetes","source":"@site/blog/2020-08-31-podman-and-kubernetes.md","title":"The podman play kube command now supports deployments","description":"podman logo","date":"2020-08-31T00:00:00.000Z","formattedDate":"August 31, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"github","permalink":"/blogs/tags/github"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"}],"readingTime":0.56,"hasTruncateMarker":false,"authors":[{"name":"mheon"}],"frontMatter":{"title":"The podman play kube command now supports deployments","layout":"default","author":"mheon","categories":["blogs"],"tags":["podman","containers","v2","github","kubernetes","kube"]},"prevItem":{"title":"The podman play kube command now supports deployments","permalink":"/blogs/2020/08/31/new"},"nextItem":{"title":"Tick-tock. Does your container know what time it is?","permalink":"/blogs/2020/08/24/container-time"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# The podman play kube command now supports deployments\\n\\n## By Matthew Heon [GitHub](https://github.com/mheon)\\n\\nIn a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [The podman play kube command now supports deployments](https://www.redhat.com/sysadmin/podman-play-kube), you can now learn all about the recent features added to Podman to interact with Kubernetes objects. The `podman generate kube` command allows you to export your existing containers into Kubernetes Pod YAML. This YAML can then be imported into OpenShift or a Kubernetes cluster. The `podman play kube` does the opposite, it allows you to take a Kubernetes YAML and run it in Podman. Learn all of the details and more in the blog post!"},{"id":"/2020/08/24/container-time","metadata":{"permalink":"/blogs/2020/08/24/container-time","source":"@site/blog/2020-08-24-container-time.md","title":"Tick-tock. Does your container know what time it is?","description":"podman logo","date":"2020-08-24T00:00:00.000Z","formattedDate":"August 24, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"github","permalink":"/blogs/tags/github"},{"label":"rename","permalink":"/blogs/tags/rename"}],"readingTime":0.51,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Tick-tock. Does your container know what time it is?","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["podman","containers","v2","github","rename"]},"prevItem":{"title":"The podman play kube command now supports deployments","permalink":"/blogs/2020/08/31/podman-and-kubernetes"},"nextItem":{"title":"Tick-tock. Does your container know what time it is?","permalink":"/blogs/2020/08/24/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Tick-tock. Does your container know what time it is?\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\n[Ashley Cui](https://twitter.com/cuicodes) recently joined our team at Red Hat and just wrote her first ever blog post that is now on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site [Tick-tock. Does your container know what time it is?](https://www.redhat.com/sysadmin/tick-tock-container-time). In this timely post, Ashley walks you through setting the timezone within a container using the `--tz` option. Just prior to this posting, I had answered a very similar question for someone. This is a really good and quick blog, and I\'m sure the first of many for Ashley."},{"id":"/2020/08/24/new","metadata":{"permalink":"/blogs/2020/08/24/new","source":"@site/blog/2020-08-24-new.md","title":"Tick-tock. Does your container know what time it is?","description":"Ashley Cui recently joined our team at Red Hat and just wrote her first ever blog post that is now on the Red Hat Enable Sysadmin site Tick-tock. Does your container know what time it is?. In this timely post, Ashley walks you through setting the timezone within a container using the --tz option. Just prior to this posting, I had answered a very similar question for someone. This is a really good and quick blog, and I\'m sure the first of many for Ashley.","date":"2020-08-24T00:00:00.000Z","formattedDate":"August 24, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"rest","permalink":"/blogs/tags/rest"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"}],"readingTime":0.425,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Tick-tock. Does your container know what time it is?","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","rest","rest-api","v2","hpc"]},"prevItem":{"title":"Tick-tock. Does your container know what time it is?","permalink":"/blogs/2020/08/24/container-time"},"nextItem":{"title":"Container video series: Rootless containers, process separation, and OpenSCAP","permalink":"/blogs/2020/08/21/new"}},"content":"[Ashley Cui](https://twitter.com/cuicodes) recently joined our team at Red Hat and just wrote her first ever blog post that is now on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site [Tick-tock. Does your container know what time it is?](https://www.redhat.com/sysadmin/tick-tock-container-time). In this timely post, Ashley walks you through setting the timezone within a container using the `--tz` option. Just prior to this posting, I had answered a very similar question for someone. This is a really good and quick blog, and I\'m sure the first of many for Ashley."},{"id":"/2020/08/21/new","metadata":{"permalink":"/blogs/2020/08/21/new","source":"@site/blog/2020-08-21-new.md","title":"Container video series: Rootless containers, process separation, and OpenSCAP","description":"Do you want to know more about Rootless containers, process separation, and OpenSCAP? If you\'re like many, a video is a better learning device than a blog post. Well you\'re in luck, Brian Smith just landed a blog post on the Red Hat Enable Sysadmin site Container video series: Rootless containers, process separation, and OpenSCAP with a number of blog posts on the subject, many featuring Podman.","date":"2020-08-21T00:00:00.000Z","formattedDate":"August 21, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"rest","permalink":"/blogs/tags/rest"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"}],"readingTime":0.335,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Container video series: Rootless containers, process separation, and OpenSCAP","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","rest","rest-api","v2","hpc"]},"prevItem":{"title":"Tick-tock. Does your container know what time it is?","permalink":"/blogs/2020/08/24/new"},"nextItem":{"title":"Container video series: Rootless containers, process separation, and OpenSCAP","permalink":"/blogs/2020/08/21/rootless-separation-openscap"}},"content":"Do you want to know more about Rootless containers, process separation, and OpenSCAP? If you\'re like many, a video is a better learning device than a blog post. Well you\'re in luck, [Brian Smith](https://www.redhat.com/sysadmin/users/briasmit) just landed a blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site [Container video series: Rootless containers, process separation, and OpenSCAP](https://www.redhat.com/sysadmin/container-video-series) with a number of blog posts on the subject, many featuring Podman."},{"id":"/2020/08/21/rootless-separation-openscap","metadata":{"permalink":"/blogs/2020/08/21/rootless-separation-openscap","source":"@site/blog/2020-08-21-rootless-separation-openscap.md","title":"Container video series: Rootless containers, process separation, and OpenSCAP","description":"podman logo","date":"2020-08-21T00:00:00.000Z","formattedDate":"August 21, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"github","permalink":"/blogs/tags/github"},{"label":"rename","permalink":"/blogs/tags/rename"}],"readingTime":0.42,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Container video series: Rootless containers, process separation, and OpenSCAP","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["podman","containers","v2","github","rename"]},"prevItem":{"title":"Container video series: Rootless containers, process separation, and OpenSCAP","permalink":"/blogs/2020/08/21/new"},"nextItem":{"title":"Podman Troubleshooting Guide","permalink":"/blogs/2020/08/17/work-the-problems"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Container video series: Rootless containers, process separation, and OpenSCAP\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nDo you want to know more about Rootless containers, process separation, and OpenSCAP? If you\'re like many, a video is a better learning device than a blog post. Well you\'re in luck, [Brian Smith](https://www.redhat.com/sysadmin/users/briasmit) just landed a blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site [Container video series: Rootless containers, process separation, and OpenSCAP](https://www.redhat.com/sysadmin/container-video-series) with a number of blog posts on the subject, many featuring Podman."},{"id":"/2020/08/17/work-the-problems","metadata":{"permalink":"/blogs/2020/08/17/work-the-problems","source":"@site/blog/2020-08-17-work-the-problems.md","title":"Podman Troubleshooting Guide","description":"podman logo","date":"2020-08-17T00:00:00.000Z","formattedDate":"August 17, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"github","permalink":"/blogs/tags/github"},{"label":"varlink","permalink":"/blogs/tags/varlink"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"}],"readingTime":2.14,"hasTruncateMarker":true,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Troubleshooting Guide","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["podman","containers","v2","github","varlink","rest-api"]},"prevItem":{"title":"Container video series: Rootless containers, process separation, and OpenSCAP","permalink":"/blogs/2020/08/21/rootless-separation-openscap"},"nextItem":{"title":"Learning Red Hat\'s Podman (docker), Buildah, Skopeo and Quay.io","permalink":"/blogs/2020/08/13/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman Troubleshooting Guide\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nAs a kid, I was fascinated by space flight. If I couldn\'t be a fireman like my father, I wanted to be an astronaut. Of course I had to have a [Major Matt Mason](https://www.youtube.com/watch?v=4sNoiDT0BMw&list=LLTdXWmg018se8aJN4cUq6Ag&index=2934) figure so I could fly him around the house and then land him softly in a jury-rigged parachute in my wading pool. Then of course the whole Apollo 13 drama had me riveted, and when the movie came out years later, I fell in love with this line in the movie, \\"Let\'s work the problem people. Let\'s not make things worse by guessing.\\" by Ed Harris who played Gene Kranz the \\"vested\\" flight director.\\n\\n\x3c!--truncate--\x3e\\n\\nThat\'s been a helpful creed for me and it\'s also helpful for the Podman world too. Many times the community spends a fair amount of effort answering issues and questions either in GitHub\'s [issues](https://github.com/containers/podman/issues) or in the [Podman Mailing List](https://lists.podman.io/admin/lists/podman.lists.podman.io/). That\'s really great, but sometimes the discussion finds that the problem is concerning an issue that is on the [Podman Troubleshooting Guide](https://github.com/containers/podman/blob/main/troubleshooting.md). This page might be one of the least visited pages on the site, yet the most helpful, especially for people who are new to the Podman project.\\n\\nThe page contains a number of common issues and solutions for Podman. It can help people who are running into issues find out if the issue has been encountered before. Some of the more common ones are issues with mounts and selinux, rootless containers not being able to ping the host, rootless containers exiting with the user, and more. A lot of the items of the page are not really issues with the Podman software, but rather that required configuration steps for use cases were not completed. Along with the problem and typical error responses on this page, each one has a solution section that will walk you through the steps needed to correct the problem. As common problems are encountered along the way, the community is encouraged to add them to the troubleshooting page, keeping it a fresh source of information.\\n\\nHopefully this post will help users of Podman find and discover solutions to their problems more easily in the Podman Troubleshooting Guide. Just as importantly, it will act as a reminder for those in the community who are familiar with the page to consider adding problems and solutions that they may encounter. As we move forward, effective use of this page will help us prove Gene Kranz right in the Podman universe, \\"Failure is not an option\\"."},{"id":"/2020/08/13/new","metadata":{"permalink":"/blogs/2020/08/13/new","source":"@site/blog/2020-08-13-new.md","title":"Learning Red Hat\'s Podman (docker), Buildah, Skopeo and Quay.io","description":"Four engineers at IBM and Red Hat, JJ Asghar, Brian Tannous, Jason Dobies and Cedric Clyburn spent some time in a stream learning about Podman, Buildah, Skopeo from the ground up in this video blog post. Check out the video to get a great introduction to the tools.","date":"2020-08-13T00:00:00.000Z","formattedDate":"August 13, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"rest","permalink":"/blogs/tags/rest"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"}],"readingTime":0.24,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Learning Red Hat\'s Podman (docker), Buildah, Skopeo and Quay.io","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","rest","rest-api","v2","hpc"]},"prevItem":{"title":"Podman Troubleshooting Guide","permalink":"/blogs/2020/08/17/work-the-problems"},"nextItem":{"title":"Learning Red Hat\'s Podman (docker), Buildah, Skopeo and Quay.io","permalink":"/blogs/2020/08/13/walk-through"}},"content":"Four engineers at IBM and Red Hat, [JJ Asghar](https://twitter.com/jjasghar), [Brian Tannous](https://twitter.com/briantannous), [Jason Dobies](https://twitter.com/jdob) and Cedric Clyburn spent some time in a stream learning about Podman, Buildah, Skopeo from the ground up in this video blog [post](https://www.youtube.com/watch?time_continue=246&v=IKGcxxjieFo&feature=emb_logo). Check out the video to get a great introduction to the tools."},{"id":"/2020/08/13/walk-through","metadata":{"permalink":"/blogs/2020/08/13/walk-through","source":"@site/blog/2020-08-13-walk-through.md","title":"Learning Red Hat\'s Podman (docker), Buildah, Skopeo and Quay.io","description":"podman logo","date":"2020-08-13T00:00:00.000Z","formattedDate":"August 13, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"github","permalink":"/blogs/tags/github"},{"label":"rename","permalink":"/blogs/tags/rename"}],"readingTime":0.325,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Learning Red Hat\'s Podman (docker), Buildah, Skopeo and Quay.io","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["podman","containers","v2","github","rename"]},"prevItem":{"title":"Learning Red Hat\'s Podman (docker), Buildah, Skopeo and Quay.io","permalink":"/blogs/2020/08/13/new"},"nextItem":{"title":"Moving from docker-compose to Podman pods","permalink":"/blogs/2020/08/11/migrate-from-docker-compose"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Learning Red Hat\'s Podman (docker), Buildah, Skopeo and Quay.io\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nFour engineers at IBM and Red Hat, [JJ Asghar](https://twitter.com/jjasghar), [Brian Tannous](https://twitter.com/briantannous), [Jason Dobies](https://twitter.com/jdob) and Cedric Clyburn spent some time in a stream learning about Podman, Buildah, Skopeo from the ground up in this video blog [post](https://www.youtube.com/watch?time_continue=246&v=IKGcxxjieFo&feature=emb_logo). Check out the video to get a great introduction to the tools."},{"id":"/2020/08/11/migrate-from-docker-compose","metadata":{"permalink":"/blogs/2020/08/11/migrate-from-docker-compose","source":"@site/blog/2020-08-11-migrate-from-docker-compose.md","title":"Moving from docker-compose to Podman pods","description":"podman logo","date":"2020-08-11T00:00:00.000Z","formattedDate":"August 11, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"github","permalink":"/blogs/tags/github"},{"label":"rename","permalink":"/blogs/tags/rename"}],"readingTime":0.235,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Moving from docker-compose to Podman pods","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["podman","containers","v2","github","rename"]},"prevItem":{"title":"Learning Red Hat\'s Podman (docker), Buildah, Skopeo and Quay.io","permalink":"/blogs/2020/08/13/walk-through"},"nextItem":{"title":"Moving from docker-compose to Podman pods","permalink":"/blogs/2020/08/11/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Moving from docker-compose to Podman pods\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\n[Nathan Lager](https://twitter.com/gangrif) just landed a blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site [Moving from docker-compose to Podman pods](https://www.redhat.com/sysadmin/compose-podman-pods). In the post, Nathan talks about ins and outs of the migration process."},{"id":"/2020/08/11/new","metadata":{"permalink":"/blogs/2020/08/11/new","source":"@site/blog/2020-08-11-new.md","title":"Moving from docker-compose to Podman pods","description":"Nathan Lager just landed a blog post on the Red Hat Enable Sysadmin site Moving from docker-compose to Podman pods. In the post, Nathan talks about ins and outs of the migration process.","date":"2020-08-11T00:00:00.000Z","formattedDate":"August 11, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"rest","permalink":"/blogs/tags/rest"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"}],"readingTime":0.165,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Moving from docker-compose to Podman pods","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","rest","rest-api","v2","hpc"]},"prevItem":{"title":"Moving from docker-compose to Podman pods","permalink":"/blogs/2020/08/11/migrate-from-docker-compose"},"nextItem":{"title":"Podman Go bindings","permalink":"/blogs/2020/08/10/new"}},"content":"[Nathan Lager](https://twitter.com/gangrif) just landed a blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site [Moving from docker-compose to Podman pods](https://www.redhat.com/sysadmin/compose-podman-pods). In the post, Nathan talks about ins and outs of the migration process."},{"id":"/2020/08/10/new","metadata":{"permalink":"/blogs/2020/08/10/new","source":"@site/blog/2020-08-10-new.md","title":"Podman Go bindings","description":"In the release of Podman 2.0, we removed the experimental tag from its recently","date":"2020-08-10T00:00:00.000Z","formattedDate":"August 10, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"go","permalink":"/blogs/tags/go"},{"label":"images","permalink":"/blogs/tags/images"}],"readingTime":0.3,"hasTruncateMarker":false,"authors":[{"name":"lsm5"}],"frontMatter":{"title":"Podman Go bindings","layout":"default","author":"lsm5","categories":["new"],"tags":["containers","podman","api","v2","go","images"]},"prevItem":{"title":"Moving from docker-compose to Podman pods","permalink":"/blogs/2020/08/11/new"},"nextItem":{"title":"Podman Go bindings","permalink":"/blogs/2020/08/10/podman-go-bindings"}},"content":"In the release of Podman 2.0, we removed the experimental tag from its recently\\nintroduced RESTful service. While it might be interesting to interact with a\\nRESTful server using curl, using a set of Go based bindings is probably a more\\ndirect route to a production ready application. More details from Lokesh\\nMandvekar and Parker Van Roy in this\\n[post](https://podman.io/blogs/2020/08/10/podman-go-bindings.html)."},{"id":"/2020/08/10/podman-go-bindings","metadata":{"permalink":"/blogs/2020/08/10/podman-go-bindings","source":"@site/blog/2020-08-10-podman-go-bindings.md","title":"Podman Go bindings","description":"podman logo","date":"2020-08-10T00:00:00.000Z","formattedDate":"August 10, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"bindings","permalink":"/blogs/tags/bindings"},{"label":"go","permalink":"/blogs/tags/go"}],"readingTime":12.21,"hasTruncateMarker":true,"authors":[{"name":"lsm5"}],"frontMatter":{"title":"Podman Go bindings","layout":"default","author":"lsm5","categories":["blogs"],"tags":["podman","containers","v2","bindings","go"]},"prevItem":{"title":"Podman Go bindings","permalink":"/blogs/2020/08/10/new"},"nextItem":{"title":"Improved systemd integration with Podman 2.0","permalink":"/blogs/2020/08/02/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman Go bindings\\n\\n## By Lokesh Mandvekar [GitHub](https://github.com/lsm5) and Parker VanRoy\\n\\n## Introduction\\n\\nIn the release of Podman 2.0, we removed the experimental tag\\nfrom its recently introduced RESTful service. While it might\\nbe interesting to interact with a RESTFul server using curl,\\nusing a set of Go based bindings is probably a more direct\\nroute to a production ready application. Let\u2019s take a look\\nat how easily that can be accomplished.\\n\\n\x3c!--truncate--\x3e\\n\\nIf you haven\'t yet, [install Go](https://golang.org/doc/install).\\n\\nBe careful to double-check that the version of golang is new\\nenough (i.e. `go version`), version 1.13.x or higher is\\nsupported. If needed, Go sources and binaries can be fetched\\nfrom the [official Go website](https://golang.org/dl/).\\n\\nThe Podman Go bindings are a set of functions to allow\\ndevelopers to execute Podman operations from within their Go\\nbased application. The Go bindings connect to a Podman service\\nwhich can run locally or on a remote machine. You can perform\\nmany operations including pulling and listing images, starting,\\nstopping or inspecting containers. Currently, the Podman\\nrepository has bindings available for operations on images,\\ncontainers, pods, networks and manifests among others. The\\nbindings are available on the [v2.0 branch in the\\nupstream Podman repository](https://github.com/containers/podman/tree/v2.0).\\nYou can fetch the bindings for your application using Go modules:\\n\\n```bash\\n$ cd $HOME\\n$ mkdir example && cd example\\n$ go mod init example.com\\ngo: creating new go.mod: module example.com\\n$ go get github.com/containers/podman/v2@v2.0.4\\ngo: downloading github.com/containers/podman/v2 v2.0.4\\ngo get: github.com/containers/podman/v2@v2.0.4: parsing go.mod:\\n module declares its path as: github.com/containers/libpod/v2\\n but was required as: github.com/containers/podman/v2\\n```\\n\\nThis creates a new `go.mod` file in the current directory that looks as follows:\\n\\n```bash\\nmodule example.com\\n\\ngo 1.14\\n\\nrequire github.com/containers/libpod/v2 v2.0.4 // indirect\\n```\\n\\nYou can also try a demo application with the Go modules created already:\\n\\n```bash\\n$ git clone https://github.com/containers/Demos\\n$ cd Demos/podman_go_bindings\\n$ ls\\nREADME.md go.mod go.sum main.go\\n```\\n\\n## How do I use them\\n\\nIn this tutorial, you will learn through basic examples how to:\\n\\n0. [Start the Podman system service](#start-service)\\n1. [Connect to the Podman system service](#connect-service)\\n2. [Pull images](#pull-images)\\n3. [List images](#list-images)\\n4. [Create and start a container from an image](#create-start-container)\\n5. [List containers](#list-containers)\\n6. [Inspect the container](#inspect-container)\\n7. [Stop the container](#stop-container)\\n8. [Debugging tips](#debugging-tips)\\n\\n### Start the Podman system service \\n\\nThe recommended way to start Podman system service in production mode\\nis via systemd socket-activation:\\n\\n```bash\\n$ systemctl --user start podman.socket\\n```\\n\\nThere\u2019s no timeout specified when starting the system service via socket-activation.\\n\\nFor purposes of this demo, we will start the service using the Podman\\ncommand itself. If you prefer the system service to timeout after, say,\\n5000 seconds, you can run it like so:\\n\\n```bash\\n$ podman system service -t 5000\\n```\\n\\nNote that the 5000 seconds uptime is refreshed after every command is received.\\nIf you want the service to stay up until the machine is shutdown or the process\\nis terminated, use `0` (zero) instead of 5000. For this demo, we will use no timeout:\\n\\n```bash\\n# -t 0 implies no timeout, default timeout 5 seconds\\n$ podman system service -t 0\\n```\\n\\nOpen another terminal window and check if the Podman socket exists:\\n\\n```bash\\n$ ls /run/user/${UID}/podman\\npodman.sock\\n```\\n\\nIf you\u2019re running the system service as root, podman.sock will be found in /run/podman:\\n\\n```bash\\n$ ls /run/podman\\npodman.sock\\n```\\n\\n### Connect to the Podman system service \\n\\nFirst, you need to create a connection that connects to the system service.\\nThe critical piece of information for setting up a new connection is the endpoint.\\nThe endpoint comes in the form of an URI (method:/path/to/socket). For example,\\nto connect to the local rootful socket the URI would be `unix:/run/podman/podman.sock`\\nand for a rootless user it would be `unix:$(XDG_RUNTIME_DIR)/podman/podman.sock`,\\ntypically: `unix:/run/user/${UID}/podman/podman.sock`.\\n\\nThe following Go example snippet shows how to set up a connection for a rootless user.\\n\\n```Go\\npackage main\\n\\nimport (\\n \\"context\\"\\n \\"fmt\\"\\n \\"os\\"\\n\\n \\"github.com/containers/libpod/v2/libpod/define\\"\\n \\"github.com/containers/libpod/v2/pkg/bindings\\"\\n \\"github.com/containers/libpod/v2/pkg/bindings/containers\\"\\n \\"github.com/containers/libpod/v2/pkg/bindings/images\\"\\n \\"github.com/containers/libpod/v2/pkg/domain/entities\\"\\n \\"github.com/containers/libpod/v2/pkg/specgen\\"\\n)\\n\\nfunc main() {\\n fmt.Println(\\"Welcome to the Podman Go bindings tutorial\\")\\n\\n // Get Podman socket location\\n sock_dir := os.Getenv(\\"XDG_RUNTIME_DIR\\")\\n socket := \\"unix:\\" + sock_dir + \\"/podman/podman.sock\\"\\n\\n // Connect to Podman socket\\n connText, err := bindings.NewConnection(context.Background(), socket)\\n if err != nil {\\n fmt.Println(err)\\n os.Exit(1)\\n }\\n}\\n```\\n\\nThe `connText` variable received from the NewConnection function is of type\\ncontext.Context(). In subsequent uses of the bindings, you will use this context\\nto direct the bindings to your connection. This can be seen in the examples below.\\n\\n### Pull an image \\n\\nNext, we will pull a couple of images using the images.Pull() binding.\\nThis binding takes three arguments: - The context variable created by the bindings.NewConnection() call in the first example - The image name - Options for image pull\\n\\n**Append the following lines to your function:**\\n\\n```Go\\n // Pull Busybox image (Sample 1)\\n fmt.Println(\\"Pulling Busybox image...\\")\\n _, err = images.Pull(connText, \\"docker.io/busybox\\", entities.ImagePullOptions{})\\n if err != nil {\\n fmt.Println(err)\\n os.Exit(1)\\n }\\n\\n // Pull Fedora image (Sample 2)\\n rawImage := \\"registry.fedoraproject.org/fedora:latest\\"\\n fmt.Println(\\"Pulling Fedora image...\\")\\n _, err = images.Pull(connText, rawImage, entities.ImagePullOptions{})\\n if err != nil {\\n fmt.Println(err)\\n os.Exit(1)\\n }\\n```\\n\\n**Run it:**\\n\\n```bash\\n$ go run main.go\\nWelcome to the Podman Go bindings tutorial\\nPulling Busybox image...\\nPulling Fedora image...\\n$\\n```\\n\\nThe system service side should echo messages like so:\\n\\n```bash\\nTrying to pull docker.io/busybox...\\nGetting image source signatures\\nCopying blob 61c5ed1cbdf8 [--------------------------------------] 0.0b / 0.0b\\nCopying config 018c9d7b79 done\\nWriting manifest to image destination\\nStoring signatures\\nTrying to pull registry.fedoraproject.org/fedora:latest...\\nGetting image source signatures\\nCopying blob dd9f43919ba0 [--------------------------------------] 0.0b / 0.0b\\nCopying config 00ff39a8bf done\\nWriting manifest to image destination\\nStoring signatures\\n```\\n\\n### List images \\n\\nNext, we will pull an image using the images.List() binding.\\nThis binding takes three arguments:\\n\\n- The context variable created earlier\\n- An optional bool \'all\'\\n- An optional map of filters\\n\\n**Append the following lines to your function:**\\n\\n```Go\\n // List images\\n imageSummary, err := images.List(connText, nil, nil)\\n if err != nil {\\n fmt.Println(err)\\n os.Exit(1)\\n }\\n var names []string\\n for _, i := range imageSummary {\\n names = append(names, i.RepoTags...)\\n }\\n fmt.Println(\\"Listing images...\\")\\n fmt.Println(names)\\n```\\n\\n**Run it:**\\n\\n```bash\\n$ go run main.go\\nWelcome to the Podman Go bindings tutorial\\nPulling Busybox image...\\nPulling Fedora image...\\nListing images...\\n[docker.io/library/busybox:latest registry.fedoraproject.org/fedora:latest]\\n$\\n```\\n\\n### Create and Start a Container from an Image \\n\\nTo create the container spec, we use specgen.NewSpecGenerator() followed by\\ncalling containers.CreateWithSpec() to actually create a new container.\\nspecgen.NewSpecGenerator() takes 2 arguments: - name of the image - whether it\'s a rootfs\\n\\ncontainers.CreateWithSpec() takes 2 arguments: - the context created earlier - the spec created by NewSpecGenerator\\n\\nNext, the container is actually started using the containers.Start() binding.\\ncontainers.Start() takes three arguments: - the context - the name or ID of the container created - an optional parameter for detach keys\\n\\nAfter the container is started, it\'s a good idea to ensure the container is\\nin a running state before you proceed with further operations.\\nThe containers.Wait() takes care of that.\\ncontainers.Wait() takes three arguments: - the context - the name or ID of the container created - container state (running/paused/stopped)\\n\\n**Append the following lines to your function:**\\n\\n```Go\\n // Container create\\n s := specgen.NewSpecGenerator(rawImage, false)\\n s.Terminal = true\\n r, err := containers.CreateWithSpec(connText, s)\\n if err != nil {\\n fmt.Println(err)\\n os.Exit(1)\\n }\\n\\n // Container start\\n fmt.Println(\\"Starting Fedora container...\\")\\n err = containers.Start(connText, r.ID, nil)\\n if err != nil {\\n fmt.Println(err)\\n os.Exit(1)\\n }\\n\\n running := define.ContainerStateRunning\\n _, err = containers.Wait(connText, r.ID, &running)\\n if err != nil {\\n fmt.Println(err)\\n os.Exit(1)\\n }\\n```\\n\\n**Run it:**\\n\\n```bash\\n$ go run main.go\\nWelcome to the Podman Go bindings tutorial\\nPulling image...\\nStarting Fedora container...\\n$\\n```\\n\\nCheck if the container is running:\\n\\n```bash\\n$ podman ps\\nCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES\\n665831d31e90 registry.fedoraproject.org/fedora:latest /bin/bash Less than a second ago Up Less than a second ago dazzling_mclean\\n$\\n```\\n\\n### List Containers \\n\\nContainers can be listed using the containers.List() binding.\\ncontainers.List() takes seven arguments: - the context - output filters - boolean to show all containers, by default only running containers are listed - number of latest created containers, all states (running/paused/stopped) - boolean to print pod information - boolean to print rootfs size - boolean to print oci runtime and container state\\n\\n**Append the following lines to your function:**\\n\\n```Go\\n // Container list\\n var latestContainers = 1\\n containerLatestList, err := containers.List(connText, nil, nil, &latestContainers, nil, nil, nil)\\n if err != nil {\\n fmt.Println(err)\\n os.Exit(1)\\n }\\n fmt.Printf(\\"Latest container is %s\\\\n\\", containerLatestList[0].Names[0])\\n```\\n\\n**Run it:**\\n\\n```bash\\n$ go run main.go\\nWelcome to the Podman Go bindings tutorial\\nPulling Busybox image...\\nPulling Fedora image...\\nListing images...\\n[docker.io/library/busybox:latest registry.fedoraproject.org/fedora:latest]\\nStarting Fedora container...\\nLatest container is dazzling_mclean\\n$\\n```\\n\\n### Inspect Container \\n\\nContainers can be inspected using the containers.Inspect() binding.\\ncontainers.Inspect() takes 3 arguments: - context - image name or ID - optional boolean to check for container size\\n\\n**Append the following lines to your function:**\\n\\n```Go\\n // Container inspect\\n ctrData, err := containers.Inspect(connText, r.ID, nil)\\n if err != nil {\\n fmt.Println(err)\\n os.Exit(1)\\n }\\n fmt.Printf(\\"Container uses image %s\\\\n\\", ctrData.ImageName)\\n fmt.Printf(\\"Container running status is %s\\\\n\\", ctrData.State.Status)\\n```\\n\\n**Run it:**\\n\\n```bash\\n$ go run main.go\\nWelcome to the Podman Go bindings tutorial\\nPulling Busybox image...\\nPulling Fedora image...\\nListing images...\\n[docker.io/library/busybox:latest registry.fedoraproject.org/fedora:latest]\\nStarting Fedora container...\\nLatest container is peaceful_noether\\nFedora Container uses image registry.fedoraproject.org/fedora:latest\\nFedora Container running status is running\\n$\\n```\\n\\n### Stop Container \\n\\nA container can be stopped by the containers.Stop() binding.\\ncontainers.Stop() takes 3 arguments: - context - image name or ID - optional timeout\\n\\n**Append the following lines to your function:**\\n\\n```Go\\n // Container stop\\n fmt.Println(\\"Stopping the container...\\")\\n err = containers.Stop(connText, r.ID, nil)\\n if err != nil {\\n fmt.Println(err)\\n os.Exit(1)\\n }\\n ctrData, err = containers.Inspect(connText, r.ID, nil)\\n if err != nil {\\n fmt.Println(err)\\n os.Exit(1)\\n }\\n fmt.Printf(\\"Container running status is now %s\\\\n\\", ctrData.State.Status)\\n```\\n\\n**Run it:**\\n\\n```bash\\n$ go run main.go\\nWelcome to the Podman Go bindings tutorial\\nPulling Busybox image...\\nPulling Fedora image...\\nListing images...\\n[docker.io/library/busybox:latest registry.fedoraproject.org/fedora:latest]\\nStarting Fedora container...\\nLatest container is peaceful_noether\\nFedora Container uses image registry.fedoraproject.org/fedora:latest\\nFedora Container running status is running\\nStopping Fedora container...\\nContainer running status is now exited\\n```\\n\\n### Debugging tips \\n\\nTo debug in a development setup, you can start the Podman system service\\nin debug mode like so:\\n\\n```bash\\n$ podman --log-level=debug system service -t 0\\n```\\n\\nThe `--log-level=debug` echoes all the logged requests and is useful to\\ntrace the execution path at a finer granularity. A snippet of a sample run looks like:\\n\\n```bash\\nINFO[0000] podman filtering at log level debug\\nDEBU[0000] Called service.PersistentPreRunE(podman --log-level=debug system service -t0)\\nDEBU[0000] Ignoring libpod.conf EventsLogger setting \\"/home/lsm5/.config/containers/containers.conf\\". Use \\"journald\\" if you want to change this setting and remove libpod.conf files.\\nDEBU[0000] Reading configuration file \\"/usr/share/containers/containers.conf\\"\\nDEBU[0000] Merged system config \\"/usr/share/containers/containers.conf\\": {Editors note: the remainder of this line was removed due to Jekyll formatting errors.}\\nDEBU[0000] Using conmon: \\"/usr/bin/conmon\\"\\nDEBU[0000] Initializing boltdb state at /home/lsm5/.local/share/containers/storage/libpod/bolt_state.db\\nDEBU[0000] Overriding run root \\"/run/user/1000/containers\\" with \\"/run/user/1000\\" from database\\nDEBU[0000] Using graph driver overlay\\nDEBU[0000] Using graph root /home/lsm5/.local/share/containers/storage\\nDEBU[0000] Using run root /run/user/1000\\nDEBU[0000] Using static dir /home/lsm5/.local/share/containers/storage/libpod\\nDEBU[0000] Using tmp dir /run/user/1000/libpod/tmp\\nDEBU[0000] Using volume path /home/lsm5/.local/share/containers/storage/volumes\\nDEBU[0000] Set libpod namespace to \\"\\"\\nDEBU[0000] Not configuring container store\\nDEBU[0000] Initializing event backend file\\nDEBU[0000] using runtime \\"/usr/bin/runc\\"\\nDEBU[0000] using runtime \\"/usr/bin/crun\\"\\nWARN[0000] Error initializing configured OCI runtime kata: no valid executable found for OCI runtime kata: invalid argument\\nDEBU[0000] using runtime \\"/usr/bin/crun\\"\\nINFO[0000] Setting parallel job count to 25\\nINFO[0000] podman filtering at log level debug\\nDEBU[0000] Called service.PersistentPreRunE(podman --log-level=debug system service -t0)\\nDEBU[0000] Ignoring libpod.conf EventsLogger setting \\"/home/lsm5/.config/containers/containers.conf\\". Use \\"journald\\" if you want to change this setting and remove libpod.conf files.\\nDEBU[0000] Reading configuration file \\"/usr/share/containers/containers.conf\\"\\n```\\n\\nIf the Podman system service has been started via systemd socket activation,\\nyou can view the logs using journalctl. The logs after a sample run look like so:\\n\\n```bash\\n$ journalctl --user --no-pager -u podman.socket\\n-- Reboot --\\nJul 22 13:50:40 nagato.nanadai.me systemd[1048]: Listening on Podman API Socket.\\n$\\n```\\n\\n```bash\\n$ journalctl --user --no-pager -u podman.service\\nJul 22 13:50:53 nagato.nanadai.me systemd[1048]: Starting Podman API Service...\\nJul 22 13:50:54 nagato.nanadai.me podman[1527]: time=\\"2020-07-22T13:50:54-04:00\\" level=error msg=\\"Error refreshing volume 38480630a8bdaa3e1a0ebd34c94038591b0d7ad994b37be5b4f2072bb6ef0879: error acquiring lock 0 for volume 38480630a8bdaa3e1a0ebd34c94038591b0d7ad994b37be5b4f2072bb6ef0879: file exists\\"\\nJul 22 13:50:54 nagato.nanadai.me podman[1527]: time=\\"2020-07-22T13:50:54-04:00\\" level=error msg=\\"Error refreshing volume 47d410af4d762a0cc456a89e58f759937146fa3be32b5e95a698a1d4069f4024: error acquiring lock 0 for volume 47d410af4d762a0cc456a89e58f759937146fa3be32b5e95a698a1d4069f4024: file exists\\"\\nJul 22 13:50:54 nagato.nanadai.me podman[1527]: time=\\"2020-07-22T13:50:54-04:00\\" level=error msg=\\"Error refreshing volume 86e73f082e344dad38c8792fb86b2017c4f133f2a8db87f239d1d28a78cf0868: error acquiring lock 0 for volume 86e73f082e344dad38c8792fb86b2017c4f133f2a8db87f239d1d28a78cf0868: file exists\\"\\nJul 22 13:50:54 nagato.nanadai.me podman[1527]: time=\\"2020-07-22T13:50:54-04:00\\" level=error msg=\\"Error refreshing volume 9a16ea764be490a5563e384d9074ab0495e4d9119be380c664037d6cf1215631: error acquiring lock 0 for volume 9a16ea764be490a5563e384d9074ab0495e4d9119be380c664037d6cf1215631: file exists\\"\\nJul 22 13:50:54 nagato.nanadai.me podman[1527]: time=\\"2020-07-22T13:50:54-04:00\\" level=error msg=\\"Error refreshing volume bfd6b2a97217f8655add13e0ad3f6b8e1c79bc1519b7a1e15361a107ccf57fc0: error acquiring lock 0 for volume bfd6b2a97217f8655add13e0ad3f6b8e1c79bc1519b7a1e15361a107ccf57fc0: file exists\\"\\nJul 22 13:50:54 nagato.nanadai.me podman[1527]: time=\\"2020-07-22T13:50:54-04:00\\" level=error msg=\\"Error refreshing volume f9b9f630982452ebcbed24bd229b142fbeecd5d4c85791fca440b21d56fef563: error acquiring lock 0 for volume f9b9f630982452ebcbed24bd229b142fbeecd5d4c85791fca440b21d56fef563: file exists\\"\\nJul 22 13:50:54 nagato.nanadai.me podman[1527]: Trying to pull registry.fedoraproject.org/fedora:latest...\\nJul 22 13:50:55 nagato.nanadai.me podman[1527]: Getting image source signatures\\nJul 22 13:50:55 nagato.nanadai.me podman[1527]: Copying blob sha256:dd9f43919ba05f05d4f783c31e83e5e776c4f5d29dd72b9ec5056b9576c10053\\nJul 22 13:50:55 nagato.nanadai.me podman[1527]: Copying config sha256:00ff39a8bf19f810a7e641f7eb3ddc47635913a19c4996debd91fafb6b379069\\nJul 22 13:50:55 nagato.nanadai.me podman[1527]: Writing manifest to image destination\\nJul 22 13:50:55 nagato.nanadai.me podman[1527]: Storing signatures\\nJul 22 13:50:55 nagato.nanadai.me systemd[1048]: podman.service: unit configures an IP firewall, but not running as root.\\nJul 22 13:50:55 nagato.nanadai.me systemd[1048]: (This warning is only shown for the first unit using IP firewalling.)\\nJul 22 13:51:15 nagato.nanadai.me systemd[1048]: podman.service: Succeeded.\\nJul 22 13:51:15 nagato.nanadai.me systemd[1048]: Finished Podman API Service.\\nJul 22 13:51:15 nagato.nanadai.me systemd[1048]: podman.service: Consumed 1.339s CPU time.\\n$\\n```\\n\\n## Wrap Up\\n\\nPodman v2 provides a set of Go bindings to allow developers to integrate Podman\\nfunctionality conveniently in their Go application. These Go bindings require\\nthe Podman system service to be running in the background and this can easily\\nbe achieved using systemd socket activation. Once set up, you are able to use a\\nset of Go based bindings to create, maintain and monitor your container images,\\ncontainers and pods in a way which fits very nicely in many production environments.\\n\\n## References\\n\\n- Podman v2 is available for most major distributions along with MacOS and Windows.\\n Installation details are available on the [Podman official website](https://podman.io/getting-started/).\\n\\n- Documentation can be found at the [Podman Docs page](https://docs.podman.io).\\n It also includes a section on the [RESTful API](https://docs.podman.io/en/latest/Reference.html).\\n\\n## Contribute\\n\\n- Any issues with the bindings can be [reported upstream](https://github.com/containers/podman/issues/new/choose).\\n- Check out the [Podman community page](https://podman.io/community/) for more ways to get in touch with the community.\\n\\n## Acknowledgments\\n\\n- This blog post was co-authored by Parker Van Roy, currently interning at Red\\n Hat for summer 2020.\\n\\n- Thanks to Brent Baude for the initial blog post suggestion and reviews.\\n\\n- Thanks to Tom Sweeney, Valentin Rothberg, Dan Walsh and the entire Podman team for\\n their reviews and insightful comments."},{"id":"/2020/08/02/new","metadata":{"permalink":"/blogs/2020/08/02/new","source":"@site/blog/2020-08-02-new.md","title":"Improved systemd integration with Podman 2.0","description":"Valentin Rothberg just landed a blog post on the Red Hat Enable Sysadmin site Improved systemd integration with Podman 2.0. In the post, Valentin talks about how systemd in Podman v2.0 is even more tightly integrated than it was in prior versions.","date":"2020-08-02T00:00:00.000Z","formattedDate":"August 2, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"rest","permalink":"/blogs/tags/rest"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"}],"readingTime":0.21,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Improved systemd integration with Podman 2.0","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","rest","rest-api","v2","hpc"]},"prevItem":{"title":"Podman Go bindings","permalink":"/blogs/2020/08/10/podman-go-bindings"},"nextItem":{"title":"Improved systemd integration with Podman 2.0","permalink":"/blogs/2020/08/02/systemd-integration-v2"}},"content":"[Valentin Rothberg](https://twitter.com/vlntnrthbrg) just landed a blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site [Improved systemd integration with Podman 2.0](https://www.redhat.com/sysadmin/improved-systemd-podman). In the post, Valentin talks about how systemd in Podman v2.0 is even more tightly integrated than it was in prior versions."},{"id":"/2020/08/02/systemd-integration-v2","metadata":{"permalink":"/blogs/2020/08/02/systemd-integration-v2","source":"@site/blog/2020-08-02-systemd-integration-v2.md","title":"Improved systemd integration with Podman 2.0","description":"podman logo","date":"2020-08-02T00:00:00.000Z","formattedDate":"August 2, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"github","permalink":"/blogs/tags/github"},{"label":"rename","permalink":"/blogs/tags/rename"}],"readingTime":0.28,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Improved systemd integration with Podman 2.0","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["podman","containers","v2","github","rename"]},"prevItem":{"title":"Improved systemd integration with Podman 2.0","permalink":"/blogs/2020/08/02/new"},"nextItem":{"title":"Podman API v1.0 Deprecation and Removal Notice","permalink":"/blogs/2020/08/01/deprecate-and-remove-varlink-notice"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Improved systemd integration with Podman 2.0\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\n[Valentin Rothberg](https://twitter.com/vlntnrthbrg) just landed a blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site [Improved systemd integration with Podman 2.0](https://www.redhat.com/sysadmin/improved-systemd-podman). In the post, Valentin talks about how systemd in Podman v2.0 is even more tightly integrated than it was in prior versions."},{"id":"/2020/08/01/deprecate-and-remove-varlink-notice","metadata":{"permalink":"/blogs/2020/08/01/deprecate-and-remove-varlink-notice","source":"@site/blog/2020-08-01-deprecate-and-remove-varlink-notice.md","title":"Podman API v1.0 Deprecation and Removal Notice","description":"podman logo","date":"2020-08-01T00:00:00.000Z","formattedDate":"August 1, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"github","permalink":"/blogs/tags/github"},{"label":"varlink","permalink":"/blogs/tags/varlink"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"}],"readingTime":2.705,"hasTruncateMarker":true,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman API v1.0 Deprecation and Removal Notice","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["podman","containers","v2","github","varlink","rest-api"]},"prevItem":{"title":"Improved systemd integration with Podman 2.0","permalink":"/blogs/2020/08/02/systemd-integration-v2"},"nextItem":{"title":"Podman API v1.0 Deprecation and Removal Notice","permalink":"/blogs/2020/08/01/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman API v1.0 Deprecation and Removal Notice\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nThe Podman API v1.0 relied on the [varlink library](https://github.com/varlink/libvarlink) to handle the underlying client/server calls from the Podman client to the host where the Podman service was running. About one year ago, the Podman team was notified that the focus on the varlink library was being greatly reduced and there would be no further development and little support for it from the varlink library team. This led the Podman team to investigate the use of other client/server technologies and it was decided to develop a RESTful API for Podman using the native Go libraries.\\n\\n\x3c!--truncate--\x3e\\n\\nThis new Podman v2.0 RESTful API was released along with Podman v2.0 in June of 2020 and replaces the Podman API v1.0. As of that time the Podman API v1.0 for Podman is considered to be deprecated. If there are issues with the Podman API v1.0 in versions of Podman prior to v2.0 and those versions are still under support on Red Hat Enterprise Linux (RHEL), the Podman team will make a best effort to address those issues. However, no new feature requests for the API v1.0 will be considered and any problems found with the API v1.0 in Podman v2.0 will not be addressed.\\n\\nThe new Podman v2.0 RESTful API is split into two halves: one providing a Docker-compatible API, and a Libpod API providing support for Podman\u2019s unique features such as pods. The new API works in both a rootful and a rootless environment. It is a much more flexible solution and Podman will not have a dependency on another project in order to supply an API. For more information on the Podman v2.0 RESTful API please see articles on the [podman.io](https://podman.io/) site and also the documentation for the Podman v2.0 RESTful API [here](https://docs.podman.io/en/latest/Reference.html).\\n\\nDistributions have to support services for the length of their support agreements. The Podman development team wants to be free to update the version of Podman during this support cycle. Therefore, we are planning to drop support for Podman API v1.0 from distributions Red Hat is the packagers for. The version of Podman, 2.\\\\*, which is contained in Fedora 33, scheduled to be released around Oct 31, 2020, will ship with no varlink support. We also plan to drop support from the RHEL8.4 release, spring 2021. Other distributions like OpenSUSE have already disabled varlink support and we have heard that other distributions will follow suit.\\n\\nThis also serves as a notification that the Podman v1.0 (varlink) API will be removed from the main GitHub branch of Podman in the near future. With the release of Podman v2.0 the Podman developers deprecated the Podman API v1.0 in favor of the new Podman v2.0 RESTful API. The plan is to remove varlink completely from the Podman v3.0 development branch which will be created some time after September 2020. A 30 day notification of the final removal date will be posted on the [podman.io](https://podman.io) site and also on the [Podman mailing list](https://lists.podman.io/admin/lists/podman.lists.podman.io/), along with social media once it is definitively determined.\\n\\nIf you have any questions or concerns about this notification, please send a note to the Podman mailing list or create an issue on Podman\u2019s [GitHub](https://github.com/containers/podman/issues) repository."},{"id":"/2020/08/01/new","metadata":{"permalink":"/blogs/2020/08/01/new","source":"@site/blog/2020-08-01-new.md","title":"Podman API v1.0 Deprecation and Removal Notice","description":"A Podman API v1.0 Deprecation and Removal Notice has just been posted. The Podman v1.0 API based on the varlink library has been deprecated and will soon be removed from Podman in favor of the new Podmand v2.0 RESTful API. Please see the notice for more details.","date":"2020-08-01T00:00:00.000Z","formattedDate":"August 1, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"rest","permalink":"/blogs/tags/rest"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"varlink","permalink":"/blogs/tags/varlink"}],"readingTime":0.235,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman API v1.0 Deprecation and Removal Notice","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","rest","rest-api","v2","hpc","varlink"]},"prevItem":{"title":"Podman API v1.0 Deprecation and Removal Notice","permalink":"/blogs/2020/08/01/deprecate-and-remove-varlink-notice"},"nextItem":{"title":"Speed up container builds with overlay mounts","permalink":"/blogs/2020/07/18/new"}},"content":"A [Podman API v1.0 Deprecation and Removal Notice](https://podman.io/blogs/2020/08/01/deprecate-and-remove-varlink-notice.html) has just been posted. The Podman v1.0 API based on the varlink library has been deprecated and will soon be removed from Podman in favor of the new Podmand v2.0 RESTful API. Please see the notice for more details."},{"id":"/2020/07/18/new","metadata":{"permalink":"/blogs/2020/07/18/new","source":"@site/blog/2020-07-18-new.md","title":"Speed up container builds with overlay mounts","description":"Dan Walsh has another blog post on the Red Hat Enable Sysadmin site this time he\'s writing on how to Speed up container builds with overlay mounts. In the article Dan walks you through speeding up builds for multiple distributions by sharing the host\'s metadata.","date":"2020-07-18T00:00:00.000Z","formattedDate":"July 18, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"rest","permalink":"/blogs/tags/rest"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"}],"readingTime":0.225,"hasTruncateMarker":false,"authors":[{"name":"dwalsh"}],"frontMatter":{"title":"Speed up container builds with overlay mounts","layout":"default","author":"dwalsh","categories":["new"],"tags":["containers","podman","networking","pod","api","rest","rest-api","v2","hpc"]},"prevItem":{"title":"Podman API v1.0 Deprecation and Removal Notice","permalink":"/blogs/2020/08/01/new"},"nextItem":{"title":"Speed up container builds with overlay mounts","permalink":"/blogs/2020/07/18/speed-up-build-with-overlayfs"}},"content":"Dan Walsh has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time he\'s writing on how to [Speed up container builds with overlay mounts](https://www.redhat.com/sysadmin/overlay-mounts). In the article Dan walks you through speeding up builds for multiple distributions by sharing the host\'s metadata."},{"id":"/2020/07/18/speed-up-build-with-overlayfs","metadata":{"permalink":"/blogs/2020/07/18/speed-up-build-with-overlayfs","source":"@site/blog/2020-07-18-speed-up-build-with-overlayfs.md","title":"Speed up container builds with overlay mounts","description":"podman logo","date":"2020-07-18T00:00:00.000Z","formattedDate":"July 18, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"github","permalink":"/blogs/tags/github"},{"label":"rename","permalink":"/blogs/tags/rename"}],"readingTime":0.3,"hasTruncateMarker":false,"authors":[{"name":"dwalsh"}],"frontMatter":{"title":"Speed up container builds with overlay mounts","layout":"default","author":"dwalsh","categories":["blogs"],"tags":["podman","containers","v2","github","rename"]},"prevItem":{"title":"Speed up container builds with overlay mounts","permalink":"/blogs/2020/07/18/new"},"nextItem":{"title":"Exploring additional image stores in Podman","permalink":"/blogs/2020/07/17/additional-image-stores"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Speed up container builds with overlay mounts\\n\\n## By Dan Walsh [GitHub](https://github.com/rhatdan)\\n\\nDan Walsh has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time he\'s writing on how to [Speed up container builds with overlay mounts](https://www.redhat.com/sysadmin/overlay-mounts). In the article Dan walks you through speeding up builds for multiple distributions by sharing the host\'s metadata."},{"id":"/2020/07/17/additional-image-stores","metadata":{"permalink":"/blogs/2020/07/17/additional-image-stores","source":"@site/blog/2020-07-17-additional-image-stores.md","title":"Exploring additional image stores in Podman","description":"podman logo","date":"2020-07-17T00:00:00.000Z","formattedDate":"July 17, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"github","permalink":"/blogs/tags/github"},{"label":"rename","permalink":"/blogs/tags/rename"}],"readingTime":0.3,"hasTruncateMarker":false,"authors":[{"name":"dwalsh"}],"frontMatter":{"title":"Exploring additional image stores in Podman","layout":"default","author":"dwalsh","categories":["blogs"],"tags":["podman","containers","v2","github","rename"]},"prevItem":{"title":"Speed up container builds with overlay mounts","permalink":"/blogs/2020/07/18/speed-up-build-with-overlayfs"},"nextItem":{"title":"Exploring additional image stores in Podman","permalink":"/blogs/2020/07/17/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Exploring additional image stores in Podman\\n\\n## By Dan Walsh [GitHub](https://github.com/rhatdan)\\n\\nDan Walsh has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time he\'s writing about [Exploring additional image stores in Podman](https://www.redhat.com/sysadmin/image-stores-podman). In the article Dan shows you how to store container images on shares, permitting the images to be accessed over the network."},{"id":"/2020/07/17/new","metadata":{"permalink":"/blogs/2020/07/17/new","source":"@site/blog/2020-07-17-new.md","title":"Exploring additional image stores in Podman","description":"Dan Walsh has another blog post on the Red Hat Enable Sysadmin site this time he\'s writing about Exploring additional image stores in Podman. In the article Dan shows you how to store container images on shares, permitting the images to be accessed over the network.","date":"2020-07-17T00:00:00.000Z","formattedDate":"July 17, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"rest","permalink":"/blogs/tags/rest"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"}],"readingTime":0.23,"hasTruncateMarker":false,"authors":[{"name":"dwalsh"}],"frontMatter":{"title":"Exploring additional image stores in Podman","layout":"default","author":"dwalsh","categories":["new"],"tags":["containers","podman","networking","pod","api","rest","rest-api","v2","hpc"]},"prevItem":{"title":"Exploring additional image stores in Podman","permalink":"/blogs/2020/07/17/additional-image-stores"},"nextItem":{"title":"Building images using Podman and cron","permalink":"/blogs/2020/07/16/new"}},"content":"Dan Walsh has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time he\'s writing about [Exploring additional image stores in Podman](https://www.redhat.com/sysadmin/image-stores-podman). In the article Dan shows you how to store container images on shares, permitting the images to be accessed over the network."},{"id":"/2020/07/16/new","metadata":{"permalink":"/blogs/2020/07/16/new","source":"@site/blog/2020-07-16-new.md","title":"Building images using Podman and cron","description":"Tom Sweeney has another blog post on the Red Hat Enable Sysadmin site this time he\'s writing about Building images using Podman and cron. In the article Tom talks about how necessity became the mother of invention and cron was put into use to build container images on a regular schedule.","date":"2020-07-16T00:00:00.000Z","formattedDate":"July 16, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"rest","permalink":"/blogs/tags/rest"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"}],"readingTime":0.255,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Building images using Podman and cron","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","rest","rest-api","v2","hpc"]},"prevItem":{"title":"Exploring additional image stores in Podman","permalink":"/blogs/2020/07/17/new"},"nextItem":{"title":"Building images using Podman and cron","permalink":"/blogs/2020/07/16/podman-and-cron"}},"content":"Tom Sweeney has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time he\'s writing about [Building images using Podman and cron](https://www.redhat.com/sysadmin/building-images-podman-cron). In the article Tom talks about how necessity became the mother of invention and cron was put into use to build container images on a regular schedule."},{"id":"/2020/07/16/podman-and-cron","metadata":{"permalink":"/blogs/2020/07/16/podman-and-cron","source":"@site/blog/2020-07-16-podman-and-cron.md","title":"Building images using Podman and cron","description":"podman logo","date":"2020-07-16T00:00:00.000Z","formattedDate":"July 16, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"github","permalink":"/blogs/tags/github"},{"label":"rename","permalink":"/blogs/tags/rename"}],"readingTime":0.325,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Building images using Podman and cron","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["podman","containers","v2","github","rename"]},"prevItem":{"title":"Building images using Podman and cron","permalink":"/blogs/2020/07/16/new"},"nextItem":{"title":"The Podman repository has been renamed","permalink":"/blogs/2020/07/07/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Building images using Podman and cron\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nTom Sweeney has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time he\'s writing about [Building images using Podman and cron](https://www.redhat.com/sysadmin/building-images-podman-cron). In the article Tom talks about how necessity became the mother of invention and cron was put into use to build container images on a regular schedule."},{"id":"/2020/07/07/new","metadata":{"permalink":"/blogs/2020/07/07/new","source":"@site/blog/2020-07-07-new.md","title":"The Podman repository has been renamed","description":"The GitHub repository for the Podman project has been moved from github.com/containers/libpod to github.com/containers/podman. More details from Matt Heon in this blog post.","date":"2020-07-07T00:00:00.000Z","formattedDate":"July 7, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"rest","permalink":"/blogs/tags/rest"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"}],"readingTime":0.115,"hasTruncateMarker":false,"authors":[{"name":"mheon"}],"frontMatter":{"title":"The Podman repository has been renamed","layout":"default","author":"mheon","categories":["new"],"tags":["containers","podman","networking","pod","api","rest","rest-api","v2","hpc"]},"prevItem":{"title":"Building images using Podman and cron","permalink":"/blogs/2020/07/16/podman-and-cron"},"nextItem":{"title":"The Podman repository has been renamed","permalink":"/blogs/2020/07/07/repo-rename"}},"content":"The GitHub repository for the Podman project has been moved from [github.com/containers/libpod](https://github.com/containers/libpod) to [github.com/containers/podman](https://github.com/containers/podman). More details from Matt Heon in this blog [post](https://podman.io/blogs/2020/07/07/repo-rename.html)."},{"id":"/2020/07/07/repo-rename","metadata":{"permalink":"/blogs/2020/07/07/repo-rename","source":"@site/blog/2020-07-07-repo-rename.md","title":"The Podman repository has been renamed","description":"podman logo","date":"2020-07-07T00:00:00.000Z","formattedDate":"July 7, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"github","permalink":"/blogs/tags/github"},{"label":"rename","permalink":"/blogs/tags/rename"}],"readingTime":1.745,"hasTruncateMarker":true,"authors":[{"name":"mheon"}],"frontMatter":{"title":"The Podman repository has been renamed","layout":"default","author":"mheon","categories":["blogs"],"tags":["podman","containers","v2","github","rename"]},"prevItem":{"title":"The Podman repository has been renamed","permalink":"/blogs/2020/07/07/new"},"nextItem":{"title":"Podman REST API and Docker compatibility","permalink":"/blogs/2020/07/01/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# The Podman repository has been renamed\\n\\n## By Matthew Heon [GitHub](https://github.com/mheon)\\n\\nThe [Podman](https://podman.io/) repository on Github is moving from [github.com/containers/libpod](https://github.com/containers/libpod) to [github.com/containers/podman](https://github.com/containers/podman)! Read on to find out why, and how it will affect you.\\n\\n\x3c!--truncate--\x3e\\n\\nThree years ago, we created a new Git repository to hold our new container-management tool and the library it was based on. At the time, Podman was not named Podman, but `kpod` - a name no one on the team liked, and one we\u2019d hoped to replace quickly. Given this, we decided to name the repository after the library we\u2019d written to manage containers - `libpod`. Four months after that, we made the first public release of the tool, and with it came a new name - Podman (POD MANager). The rest is, as they say, history. The Podman team is incredibly grateful for the success we\u2019ve seen since then, and the way that the community has grown.\\n\\nWith the release of Podman 2.0, we decided it was a good time to for the rename our repository to better match how it\u2019s used today. We\u2019ve decided to rename our Github repository from `containers/libpod` to `containers/podman`. The `libpod` name made sense when we first made the repository, but it hasn\u2019t been the focus of development for some time. We\u2019ve actually been considering moving the `libpod` library into a separate repository, to make it easier to include in our other tools (and it would be very confusing for `containers/libpod` to not include `libpod`!). Given this, and the fact that there are far more users of Podman the tool than `libpod` the library, renaming the repository makes a great deal of sense.\\n\\nFinally, this rename helps make the repository more discoverable - it\u2019s hard for a new Podman user to know that issues should be filed against `containers/libpod` since they probably don\u2019t know what `libpod` is.\\n\\nWe don\u2019t expect this move will break anyone\u2019s workflow. Github will ensure that the old URLs redirect to the new location, so access to the repo itself, as well as our issues and pull requests, should be unaffected."},{"id":"/2020/07/01/new","metadata":{"permalink":"/blogs/2020/07/01/new","source":"@site/blog/2020-07-01-new.md","title":"Podman REST API and Docker compatibility","description":"Matt Heon talks about the compatibility of the new Podman REST API and Docker\'s API is this blog post.","date":"2020-07-01T00:00:00.000Z","formattedDate":"July 1, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"rest","permalink":"/blogs/tags/rest"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"}],"readingTime":0.095,"hasTruncateMarker":false,"authors":[{"name":"mheon"}],"frontMatter":{"title":"Podman REST API and Docker compatibility","layout":"default","author":"mheon","categories":["new"],"tags":["containers","podman","networking","pod","api","rest","rest-api","v2","hpc"]},"prevItem":{"title":"The Podman repository has been renamed","permalink":"/blogs/2020/07/07/repo-rename"},"nextItem":{"title":"Podman REST API and Docker compatibility","permalink":"/blogs/2020/07/01/rest-versioning"}},"content":"Matt Heon talks about the compatibility of the new Podman REST API and Docker\'s API is this blog [post](https://podman.io/blogs/2020/07/01/rest-versioning.html)."},{"id":"/2020/07/01/rest-versioning","metadata":{"permalink":"/blogs/2020/07/01/rest-versioning","source":"@site/blog/2020-07-01-rest-versioning.md","title":"Podman REST API and Docker compatibility","description":"podman logo","date":"2020-07-01T00:00:00.000Z","formattedDate":"July 1, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"rest","permalink":"/blogs/tags/rest"},{"label":"v2","permalink":"/blogs/tags/v-2"}],"readingTime":1.835,"hasTruncateMarker":true,"authors":[{"name":"mheon"}],"frontMatter":{"title":"Podman REST API and Docker compatibility","layout":"default","author":"mheon","categories":["blogs"],"tags":["podman","containers","api","rest-api","hpc","rest","v2"]},"prevItem":{"title":"Podman REST API and Docker compatibility","permalink":"/blogs/2020/07/01/new"},"nextItem":{"title":"Announcing Podman v2.0","permalink":"/blogs/2020/06/29/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman REST API and Docker compatibility\\n\\n## By Matthew Heon [GitHub](https://github.com/mheon)\\n\\n## Versioning the REST API\\n\\nPodman v2.0.0 launched recently, and with it the REST API. We\u2019ve seen a great deal of excitement with this new API because of what it will enable - enabling applications and automation to use Podman when the could previously only use Docker. As you may know, Podman\u2019s REST API is split into two halves: one providing a Docker-compatible API, and a Libpod API providing support for Podman\u2019s unique features such as pods. We would love for all projects to eventually grow to support for our native Libpod API, but this will take time (and may be impossible for older, no longer maintained projects). As such, we need to talk about the Compatibility API and how it can be used.\\n\\n\x3c!--truncate--\x3e\\n\\nWhen we developed the compatibility API layer, we targeted the latest released version of the Docker API, v1.40. Within this version, we aimed to implement all endpoints, with the exception of those used for Swarm([^1]). Podman is not a tool for managing clusters, and does not intend to become one. We recognize that many existing tools do not target this specific Docker API version, and these are occasionally breaking changes in the Docker API that may make using the newest API impossible. The core Podman team cannot commit to being bug-for-bug compatible with every version of the Docker API. The Podman team commits to fixing bugs related to the latest version of Docker API. We may fix bugs with older versions that affect many users. As a community project, we gladly accept help here - if you find bugs that prevent Podman from working with a specific API version you use and are willing to fix them, we\u2019re always happy to accept patches!\\n\\nWe\u2019re very excited by the possibilities the new Podman API offers, and encourage everyone to try it out. Question and bug reports are always welcome at our [Github page](https://github.com/containers/podman) or our [email list](https://lists.podman.io/admin/lists/podman.lists.podman.io/).\\n\\n[^1]: The Podman team believes the best tool for container orchestration is [Kubernetes](https://kubernetes.io/). The `podman generate kube` and `podman play kube` ease developer transitioning from single node containers/pods to full Kubernetes workloads."},{"id":"/2020/06/29/new","metadata":{"permalink":"/blogs/2020/06/29/new","source":"@site/blog/2020-06-29-new.md","title":"Announcing Podman v2.0","description":"Announcing Podman v2.0!","date":"2020-06-29T00:00:00.000Z","formattedDate":"June 29, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"docker-compose","permalink":"/blogs/tags/docker-compose"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"rest","permalink":"/blogs/tags/rest"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"},{"label":"v2","permalink":"/blogs/tags/v-2"}],"readingTime":0.19,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Announcing Podman v2.0","layout":"default","author":"baude","categories":["new"],"tags":["containers","docker-compose","podman","networking","pod","api","rest","rest-api","v2"]},"prevItem":{"title":"Podman REST API and Docker compatibility","permalink":"/blogs/2020/07/01/rest-versioning"},"nextItem":{"title":"Announcing Podman v2.0","permalink":"/blogs/2020/06/29/podman-v2-announce"}},"content":"**Announcing Podman v2.0!**\\n\\nPodman v2.0 is here! Brent Baude talks about the major highlights of the new release, including the new RESTful API, remote client improvements, Auto-update functionality and systemd integration improvements.\\nMore details in the announcement [post](https://podman.io/blogs/2020/06/29/podman-v2-announce.html)."},{"id":"/2020/06/29/podman-v2-announce","metadata":{"permalink":"/blogs/2020/06/29/podman-v2-announce","source":"@site/blog/2020-06-29-podman-v2-announce.md","title":"Announcing Podman v2.0","description":"podman logo","date":"2020-06-29T00:00:00.000Z","formattedDate":"June 29, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"docker-compose","permalink":"/blogs/tags/docker-compose"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"rest","permalink":"/blogs/tags/rest"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"}],"readingTime":3.985,"hasTruncateMarker":true,"authors":[{"name":"baude"}],"frontMatter":{"title":"Announcing Podman v2.0","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","docker-compose","podman","networking","pod","api","rest","rest-api","v2","hpc"]},"prevItem":{"title":"Announcing Podman v2.0","permalink":"/blogs/2020/06/29/new"},"nextItem":{"title":"Update on Podman v2","permalink":"/blogs/2020/05/13/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Announcing Podman v2\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\nIf you have been following the upstream development of Podman, you have undoubtedly seen us refer to \u201c2.0\u201d or \u201cPodman 2\u201d. Today, we have made the first release of Podman 2 upstream. The release notes highlight many of the newest features but we wanted to call out some specific things in this blog and expand on them.\\n\\n\x3c!--truncate--\x3e\\n\\n## \u201cPay no attention to the man behind the curtain\u201d\\n\\nMost of the changes to the new Podman should be transparent to end users. We did a significant amount of replumbing in our internals to allow for future enhancements and more closely align many of the code paths. There are some subtle changes to the outputs of some commands and fields within JSON formatted responses. They were largely done to create more consistency amongst our commands as well as driven by user feedback.\\n\\n## RESTful API\\n\\nThe biggest change in Podman 2 is our introduction of a RESTful API to interact with our libraries. In actuality, the RESTful service was present in earlier versions but was tagged experimental. We have also deprecated the previous API implementation based on varlink. We will publish more specific blogs and tutorials on how to use the API but consider this a little introduction.\\n\\nThe API was designed to have two layers: libpod and compatibility. The libpod layer allows you to interact directly with the libpod libraries. The compatibility layer is designed to emulate the Docker RESTful API to assist in migration of tools, applications, and services long-term to libpod. This can be made clearer with an example. Consider inspecting a container called \u2018foobar\u2019 with each layer. The endpoint paths would differ depending on the layers.\\n\\n```\\n/v1.24/containers/foobar \u2190 compatibility call\\n/v1.0/libpod/containers/foobar \u2190 libpod call\\n```\\n\\nFurthermore, the results of each call will differ. The compatibility result will closely emulate the response from Docker.\\n\\nOur preference is that people writing new code to interact with Podman should use the libpod layer only. This is a more sound long term strategy. But for people that need to migrate to Podman, the compatibility layer allows for a quick on-boarding. There are of course Docker endpoints we cannot or choose not to emulate due to incompatibities between Docker and Podman. Nevertheless, we have already seen some field success in migration of applications.\\n\\nIn keeping with Podman\u2019s history the restful API will work in both rootless and rootful mode. If you run in rootful mode, the podman service will listen on `/run/podman/podman.sock` and rootless is `$XDG_RUNTIME_DIR/podman/podman.sock` (for example: `/run/user/1000/podman/podman.sock`). If you install the podman-docker package, the package will set up a link between `run/docker/docker.sock` and `/run/podman/podman.sock`.\\n\\n## Remote clients\\n\\nOne of the consequences of our re-plumbing work is that our remote clients for Windows, Mac, and Linux are significantly smaller in size. The interface for the remote client connection has also changed to more of a URI format. As a matter of process, we attach a binary version of the remote clients to each release.\\n\\nIt is also worth noting that a \u2018--remote\u2019 flag has been added to the Podman binary to allow it to act as a remote client.\\n\\n## Auto-update\\n\\nThe `podman auto-update` command allows for updating systemd-managed running containers when their images have been updated on the container registry. While it is still a tech preview in Podman v2.0, we added a number of improvements to better support authentication and to select the correct images on ARM. If you\u2019re interested in auto updates, please check them out and let us know what you think.\\n\\n## systemd Integration Improvements\\n\\nA major improvement for Podman\u2019s systemd support is that `podman generate systemd` now supports using the `--new` flag on pods. This allows for creating shareable systemd units not only for containers but also for pods. Additionally, we added a number of changes to make the systemd units more robust and reliable, such as cleanly starting after a system crash and clean shutdowns even when conmon has been killed. The names of generated files can further be altered with the new `--container-prefix` and `--pod-prefix` flags.\\n\\n## Conclusion\\n\\nThis is a major new version of Podman with the goal to support all of your local container engine needs. We sincerely hope that the new features meet your needs. We continue to develop new content based on the API including new bits to the API itself. Before making too many more changes, we will let Podman \u201cbake\u201d for a while before the next radical functions are added.\\n\\nWe would love to hear your feedback and look forward to working with the community on giving Podman users and developers the best container experience. Remember upstream Podman development usually hangs out on **#podman** on **Freenode** and on the Podman [mailing list](https://lists.podman.io/admin/lists/podman.lists.podman.io/)."},{"id":"/2020/05/13/new","metadata":{"permalink":"/blogs/2020/05/13/new","source":"@site/blog/2020-05-13-new.md","title":"Update on Podman v2","description":"The local Podman v2 client is complete. It is passing all of its rootful and rootless system and integration tests.","date":"2020-05-13T00:00:00.000Z","formattedDate":"May 13, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"docker-compose","permalink":"/blogs/tags/docker-compose"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"rest","permalink":"/blogs/tags/rest"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"},{"label":"v2","permalink":"/blogs/tags/v-2"}],"readingTime":0.38,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Update on Podman v2","layout":"default","author":"baude","categories":["new"],"tags":["containers","docker-compose","podman","networking","pod","api","rest","rest-api","v2"]},"prevItem":{"title":"Announcing Podman v2.0","permalink":"/blogs/2020/06/29/podman-v2-announce"},"nextItem":{"title":"Update on Podman v2","permalink":"/blogs/2020/05/13/podman-v2-update"}},"content":"**The local Podman v2 client is complete. It is passing all of its rootful and rootless system and integration tests.**\\n\\nThe CI/CID tests have been re-enabled upstream and are run with each pull request submission. We are now hard at work finishing up some of the core podman-remote functions. Once those functions are complete, we can then begin to run our podman-remote system and integration tests to catch any regressions.\\n\\nMore details in the announcement [post](https://podman.io/blogs/2020/05/13/podman-v2-update.html)."},{"id":"/2020/05/13/podman-v2-update","metadata":{"permalink":"/blogs/2020/05/13/podman-v2-update","source":"@site/blog/2020-05-13-podman-v2-update.md","title":"Update on Podman v2","description":"podman logo","date":"2020-05-13T00:00:00.000Z","formattedDate":"May 13, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"docker-compose","permalink":"/blogs/tags/docker-compose"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"rest","permalink":"/blogs/tags/rest"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"},{"label":"v2","permalink":"/blogs/tags/v-2"}],"readingTime":2,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Update on Podman v2","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","docker-compose","podman","networking","pod","api","rest","rest-api","v2"]},"prevItem":{"title":"Update on Podman v2","permalink":"/blogs/2020/05/13/new"},"nextItem":{"title":"Podman installation documentation in French","permalink":"/blogs/2020/05/06/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Update on Podman v2\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\nA few weeks ago, we made an announcement about the development of Podman V2. In the announcement, we mentioned that the state of upstream code would be jumbled for a while and that we would be temporarily disabling many of our CI/CD tests. The upstream development team has been hard at work, and we are starting to see that work pay off.\\n\\nToday, we are very excited to announce:\\n\\n**The local Podman v2 client is complete. It is passing all of its rootful and rootless system and integration tests.**\\n\\nThe CI/CID tests have been re-enabled upstream and are run with each pull request submission. We are now hard at work finishing up some of the core podman-remote functions. Once those functions are complete, we can then begin to run our podman-remote system and integration tests to catch any regressions.\\n\\nWe have re-enabled the autobuilds for Podman v2 in Fedora rawhide. As mentioned earlier, the Podman remote client is not complete, so that binary is temporarily being removed from the RPM. It will be re-added when the remote client is complete. As a corollary, the Windows and OS/X clients are also not being compiled or tested. This will occur once the remote client for Linux is complete.\\n\\nWe encourage you to pull the latest upstream Podman code and exercise it with your use cases to help us protect against regressions from Podman v1. We hope to make a full Podman v2.0 release in several weeks, once we are confident it is stable. We look forward to hearing what you think, and please do not hesitate to raise issues and comments on this in our [GitHub repository](https://github.com/containers/podman/issues), our Freenode IRC channel `#podman`, or to the Podman mailing list.\\n\\nWe\u2019re very excited to bring Podman v2.0 to you as it offers a lot more flexibility through it\u2019s new REST API interface and adds several enhancements to the existing commands. If your project builds on top of Podman, we would especially love to have you test this new version out so we can ensure complete compatibility with Podman v1.0 and address any issues found ASAP.\\n\\n**Note:** This announcement was first released to the Podman mailing list. If you are not yet a member of that community, please join us by sending an email to [podman-join@lists.podman.io](mailto:podman-join@lists.podman.io?subject=subscribe) with the word \u201csubscribe\u201d as the title."},{"id":"/2020/05/06/new","metadata":{"permalink":"/blogs/2020/05/06/new","source":"@site/blog/2020-05-06-new.md","title":"Podman installation documentation in French","description":"Est-ce que tu parles fran\xe7ais? Le mien est horrible. But if your abilities to read and speak French is better than mine, check out this website that I was just pointed to. Installation podman sur CentOS 8 by Bilal Kalem shows you how to install Podman on Centos 8. If nothing else, check out the graphic at the top of the page!","date":"2020-05-06T00:00:00.000Z","formattedDate":"May 6, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"systemd","permalink":"/blogs/tags/systemd"},{"label":"video","permalink":"/blogs/tags/video"},{"label":"docker","permalink":"/blogs/tags/docker"}],"readingTime":0.31,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman installation documentation in French","layout":"default","categories":["new"],"author":"tsweeney","tags":["podman","containers","systemd","video","docker"]},"prevItem":{"title":"Update on Podman v2","permalink":"/blogs/2020/05/13/podman-v2-update"},"nextItem":{"title":"Podman installation documentation in French","permalink":"/blogs/2020/05/06/podman-in-french"}},"content":"Est-ce que tu parles fran\xe7ais? Le mien est horrible. But if your abilities to read and speak French is better than mine, check out this website that I was just pointed to. [Installation podman sur CentOS 8](https://ios.dz/installation-podman-centos-8/) by [Bilal Kalem](https://twitter.com/kalembilal?lang=en) shows you how to install Podman on Centos 8. If nothing else, check out the graphic at the top of the page!"},{"id":"/2020/05/06/podman-in-french","metadata":{"permalink":"/blogs/2020/05/06/podman-in-french","source":"@site/blog/2020-05-06-podman-in-french.md","title":"Podman installation documentation in French","description":"podman logo","date":"2020-05-06T00:00:00.000Z","formattedDate":"May 6, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"systemd","permalink":"/blogs/tags/systemd"},{"label":"video","permalink":"/blogs/tags/video"},{"label":"docker","permalink":"/blogs/tags/docker"}],"readingTime":0.35,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman installation documentation in French","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["podman","containers","systemd","video","docker"]},"prevItem":{"title":"Podman installation documentation in French","permalink":"/blogs/2020/05/06/new"},"nextItem":{"title":"Podman v1.9.0 Released","permalink":"/blogs/2020/04/17/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n## Podman installation documentation in French\\n\\nEst-ce que tu parles fran\xe7ais? Le mien est horrible. But if your abilities to read and speak French is better than mine, check out this website that I was just pointed to. [Installation podman sur CentOS 8](https://ios.dz/installation-podman-centos-8/) by [Bilal Kalem](https://twitter.com/kalembilal?lang=en) shows you how to install Podman on Centos 8. If nothing else, check out the graphic at the top of the page!"},{"id":"/2020/04/17/new","metadata":{"permalink":"/blogs/2020/04/17/new","source":"@site/blog/2020-04-17-new.md","title":"Podman v1.9.0 Released","description":"Podman has gone 1.9.0!","date":"2020-04-17T00:00:00.000Z","formattedDate":"April 17, 2020","tags":[],"readingTime":0.025,"hasTruncateMarker":false,"authors":[],"frontMatter":{"layout":"default","title":"Podman v1.9.0 Released","categories":["new"]},"prevItem":{"title":"Podman installation documentation in French","permalink":"/blogs/2020/05/06/podman-in-french"},"nextItem":{"title":"Podman v2 development update","permalink":"/blogs/2020/04/16/new"}},"content":"## [Podman has gone 1.9.0!](https://podman.io/releases/2020/04/17/podman-release-v1.9.0.html)"},{"id":"/2020/04/16/new","metadata":{"permalink":"/blogs/2020/04/16/new","source":"@site/blog/2020-04-16-new.md","title":"Podman v2 development update","description":"Podman v2.x is under development and due to the development, some of","date":"2020-04-16T00:00:00.000Z","formattedDate":"April 16, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"docker-compose","permalink":"/blogs/tags/docker-compose"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"rest","permalink":"/blogs/tags/rest"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"},{"label":"v2","permalink":"/blogs/tags/v-2"}],"readingTime":0.175,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Podman v2 development update","layout":"default","author":"baude","categories":["new"],"tags":["containers","docker-compose","podman","networking","pod","api","rest","rest-api","v2"]},"prevItem":{"title":"Podman v1.9.0 Released","permalink":"/blogs/2020/04/17/new"},"nextItem":{"title":"Podman v2 development update","permalink":"/blogs/2020/04/16/podman-v2-announce"}},"content":"Podman v2.x is under development and due to the development, some of\\nthe upstream commands may become unstable for a period of time until\\nthe final release is completed. More details in the announcement\\n[post](https://podman.io/blogs/2020/04/16/podman-v2-announce.html)."},{"id":"/2020/04/16/podman-v2-announce","metadata":{"permalink":"/blogs/2020/04/16/podman-v2-announce","source":"@site/blog/2020-04-16-podman-v2-announce.md","title":"Podman v2 development update","description":"podman logo","date":"2020-04-16T00:00:00.000Z","formattedDate":"April 16, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"docker-compose","permalink":"/blogs/tags/docker-compose"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"rest","permalink":"/blogs/tags/rest"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"},{"label":"v2","permalink":"/blogs/tags/v-2"}],"readingTime":1.35,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Podman v2 development update","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","docker-compose","podman","networking","pod","api","rest","rest-api","v2"]},"prevItem":{"title":"Podman v2 development update","permalink":"/blogs/2020/04/16/new"},"nextItem":{"title":"Dockerless: Build and Run Containers with Podman and systemd","permalink":"/blogs/2020/04/14/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman v2 development update\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\nIn the last few days, the Podman development team has been working to\\nrelease Podman-1.9.0. This is likely to be the last Podman-1.X release\\nbefore we transition to Podman v2.x. We have been working since\\nNovember 2019 to make a significant overhaul of Podman\u2019s architecture.\\nAnd if we did our job correctly, most casual Podman users will not\\nnotice a difference. We will continue to investigate and fix issues in\\nPodman-1.x versions but severity of the bug and priority will dictate\\nour response.\\n\\nWhat some users who follow upstream development may notice is that\\nwhile we make the final push to a 2.x release, our GitHub repository\\nwill look drastically different. For some period of time, certain\\nPodman commands, if built based on upstream, may not function exactly\\nas expected nor even exist. We already know we will need to disable\\nsome of our CI testing framework as part of this final push until we\\nhave a more complete Podman v2.x. We will not release Podman 2.0 until\\nwe are satisfied that it is ready. While upstream development will be\\nimpacted by the announced migration to Podman v2.x, you can still open\\nissues and contribute pull requests to the project.\\n\\nAs has been the standard with our project, we will remain transparent\\nin our development activities and try to keep our community appraised\\nof our progress. We are excited for some of the technical\\nadvancements that Podman v2.x will give our users. Subsequent blog\\nposts will be written on those advancements and why they matter to our\\nusers."},{"id":"/2020/04/14/new","metadata":{"permalink":"/blogs/2020/04/14/new","source":"@site/blog/2020-04-14-new.md","title":"Dockerless: Build and Run Containers with Podman and systemd","description":"In this video, Kirill Shirinkin will show how to use Podman to build container images and run Java applications in containers with systemd. We are going to learn why we should at least try alternatives to Docker, how container runtime landscape changed and how Podman is different and in certain ways better than Docker. Watch now.","date":"2020-04-14T00:00:00.000Z","formattedDate":"April 14, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"systemd","permalink":"/blogs/tags/systemd"},{"label":"video","permalink":"/blogs/tags/video"},{"label":"docker","permalink":"/blogs/tags/docker"}],"readingTime":0.28,"hasTruncateMarker":false,"authors":[{"name":"kshirinkin"}],"frontMatter":{"title":"Dockerless: Build and Run Containers with Podman and systemd","layout":"default","categories":["new"],"author":"kshirinkin","tags":["podman","containers","systemd","video","docker"]},"prevItem":{"title":"Podman v2 development update","permalink":"/blogs/2020/04/16/podman-v2-announce"},"nextItem":{"title":"Dockerless: Build and Run Containers with Podman and systemd","permalink":"/blogs/2020/04/14/podman-systemd"}},"content":"[In this video](https://www.youtube.com/watch?v=RfL_CjXfQds), Kirill Shirinkin will show how to use Podman to build container images and run Java applications in containers with systemd. We are going to learn why we should at least try alternatives to Docker, how container runtime landscape changed and how Podman is different and in certain ways better than Docker. [Watch now](https://www.youtube.com/watch?v=RfL_CjXfQds)."},{"id":"/2020/04/14/podman-systemd","metadata":{"permalink":"/blogs/2020/04/14/podman-systemd","source":"@site/blog/2020-04-14-podman-systemd.md","title":"Dockerless: Build and Run Containers with Podman and systemd","description":"podman logo","date":"2020-04-14T00:00:00.000Z","formattedDate":"April 14, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"systemd","permalink":"/blogs/tags/systemd"},{"label":"video","permalink":"/blogs/tags/video"},{"label":"docker","permalink":"/blogs/tags/docker"}],"readingTime":0.365,"hasTruncateMarker":false,"authors":[{"name":"kshirinkin"}],"frontMatter":{"title":"Dockerless: Build and Run Containers with Podman and systemd","layout":"default","author":"kshirinkin","categories":["blogs"],"tags":["podman","containers","systemd","video","docker"]},"prevItem":{"title":"Dockerless: Build and Run Containers with Podman and systemd","permalink":"/blogs/2020/04/14/new"},"nextItem":{"title":"Managing Podman pods with pods-compose","permalink":"/blogs/2020/04/05/managing-podman-pods-with-pods-compose"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n## Dockerless: Build and Run Containers with Podman and systemd\\n\\n## By Kirill Shirinkin [GitHub](https://github.com/Fodoj)\\n\\n[In this video](https://www.youtube.com/watch?v=RfL_CjXfQds), Kirill Shirinkin will show how to use Podman to build container images and run Java applications in containers with systemd.\\n\\nWe are going to learn why we should at least try alternatives to Docker, how container runtime landscape changed and how Podman is different and in certain ways better than Docker.\\n\\n[Watch now](https://www.youtube.com/watch?v=RfL_CjXfQds)."},{"id":"/2020/04/05/managing-podman-pods-with-pods-compose","metadata":{"permalink":"/blogs/2020/04/05/managing-podman-pods-with-pods-compose","source":"@site/blog/2020-04-05-managing-podman-pods-with-pods-compose.md","title":"Managing Podman pods with pods-compose","description":"podman logo","date":"2020-04-05T00:00:00.000Z","formattedDate":"April 5, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"docker-compose","permalink":"/blogs/tags/docker-compose"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"}],"readingTime":0.23,"hasTruncateMarker":false,"authors":[{"name":"balage"}],"frontMatter":{"title":"Managing Podman pods with pods-compose","layout":"default","author":"balage","categories":["blogs"],"tags":["containers","docker-compose","podman","networking","pod"]},"prevItem":{"title":"Dockerless: Build and Run Containers with Podman and systemd","permalink":"/blogs/2020/04/14/podman-systemd"},"nextItem":{"title":"Managing Podman pods with pods-compose","permalink":"/blogs/2020/04/05/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Managing Podman pods with pods-compose\\n\\n## By Bal\xe1zs N\xe9meth [GitHub](https://github.com/abalage)\\n\\n[Managing Podman pods with pods-compose](https://balagetech.com/managing-podman-pods-with-pods-compose/) makes your move to Podman easier. Bal\xe1zs N\xe9meth already converted his docker-compose services to pods with Podman, however some features were missing, up until now. Let\u2019s meet [pods-compose](https://github.com/abalage/pods-compose)."},{"id":"/2020/04/05/new","metadata":{"permalink":"/blogs/2020/04/05/new","source":"@site/blog/2020-04-05-new.md","title":"Managing Podman pods with pods-compose","description":"Managing Podman pods with pods-compose makes your move to Podman easier. Bal\xe1zs N\xe9meth already converted his docker-compose services to pods with Podman, however some features were missing, up until now. Let\u2019s meet pods-compose.","date":"2020-04-05T00:00:00.000Z","formattedDate":"April 5, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"docker-compose","permalink":"/blogs/tags/docker-compose"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"}],"readingTime":0.165,"hasTruncateMarker":false,"authors":[{"name":"balage"}],"frontMatter":{"title":"Managing Podman pods with pods-compose","layout":"default","author":"balage","categories":["new"],"tags":["containers","docker-compose","podman","networking","pod"]},"prevItem":{"title":"Managing Podman pods with pods-compose","permalink":"/blogs/2020/04/05/managing-podman-pods-with-pods-compose"},"nextItem":{"title":"Convert docker-compose services to pods with Podman","permalink":"/blogs/2020/04/04/convert-docker-compose-to-pods"}},"content":"[Managing Podman pods with pods-compose](https://balagetech.com/managing-podman-pods-with-pods-compose/) makes your move to Podman easier. Bal\xe1zs N\xe9meth already converted his docker-compose services to pods with Podman, however some features were missing, up until now. Let\u2019s meet [pods-compose](https://github.com/abalage/pods-compose)."},{"id":"/2020/04/04/convert-docker-compose-to-pods","metadata":{"permalink":"/blogs/2020/04/04/convert-docker-compose-to-pods","source":"@site/blog/2020-04-04-convert-docker-compose-to-pods.md","title":"Convert docker-compose services to pods with Podman","description":"podman logo","date":"2020-04-04T00:00:00.000Z","formattedDate":"April 4, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"docker-compose","permalink":"/blogs/tags/docker-compose"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"}],"readingTime":0.275,"hasTruncateMarker":false,"authors":[{"name":"balage"}],"frontMatter":{"title":"Convert docker-compose services to pods with Podman","layout":"default","author":"balage","categories":["blogs"],"tags":["containers","docker-compose","podman","networking","pod"]},"prevItem":{"title":"Managing Podman pods with pods-compose","permalink":"/blogs/2020/04/05/new"},"nextItem":{"title":"Convert docker-compose services to pods with Podman","permalink":"/blogs/2020/04/04/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Convert docker-compose services to pods with Podman\\n\\n## By Bal\xe1zs N\xe9meth [GitHub](https://github.com/abalage)\\n\\nHow to deploy pods with Podman when you only need a single-host system and not a complete Kubernetes. Check the blog post [Convert your docker-compose services to pods with Podman](https://balagetech.com/convert-docker-compose-services-to-pods/) by Bal\xe1zs N\xe9meth to see how it can be done."},{"id":"/2020/04/04/new","metadata":{"permalink":"/blogs/2020/04/04/new","source":"@site/blog/2020-04-04-new.md","title":"Convert docker-compose services to pods with Podman","description":"How to deploy pods with Podman when you only need a single-host system and not a complete Kubernetes. Check the blog post Convert your docker-compose services to pods with Podman by Bal\xe1zs N\xe9meth to see how it can be done.","date":"2020-04-04T00:00:00.000Z","formattedDate":"April 4, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"docker-compose","permalink":"/blogs/tags/docker-compose"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"}],"readingTime":0.2,"hasTruncateMarker":false,"authors":[{"name":"balage"}],"frontMatter":{"title":"Convert docker-compose services to pods with Podman","layout":"default","author":"balage","categories":["new"],"tags":["containers","docker-compose","podman","networking","pod"]},"prevItem":{"title":"Convert docker-compose services to pods with Podman","permalink":"/blogs/2020/04/04/convert-docker-compose-to-pods"},"nextItem":{"title":"Pulling podman images from a container repository","permalink":"/blogs/2020/03/31/build-pull-options"}},"content":"How to deploy pods with Podman when you only need a single-host system and not a complete Kubernetes. Check the blog post [Convert your docker-compose services to pods with Podman](https://balagetech.com/convert-docker-compose-services-to-pods/) by Bal\xe1zs N\xe9meth to see how it can be done."},{"id":"/2020/03/31/build-pull-options","metadata":{"permalink":"/blogs/2020/03/31/build-pull-options","source":"@site/blog/2020-03-31-build-pull-options.md","title":"Pulling podman images from a container repository","description":"podman logo","date":"2020-03-31T00:00:00.000Z","formattedDate":"March 31, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"runtime","permalink":"/blogs/tags/runtime"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"microsoft","permalink":"/blogs/tags/microsoft"}],"readingTime":0.32,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Pulling podman images from a container repository","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","hpc","oci","networking","runtime","windows","microsoft"]},"prevItem":{"title":"Convert docker-compose services to pods with Podman","permalink":"/blogs/2020/04/04/new"},"nextItem":{"title":"Pulling podman images from a container repository","permalink":"/blogs/2020/03/31/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Pulling podman images from a container repository\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nTom Sweeney has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time he\'s writing about [Pulling podman images from a container repository](https://www.redhat.com/sysadmin/podman-image-pulling). Learn the different varieties of pull that the `podman build` command can use to speed up or further secure your environment in this post."},{"id":"/2020/03/31/new","metadata":{"permalink":"/blogs/2020/03/31/new","source":"@site/blog/2020-03-31-new.md","title":"Pulling podman images from a container repository","description":"Tom Sweeney has another blog post on the Red Hat Enable Sysadmin site this time he\'s writing about Pulling podman images from a container repository. Learn the different varieties of pull that the podman build command can use to speed up or further secure your environment in this post.","date":"2020-03-31T00:00:00.000Z","formattedDate":"March 31, 2020","tags":[],"readingTime":0.245,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Pulling podman images from a container repository","author":"tsweeney","layout":"default","categories":["new"]},"prevItem":{"title":"Pulling podman images from a container repository","permalink":"/blogs/2020/03/31/build-pull-options"},"nextItem":{"title":"How to sign and distribute container images using Podman","permalink":"/blogs/2020/03/13/image-signing"}},"content":"Tom Sweeney has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time he\'s writing about [Pulling podman images from a container repository](https://www.redhat.com/sysadmin/podman-image-pulling). Learn the different varieties of pull that the `podman build` command can use to speed up or further secure your environment in this post."},{"id":"/2020/03/13/image-signing","metadata":{"permalink":"/blogs/2020/03/13/image-signing","source":"@site/blog/2020-03-13-image-signing.md","title":"How to sign and distribute container images using Podman","description":"Sascha Grunert has written a tutorial explaining how to use Gnu Privacy Guard","date":"2020-03-13T00:00:00.000Z","formattedDate":"March 13, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"signing","permalink":"/blogs/tags/signing"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"cri-o","permalink":"/blogs/tags/cri-o"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"gpg","permalink":"/blogs/tags/gpg"}],"readingTime":0.25,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"How to sign and distribute container images using Podman","layout":"default","categories":["blogs"],"tags":["containers","images","signing","podman","cri-o","oci","gpg"]},"prevItem":{"title":"Pulling podman images from a container repository","permalink":"/blogs/2020/03/31/new"},"nextItem":{"title":"What happens behind the scenes of a rootless Podman container?","permalink":"/blogs/2020/03/03/behind-the-covers"}},"content":"[Sascha Grunert][0] has written a tutorial explaining how to use Gnu Privacy Guard\\n(GPG) keys to secure your container images stored in a container repository.\\nSigning container images is nothing magical and can drastically enhance\\nsecurity to mitigate man-in-the-middle (MITM) attacks. Read all about it\\n[here][1].\\n\\n[0]: https://github.com/saschagrunert\\n[1]: https://github.com/containers/podman/blob/main/docs/tutorials/image_signing.md"},{"id":"/2020/03/03/behind-the-covers","metadata":{"permalink":"/blogs/2020/03/03/behind-the-covers","source":"@site/blog/2020-03-03-behind-the-covers.md","title":"What happens behind the scenes of a rootless Podman container?","description":"podman logo","date":"2020-03-03T00:00:00.000Z","formattedDate":"March 3, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"runtime","permalink":"/blogs/tags/runtime"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"microsoft","permalink":"/blogs/tags/microsoft"}],"readingTime":0.33,"hasTruncateMarker":false,"authors":[{"name":"dwalsh"}],"frontMatter":{"title":"What happens behind the scenes of a rootless Podman container?","layout":"default","author":"dwalsh","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","hpc","oci","networking","runtime","windows","microsoft"]},"prevItem":{"title":"How to sign and distribute container images using Podman","permalink":"/blogs/2020/03/13/image-signing"},"nextItem":{"title":"What happens behind the scenes of a rootless Podman container?","permalink":"/blogs/2020/03/03/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# What happens behind the scenes of a rootless Podman container?\\n\\n## By Dan Walsh [GitHub](https://github.com/rhatdan)\\n\\nDan Walsh along with Matt Heon have a blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [What happens behind the scenes of a rootless Podman container?](https://www.redhat.com/sysadmin/behind-scenes-podman). If you ever wanted to know what happens under the covers of a rootless container, this is the article for you!"},{"id":"/2020/03/03/new","metadata":{"permalink":"/blogs/2020/03/03/new","source":"@site/blog/2020-03-03-new.md","title":"What happens behind the scenes of a rootless Podman container?","description":"Dan Walsh along with Matt Heon have a blog post on the Red Hat Enable Sysadmin site, What happens behind the scenes of a rootless Podman container?. If you ever wanted to know what happens under the covers of a rootless container, this is the article for you!","date":"2020-03-03T00:00:00.000Z","formattedDate":"March 3, 2020","tags":[],"readingTime":0.24,"hasTruncateMarker":false,"authors":[{"name":"dwalsh"}],"frontMatter":{"title":"What happens behind the scenes of a rootless Podman container?","author":"dwalsh","layout":"default","categories":["new"]},"prevItem":{"title":"What happens behind the scenes of a rootless Podman container?","permalink":"/blogs/2020/03/03/behind-the-covers"},"nextItem":{"title":"Building Container Images with Podman and Buildah","permalink":"/blogs/2020/03/02/building-with-podman-and-buildah"}},"content":"Dan Walsh along with Matt Heon have a blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [What happens behind the scenes of a rootless Podman container?](https://www.redhat.com/sysadmin/behind-scenes-podman). If you ever wanted to know what happens under the covers of a rootless container, this is the article for you!"},{"id":"/2020/03/02/building-with-podman-and-buildah","metadata":{"permalink":"/blogs/2020/03/02/building-with-podman-and-buildah","source":"@site/blog/2020-03-02-building-with-podman-and-buildah.md","title":"Building Container Images with Podman and Buildah","description":"podman logo","date":"2020-03-02T00:00:00.000Z","formattedDate":"March 2, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"runtime","permalink":"/blogs/tags/runtime"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"microsoft","permalink":"/blogs/tags/microsoft"}],"readingTime":0.29,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Building Container Images with Podman and Buildah","layout":"default","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","hpc","oci","networking","runtime","windows","microsoft"]},"prevItem":{"title":"What happens behind the scenes of a rootless Podman container?","permalink":"/blogs/2020/03/03/new"},"nextItem":{"title":"Building Container Images with Podman and Buildah","permalink":"/blogs/2020/03/02/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Building Container Images with Podman and Buildah\\n\\nWe were just pointed to this post [Building Container Images with Podman and Buildah](https://blog.giantswarm.io/building-container-images-with-podman-and-buildah/) by Puja Abbassi on the [Giant Swarm](https://blog.giantswarm.io/) site. In the article Puja goes over how Podman and Buildah handle daemonless and rootless building processes. A tardy link on this site, but worth a read!"},{"id":"/2020/03/02/new","metadata":{"permalink":"/blogs/2020/03/02/new","source":"@site/blog/2020-03-02-new.md","title":"Building Container Images with Podman and Buildah","description":"We were just pointed to this post Building Container Images with Podman and Buildah by Puja Abbassi on the Giant Swarm site. In the article Puja goes over how Podman and Buildah handle daemonless and rootless building processes. A tardy link on this site, but worth a read!","date":"2020-03-02T00:00:00.000Z","formattedDate":"March 2, 2020","tags":[],"readingTime":0.24,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Building Container Images with Podman and Buildah","layout":"default","categories":["new"]},"prevItem":{"title":"Building Container Images with Podman and Buildah","permalink":"/blogs/2020/03/02/building-with-podman-and-buildah"},"nextItem":{"title":"6 guides on making containers secure","permalink":"/blogs/2020/02/07/new"}},"content":"We were just pointed to this post [Building Container Images with Podman and Buildah](https://blog.giantswarm.io/building-container-images-with-podman-and-buildah/) by Puja Abbassi on the [Giant Swarm](https://blog.giantswarm.io/) site. In the article Puja goes over how Podman and Buildah handle daemonless and rootless building processes. A tardy link on this site, but worth a read!"},{"id":"/2020/02/07/new","metadata":{"permalink":"/blogs/2020/02/07/new","source":"@site/blog/2020-02-07-new.md","title":"6 guides on making containers secure","description":"Dan Walsh has another blog post on the Red Hat Enable Sysadmin site this time he\'s writing about 6 guides on making containers secure. It\'s a quick article with pointers to other blog posts showing how to secure your containers.","date":"2020-02-07T00:00:00.000Z","formattedDate":"February 7, 2020","tags":[],"readingTime":0.2,"hasTruncateMarker":false,"authors":[{"name":"dwalsh"}],"frontMatter":{"title":"6 guides on making containers secure","author":"dwalsh","layout":"default","categories":["new"]},"prevItem":{"title":"Building Container Images with Podman and Buildah","permalink":"/blogs/2020/03/02/new"},"nextItem":{"title":"6 guides on making containers secure","permalink":"/blogs/2020/02/07/secure-containers"}},"content":"Dan Walsh has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time he\'s writing about [6 guides on making containers secure](https://www.redhat.com/sysadmin/making-containers-secure). It\'s a quick article with pointers to other blog posts showing how to secure your containers."},{"id":"/2020/02/07/secure-containers","metadata":{"permalink":"/blogs/2020/02/07/secure-containers","source":"@site/blog/2020-02-07-secure-containers.md","title":"6 guides on making containers secure","description":"podman logo","date":"2020-02-07T00:00:00.000Z","formattedDate":"February 7, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"runtime","permalink":"/blogs/tags/runtime"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"microsoft","permalink":"/blogs/tags/microsoft"}],"readingTime":0.27,"hasTruncateMarker":false,"authors":[{"name":"dwalsh"}],"frontMatter":{"title":"6 guides on making containers secure","layout":"default","author":"dwalsh","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","hpc","oci","networking","runtime","windows","microsoft"]},"prevItem":{"title":"6 guides on making containers secure","permalink":"/blogs/2020/02/07/new"},"nextItem":{"title":"Deploy a Pod on CentOS with Podman","permalink":"/blogs/2020/02/06/deploy-pod-on-centos"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# 6 guides on making containers secure\\n\\n## By Dan Walsh [GitHub](https://github.com/rhatdan)\\n\\nDan Walsh has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time he\'s writing about [6 guides on making containers secure](https://www.redhat.com/sysadmin/making-containers-secure). It\'s a quick article with pointers to other blog posts showing how to secure your containers."},{"id":"/2020/02/06/deploy-pod-on-centos","metadata":{"permalink":"/blogs/2020/02/06/deploy-pod-on-centos","source":"@site/blog/2020-02-06-deploy-pod-on-centos.md","title":"Deploy a Pod on CentOS with Podman","description":"podman logo","date":"2020-02-06T00:00:00.000Z","formattedDate":"February 6, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"runtime","permalink":"/blogs/tags/runtime"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"microsoft","permalink":"/blogs/tags/microsoft"}],"readingTime":0.315,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Deploy a Pod on CentOS with Podman","layout":"default","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","hpc","oci","networking","runtime","windows","microsoft"]},"prevItem":{"title":"6 guides on making containers secure","permalink":"/blogs/2020/02/07/secure-containers"},"nextItem":{"title":"Deploy a Pod on CentOS with Podman","permalink":"/blogs/2020/02/06/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Deploy a Pod on CentOS with Podman\\n\\n[Jack Wallen](https://thenewstack.io/author/jack-wallen/) has a blog post on the [THENEWSTACK](https://thenewstack.io/) site with a great introduction on how to [Deploy a Pod on CentOS with Podman](https://thenewstack.io/deploy-a-pod-on-centos-with-podman/). In the post, Jack talks about how Podman fits in the Red Hat ecosystem and then walks you through the fundamentals of creating and running a pod using Podman."},{"id":"/2020/02/06/new","metadata":{"permalink":"/blogs/2020/02/06/new","source":"@site/blog/2020-02-06-new.md","title":"Deploy a Pod on CentOS with Podman","description":"Jack Wallen has a blog post on the THENEWSTACK site with a great introduction on how to Deploy a Pod on CentOS with Podman. In the post, Jack talks about how Podman fits in the Red Hat ecosystem and then walks you through the fundamentals of creating and running a pod using Podman.","date":"2020-02-06T00:00:00.000Z","formattedDate":"February 6, 2020","tags":[],"readingTime":0.265,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Deploy a Pod on CentOS with Podman","layout":"default","categories":["new"]},"prevItem":{"title":"Deploy a Pod on CentOS with Podman","permalink":"/blogs/2020/02/06/deploy-pod-on-centos"},"nextItem":{"title":"How to run Podman on Windows with WSL2","permalink":"/blogs/2020/01/30/new"}},"content":"[Jack Wallen](https://thenewstack.io/author/jack-wallen/) has a blog post on the [THENEWSTACK](https://thenewstack.io/) site with a great introduction on how to [Deploy a Pod on CentOS with Podman](https://thenewstack.io/deploy-a-pod-on-centos-with-podman/). In the post, Jack talks about how Podman fits in the Red Hat ecosystem and then walks you through the fundamentals of creating and running a pod using Podman."},{"id":"/2020/01/30/new","metadata":{"permalink":"/blogs/2020/01/30/new","source":"@site/blog/2020-01-30-new.md","title":"How to run Podman on Windows with WSL2","description":"Brent Baude has another blog post on the Red Hat Enable Sysadmin site this time it\'s all about How to run Podman on Windows with WSL2. If you want to know how to run Podman on Windows 10, this article will show you how.","date":"2020-01-30T00:00:00.000Z","formattedDate":"January 30, 2020","tags":[],"readingTime":0.22,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"How to run Podman on Windows with WSL2","author":"baude","layout":"default","categories":["new"]},"prevItem":{"title":"Deploy a Pod on CentOS with Podman","permalink":"/blogs/2020/02/06/new"},"nextItem":{"title":"How to run Podman on Windows with WSL2","permalink":"/blogs/2020/01/30/podman-wsl"}},"content":"Brent Baude has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time it\'s all about [How to run Podman on Windows with WSL2](https://www.redhat.com/sysadmin/podman-windows-wsl2). If you want to know how to run Podman on Windows 10, this article will show you how."},{"id":"/2020/01/30/podman-wsl","metadata":{"permalink":"/blogs/2020/01/30/podman-wsl","source":"@site/blog/2020-01-30-podman-wsl.md","title":"How to run Podman on Windows with WSL2","description":"podman logo","date":"2020-01-30T00:00:00.000Z","formattedDate":"January 30, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"runtime","permalink":"/blogs/tags/runtime"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"microsoft","permalink":"/blogs/tags/microsoft"}],"readingTime":0.3,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"How to run Podman on Windows with WSL2","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","hpc","oci","networking","runtime","windows","microsoft"]},"prevItem":{"title":"How to run Podman on Windows with WSL2","permalink":"/blogs/2020/01/30/new"},"nextItem":{"title":"Blog posts from the Web","permalink":"/blogs/2020/01/22/blog-posts"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# How to run Podman on Windows with WSL2\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\nBrent Baude has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time it\'s all about [How to run Podman on Windows with WSL2](https://www.redhat.com/sysadmin/podman-windows-wsl2). If you want to know how to run Podman on Windows 10, this article will show you how."},{"id":"/2020/01/22/blog-posts","metadata":{"permalink":"/blogs/2020/01/22/blog-posts","source":"@site/blog/2020-01-22-blog-posts.md","title":"Blog posts from the Web","description":"podman logo","date":"2020-01-22T00:00:00.000Z","formattedDate":"January 22, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.84,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Blog posts from the Web","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"How to run Podman on Windows with WSL2","permalink":"/blogs/2020/01/30/podman-wsl"},"nextItem":{"title":"Blog posts from the Web","permalink":"/blogs/2020/01/22/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Blog posts from the Web\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nOver the holiday break, a number of great posts were added to a number of sites that filled up my Twitter feed, so I thought I\'d throw together a quick block with links to the highlights from the past month:\\n\\n- [Deploy PhotoPrism in CentOS 8(using Podman)](https://lukas.zapletalovi.com/2020/01/deploy-photoprism-in-centos-80.html) - [Lukas Zapletal](https://lukas.zapletalovi.com/about_me.html)\\n- [Replacing Docker with Podman - first steps](https://blog.martdj.nl/2020/01/13/replacing-docker-with-podman-first-steps/) - [Martijn de Jong](https://twitter.com/martdj)\\n- [Podman lands on Debian (Twitter Posting)](https://twitter.com/fatherlinux/status/1216807772458815493) - [Scott McCarty](https://twitter.com/fatherlinux)\\n- Video: [How to install Podman container engine on CentOS 8](https://www.techrepublic.com/videos/how-to-install-the-podman-container-engine-on-centos-8/#ftag=RSS56d97e7) - [Tech Republic](https://www.techrepublic.com/)\\n- [Building Container Images with Buildah and Ansible](https://blog.tomecek.net/post/building-containers-with-buildah-and-ansible/) - [Tomas Tomecek](https://twitter.com/tomastomec?lang=en)\\n- Video: [How to deploy a pod with Podman](https://www.techrepublic.com/article/how-to-deploy-a-pod-with-podman/#ftag=RSS56d97e7) - [Jack Wallen](https://twitter.com/jlwallen)\\n- [Podman and Skopeo on macOS](https://itnext.io/podman-and-skopeo-on-macos-1b3b9cf21e60) - Balazs Szeti\\n- [How To Install Podman on Debian on 10 / 9](https://www.osradar.com/how-to-install-podman-on-debian-on-10-9/) - [Sabi](https://www.osradar.com/author/sabi/)\\n- [How to run Docker Containers using Podman and Libpod](https://www.osradar.com/how-to-run-docker-containers-using-podman-and-libpod/) - [Sabi](https://www.osradar.com/author/sabi/)\\n- [How to Install Podman on Arch Linux / Manjaro](https://www.osradar.com/how-to-install-podman-on-arch-linux-manjaro/) - [Sabi](https://www.osradar.com/author/sabi/)"},{"id":"/2020/01/22/new","metadata":{"permalink":"/blogs/2020/01/22/new","source":"@site/blog/2020-01-22-new.md","title":"Blog posts from the Web","description":"A number of blog posts were posted over the past month and given the holiday crunch, we didn\'t get them listed on the site. So as a catch up, checkout the Blog posts on the Web blog which has a number of links on it to those great articles and videos.","date":"2020-01-22T00:00:00.000Z","formattedDate":"January 22, 2020","tags":[],"readingTime":0.255,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Blog posts from the Web","layout":"default","categories":["new"]},"prevItem":{"title":"Blog posts from the Web","permalink":"/blogs/2020/01/22/blog-posts"},"nextItem":{"title":"New API coming for Podman","permalink":"/blogs/2020/01/17/new"}},"content":"A number of blog posts were posted over the past month and given the holiday crunch, we didn\'t get them listed on the site. So as a catch up, checkout the [Blog posts on the Web](https://podman.io/blogs/2020/01/22/blog-posts.html) blog which has a number of links on it to those great articles and videos."},{"id":"/2020/01/17/new","metadata":{"permalink":"/blogs/2020/01/17/new","source":"@site/blog/2020-01-17-new.md","title":"New API coming for Podman","description":"The new API for Podman, referred to as apiv2, has been merged into the libpod repository. It\'s a simpler REST API that\'s more compatible with Docker implementations than the varlink protocol that\'s currently in use. For more details, see this release announcement by Brent Baude.","date":"2020-01-17T00:00:00.000Z","formattedDate":"January 17, 2020","tags":[],"readingTime":0.225,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"New API coming for Podman","author":"baude","layout":"default","categories":["new"]},"prevItem":{"title":"Blog posts from the Web","permalink":"/blogs/2020/01/22/new"},"nextItem":{"title":"New API coming for Podman","permalink":"/blogs/2020/01/17/podman-new-api"}},"content":"The new API for Podman, referred to as _apiv2_, has been merged into the [libpod](https://github.com/containers/podman/) repository. It\'s a simpler REST API that\'s more compatible with Docker implementations than the [varlink](https://varlink.org/) protocol that\'s currently in use. For more details, see this [release announcement](https://podman.io/blogs/2020/01/17/podman-new-api.html) by Brent Baude."},{"id":"/2020/01/17/podman-new-api","metadata":{"permalink":"/blogs/2020/01/17/podman-new-api","source":"@site/blog/2020-01-17-podman-new-api.md","title":"New API coming for Podman","description":"podman logo","date":"2020-01-17T00:00:00.000Z","formattedDate":"January 17, 2020","tags":[{"label":"community","permalink":"/blogs/tags/community"},{"label":"open source","permalink":"/blogs/tags/open-source"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"REST","permalink":"/blogs/tags/rest"}],"readingTime":2.38,"hasTruncateMarker":true,"authors":[{"name":"baude"}],"frontMatter":{"title":"New API coming for Podman","layout":"default","author":"baude","categories":["blogs"],"tags":["community","open source","podman","hpc","api","REST","API"]},"prevItem":{"title":"New API coming for Podman","permalink":"/blogs/2020/01/17/new"},"nextItem":{"title":"Bioinformatics with rootless Podman","permalink":"/blogs/2020/01/15/bioinformatics-with-rootless-podman"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\nIf you follow the traffic on IRC (#podman on libera.chat) or GitHub from the developers of [libpod](https://github.com/containers/podman/), you might have seen us referencing a new API. We often referred to it as _apiv2_ and for about a month, there has been an \'apiv2\' branch for libpod on GitHub. This week, we have begun to merge that branch but have yet to \u201cwire it up.\u201d\\n\\nFirst and foremost, the Golang libpod API remains largely unchanged. What is changing is the API we expose for automation and remote usage. Our previous API was based on the [varlink](https://varlink.org/) protocol. But we heard from users that varlink was a hurdle for libpod adoption especially for those who were using the Docker API and its bindings. They simply could not or did not want to rewrite their custom applications for libpod\u2019s new, varlink-based API.\\n\\n\x3c!--truncate--\x3e\\n\\nThe new API is a simpler implementation based on HTTP/REST. We provide two basic groups of endpoints. The first one is for libpod; the second is for Docker compatibility, to ease adoption. The two endpoints are namespaced to keep them separate. Our goal with implementing a portion of the Docker API, is to be as compatible as possible; while similar calls in the libpod API might bring back additional libpod specific information.\\n\\nWhile these two endpoints work similarly, there are important and somewhat nuanced differences. The Docker API endpoint is useful for existing automation tied to that API and potentially tools like docker-compose.\\n\\n#### Example\\n\\nIf you wanted a list of images with the libpod endpoint, you would use the following endpoint:\\n\\n`/libpod/images/json`\\n\\nAnd if you wanted a list of images but in docker-compatibility, you would use:\\n\\n`/images/json`\\n\\nIn our proof of concepts, we have tested our endpoint with the [docker-py](https://docker-py.readthedocs.io/en/stable/) project. There are of course subtle differences which we are still working on. And there are compatibility endpoints that we can not support like `swarm` which Podman does not support.\\n\\nWe are working on a set of Golang bindings for the libpod endpoints. Eventually these bindings will be used to rewire our remote client. The rewire begins after all the libpod endpoints are working and have tests. We plan on working with the upstream community on podman-python support for the new libpod API, enabling python developers fully support for using podman containers.\\n\\nAs for the existing varlink code, it has been in maintenance mode already. We will continue to address bugs but no new functionality will be developed. Once the new API is fully implemented, we plan to make a deprecation announcement.\\n\\nWe are hopeful these changes help our users and larger community. We hope that the new API helps encourage contributors to help us complete the API as well as write bindings. Look for more information in the near future including status updates as well as how-tos."},{"id":"/2020/01/15/bioinformatics-with-rootless-podman","metadata":{"permalink":"/blogs/2020/01/15/bioinformatics-with-rootless-podman","source":"@site/blog/2020-01-15-bioinformatics-with-rootless-podman.md","title":"Bioinformatics with rootless Podman","description":"podman logo","date":"2020-01-15T00:00:00.000Z","formattedDate":"January 15, 2020","tags":[{"label":"bioinformatics","permalink":"/blogs/tags/bioinformatics"},{"label":"rootless","permalink":"/blogs/tags/rootless"},{"label":"podman","permalink":"/blogs/tags/podman"}],"readingTime":9.82,"hasTruncateMarker":true,"authors":[{"name":"bhepworth"}],"frontMatter":{"title":"Bioinformatics with rootless Podman","layout":"default","author":"bhepworth","categories":["blogs"],"tags":["bioinformatics","rootless","podman"]},"prevItem":{"title":"New API coming for Podman","permalink":"/blogs/2020/01/17/podman-new-api"},"nextItem":{"title":"Bioinformatics and rootless containers with Podman","permalink":"/blogs/2020/01/15/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Bioinformatics with rootless podman\\n\\n## By Valentin Rothberg [GitHub](https://github.com/BryanHepworth)\\n\\nOver the last 10 years I\'ve seen machines and workflows evolve where I work. From the initial dedicated server, to hpc environments\\nand now the latest instance, containers.\\n\\nFrom an admin point of view this is great - The initial servers had to be carefully built and maintained so that everything would work nicely together. Incompatible programs at that time were run through a VM until such time as they could be folded in to the mix.\\n\\nThe HPC\'s had versioned software and environment modules and were built to load the relevant dependencies at run time.\\n\\nNow we are into a new era, containers - and not just any old containers, but containers that end users can build and run up fairly\\nquickly to perform what-if\'s, and move on quickly through iterations until they perform the required functions.\\n\\nPodman has developed very rapidly and is incredibly easy to use. You can use it in conjunction with quay.io or run it on a local machine.\\n\\nI should add that Adrian Reber gave a [talk](https://youtu.be/TtHSNsbU24E) and has also created a Podman [article](https://podman.io/blogs/2019/09/26/podman-in-hpc.html) using openhpc; well worth a watch and a read.\\n\\nIf you don\'t have a RedHat Developer Subscription now is an ideal time to get one:\\n\\nhttps://developers.redhat.com/articles/getting-red-hat-developer-subscription-what-rhel-users-need-know/\\n\\n..and download RedHat Enterprise 8.1\\n\\n\x3c!--truncate--\x3e\\n\\nDo a Standard RedHat GUI Server default install\\n\\n```\\nyum update\\nyum module install container-tools\\n```\\n\\nRedHat 8.1 does rootless containers right out of the box. If you created a user during the setup, it\'ll have the details in /etc/subuid and /etc/subgid already.\\n\\nLog in with your userID and you can start creating a container\\n\\n```\\npodman pull ubi8/ubi\\npodman run --interactive --tty ubi8/ubi bash\\n```\\n\\nThe first command pulls down the ubi8 Universal Base Image, which is a great building block. The second command starts an interactive ubi8 image at a bash prompt. You can run any commands you like in this:\\n\\n```\\n[nbh23@colombo ~]$ podman run --interactive --tty ubi8/ubi bash\\n[root@f471459c7619 /]# cat /etc/redhat-release\\nRed Hat Enterprise Linux release 8.1 (Ootpa)\\n[root@f471459c7619 /]#\\n\\n```\\n\\nNotice how the prompt changed from nbh23@colombo to root@f471459c7619 - the f471459c7619 is the part to remember, we\'ll interact with that later on in this post. It\'s a random allocation, so your instance will be different.\\n\\nThe Podman help menu\'s are excellent, podman -h gives you a list of subcommands, which you can then also query:\\n\\n```\\n[nbh23@colombo ~]$ podman -h\\nmanage pods and images\\n\\nUsage:\\n podman [flags]\\n podman [command]\\n\\nAvailable Commands:\\n attach Attach to a running container\\n build Build an image using instructions from Dockerfiles\\n commit Create new image based on the changed container\\n container Manage Containers\\n cp Copy files/folders between a container and the local filesystem\\n create Create but do not start a container\\n diff Inspect changes on container\'s file systems\\n events Show podman events\\n exec Run a process in a running container\\n export Export container\'s filesystem contents as a tar archive\\n generate Generated structured data\\n healthcheck Manage Healthcheck\\n help Help about any command\\n history Show history of a specified image\\n image Manage images\\n images List images in local storage\\n import Import a tarball to create a filesystem image\\n info Display podman system information\\n init Initialize one or more containers\\n inspect Display the configuration of a container or image\\n kill Kill one or more running containers with a specific signal\\n load Load an image from container archive\\n login Login to a container registry\\n logout Logout of a container registry\\n logs Fetch the logs of a container\\n mount Mount a working container\'s root filesystem\\n pause Pause all the processes in one or more containers\\n play Play a pod\\n pod Manage pods\\n port List port mappings or a specific mapping for the container\\n ps List containers\\n pull Pull an image from a registry\\n push Push an image to a specified destination\\n restart Restart one or more containers\\n rm Remove one or more containers\\n rmi Removes one or more images from local storage\\n run Run a command in a new container\\n save Save image to an archive\\n search Search registry for image\\n start Start one or more containers\\n stats Display a live stream of container resource usage statistics\\n stop Stop one or more containers\\n system Manage podman\\n tag Add an additional name to a local image\\n top Display the running processes of a container\\n umount Unmounts working container\'s root filesystem\\n unpause Unpause the processes in one or more containers\\n unshare Run a command in a modified user namespace\\n varlink Run varlink interface\\n version Display the Podman Version Information\\n volume Manage volumes\\n wait Block on one or more containers\\n\\nFlags:\\n --cgroup-manager string Cgroup manager to use (cgroupfs or systemd, default systemd)\\n --cni-config-dir string Path of the configuration directory for CNI networks\\n --config string Path of a libpod config file detailing container server configuration options\\n --conmon string Path of the conmon binary\\n --cpu-profile string Path for the cpu profiling results\\n --default-mounts-file string Path to default mounts file\\n --events-backend string Events backend to use\\n --help Help for podman\\n --hooks-dir strings Set the OCI hooks directory path (may be set multiple times)\\n --log-level string Log messages above specified level: debug, info, warn, error, fatal or panic (default \\"error\\")\\n --namespace string Set the libpod namespace, used to create separate views of the containers and pods on the system\\n --network-cmd-path string Path to the command for configuring the network\\n --root string Path to the root directory in which data, including images, is stored\\n --runroot string Path to the \'run directory\' where all state information is stored\\n --runtime string Path to the OCI-compatible binary used to run containers, default is /usr/bin/runc\\n --storage-driver string Select which storage driver is used to manage storage of images and containers (default is overlay)\\n --storage-opt stringArray Used to pass an option to the storage driver\\n --syslog Output logging information to syslog as well as the console\\n --tmpdir string Path to the tmp directory\\n --trace Enable opentracing output\\n --version Version for podman\\n\\nUse \\"podman [command] --help\\" for more information about a command.\\n[nbh23@colombo ~]$ podman image -h\\nManage images\\n\\nUsage:\\n podman image [command]\\n\\nAvailable Commands:\\n build Build an image using instructions from Dockerfiles\\n exists Check if an image exists in local storage\\n history Show history of a specified image\\n import Import a tarball to create a filesystem image\\n inspect Display the configuration of an image\\n list List images in local storage\\n load Load an image from container archive\\n prune Remove unused images\\n pull Pull an image from a registry\\n push Push an image to a specified destination\\n rm Removes one or more images from local storage\\n save Save image to an archive\\n sign Sign an image\\n tag Add an additional name to a local image\\n tree Prints layer hierarchy of an image in a tree format\\n trust Manage container image trust policy\\n\\n[nbh23@colombo ~]$\\n```\\n\\nWe can list out the images and containers as follows, which is handy if you lose track of where you are at.\\n\\n```\\n[nbh23@colombo ~]$ podman image list\\nREPOSITORY TAG IMAGE ID CREATED SIZE\\nregistry.access.redhat.com/ubi8/ubi latest 096cae65a207 5 weeks ago 239 MB\\n[nbh23@colombo ~]$ podman container list\\nCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES\\na1fc64bd8e47 registry.access.redhat.com/ubi8/ubi:latest bash 2 hours ago Up 2 hours ago zen_albattani\\n[nbh23@colombo ~]$\\n```\\n\\nSo we created a container to interact with, but how about creating a new image?\\nI found that Podman is very easy to interact with and created a Dockerfile. This is a list of commands in a text file that controls what gets installed.\\nCreate a new directory - in this case whatshap, to put the Dockerfile in:\\n\\n```\\n[nbh23@colombo whatshap]$ cat Dockerfile\\nFROM registry.access.redhat.com/ubi8/ubi\\nRUN yum -y update \\\\\\n&& yum -y install python3 \\\\\\n&& yum -y install make \\\\\\n&& yum -y install gcc \\\\\\n&& yum -y install redhat-rpm-config \\\\\\n&& yum -y install zlib-devel \\\\\\n&& yum -y install bzip2-devel \\\\\\n&& yum -y install xz-devel \\\\\\n&& yum -y install python3-devel \\\\\\n&& yum clean all\\nRUN pip3 install pysam && pip3 install whatshap\\n```\\n\\nThen we build the container image - from within the whatshap directory run:\\n\\n```\\npodman build -t whatshap .\\n```\\n\\nNotice the \'.\' at the end, that\'s important!\\n\\nYou\'ll see the container image start to build, with notifications of where it\'s at. If all goes to plan you will then finally see notification that it\'s completed:\\n\\n```\\nSTEP 4: COMMIT whatshap\\nd523727fc6c297086e84e7ec99f62e8f5e6d093d9decb1b58ee8a4205d46b3dd\\n```\\n\\nWe can then check it works:\\n\\n```\\n[nbh23@colombo whatshap]$ podman run -it whatshap\\n[root@ac05564bd51b /]# whatshap -h\\nusage: whatshap [-h] [--version] [--debug]\\n {phase,stats,compare,hapcut2vcf,unphase,haplotag,genotype} ...\\n\\npositional arguments:\\n {phase,stats,compare,hapcut2vcf,unphase,haplotag,genotype}\\n phase Phase variants in a VCF with the WhatsHap algorithm\\n stats Print phasing statistics of a single VCF file\\n compare Compare two or more phasings\\n hapcut2vcf Convert hapCUT output format to VCF\\n unphase Remove phasing information from a VCF file\\n haplotag Tag reads by haplotype\\n genotype Genotype variants\\n\\noptional arguments:\\n -h, --help show this help message and exit\\n --version show program\'s version number and exit\\n --debug Print debug messages\\n[root@ac05564bd51b /]#\\n```\\n\\nWhich all looks good - we now have our container image and can re-run that to do our whatshap analysis.\\n\\nAll well and good, but what happens about storage of that analysis?\\n\\nWe can add that to our Podman command, if we have a directory called data in /home we can map that as follows:\\n\\n```\\npodman run -v /home/nbh23/data:/home/nbh23:z -it whatshap\\n```\\n\\nThe nice thing is that the UID and GID for files created this way all match up. The trailing :z makes selinux happy :-)\\n\\n```\\n[nbh23@colombo whatshap]$ podman run -v /home/nbh23/data:/home/nbh23:z -it whatshap\\n[root@fef561d523b8 /]# ls\\nbin boot dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var\\n[root@fef561d523b8 /]# cd /home\\n[root@fef561d523b8 home]# ls\\nnbh23\\n[root@fef561d523b8 home]# cd nbh23\\n[root@fef561d523b8 nbh23]# touch testfile\\n[root@fef561d523b8 nbh23]# ls -la\\ntotal 0\\ndrwxrwxr-x. 2 root root 22 Jan 21 09:09 .\\ndrwxr-xr-x. 3 root root 19 Jan 21 09:09 ..\\n-rw-r--r--. 1 root root 0 Jan 21 09:09 testfile\\n[root@fef561d523b8 nbh23]# exit\\n[nbh23@colombo ~]$ ls\\nContainers data Desktop Documents Downloads Music Pictures Public Templates Videos\\n[nbh23@colombo ~]$ cd data\\n[nbh23@colombo data]$ ls -la\\ntotal 4\\ndrwxrwxr-x. 2 nbh23 nbh23 22 Jan 21 09:09 .\\ndrwx------. 17 nbh23 nbh23 4096 Jan 21 09:07 ..\\n-rw-r--r--. 1 nbh23 nbh23 0 Jan 21 09:09 testfile\\n[nbh23@colombo data]$\\n```\\n\\nOne of the things I discovered whilst creating a more complex container image was that you can start the existing image into a bash session, doing the manipulation that you require, and then use the Podman commit command to write those changes.\\nFor example using our whatshap container image we can run it as follows:\\n\\n```\\n[nbh23@colombo data]$ podman run -it whatshap bash\\n[root@73c4742e4724 /]#\\n```\\n\\nWe can then make our alterations, and from another session commit those changes:\\n\\n```\\n[nbh23@colombo ~]$ podman commit 73c4742e4724 whatshap-altered\\nGetting image source signatures\\nCopying blob c630f5c3e169 skipped: already exists\\nCopying blob 4bd7408cc1c8 skipped: already exists\\nCopying blob 1383f0e3c813 skipped: already exists\\nCopying blob a2ff5e229058 skipped: already exists\\nCopying blob b75bf3e68dab done\\nCopying config 931b7f5302 done\\nWriting manifest to image destination\\nStoring signatures\\n931b7f5302af9965bff14e460c19ff9e756d74095940c6d85e63f929006c35f0\\n[nbh23@colombo ~]$\\n```\\n\\nThen do podman image list to see what we have:\\n\\n```\\n[nbh23@colombo ~]$ podman image list\\nREPOSITORY TAG IMAGE ID CREATED SIZE\\nlocalhost/whatshap-altered latest 931b7f5302af About a minute ago 545 MB\\nlocalhost/whatshap latest d523727fc6c2 3 days ago 545 MB\\nregistry.access.redhat.com/ubi8/ubi latest 096cae65a207 5 weeks ago 239\\n[nbh23@colombo ~]$\\n```\\n\\nYou can make multiple changes to your original container image until you are satisfied that it\'s working as you\'d like.\\n\\nThis has covered command line container image creation and usage, I\'ll be creating another blog post detailing graphical interactive containers as i\'m aware that there are various interactive visual programs to cover too.\\n\\nFeel free to contact me with any ideas or suggestions / questions."},{"id":"/2020/01/15/new","metadata":{"permalink":"/blogs/2020/01/15/new","source":"@site/blog/2020-01-15-new.md","title":"Bioinformatics and rootless containers with Podman","description":"Bryan Hepworth demonstrating how to create a rootless container image for a Bioinformatics program here.","date":"2020-01-15T00:00:00.000Z","formattedDate":"January 15, 2020","tags":[],"readingTime":0.075,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Bioinformatics and rootless containers with Podman","layout":"default","categories":["new"]},"prevItem":{"title":"Bioinformatics with rootless Podman","permalink":"/blogs/2020/01/15/bioinformatics-with-rootless-podman"},"nextItem":{"title":"Running containers with Podman and shareable systemd services","permalink":"/blogs/2019/12/17/new"}},"content":"Bryan Hepworth demonstrating how to create a rootless container image for a Bioinformatics program [here](https://podman.io/blogs/2020/01/15/bioinformatics-with-rootless-podman.html)."},{"id":"/2019/12/17/new","metadata":{"permalink":"/blogs/2019/12/17/new","source":"@site/blog/2019-12-17-new.md","title":"Running containers with Podman and shareable systemd services","description":"Podman version 1.7 is coming out soon and will include new features that will make management of containers with systemd services even easier. Valentin Rothberg has a blog post on the Red Hat Enable Sysadmin site that previews the features: Running containers with Podman and shareable systemd services. In the post Valentin goes over the highlights and then gives a great working example.","date":"2019-12-17T00:00:00.000Z","formattedDate":"December 17, 2019","tags":[],"readingTime":0.315,"hasTruncateMarker":false,"authors":[{"name":"vrothberg"}],"frontMatter":{"title":"Running containers with Podman and shareable systemd services","author":"vrothberg","layout":"default","categories":["new"]},"prevItem":{"title":"Bioinformatics and rootless containers with Podman","permalink":"/blogs/2020/01/15/new"},"nextItem":{"title":"Running containers with Podman and shareable systemd services","permalink":"/blogs/2019/12/17/podman-systemd-1-7"}},"content":"Podman version 1.7 is coming out soon and will include new features that will make management of containers with systemd services even easier. Valentin Rothberg has a blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site that previews the features: [Running containers with Podman and shareable systemd services](https://www.redhat.com/sysadmin/podman-shareable-systemd-services). In the post Valentin goes over the highlights and then gives a great working example."},{"id":"/2019/12/17/podman-systemd-1-7","metadata":{"permalink":"/blogs/2019/12/17/podman-systemd-1-7","source":"@site/blog/2019-12-17-podman-systemd-1-7.md","title":"Running containers with Podman and shareable systemd services","description":"podman logo","date":"2019-12-17T00:00:00.000Z","formattedDate":"December 17, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"runtime","permalink":"/blogs/tags/runtime"},{"label":"systemd","permalink":"/blogs/tags/systemd"}],"readingTime":0.395,"hasTruncateMarker":false,"authors":[{"name":"vrothberg"}],"frontMatter":{"title":"Running containers with Podman and shareable systemd services","layout":"default","author":"vrothberg","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","hpc","oci","networking","runtime","systemd"]},"prevItem":{"title":"Running containers with Podman and shareable systemd services","permalink":"/blogs/2019/12/17/new"},"nextItem":{"title":"Working with Linux containers on RHEL 8 with Podman, image builder and web console","permalink":"/blogs/2019/12/14/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Running containers with Podman and shareable systemd services\\n\\n## By Bryan Hepworth [GitHub](https://github.com/vrothberg)\\n\\nPodman version 1.7 is coming out soon and will include new features that will make management of containers with systemd services even easier. Valentin Rothberg has a blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site that previews the features: [Running containers with Podman and shareable systemd services](https://www.redhat.com/sysadmin/podman-shareable-systemd-services). In the post Valentin goes over the highlights and then gives a great working example."},{"id":"/2019/12/14/new","metadata":{"permalink":"/blogs/2019/12/14/new","source":"@site/blog/2019-12-14-new.md","title":"Working with Linux containers on RHEL 8 with Podman, image builder and web console","description":"Do you want to know how to setup RHEL 8 to run containers using Podman? Xuegang Jin has a blog post on the Red Hat Blog about this very subject, Working with Linux containers on RHEL 8 with Podman, image builder and web console. In the post Xuegang shows you how you can use Image Builder to create an OS image, how to run containers with Podman, and how to check the host and containers performance using Web Console.","date":"2019-12-14T00:00:00.000Z","formattedDate":"December 14, 2019","tags":[],"readingTime":0.395,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Working with Linux containers on RHEL 8 with Podman, image builder and web console","layout":"default","categories":["new"]},"prevItem":{"title":"Running containers with Podman and shareable systemd services","permalink":"/blogs/2019/12/17/podman-systemd-1-7"},"nextItem":{"title":"Working with Linux containers on RHEL 8 with Podman, image builder and web console","permalink":"/blogs/2019/12/14/rhel8-podman"}},"content":"Do you want to know how to setup RHEL 8 to run containers using Podman? Xuegang Jin has a blog post on the [Red Hat Blog](https://www.redhat.com/en/blog) about this very subject, [Working with Linux containers on RHEL 8 with Podman, image builder and web console](https://www.redhat.com/en/blog/working-linux-containers-rhel-8-podman-image-builder-and-web-console). In the post Xuegang shows you how you can use Image Builder to create an OS image, how to run containers with Podman, and how to check the host and containers performance using Web Console."},{"id":"/2019/12/14/rhel8-podman","metadata":{"permalink":"/blogs/2019/12/14/rhel8-podman","source":"@site/blog/2019-12-14-rhel8-podman.md","title":"Working with Linux containers on RHEL 8 with Podman, image builder and web console","description":"podman logo","date":"2019-12-14T00:00:00.000Z","formattedDate":"December 14, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.5,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Working with Linux containers on RHEL 8 with Podman, image builder and web console","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Working with Linux containers on RHEL 8 with Podman, image builder and web console","permalink":"/blogs/2019/12/14/new"},"nextItem":{"title":"Understanding root inside and outside a container","permalink":"/blogs/2019/12/11/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Working with Linux containers on RHEL 8 with Podman, image builder and web console\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nDo you want to know how to setup RHEL 8 to run containers using Podman? Xuegang Jin has a blog post on the [Red Hat Blog](https://www.redhat.com/en/blog) about this very subject, [Working with Linux containers on RHEL 8 with Podman, image builder and web console](https://www.redhat.com/en/blog/working-linux-containers-rhel-8-podman-image-builder-and-web-console). In the post Xuegang explains how you can use Image Builder to create an OS image, how to run containers with Podman, and how to check the host and containers performance using Web Console."},{"id":"/2019/12/11/new","metadata":{"permalink":"/blogs/2019/12/11/new","source":"@site/blog/2019-12-11-new.md","title":"Understanding root inside and outside a container","description":"Do you run containers as root, or as a regular user? Scott McCarty has a blog post on the Red Hat Blog about this very subject, Understanding root inside and outside a container. In the post Scott walks you through what a rootless container does and how it can be a safer alternative to a container run by root.","date":"2019-12-11T00:00:00.000Z","formattedDate":"December 11, 2019","tags":[],"readingTime":0.295,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Understanding root inside and outside a container","layout":"default","categories":["new"]},"prevItem":{"title":"Working with Linux containers on RHEL 8 with Podman, image builder and web console","permalink":"/blogs/2019/12/14/rhel8-podman"},"nextItem":{"title":"Understanding root inside and outside a container","permalink":"/blogs/2019/12/11/understanding-root"}},"content":"Do you run containers as root, or as a regular user? Scott McCarty has a blog post on the [Red Hat Blog](https://www.redhat.com/en/blog) about this very subject, [Understanding root inside and outside a container](https://www.redhat.com/en/blog/understanding-root-inside-and-outside-container). In the post Scott walks you through what a rootless container does and how it can be a safer alternative to a container run by root."},{"id":"/2019/12/11/understanding-root","metadata":{"permalink":"/blogs/2019/12/11/understanding-root","source":"@site/blog/2019-12-11-understanding-root.md","title":"Understanding root inside and outside a container","description":"podman logo","date":"2019-12-11T00:00:00.000Z","formattedDate":"December 11, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.37,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Understanding root inside and outside a container","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Understanding root inside and outside a container","permalink":"/blogs/2019/12/11/new"},"nextItem":{"title":"Rootless Podman and NFS","permalink":"/blogs/2019/11/26/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Understanding root inside and outside a container\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nDo you run containers as root, or as a regular user? Scott McCarty has a blog post on the [Red Hat Blog](https://www.redhat.com/en/blog) about this very subject, [Understanding root inside and outside a container](https://www.redhat.com/en/blog/understanding-root-inside-and-outside-container). In the post Scott walks you through what a rootless container does and how it can be a safer alternative to a container run by root."},{"id":"/2019/11/26/new","metadata":{"permalink":"/blogs/2019/11/26/new","source":"@site/blog/2019-11-26-new.md","title":"Rootless Podman and NFS","description":"Dan Walsh has another blog post on the Red Hat Enable Sysadmin site this time about Rootless Podman and NFS. In the post Dan talks about how you can make some minor configuration changes to allow Podman to use a user\'s home directory on an NFS share. Give it a read!","date":"2019-11-26T00:00:00.000Z","formattedDate":"November 26, 2019","tags":[],"readingTime":0.255,"hasTruncateMarker":false,"authors":[{"name":"dwalsh"}],"frontMatter":{"title":"Rootless Podman and NFS","author":"dwalsh","layout":"default","categories":["new"]},"prevItem":{"title":"Understanding root inside and outside a container","permalink":"/blogs/2019/12/11/understanding-root"},"nextItem":{"title":"Rootless Podman and NFS","permalink":"/blogs/2019/11/26/rootless-podman-and-nfs"}},"content":"Dan Walsh has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time about [Rootless Podman and NFS](https://www.redhat.com/sysadmin/rootless-podman-nfs). In the post Dan talks about how you can make some minor configuration changes to allow Podman to use a user\'s home directory on an NFS share. Give it a read!"},{"id":"/2019/11/26/rootless-podman-and-nfs","metadata":{"permalink":"/blogs/2019/11/26/rootless-podman-and-nfs","source":"@site/blog/2019-11-26-rootless-podman-and-nfs.md","title":"Rootless Podman and NFS","description":"podman logo","date":"2019-11-26T00:00:00.000Z","formattedDate":"November 26, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"nfs","permalink":"/blogs/tags/nfs"},{"label":"network","permalink":"/blogs/tags/network"},{"label":"runtime","permalink":"/blogs/tags/runtime"}],"readingTime":0.315,"hasTruncateMarker":false,"authors":[{"name":"dwalsh"}],"frontMatter":{"title":"Rootless Podman and NFS","layout":"default","author":"dwalsh","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","hpc","oci","nfs","network","runtime"]},"prevItem":{"title":"Rootless Podman and NFS","permalink":"/blogs/2019/11/26/new"},"nextItem":{"title":"How To Install Podman on Debian","permalink":"/blogs/2019/11/20/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Rootless Podman and NFS\\n\\n## By Dan Walsh [GitHub](https://github.com/rhatdan)\\n\\nDan Walsh has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time about [Rootless Podman and NFS](https://www.redhat.com/sysadmin/rootless-podman-nfs). In the post Dan talks about how you can make some minor configuration changes to allow Podman to use a user\'s home directory on an NFS share. Give it a read!"},{"id":"/2019/11/20/new","metadata":{"permalink":"/blogs/2019/11/20/new","source":"@site/blog/2019-11-20-new.md","title":"How To Install Podman on Debian","description":"Josphat Mutai posted a blog post on the Computing for Geeks site talking about How To Install Podman on Debian. In the post Josphat walks through all the steps necessary from \'A\' to \'Z\' to get Podman up and running on Debian and how to do some initial Podman commands.","date":"2019-11-20T00:00:00.000Z","formattedDate":"November 20, 2019","tags":[],"readingTime":0.25,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"How To Install Podman on Debian","layout":"default","categories":["new"]},"prevItem":{"title":"Rootless Podman and NFS","permalink":"/blogs/2019/11/26/rootless-podman-and-nfs"},"nextItem":{"title":"How To Install Podman on Debian","permalink":"/blogs/2019/11/20/run-podman-on-debian"}},"content":"Josphat Mutai posted a blog post on the [Computing for Geeks](https://computingforgeeks.com/) site talking about [How To Install Podman on Debian](https://computingforgeeks.com/how-to-install-podman-on-debian/). In the post Josphat walks through all the steps necessary from \'A\' to \'Z\' to get Podman up and running on Debian and how to do some initial Podman commands."},{"id":"/2019/11/20/run-podman-on-debian","metadata":{"permalink":"/blogs/2019/11/20/run-podman-on-debian","source":"@site/blog/2019-11-20-run-podman-on-debian.md","title":"How To Install Podman on Debian","description":"podman logo","date":"2019-11-20T00:00:00.000Z","formattedDate":"November 20, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"runtime","permalink":"/blogs/tags/runtime"}],"readingTime":0.32,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"How To Install Podman on Debian","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","hpc","oci","networking","runtime"]},"prevItem":{"title":"How To Install Podman on Debian","permalink":"/blogs/2019/11/20/new"},"nextItem":{"title":"Leasing routable IP addresses with Podman containers","permalink":"/blogs/2019/11/13/lease-routable-ip-addrs"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# How To Install Podman on Debian\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nJosphat Mutai posted a blog post on the [Computing for Geeks](https://computingforgeeks.com/) site talking about [How To Install Podman on Debian](https://computingforgeeks.com/how-to-install-podman-on-debian/). In the post Josphat walks through all the steps necessary from \'A\' to \'Z\' to get Podman up and running on Debian and how to do some initial Podman commands."},{"id":"/2019/11/13/lease-routable-ip-addrs","metadata":{"permalink":"/blogs/2019/11/13/lease-routable-ip-addrs","source":"@site/blog/2019-11-13-lease-routable-ip-addrs.md","title":"Leasing routable IP addresses with Podman containers","description":"podman logo","date":"2019-11-13T00:00:00.000Z","formattedDate":"November 13, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"runtime","permalink":"/blogs/tags/runtime"}],"readingTime":0.33,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Leasing routable IP addresses with Podman containers","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","hpc","oci","networking","runtime"]},"prevItem":{"title":"How To Install Podman on Debian","permalink":"/blogs/2019/11/20/run-podman-on-debian"},"nextItem":{"title":"Leasing routable IP addresses with Podman containers","permalink":"/blogs/2019/11/13/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Leasing routable IP addresses with Podman containers\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\nBrent Baude has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time about [Leasing routable IP addresses with Podman containers](https://www.redhat.com/sysadmin/leasing-ips-podman). In the post Brent talks about using the macvlan and the dhcp plugins that ship with the container-networking project in order to lease ip addresses for your containers."},{"id":"/2019/11/13/new","metadata":{"permalink":"/blogs/2019/11/13/new","source":"@site/blog/2019-11-13-new.md","title":"Leasing routable IP addresses with Podman containers","description":"Brent Baude has another blog post on the Red Hat Enable Sysadmin site this time about Leasing routable IP addresses with Podman containers. In the post Brent talks about using the macvlan and the dhcp plugins that ship with the container-networking project in order to lease ip addresses for your containers.","date":"2019-11-13T00:00:00.000Z","formattedDate":"November 13, 2019","tags":[],"readingTime":0.255,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Leasing routable IP addresses with Podman containers","author":"baude","layout":"default","categories":["new"]},"prevItem":{"title":"Leasing routable IP addresses with Podman containers","permalink":"/blogs/2019/11/13/lease-routable-ip-addrs"},"nextItem":{"title":"Fedora 31 and Control Group v2","permalink":"/blogs/2019/11/12/F31-Control-Group-v2"}},"content":"Brent Baude has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time about [Leasing routable IP addresses with Podman containers](https://www.redhat.com/sysadmin/leasing-ips-podman). In the post Brent talks about using the macvlan and the dhcp plugins that ship with the container-networking project in order to lease ip addresses for your containers."},{"id":"/2019/11/12/F31-Control-Group-v2","metadata":{"permalink":"/blogs/2019/11/12/F31-Control-Group-v2","source":"@site/blog/2019-11-12-F31-Control-Group-v2.md","title":"Fedora 31 and Control Group v2","description":"podman logo","date":"2019-11-12T00:00:00.000Z","formattedDate":"November 12, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"security","permalink":"/blogs/tags/security"},{"label":"runtime","permalink":"/blogs/tags/runtime"}],"readingTime":0.32,"hasTruncateMarker":false,"authors":[{"name":"dwalsh"}],"frontMatter":{"title":"Fedora 31 and Control Group v2","layout":"default","author":"dwalsh","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","hpc","oci","security","runtime"]},"prevItem":{"title":"Leasing routable IP addresses with Podman containers","permalink":"/blogs/2019/11/13/new"},"nextItem":{"title":"Fedora 31 and Control Group v2","permalink":"/blogs/2019/11/12/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Fedora 31 and Control Group v2\\n\\n## By Dan Walsh [GitHub](https://github.com/rhatdan)\\n\\nDan Walsh has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time about [Fedora 31 and Control Group v2](https://www.redhat.com/sysadmin/fedora-31-control-group-v2). In the post Dan talks about the new version of control groups that is part of the Fedora 31 release and how it makes containers even more secure."},{"id":"/2019/11/12/new","metadata":{"permalink":"/blogs/2019/11/12/new","source":"@site/blog/2019-11-12-new.md","title":"Fedora 31 and Control Group v2","description":"Dan Walsh has another blog post on the Red Hat Enable Sysadmin site this time about Fedora 31 and Control Group v2. In the post Dan talks about the new version of control groups that is part of the Fedora 31 release and how it makes containers even more secure.","date":"2019-11-12T00:00:00.000Z","formattedDate":"November 12, 2019","tags":[],"readingTime":0.25,"hasTruncateMarker":false,"authors":[{"name":"dwalsh"}],"frontMatter":{"title":"Fedora 31 and Control Group v2","author":"dwalsh","layout":"default","categories":["new"]},"prevItem":{"title":"Fedora 31 and Control Group v2","permalink":"/blogs/2019/11/12/F31-Control-Group-v2"},"nextItem":{"title":"Building freely distributed containers with open tools","permalink":"/blogs/2019/11/08/build-ctrs-with-open-tools"}},"content":"Dan Walsh has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time about [Fedora 31 and Control Group v2](https://www.redhat.com/sysadmin/fedora-31-control-group-v2). In the post Dan talks about the new version of control groups that is part of the Fedora 31 release and how it makes containers even more secure."},{"id":"/2019/11/08/build-ctrs-with-open-tools","metadata":{"permalink":"/blogs/2019/11/08/build-ctrs-with-open-tools","source":"@site/blog/2019-11-08-build-ctrs-with-open-tools.md","title":"Building freely distributed containers with open tools","description":"podman logo","date":"2019-11-08T00:00:00.000Z","formattedDate":"November 8, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"security","permalink":"/blogs/tags/security"},{"label":"runtime","permalink":"/blogs/tags/runtime"}],"readingTime":0.7,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Building freely distributed containers with open tools","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","hpc","oci","security","runtime"]},"prevItem":{"title":"Fedora 31 and Control Group v2","permalink":"/blogs/2019/11/12/new"},"nextItem":{"title":"Building freely distributed containers with open tools","permalink":"/blogs/2019/11/08/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Building freely distributed containers with open tools\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nScott McCarty (@fatherlinux) has an amazing video on YouTube about [Building freely distributed containers with open tools](https://www.youtube.com/watch?v=Qcys7fKSzB0&t=84). As only Scott could say \\"Although explaining how to ride a Tron-style light cycle is beyond the scope of this tutorial, we will discuss something almost as exhilarating\u2014building containers with #Podman and #RedHat Universal Base Image (UBI). We will cover how to build and run #containers based on #UBI using just your regular user account\u2014no daemon, no root (rootless), no fuss. Finally, we will order the deresolution of all of our containers with a really cool command. You probably won\u2019t be promoted to CEO of ENCOM after this talk, but you will have new tools in your toolbelt for how to find, run, build, and share container images.\\""},{"id":"/2019/11/08/new","metadata":{"permalink":"/blogs/2019/11/08/new","source":"@site/blog/2019-11-08-new.md","title":"Building freely distributed containers with open tools","description":"Scott McCarty (@fatherlinux) has an amazing video on YouTube about Building freely distributed containers with open tools. As only Scott could say \\"Although explaining how to ride a Tron-style light cycle is beyond the scope of this tutorial, we will discuss something almost as exhilarating\u2014building containers with #Podman and #RedHat Universal Base Image (UBI). We will cover how to build and run #containers based on #UBI using just your regular user account\u2014no daemon, no root (rootless), no fuss. Finally, we will order the deresolution of all of our containers with a really cool command. You probably won\u2019t be promoted to CEO of ENCOM after this talk, but you will have new tools in your toolbelt for how to find, run, build, and share container images.\\"","date":"2019-11-08T00:00:00.000Z","formattedDate":"November 8, 2019","tags":[],"readingTime":0.625,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Building freely distributed containers with open tools","layout":"default","categories":["new"]},"prevItem":{"title":"Building freely distributed containers with open tools","permalink":"/blogs/2019/11/08/build-ctrs-with-open-tools"},"nextItem":{"title":"Basic security principles for containers and container runtimes","permalink":"/blogs/2019/11/07/basic-security-principles"}},"content":"Scott McCarty (@fatherlinux) has an amazing video on YouTube about [Building freely distributed containers with open tools](https://www.youtube.com/watch?v=Qcys7fKSzB0&t=84). As only Scott could say \\"Although explaining how to ride a Tron-style light cycle is beyond the scope of this tutorial, we will discuss something almost as exhilarating\u2014building containers with #Podman and #RedHat Universal Base Image (UBI). We will cover how to build and run #containers based on #UBI using just your regular user account\u2014no daemon, no root (rootless), no fuss. Finally, we will order the deresolution of all of our containers with a really cool command. You probably won\u2019t be promoted to CEO of ENCOM after this talk, but you will have new tools in your toolbelt for how to find, run, build, and share container images.\\""},{"id":"/2019/11/07/basic-security-principles","metadata":{"permalink":"/blogs/2019/11/07/basic-security-principles","source":"@site/blog/2019-11-07-basic-security-principles.md","title":"Basic security principles for containers and container runtimes","description":"podman logo","date":"2019-11-07T00:00:00.000Z","formattedDate":"November 7, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"security","permalink":"/blogs/tags/security"},{"label":"runtime","permalink":"/blogs/tags/runtime"}],"readingTime":0.305,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Basic security principles for containers and container runtimes","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","hpc","oci","security","runtime"]},"prevItem":{"title":"Building freely distributed containers with open tools","permalink":"/blogs/2019/11/08/new"},"nextItem":{"title":"Basic security principles for containers and container runtimes","permalink":"/blogs/2019/11/07/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Basic security principles for containers and container runtimes\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\nBrent Baude has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time about [Basic security principles for containers and container runtimes](https://www.redhat.com/sysadmin/basic-security-principles-containers). In the post Brent talks about the three core security themes concerning containers and why user privileges matter in the space."},{"id":"/2019/11/07/new","metadata":{"permalink":"/blogs/2019/11/07/new","source":"@site/blog/2019-11-07-new.md","title":"Basic security principles for containers and container runtimes","description":"Brent Baude has another blog post on the Red Hat Enable Sysadmin site this time about Basic security principles for containers and container runtimes. In the post Brent talks about the three core security themes concerning containers and why user privileges matter in the space.","date":"2019-11-07T00:00:00.000Z","formattedDate":"November 7, 2019","tags":[],"readingTime":0.225,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Basic security principles for containers and container runtimes","author":"baude","layout":"default","categories":["new"]},"prevItem":{"title":"Basic security principles for containers and container runtimes","permalink":"/blogs/2019/11/07/basic-security-principles"},"nextItem":{"title":"Migrating from Docker to Podman","permalink":"/blogs/2019/11/05/docker2podman"}},"content":"Brent Baude has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time about [Basic security principles for containers and container runtimes](https://www.redhat.com/sysadmin/basic-security-principles-containers). In the post Brent talks about the three core security themes concerning containers and why user privileges matter in the space."},{"id":"/2019/11/05/docker2podman","metadata":{"permalink":"/blogs/2019/11/05/docker2podman","source":"@site/blog/2019-11-05-docker2podman.md","title":"Migrating from Docker to Podman","description":"podman logo","date":"2019-11-05T00:00:00.000Z","formattedDate":"November 5, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.25,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Migrating from Docker to Podman","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Basic security principles for containers and container runtimes","permalink":"/blogs/2019/11/07/new"},"nextItem":{"title":"Migrating from Docker to Podman","permalink":"/blogs/2019/11/05/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Migrating from Docker to Podman\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nElliott Sales de Andrade\'s post on [Quantum Logic](https://qulogic.gitlab.io/), [Migrating from Docker to Podman](https://qulogic.gitlab.io/posts/2019-10-20-migrating-to-podman/) takes a look at his migration from Docker to Podman and a good assessment of where the Podman tool stands in comparison to Docker."},{"id":"/2019/11/05/new","metadata":{"permalink":"/blogs/2019/11/05/new","source":"@site/blog/2019-11-05-new.md","title":"Migrating from Docker to Podman","description":"Elliott Sales de Andrade\'s post on Quantum Logic, Migrating from Docker to Podman takes a look at his migration from Docker to Podman and a good assessment of where the Podman tool stands in comparison to Docker.","date":"2019-11-05T00:00:00.000Z","formattedDate":"November 5, 2019","tags":[],"readingTime":0.185,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Migrating from Docker to Podman","layout":"default","categories":["new"]},"prevItem":{"title":"Migrating from Docker to Podman","permalink":"/blogs/2019/11/05/docker2podman"},"nextItem":{"title":"The current adoption status of cgroup v2 in containers","permalink":"/blogs/2019/10/31/cgroupv2"}},"content":"Elliott Sales de Andrade\'s post on [Quantum Logic](https://qulogic.gitlab.io/), [Migrating from Docker to Podman](https://qulogic.gitlab.io/posts/2019-10-20-migrating-to-podman/) takes a look at his migration from Docker to Podman and a good assessment of where the Podman tool stands in comparison to Docker."},{"id":"/2019/10/31/cgroupv2","metadata":{"permalink":"/blogs/2019/10/31/cgroupv2","source":"@site/blog/2019-10-31-cgroupv2.md","title":"The current adoption status of cgroup v2 in containers","description":"podman logo","date":"2019-10-31T00:00:00.000Z","formattedDate":"October 31, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.355,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"The current adoption status of cgroup v2 in containers","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Migrating from Docker to Podman","permalink":"/blogs/2019/11/05/new"},"nextItem":{"title":"The current adoption status of cgroup v2 in containers","permalink":"/blogs/2019/10/31/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# The current adoption status of cgroup v2 in containers\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nIn case you missed Akihiro Suda\'s post on [Medium.com](https://medium.com/), [The current adoption status of cgroup v2 in containers](https://medium.com/nttlabs/cgroup-v2-596d035be4d7), here\'s a quick link to it. In the article Akihiro talks all things cgroup v2 and what changes it promises to bring to the world of containers, and Podman is at the forefront of that change."},{"id":"/2019/10/31/new","metadata":{"permalink":"/blogs/2019/10/31/new","source":"@site/blog/2019-10-31-new.md","title":"The current adoption status of cgroup v2 in containers","description":"In case you missed Akihiro Suda\'s post on Medium.com, The current adoption status of cgroup v2 in containers, here\'s a quick link to it. In the article Akihiro talks all things cgroup v2 and what changes it promises to bring to the world of containers, and Podman is at the forefront of that change.","date":"2019-10-31T00:00:00.000Z","formattedDate":"October 31, 2019","tags":[],"readingTime":0.27,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"The current adoption status of cgroup v2 in containers","layout":"default","categories":["new"]},"prevItem":{"title":"The current adoption status of cgroup v2 in containers","permalink":"/blogs/2019/10/31/cgroupv2"},"nextItem":{"title":"First Look: Rootless Containers and cgroup v2 on Fedora 31","permalink":"/blogs/2019/10/29/new"}},"content":"In case you missed Akihiro Suda\'s post on [Medium.com](https://medium.com/), [The current adoption status of cgroup v2 in containers](https://medium.com/nttlabs/cgroup-v2-596d035be4d7), here\'s a quick link to it. In the article Akihiro talks all things cgroup v2 and what changes it promises to bring to the world of containers, and Podman is at the forefront of that change."},{"id":"/2019/10/29/new","metadata":{"permalink":"/blogs/2019/10/29/new","source":"@site/blog/2019-10-29-new.md","title":"First Look: Rootless Containers and cgroup v2 on Fedora 31","description":"Want to allow your users without privileges to run a container securerly on your host? Then this post Rootless Containers and cgroup v2 on Fedora 31 will show you how. It\'s quick, it\'s easy, it\'s secure and it won\'t even cost $19.99!","date":"2019-10-29T00:00:00.000Z","formattedDate":"October 29, 2019","tags":[],"readingTime":0.22,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"First Look: Rootless Containers and cgroup v2 on Fedora 31","layout":"default","categories":["new"]},"prevItem":{"title":"The current adoption status of cgroup v2 in containers","permalink":"/blogs/2019/10/31/new"},"nextItem":{"title":"First Look: Rootless Containers and cgroup v2 on Fedora 31","permalink":"/blogs/2019/10/29/podman-crun-f31"}},"content":"Want to allow your users without privileges to run a container securerly on your host? Then this post: [First Look: Rootless Containers and cgroup v2 on Fedora 31](https://podman.io/blogs/2019/10/29/podman-crun-f31.html) will show you how. It\'s quick, it\'s easy, it\'s secure and it won\'t even cost $19.99!"},{"id":"/2019/10/29/podman-crun-f31","metadata":{"permalink":"/blogs/2019/10/29/podman-crun-f31","source":"@site/blog/2019-10-29-podman-crun-f31.md","title":"First Look: Rootless Containers and cgroup v2 on Fedora 31","description":"podman logo","date":"2019-10-29T00:00:00.000Z","formattedDate":"October 29, 2019","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"rootless","permalink":"/blogs/tags/rootless"},{"label":"crun","permalink":"/blogs/tags/crun"}],"readingTime":7.41,"hasTruncateMarker":true,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"First Look: Rootless Containers and cgroup v2 on Fedora 31","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["podman","containers","hpc","rootless","crun"]},"prevItem":{"title":"First Look: Rootless Containers and cgroup v2 on Fedora 31","permalink":"/blogs/2019/10/29/new"},"nextItem":{"title":"Podman and NFS","permalink":"/blogs/2019/10/28/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# First Look: Rootless Containers and cgroup v2 on Fedora 31\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nI often times stay up too late at night watching late night television and run into these crazy commercials that tell you how easy their product is to use. If you\u2019ve stayed up too, you know them as well. Just put your chicken and veggies in our oven, press 3 buttons and 45 minutes later a perfectly cooked meal! Easy! Got a leak? Slap on this tape and no more leak! Easy! Got a messy floor, just use this sweeper and you\u2019ve the cleanest floor in the neighborhood! Easy!\\n\\nPodman runs secure rootless containers and it really is easy! Trust me, I\u2019m not like those other folks! As we\u2019ve had a number of people asking us about what\u2019s needed to set Podman rootless containers up, I decided to run through the process myself and to blog about the steps I took.\\n\\n\x3c!--truncate--\x3e\\n\\nThe first bit of the work has to be done as either the root user or someone with root privileges. For this walkthrough I used the root user on the console and the first thing I did was to upgrade my Fedora 30 Virtual Machine (VM) to Fedora 31. If you want to install Fedora 31 directly, the beta version just became available at the time of this writing, you could do that instead. The steps to do the upgrade are:\\n\\n```\\n# dnf -y upgrade --refresh\\n# dnf -y install dnf-plugin-system-upgrade\\n# dnf -y system-upgrade download --releasever=31\\n# dnf system-upgrade reboot\\n```\\n\\nAfter the machine finished rebooting, my VM was running Fedora 31 so now I needed to install Podman with `dnf -y install podman`. After that completes, verify that you have Podman Version 1.6.2 or higher.\\n\\n```\\n# podman version\\nVersion: 1.6.2\\nRemoteAPI Version: 1\\nGo Version: go1.13.1\\nOS/Arch: linux/amd64\\n```\\n\\nNow I\u2019m going to follow the steps in the [Basic Setup and Use of Podman in a Rootless environments](https://github.com/containers/podman/blob/main/docs/tutorials/rootless_tutorial.md) tutorial to do the configuration necessary to run rootless containers.\\n\\nPodman running rootless containers does have a few software dependencies. Most if not all of these should be installed for you on Fedora 31 by default, but just to verify I did:\\n\\n```\\n# dnf -y install slirp4netns fuse-overlayfs\\nLast metadata expiration check: 0:02:26 ago on Sat 14 Sep 2019 07:56:03 PM EDT.\\nPackage slirp4netns-0.4.0-20.1.dev.gitbbd6f25.fc31.x86_64 is already installed.\\nPackage fuse-overlayfs-0.6.2-2.git67a4afe.fc31.x86_64 is already installed.\\nDependencies resolved.\\nNothing to do.\\nComplete!\\n```\\n\\nNow the user namespaces need to be setup. Rootless Podman requires the user running it to have a range of UIDs and GIDs listed in the /etc/subuid and /etc/subgid files. These files control which UIDs and GIDs the user is allocated to use on the system. Depending upon how your user was first created, these files may already have entries in them for your user. If so, you don\u2019t need to do anything else. If not, then you can edit either file directly, or you can use `useradd` to create the user and allocate entries in both files, or you can use the `usermod` command to allocate them for a preexisting user. In this example usermod has allocated the values from 10000 to 55537 for the local \u201ctom\u201d account to use in our system.\\n\\n```\\n# usermod -v 10000-65536 -w 10000-65536 tom\\n\\n# cat /etc/subuid\\ntom:10000:55537\\n\\n# cat /etc/subgid\\ntom:10000:55537\\n```\\n\\nIf you have multiple users, you\u2019ll need to be sure that the ranges that are assigned to them in either `/etc/subuid` or `/etc/subgid` don\u2019t overlap or they could gain control of the other persons containers in that overlap.\\n\\nNow we\u2019re done running with a privileged account. From here on out we can run as a non-privileged user, so I next opened up a new terminal and ssh\u2019d into the host using the non-privileged \u2018tom\u2019 account:\\n\\n```\\n$ ssh tom@192.168.122.228\\ntom@192.168.122.228\'s password:\\n```\\n\\nThe first thing to do is to check for the `crun` command.\\n\\n```\\n# whereis crun\\ncrun: /usr/bin/crun /usr/share/man/man1/crun.1.gz\\n```\\n\\nThe `crun` command is the runtime the allows for cgroup V2 support and is supplied starting with Fedora 31. Other container systems use the `runc` runtime. However, runc only supports cgroup V1. The cgroup kernel feature allows you to allocate resources such as CPU time, network bandwidth and system memory to a container. Version 1 of cgroup only supports containers that are run by root, while version 2 supports containers that are run by root or a non-privileged user.\\n\\nA few tweaks to the \u2018tom\u2019 account config files may be needed, in most cases these files will not need tweaking, but let\u2019s verify them. The first up is libpod.conf and to get a default variant of that file, just run `podman info` first.\\n\\n```\\n$ podman info\\n$ vi .config/containers/libpod.conf\\n```\\n\\nAnd if it\u2019s not already set, set the `runtime` option in libpod.conf to \u201ccrun\u201d.\\n\\n```\\nruntime = \\"crun\\"\\n```\\n\\nThen in `.config/containers/storage.conf` make sure the `mount_program = \u201c/usr/bin/fuse-overlayfs\u201d` line is uncommented.\\n\\nJust that easy, you\u2019re ready to run Rootless Podman. See I told you I\u2019m not like those other guys! Let\u2019s try setting up a rootless container running httpd. Let\u2019s create this Dockerfile in the local directory:\\n\\n```\\n$ cat Dockerfile\\nFROM registry.access.redhat.com/ubi8/ubi:8.0\\n\\nMAINTAINER Podman Mailing List \\nENV DOCROOT=/var/www/html\\n\\nRUN yum --disableplugin=subscription-manager --nodocs -y install httpd \\\\\\n && yum --disableplugin=subscription-manager clean all \\\\\\n && echo \\"Hello from the httpd-parent container!\\" > ${DOCROOT}/index.html\\n\\nEXPOSE 80\\n\\nCMD httpd -D FOREGROUND\\n```\\n\\nAnd now build using it:\\n\\n```\\n$ podman build -t myhttp .\\nSTEP 1: FROM registry.access.redhat.com/ubi8/ubi:8.0\\nGetting image source signatures\\nCopying blob 641d7cc5cbc4 done\\nCopying blob c65691897a4d done\\nCopying config 11f9dba4d1 done\\nWriting manifest to image destination\\nStoring signatures\\nSTEP 2: MAINTAINER Podman Mailing List \\nbed974e664909b511f14e2cc21a59642c81fd1d958db12d7ef8fdc1e74f3d364\\nSTEP 3: ENV DOCROOT=/var/www/html\\n5eee83e1e640a4aa2c5f39caa11c3a24ec22e37f99633c2ee9912e8f65a5ff81\\nSTEP 4: RUN yum --disableplugin=subscription-manager --nodocs -y install httpd && yum --disableplugin=subscription-manager clean all && echo \\"Hello from the httpd-parent container!\\" > ${DOCROOT}/index.html\\nRed Hat Universal Base Image 8 (RPMs) - AppStre 1.0 MB/s | 2.3 MB 00:02\\nRed Hat Universal Base Image 8 (RPMs) - BaseOS 769 kB/s | 754 kB 00:00\\nDependencies resolved.\\n{A number of normal yum output lines removed for brevity}\\nInstalled:\\n httpd-2.4.37-12.module+el8.0.0+4096+eb40e6da.x86_64\\n apr-util-openssl-1.6.1-6.el8.x86_64\\n apr-util-bdb-1.6.1-6.el8.x86_64\\n apr-1.6.3-9.el8.x86_64\\n apr-util-1.6.1-6.el8.x86_64\\n httpd-tools-2.4.37-12.module+el8.0.0+4096+eb40e6da.x86_64\\n mod_http2-1.11.3-3.module+el8.0.0+4096+eb40e6da.x86_64\\n httpd-filesystem-2.4.37-12.module+el8.0.0+4096+eb40e6da.noarch\\n mailcap-2.1.48-3.el8.noarch\\n redhat-logos-httpd-80.7-1.el8.noarch\\n\\nComplete!\\n16 files removed\\n45fcaaf719615e97190bf38aa9d8d06e5437f0e10741343fd318777647584d6f\\nSTEP 5: EXPOSE 80\\n865abb5a809cb0ffbc63fef2def892595fe54cfeffc67013a0096a5f0fff4b27\\nSTEP 6: CMD httpd -D FOREGROUND\\nSTEP 7: COMMIT myhttp\\nf8d0bf10faa0460a111283a51d95e94421d1a46a21bca7f6f43a762469504593\\n```\\n\\nNow to verify the myhttp image has been created:\\n\\n```\\n$ podman images\\nREPOSITORY TAG IMAGE ID CREATED SIZE\\nlocalhost/myhttp latest a76baf5989a3 2 minutes ago 236 MB\\nregistry.access.redhat.com/ubi8/ubi 8.0 11f9dba4d1bc 5 weeks ago 216 MB\\n```\\n\\nLet\u2019s now run our container and check that the http server is responding:\\n\\n```\\n$ podman run --detach --name myhttp_ctr localhost/myhttp 30d8b54f63c5d2a8ecbe30b56546082e32e701a87c98df81ee0d2565ed33db72\\n$ curl localhost\\ncurl: (7) Failed to connect to localhost port 80: Connection refused\\n```\\n\\nBut wait! Why did the curl command fail rather than return our index.html output from our webserver? That\u2019s because we\u2019re running a rootless container and the user running this container doesn\u2019t have the privilege to connect to the container host\u2019s port 80 for the webserver. So how can we be certain that the webserver is up and running? First let\u2019s see if the container is up:\\n\\n```\\n$ podman ps\\nCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES\\n30d8b54f63c5 localhost/myhttp:latest /bin/sh -c httpd ... 3 minutes ago Up 3 minutes ago myhttp_ctr\\n```\\n\\nThe container appears to be up and running. Let\u2019s exec into it and see if we can resolve the web server from inside of the container:\\n\\n```\\n$ podman exec -it myhttp_ctr /bin/bash\\nbash-4.4# curl localhost\\nHello from the httpd-parent container!\\n```\\n\\nWe\u2019ve made contact with our web server from within the container. Granted this is not the most useful example from a real world side of things. However, it does show how a rootless container is able to run while the administrator of the host can build a good secure separation from the rootless container. Rootless containers keep unprivileged users from running or controlling things they should not on the host.\\n\\nSetting up a host to run rootless containers using Podman is a relatively painless process. Out of the box the only thing that may need to be done is to add entries in the /etc/subuid and /etc/subgid files for users that will be running containers. That\u2019s it! We did a little more checking on the files above, but that wasn\u2019t required. Once the user has those entries created for them, they can run containers in their own space without controlling things on the host that they should not. It really is just that easy, and best yet, you didn\u2019t even have to stay up late at night so you could call now \u201cFor just $19.99 we\u2019ll give you rootless containers and if you sign up now, you can run them safely too!\u201d. Instead, rootless containers are there and ready for your use starting in Podman v1.6.2 right now."},{"id":"/2019/10/28/new","metadata":{"permalink":"/blogs/2019/10/28/new","source":"@site/blog/2019-10-28-new.md","title":"Podman and NFS","description":"Adrian Reber wrote up a quick post on \\"Podman and NFS\\" here. In the article Adrian shows how he extended his HPC environment to us a shared NFS home directory.","date":"2019-10-28T00:00:00.000Z","formattedDate":"October 28, 2019","tags":[],"readingTime":0.15,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Podman and NFS","layout":"default","categories":["new"]},"prevItem":{"title":"First Look: Rootless Containers and cgroup v2 on Fedora 31","permalink":"/blogs/2019/10/29/podman-crun-f31"},"nextItem":{"title":"Podman and NFS","permalink":"/blogs/2019/10/28/podman-with-nfs"}},"content":"Adrian Reber wrote up a quick post on \\"Podman and NFS\\" [here](https://podman.io/blogs/2019/10/28/podman-with-nfs.html). In the article Adrian shows how he extended his HPC environment to us a shared NFS home directory."},{"id":"/2019/10/28/podman-with-nfs","metadata":{"permalink":"/blogs/2019/10/28/podman-with-nfs","source":"@site/blog/2019-10-28-podman-with-nfs.md","title":"Podman and NFS","description":"podman logo","date":"2019-10-28T00:00:00.000Z","formattedDate":"October 28, 2019","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"nfs","permalink":"/blogs/tags/nfs"}],"readingTime":2.49,"hasTruncateMarker":true,"authors":[{"name":"adrianr"}],"frontMatter":{"title":"Podman and NFS","layout":"default","author":"adrianr","categories":["blogs"],"tags":["podman","containers","hpc","nfs"]},"prevItem":{"title":"Podman and NFS","permalink":"/blogs/2019/10/28/new"},"nextItem":{"title":"PMM Server + podman: Running a Container Without root Privileges","permalink":"/blogs/2019/10/23/Perona-PMM"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman and NFS\\n\\n## By Adrian Reber [GitHub](https://github.com/adrianreber)\\n\\nIn my previous [Podman in HPC\\nenvironments](https://podman.io/blogs/2019/09/26/podman-in-hpc.html) article I\\nintroduced how Podman can be used to run containers under the control of Open\\nMPI. In this article I want to extend my HPC environment to use a shared NFS\\nhome directory.\\n\\n\x3c!--truncate--\x3e\\n\\nThe following examples are running on CentOS 7.7 and are\\nconfiguring Podman for rootless usage based on [the official\\ndocumentation](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux_atomic_host/7/html-single/managing_containers/index#running_containers_as_root_or_rootless).\\n\\nThe user in my examples is named _centos_.\\n\\n```shell\\n$ sudo sh -c \\"echo \'user.max_user_namespaces=28633\' > /etc/sysctl.d/userns.conf\\"\\n$ sudo sysctl -p /etc/sysctl.d/userns.conf\\n$ sudo sh -c \\"echo \'centos:200000:65536\' >> /etc/subuid\\"\\n$ sudo sh -c \\"echo \'centos:200000:65536\' >> /etc/subgid\\"\\n```\\n\\nWith this the system should be ready to run rootless containers. As I am focussing\\non containers running under Open MPI\'s control I am using Podman with _--net=host_,\\nas mentioned in my [previous article](https://podman.io/blogs/2019/09/26/podman-in-hpc.html).\\n\\nDuring system setup I am also configuring Podman to be ready to run on a NFS\\nbased home directory because, as far as I know, it is not possible for Podman\\nto correctly setup the necessary [user\\nnamespaces](https://man7.org/linux/man-pages/man7/user_namespaces.7.html) when\\nthe storage backend is running on NFS.\\n\\nThe following commands are necessary on my system to tell Podman to use\\n_/tmp/centos/containers_ as the storage backend:\\n\\n```shell\\n$ podman info\\n$ sed -e \\"s,graphroot.*$,graphroot = \\\\\\"/tmp/centos/containers\\\\\\",g\\" -i .config/containers/storage.conf\\n$ rm -f ./.local/share/containers/storage/libpod/bolt_state.db ./.local/share/containers/cache/blob-info-cache-v1.boltdb\\n```\\n\\nThe first command lets Podman create an initial configuration for the current\\nsystem. As the home directory is on a NFS mounted directory it is necessary to\\ntell Podman to use a non NFS directory for backend storage\\n(_/tmp/centos/containers_ in this example). As this happens during initial\\nsystem (or user) configuration and no container has yet been run by Podman I\\ncan easily delete Podman\'s local database which contains reference to the home\\ndirectory as the storage backend. With these 3 steps Podman is ready to be used\\non a NFS based home directory once the user logs in for the first time.\\n\\nI am now running the same Open MPI based container example as in my\\n[previous article](https://podman.io/blogs/2019/09/26/podman-in-hpc.html).\\n\\n```shell\\n$ mpirun --hostfile hostfile \\\\\\n --mca orte_tmpdir_base /tmp/podman-mpirun \\\\\\n podman run --env-host \\\\\\n -v /tmp/podman-mpirun:/tmp/podman-mpirun \\\\\\n --userns=keep-id \\\\\\n --net=host --pid=host --ipc=host \\\\\\n quay.io/adrianreber/mpi-test:30 /home/ring\\nRank 2 has cleared MPI_Init\\nRank 2 has completed ring\\nRank 2 has completed MPI_Barrier\\nRank 3 has cleared MPI_Init\\nRank 3 has completed ring\\nRank 3 has completed MPI_Barrier\\nRank 1 has cleared MPI_Init\\nRank 1 has completed ring\\nRank 1 has completed MPI_Barrier\\nRank 0 has cleared MPI_Init\\nRank 0 has completed ring\\nRank 0 has completed MPI_Barrier\\n```\\n\\nThe difference to the previous article is that my home directory is now NFS\\nbased. Podman will now go to the specified registry (_quay.io_) to download for\\neach host involved in the MPI job the specified container to\\n_/tmp/centos/containers_.\\n\\nThis enables me to use Podman in a even more HPC like environment where shared\\nhome directories are very common to share input and output data."},{"id":"/2019/10/23/Perona-PMM","metadata":{"permalink":"/blogs/2019/10/23/Perona-PMM","source":"@site/blog/2019-10-23-Perona-PMM.md","title":"PMM Server + podman: Running a Container Without root Privileges","description":"podman logo","date":"2019-10-23T00:00:00.000Z","formattedDate":"October 23, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.345,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"PMM Server + podman: Running a Container Without root Privileges","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Podman and NFS","permalink":"/blogs/2019/10/28/podman-with-nfs"},"nextItem":{"title":"PMM Server + podman: Running a Container Without root Privileges","permalink":"/blogs/2019/10/23/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# PMM Server + podman: Running a Container Without root Privileges\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nCeri Williams talks about how the Percona Monitoring and Management (PMM) can be run in a container using Podman without root privileges [here](https://www.percona.com/blog/2019/10/22/pmm-server-podman-running-a-container-without-root-privileges/?utm_campaign=2019%20Blog%20Q4&utm_content=103803368&utm_medium=social&utm_source=twitter&hss_channel=tw-35373186). In the post Ceri talks about how Percona was able to replace Docker with Podman and Buildah and are able to run containers more securely by doing so."},{"id":"/2019/10/23/new","metadata":{"permalink":"/blogs/2019/10/23/new","source":"@site/blog/2019-10-23-new.md","title":"PMM Server + podman: Running a Container Without root Privileges","description":"Ceri Williams talks about how the Percona Monitoring and Management (PMM) can be run in a container using Podman without root privileges here. In the post Ceri talks about how Percona was able to replace Docker with Podman and Buildah and are able to run containers more securely by doing so.","date":"2019-10-23T00:00:00.000Z","formattedDate":"October 23, 2019","tags":[],"readingTime":0.255,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"PMM Server + podman: Running a Container Without root Privileges","layout":"default","categories":["new"]},"prevItem":{"title":"PMM Server + podman: Running a Container Without root Privileges","permalink":"/blogs/2019/10/23/Perona-PMM"},"nextItem":{"title":"Generate SECCOMP Profiles for Containers Using Podman and eBPF","permalink":"/blogs/2019/10/15/generate-seccomp-profiles"}},"content":"Ceri Williams talks about how the Percona Monitoring and Management (PMM) can be run in a container using Podman without root privileges [here](https://www.percona.com/blog/2019/10/22/pmm-server-podman-running-a-container-without-root-privileges/?utm_campaign=2019%20Blog%20Q4&utm_content=103803368&utm_medium=social&utm_source=twitter&hss_channel=tw-35373186). In the post Ceri talks about how Percona was able to replace Docker with Podman and Buildah and are able to run containers more securely by doing so."},{"id":"/2019/10/15/generate-seccomp-profiles","metadata":{"permalink":"/blogs/2019/10/15/generate-seccomp-profiles","source":"@site/blog/2019-10-15-generate-seccomp-profiles.md","title":"Generate SECCOMP Profiles for Containers Using Podman and eBPF","description":"podman logo","date":"2019-10-15T00:00:00.000Z","formattedDate":"October 15, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"security","permalink":"/blogs/tags/security"},{"label":"seccomp","permalink":"/blogs/tags/seccomp"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"bpf","permalink":"/blogs/tags/bpf"},{"label":"ebpf","permalink":"/blogs/tags/ebpf"},{"label":"tracing","permalink":"/blogs/tags/tracing"},{"label":"syscall","permalink":"/blogs/tags/syscall"}],"readingTime":10.535,"hasTruncateMarker":true,"authors":[{"name":"vrothberg"}],"frontMatter":{"title":"Generate SECCOMP Profiles for Containers Using Podman and eBPF","layout":"default","author":"vrothberg","categories":["blogs"],"tags":["containers","security","seccomp","oci","bpf","ebpf","tracing","syscall"]},"prevItem":{"title":"PMM Server + podman: Running a Container Without root Privileges","permalink":"/blogs/2019/10/23/new"},"nextItem":{"title":"Generate SECCOMP Profiles for Containers Using Podman and eBPF","permalink":"/blogs/2019/10/15/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Generate SECCOMP Profiles for Containers Using Podman and eBPF\\n\\n## By Valentin Rothberg [GitHub](https://github.com/vrothberg)\\n\\nContainers run everywhere. They run in the cloud, they run on IoT devices, they run in small and in big companies and wherever they run, we want them to run as securely as possible. In this article, I describe the [Google Summer of Code](https://summerofcode.withgoogle.com/) project that [Divyansh Kamboj](https://twitter.com/weirdwiz_), [Dan Walsh](https://twitter.com/rhatdan) and [I](https://twitter.com/vlntnrthbrg) have been working on and how we improved the state of the art in securing containers, and how you can try it out.\\n\\n\x3c!--truncate--\x3e\\n\\n# Background\\n\\nAt [DevConf.cz](https://www.devconf.info/cz/) in early 2019, Dan Walsh and I were talking about container security and how we could improve the status quo in a user-friendly fashion. Among other things, we talked about [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html), a widely used security feature of Linux. At its very core, seccomp allows for filtering the syscalls invoked by a process and can thereby be used to restrict which syscalls a given process is allowed to execute. Many software projects such as Android, Flatpak, Chrome and Firefox use seccomp to further tighten the security. One threat model seccomp protects against is the damage a malicious process can do. The fewer syscalls are available, the smaller is the attack surface. Hence, an attacker might gain control over some process of a web browser but seccomp will restrict the set of available syscalls to only those it needs. For instance, the syscalls needed for a rendering a website. The reduced attack surface can prevent the attacker from gaining control over the system. This makes seccomp a powerful security tool but while talking about it Dan and I quickly realized there is room for improvement.\\n\\nThe tricky part of security is making it user friendly. A security mechanism should not turn into an annoyance or an obstacle. Otherwise some users will turn it off. Most container tools use a default seccomp filter which was initially written by [Jesse Frazelle](https://twitter.com/jessfraz?lang=de) for Docker. This default filter found a balance between tightening the security while remaining portable to allow most workloads to run without receiving permission errors. The fact that this default filter is used by Docker, Podman, CRI-O, containerd and other tools on millions of deployments around the globe, shows its importance and impact. However, the default filter is pretty loose and it still allows more than 300 of the 435 syscalls on Linux 5.3 x86_64. The high number of available syscalls is essential to support as many containers as possible but according to Aqua Sec, most containers require only [40 to 70 syscalls](https://blog.aquasec.com/aqua-3.2-preventing-container-breakouts-with-dynamic-system-call-profiling). This means that the syscall attack surface of an average container could further be reduced by around 80 percent. But if we want to restrict more syscalls than the default filter, we face the problem of finding out which syscalls a container actually needs. That\u2019s the problem we decided to work on and to ultimately come up with an open-source solution that users can easily use and integrate into their workflows.\\n\\nDan and I started to philosophize about how we wanted to tackle the problem of finding out which syscalls a given container needs. Statically analyzing the code is theoretically optimal as we can determine the exact set of syscalls the program needs. But we quickly run into practical issues where corner cases cannot be covered and where users need a deep understanding of the code and certainly of the limitations of the individual analyzers. Such approaches are also programming-language specific and hence not generally applicable. All in all, static analysis does not provide the level of user friendliness and automation we wanted. Hence, we decided upon runtime analysis and proposed a project for Google Summer of Code under the umbrella of the [Fedora project](https://getfedora.org/). The project proposal was to trace the processes running inside a container and to create a seccomp filter based on the set of recorded syscalls. The proposal was eventually accepted and we are thrilled how far we came thanks to Divyansh Kamboj who worked with us during this summer and who has turned into an active contributor to our [github.com/containers](https://github.com/containers) projects.\\n\\n# Tracing the syscalls of a container\\n\\nAfter some initial experiments with [ptrace](https://en.wikipedia.org/wiki/Ptrace), we were looking for an alternative tracing mechanism. Ptrace has some considerable performance impacts that we were not willing to take, so Divyansh explored the idea of using audit logging of seccomp actions. Since Linux v4.14, the actions of seccomp filters can be recorded in the audit log. Using seccomp to create a new seccomp filter was tempting and the initial experiments have shown promising results until we started to run multiple containers in parallel. We could see and track which syscalls have been used but we could not figure out which process and hence which syscall belongs to which container. The Linux kernel community is currently debating to add an [audit container ID](https://lwn.net/Articles/750313/) which identifies a container in the logs but there is no consensus yet and we do not expect a solution in the near future. We had to find another solution.\\n\\nEventually, we decided to use the [extended Berkeley Packet Filter (eBPF)](https://lwn.net/Articles/740157/) for tracing. eBPF allows for writing custom programs that can hook into various code paths in the kernel. These programs can be injected from user space into the kernel who interprets them in a special virtual machine. BPF was originally written to inspect networking packets directly in the kernel to achieve the lowest possible latency and best performance. Nowadays, with eBPF we can inspect many more aspects of the kernel. For our purpose, we hook into the sysenter tracepoint when entering the kernel from user space. This allows us to quickly inspect which syscalls are called by a given process. Although eBPF is fast, we still faced the aforementioned absence of a container concept in the kernel, so we had to find a way to know if a given process is part of the container we want to trace or not. We decided to identify a container by its PID namespace. If the PID namespace of the process we hit in our eBPF program corresponds to the container we are currently tracing, then we record the syscall. Ultimately, if a container creates a new PID namespace, we will not trace processes inside the new namespace and generate an inaccurate filter. But that is pretty much the only limitation.\\n\\n# The OCI seccomp bpf hook\\n\\nWe implemented the syscall tracer as an Open Container Initiative (OCI) [runtime hook](https://github.com/opencontainers/runtime-spec/blob/master/config.md#posix-platform-hooks). OCI runtime hooks are called at different stages of the lifecycle of a container and are executed by OCI-compliant container runtimes, such as runc. Runc is used to spawn and run containers, and is the default runtime of Podman, containerd, Docker and many other tools. Our syscall-tracing hook runs at the prestart stage, where the init process of the container is created but not yet started. At this point, we can extract the PID namespace of the container, compile the eBPF program and start it. All this happens before the container is started, so we do not run into a race condition and avoid losing any early syscalls of the container. Once the eBPF program is running, we detach it from the hook and the container runtime can start the container. All source code is open source and can be downloaded from [github.com/containers/oci-seccomp-bpf-hook](https://github.com/containers/oci-seccomp-bpf-hook). We are currently creating packages for Fedora and CentOS and hope to provide packages for more distributions in the near future. In the following, we go through a step-by-step example how the hook can be used in practice.\\n\\nLet\u2019s first install [Podman](https://podman.io/). Podman is a daemonless container engine for running containers and Pods and supports running [rootless containers](https://opensource.com/article/19/2/how-does-rootless-podman-work).\\n\\n```\\n$ sudo dnf install -y podman\\n```\\n\\nNext, we clone the git repository of the OCI seccomp bpf hook to compile and install it. Note that we need to install a few more packages in order to compile the hook.\\n\\n```\\n$ sudo dnf install -y bcc-devel bcc-tools git golang libseccomp-devel golang-github-cpuguy83-md2man make\\n$ git clone https://github.com/containers/oci-seccomp-bpf-hook.git\\n$ cd oci-seccomp-bpf-hook\\n$ make binary\\n$ PREFIX=/usr sudo make install\\n```\\n\\nNow, with the hook being installed we can use Podman to run a container and use the hook for tracing syscalls. eBPF requires root privileges so we cannot make use of Podman\u2019s rootless support while tracing. However, we can use the generated seccomp profiles for running the workloads in a rootless container.\\n\\n```\\n$ sudo podman run --annotation io.containers.trace-syscall=of:/tmp/ls.json fedora:30 ls / > /dev/null\\n```\\n\\nIn the upper example, we are running ls in a fedora:30 container. The annotation io.containers.trace-syscall is used to start our hook while its value expects a mandatory output file (short \u201cof:\u201d) that points to a path where we want the new seccomp filter to be written. In fact, the output file is a json file which is often referred to as a seccomp profile that container engines such as Podman and Docker will eventually parse and compile into a seccomp filter for the kernel. When inspecting the generated profile we will notice that there are more syscalls than ls executes. Those syscalls are the ones that runc invokes after having applied the seccomp profile and before starting the container, so they are essential to prevent us from getting permission errors when reusing the profile. However, we do not need to worry about that as the hook is clever enough to add these syscalls. Let\u2019s run a few containers using the generated profile.\\n\\n```\\n$ sudo podman run --security-opt seccomp=/tmp/ls.json fedora:30 ls / > /dev/null\\n$ sudo podman run --security-opt seccomp=/tmp/ls.json fedora:30 ls -l / > /dev/null\\nls: cannot access \'/\': Operation not permitted\\n```\\n\\nMaybe you are as surprised as we were when first running this very example. It seems that ls uses additional syscalls with the -l flag which instructs ls to use a more verbose listing format. This example shows a limitation of our approach since the quality and completeness of the generated seccomp profile depends on the exhaustiveness when tracing, and that\u2019s clearly something to keep in mind when using the hook. To avoid rerunning everything from scratch, the hook allows for the specification of an additional input file. This input file serves as a baseline to which all traced syscalls are added. This way, we do not need to redundantly run all, potentially time-costly, previous workloads but can add new data on top. Let\u2019s try this out and rerun ls -l.\\n\\n```\\n$ sudo podman run --annotation io.containers.trace-syscall=\u201dif:/tmp/ls.json;of:/tmp/lsl.json\u201d fedora:30 ls -l / > /dev/null\\n```\\n\\nAs mentioned above, we need root privileges for running the eBPF hook. But now, as we have generated the new seccomp profile, we can use it for running the same workload in a rootless container.\\n\\n```\\n$ id -u\\n1000\\n$ podman run --security-opt seccomp=/tmp/lsl.json fedora:30 ls -l / > /dev/null\\n```\\n\\n# When can I lock down my container?\\n\\nOne of the issues with attempting to generate seccomp profiles this way is that we cannot always be sure of having crossed all code paths that the container can potentially run. But if we have fairly extensive tests we should be able to gather a substantial amount of the syscalls for running the container within our CI/CD system. Now when we put our container into production, we can continue tracing the syscalls in the new environment. For example, if you use Kubernetes you could send the annotation down to [CRI-O](https://github.com/cri-o/cri-o) and it would run the hook. Now, we can periodically check if the generated profile has changed over time. If we do not see new syscalls added for a given amount of time, we can feel confident to start using the profile. If a container using the profile gets blocked from using a syscall, the kernel will continue to report these in the audit.log which allows us to manually look for missing syscalls.\\n\\n# Try it out!\\n\\nIt was essential for us to base our work on open standards, which is why we decided to use the hooks specified in the OCI runtime specification. This way, our approach works with OCI compliant container runtimes such as runc or crun. Furthermore, we did not want to tie the tracing feature to a specific container engine. We wanted different tools such as Podman, Docker, CRI-O or containerd to be able to use the hook to encourage collaboration across different communities. Hence, we chose to use an OCI runtime annotation (i.e., io.containers.trace-syscall) to trigger the hook which is a generally supported feature.\\n\\nAs a next step, feel free to generate your own seccomp profiles with the oci-seccomp-bpf-hook. We would love to have feedback and always welcome contributions."},{"id":"/2019/10/15/new","metadata":{"permalink":"/blogs/2019/10/15/new","source":"@site/blog/2019-10-15-new.md","title":"Generate SECCOMP Profiles for Containers Using Podman and eBPF","description":"Valentin Rothberg checks in with the \\"Generate SECCOMP Profiles for Containers Using Podman and eBPF\\" blog here. In the article Valentin introduces the OCI seccomp hook which allows you to trace the syscalls of a container and then runs through a working example.","date":"2019-10-15T00:00:00.000Z","formattedDate":"October 15, 2019","tags":[],"readingTime":0.215,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Generate SECCOMP Profiles for Containers Using Podman and eBPF","layout":"default","categories":["new"]},"prevItem":{"title":"Generate SECCOMP Profiles for Containers Using Podman and eBPF","permalink":"/blogs/2019/10/15/generate-seccomp-profiles"},"nextItem":{"title":"Say \u201cHello\u201d to Buildah, Podman, and Skopeo","permalink":"/blogs/2019/10/14/1-new"}},"content":"Valentin Rothberg checks in with the \\"Generate SECCOMP Profiles for Containers Using Podman and eBPF\\" blog [here](https://podman.io/blogs/2019/10/15/generate-seccomp-profiles.html). In the article Valentin introduces the OCI seccomp hook which allows you to trace the syscalls of a container and then runs through a working example."},{"id":"/2019/10/14/1-new","metadata":{"permalink":"/blogs/2019/10/14/1-new","source":"@site/blog/2019-10-14-1-new.md","title":"Say \u201cHello\u201d to Buildah, Podman, and Skopeo","description":"Saharsh Singh talks about how he\'s moved on from his Docker daemon and moved on to Podman, Buildah and Skopeo here on the Red Hat Service Blog site. Saharsh walks you through a history of container tools and then talks about Podman, Buildah and Skopeo with a lot of great examples.","date":"2019-10-14T00:00:00.000Z","formattedDate":"October 14, 2019","tags":[],"readingTime":0.255,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Say \u201cHello\u201d to Buildah, Podman, and Skopeo","layout":"default","categories":["new"]},"prevItem":{"title":"Generate SECCOMP Profiles for Containers Using Podman and eBPF","permalink":"/blogs/2019/10/15/new"},"nextItem":{"title":"Here\u2019s why podman is more secured than Docker \u2013 DevSecOps","permalink":"/blogs/2019/10/14/2-new"}},"content":"Saharsh Singh talks about how he\'s moved on from his Docker daemon and moved on to Podman, Buildah and Skopeo [here](https://servicesblog.redhat.com/2019/10/09/say-hello-to-buildah-podman-and-skopeo/?sc_cid=701f2000000txokAAA&utm_source=bambu&utm_medium=social&utm_campaign=abm) on the Red Hat Service Blog site. Saharsh walks you through a history of container tools and then talks about Podman, Buildah and Skopeo with a lot of great examples."},{"id":"/2019/10/14/2-new","metadata":{"permalink":"/blogs/2019/10/14/2-new","source":"@site/blog/2019-10-14-2-new.md","title":"Here\u2019s why podman is more secured than Docker \u2013 DevSecOps","description":"Ganesh Mani discusses why Podman is more secure than Docker here on the CLOUDNWEB site. Ganesh talks about why Podman\'s fork and execute model is more secure than Docker\'s client server model.","date":"2019-10-14T00:00:00.000Z","formattedDate":"October 14, 2019","tags":[],"readingTime":0.16,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Here\u2019s why podman is more secured than Docker \u2013 DevSecOps","layout":"default","categories":["new"]},"prevItem":{"title":"Say \u201cHello\u201d to Buildah, Podman, and Skopeo","permalink":"/blogs/2019/10/14/1-new"},"nextItem":{"title":"Say \u201cHello\u201d to Buildah, Podman, and Skopeo","permalink":"/blogs/2019/10/14/SayHello"}},"content":"Ganesh Mani discusses why Podman is more secure than Docker [here](https://cloudnweb.dev/2019/10/heres-why-podman-is-more-secured-than-docker-devsecops/) on the [CLOUDNWEB](https://cloudnweb.dev/) site. Ganesh talks about why Podman\'s fork and execute model is more secure than Docker\'s client server model."},{"id":"/2019/10/14/SayHello","metadata":{"permalink":"/blogs/2019/10/14/SayHello","source":"@site/blog/2019-10-14-SayHello.md","title":"Say \u201cHello\u201d to Buildah, Podman, and Skopeo","description":"podman logo","date":"2019-10-14T00:00:00.000Z","formattedDate":"October 14, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.33,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Say \u201cHello\u201d to Buildah, Podman, and Skopeo","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Here\u2019s why podman is more secured than Docker \u2013 DevSecOps","permalink":"/blogs/2019/10/14/2-new"},"nextItem":{"title":"Here\u2019s why podman is more secured than Docker \u2013 DevSecOps","permalink":"/blogs/2019/10/14/docker-vs-podman-security"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Say \u201cHello\u201d to Buildah, Podman, and Skopeo\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nSaharsh Singh talks about how he\'s moved on from his Docker daemon and moved on to Podman, Buildah and Skopeo [here](https://servicesblog.redhat.com/2019/10/09/say-hello-to-buildah-podman-and-skopeo/?sc_cid=701f2000000txokAAA&utm_source=bambu&utm_medium=social&utm_campaign=abm) on the Red Hat Service Blog site. Saharsh walks you through a history of container tools and then talks about Podman, Buildah and Skopeo with a lot of great examples."},{"id":"/2019/10/14/docker-vs-podman-security","metadata":{"permalink":"/blogs/2019/10/14/docker-vs-podman-security","source":"@site/blog/2019-10-14-docker-vs-podman-security.md","title":"Here\u2019s why podman is more secured than Docker \u2013 DevSecOps","description":"podman logo","date":"2019-10-14T00:00:00.000Z","formattedDate":"October 14, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.25,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Here\u2019s why podman is more secured than Docker \u2013 DevSecOps","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Say \u201cHello\u201d to Buildah, Podman, and Skopeo","permalink":"/blogs/2019/10/14/SayHello"},"nextItem":{"title":"Configuring container networking with Podman","permalink":"/blogs/2019/10/02/container-networking"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Here\u2019s why podman is more secured than Docker \u2013 DevSecOps\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nGanesh Mani discusses why Podman is more secure than Docker [here](https://cloudnweb.dev/2019/10/heres-why-podman-is-more-secured-than-docker-devsecops/) on the [CLOUDNWEB](https://cloudnweb.dev/) site. Ganesh talks about why Podman\'s fork and execute model is more secure than Docker\'s client server model."},{"id":"/2019/10/02/container-networking","metadata":{"permalink":"/blogs/2019/10/02/container-networking","source":"@site/blog/2019-10-02-container-networking.md","title":"Configuring container networking with Podman","description":"podman logo","date":"2019-10-02T00:00:00.000Z","formattedDate":"October 2, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"networking","permalink":"/blogs/tags/networking"}],"readingTime":0.33,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Configuring container networking with Podman","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci","networking"]},"prevItem":{"title":"Here\u2019s why podman is more secured than Docker \u2013 DevSecOps","permalink":"/blogs/2019/10/14/docker-vs-podman-security"},"nextItem":{"title":"Configuring container networking with Podman","permalink":"/blogs/2019/10/02/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Configuring container networking with Podman\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\nBrent Baude has a blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site about [Configuring container networking with Podman](https://www.redhat.com/sysadmin/container-networking-podman). In the post Brent goes over how you can communicate between a container and the host, between containers in and out of a pod, while running as a root and as a non-root user."},{"id":"/2019/10/02/new","metadata":{"permalink":"/blogs/2019/10/02/new","source":"@site/blog/2019-10-02-new.md","title":"Configuring container networking with Podman","description":"Brent Baude has a blog post on the Red Hat Enable Sysadmin site about Configuring container networking with Podman. In the post Brent goes over how you can communicate between a container and the host, between containers in and out of a pod, while running as a root and as a non-root user.","date":"2019-10-02T00:00:00.000Z","formattedDate":"October 2, 2019","tags":[],"readingTime":0.265,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Configuring container networking with Podman","author":"baude","layout":"default","categories":["new"]},"prevItem":{"title":"Configuring container networking with Podman","permalink":"/blogs/2019/10/02/container-networking"},"nextItem":{"title":"Podman in HPC environments","permalink":"/blogs/2019/09/26/podman-in-hpc"}},"content":"Brent Baude has a blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site about [Configuring container networking with Podman](https://www.redhat.com/sysadmin/container-networking-podman). In the post Brent goes over how you can communicate between a container and the host, between containers in and out of a pod, while running as a root and as a non-root user."},{"id":"/2019/09/26/podman-in-hpc","metadata":{"permalink":"/blogs/2019/09/26/podman-in-hpc","source":"@site/blog/2019-09-26-podman-in-hpc.md","title":"Podman in HPC environments","description":"podman logo","date":"2019-09-26T00:00:00.000Z","formattedDate":"September 26, 2019","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"hpc","permalink":"/blogs/tags/hpc"}],"readingTime":4.51,"hasTruncateMarker":true,"authors":[{"name":"adrianr"}],"frontMatter":{"title":"Podman in HPC environments","layout":"default","author":"adrianr","categories":["blogs"],"tags":["podman","containers","hpc"]},"prevItem":{"title":"Configuring container networking with Podman","permalink":"/blogs/2019/10/02/new"},"nextItem":{"title":"Podman in HPC environments","permalink":"/blogs/2019/09/25/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman in HPC environments\\n\\n## By Adrian Reber [GitHub](https://github.com/adrianreber)\\n\\nA _High-Performance Computing_ (**HPC**) environment can mean a lot of things,\\nbut in this article I want to focus on running _Message Passing Interface_\\n(**MPI**) parallelized programs with the help of Podman.\\n\\n\x3c!--truncate--\x3e\\n\\nThe following is a simple MPI based example taken from Open MPI: [ring.c](https://raw.githubusercontent.com/open-mpi/ompi/master/orte/test/mpi/ring.c)\\n\\nTo use it on a Fedora 30 system I first installed Open MPI and then I compiled\\nthe example:\\n\\n```shell\\n$ sudo dnf install openmpi-devel\\n$ module load mpi/openmpi-x86_64\\n$ echo \\"module load mpi/openmpi-x86_64\\" >> .bashrc\\n$ mpicc -o ring ring.c\\n```\\n\\nRunning this on my test system (Fedora 30) with 4 CPUs gives me this:\\n\\n```shell\\n$ mpirun ./ring\\nRank 3 has cleared MPI_Init\\nRank 1 has cleared MPI_Init\\nRank 2 has cleared MPI_Init\\nRank 0 has cleared MPI_Init\\nRank 1 has completed ring\\nRank 2 has completed ring\\nRank 3 has completed ring\\nRank 0 has completed ring\\nRank 3 has completed MPI_Barrier\\nRank 1 has completed MPI_Barrier\\nRank 0 has completed MPI_Barrier\\nRank 2 has completed MPI_Barrier\\n```\\n\\nTo be able to use Podman in combination with mpirun I created a container with\\nthe following definition:\\n\\n```shell\\n$ cat Dockerfile\\nFROM registry.fedoraproject.org/fedora:30\\n\\nRUN dnf -y install openmpi && \\\\\\n dnf clean all\\n\\nCOPY ring /home/ring\\n```\\n\\nAfter building the container (`podman build --tag=mpi-test:31 .`) I pushed the\\ncontainer to the [quay.io](https://quay.io) container registry (`podman push\\nmpi-test:31 quay.io/adrianreber/mpi-test:31`) and can now pull it like this:\\n\\n```shell\\n$ podman pull quay.io/adrianreber/mpi-test:30\\n```\\n\\nAnd then I can run mpirun to start multiple containers. In my case 4 containers\\nare started as each of the two involved systems has 2 CPUs:\\n\\n```shell\\n$ mpirun --hostfile hostfile \\\\\\n --mca orte_tmpdir_base /tmp/podman-mpirun \\\\\\n podman run --env-host \\\\\\n -v /tmp/podman-mpirun:/tmp/podman-mpirun \\\\\\n --userns=keep-id \\\\\\n --net=host --pid=host --ipc=host \\\\\\n quay.io/adrianreber/mpi-test:30 /home/ring\\nRank 2 has cleared MPI_Init\\nRank 2 has completed ring\\nRank 2 has completed MPI_Barrier\\nRank 3 has cleared MPI_Init\\nRank 3 has completed ring\\nRank 3 has completed MPI_Barrier\\nRank 1 has cleared MPI_Init\\nRank 1 has completed ring\\nRank 1 has completed MPI_Barrier\\nRank 0 has cleared MPI_Init\\nRank 0 has completed ring\\nRank 0 has completed MPI_Barrier\\n```\\n\\nNow mpirun starts up 4 Podman containers and each container is running one\\ninstance of `ring`. All 4 processes are communicating over MPI with each other.\\n\\nThe following mpirun options are used:\\n\\n- `--hostfile hostfile`\\n\\n The `hostfile` tells Open MPI on which systems to run how many processes.\\n In the case of this example it contained:\\n\\n `host1 slots=2` \\n `host2 slots=2`\\n\\n This means to run two processes on `host1` and two processes on `host2`.\\n\\n- `--mca orte_tmpdir_base /tmp/podman-mpirun`\\n\\n This tells Open MPI to create all its temporary files in `/tmp/podman-mpirun`\\n and not in `/tmp`. If this is not specified Open MPI will create its temporary\\n files in a directory with a host name in it in `/tmp` and if using more than one\\n node this directory will be named differently on other nodes. This requires\\n mounting the complete `/tmp` directory into the container which is a bit more\\n complicated due to not being able to change SELinux labels of `/tmp`.\\n\\nThis is it for all the necessary parameters for `mpirun`, now the command is\\nspecified that `mpirun` should start; `podman` in this case.\\n\\n- `run`\\n\\n This just tells Podman to run a container.\\n\\n- `--env-host`\\n\\n This copies all environment variables from the host into the container. This\\n is necessary to make Open MPI work at all. When `mpirun` is started it creates a\\n daemon with which all other processes in this MPI job are communicating, it\\n also tells all the MPI processes how to communicate with each other. All this\\n is passed from `mpirun` to the actual MPI processes using environment variables.\\n\\n Options passed from the user to `mpirun` are also communicated through\\n environment variables. Now that the MPI process in the container has all the\\n environment variables it can communicate with the main process (_Head Node\\n Process_ (**HNP**)) and all the other involved processes.\\n\\n- `-v /tmp/podman-mpirun:/tmp/podman-mpirun`\\n\\n This tells Podman to mount the directory where Open MPI creates its temporary\\n directories and files to be available in the container. Through the environment\\n variables from above the MPI process knows where to look for this directory.\\n\\n- `--userns=keep-id`\\n\\n The user ID in the container should be mapped to the same ID on the outside of\\n the container. This is necessary as all processes are communicating with each\\n other over shared memory and this fails if the processes have different user\\n IDs. Also the access of the temporary files in `/tmp/podman-mpirun` breaks\\n without this.\\n\\n- `--net=host --pid=host --ipc=host`\\n\\n Do not use separate namespace for _network_, _PID_ and _IPC_. Without this nothing\\n works, as all processes are also communicating via TCP on `127.0.0.1` which fails\\n with separate network namespaces. Shared memory communication will also not work\\n if the processes are not in the same _PID_ and _IPC_ namespace.\\n\\n- `quay.io/adrianreber/mpi-testmpi-test:30`\\n\\n This is the name of the container as downloaded previously with `podman pull`.\\n If `mpirun` will spawn processes on a host which has not yet downloaded\\n this container image, Podman will do it before launching this container.\\n\\n- `/home/ring`\\n\\n The MPI program in the container which should be started.\\n\\nThanks to Podman\'s fork-exec model it is really simple to use it in combination\\nwith Open MPI as Open MPI will start Podman just as it would start the actual\\nMPI application."},{"id":"/2019/09/25/new","metadata":{"permalink":"/blogs/2019/09/25/new","source":"@site/blog/2019-09-25-new.md","title":"Podman in HPC environments","description":"Adrian Reber talks all about the Message Passing Interface (MPI) in a High-Performance Computing (HPC) environment with the help of Podman here. Adrian provides a nice walk through of how he accomplished this and then explains each of his steps in great detail.","date":"2019-09-25T00:00:00.000Z","formattedDate":"September 25, 2019","tags":[],"readingTime":0.215,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Podman in HPC environments","layout":"default","categories":["new"]},"prevItem":{"title":"Podman in HPC environments","permalink":"/blogs/2019/09/26/podman-in-hpc"},"nextItem":{"title":"Why can\u2019t rootless Podman pull my image?","permalink":"/blogs/2019/09/11/new"}},"content":"Adrian Reber talks all about the Message Passing Interface (MPI) in a High-Performance Computing (HPC) environment with the help of Podman [here](https://podman.io/blogs/2019/09/26/podman-in-hpc.html). Adrian provides a nice walk through of how he accomplished this and then explains each of his steps in great detail."},{"id":"/2019/09/11/new","metadata":{"permalink":"/blogs/2019/09/11/new","source":"@site/blog/2019-09-11-new.md","title":"Why can\u2019t rootless Podman pull my image?","description":"Matt Heon has a blog post on the Red Hat Enable Sysadmin site about Why can\u2019t rootless Podman pull my image?. In the blog Matt discusses why restrictions on rootless containers can be inconvenient, but why they\'re necessary. In the blog Matt covers the use of user namespace and the allocations of uid and gid\'s that are required to make rootless containers work securely in your environment.","date":"2019-09-11T00:00:00.000Z","formattedDate":"September 11, 2019","tags":[],"readingTime":0.335,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Why can\u2019t rootless Podman pull my image?","layout":"default","categories":["new"]},"prevItem":{"title":"Podman in HPC environments","permalink":"/blogs/2019/09/25/new"},"nextItem":{"title":"Why can\u2019t rootless Podman pull my image?","permalink":"/blogs/2019/09/11/rootless-pulling"}},"content":"Matt Heon has a blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site about [Why can\u2019t rootless Podman pull my image?](https://www.redhat.com/sysadmin/rootless-podman). In the blog Matt discusses why restrictions on rootless containers can be inconvenient, but why they\'re necessary. In the blog Matt covers the use of user namespace and the allocations of uid and gid\'s that are required to make rootless containers work securely in your environment."},{"id":"/2019/09/11/rootless-pulling","metadata":{"permalink":"/blogs/2019/09/11/rootless-pulling","source":"@site/blog/2019-09-11-rootless-pulling.md","title":"Why can\u2019t rootless Podman pull my image?","description":"podman logo","date":"2019-09-11T00:00:00.000Z","formattedDate":"September 11, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.41,"hasTruncateMarker":false,"authors":[{"name":"mheon"}],"frontMatter":{"title":"Why can\u2019t rootless Podman pull my image?","layout":"default","author":"mheon","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Why can\u2019t rootless Podman pull my image?","permalink":"/blogs/2019/09/11/new"},"nextItem":{"title":"Best practices for running Buildah in a container","permalink":"/blogs/2019/08/28/buildah-in-containers"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Why can\u2019t rootless Podman pull my image?\\n\\n## By Matthew Heon [GitHub](https://github.com/mheon)\\n\\nMatthew Heon has a blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site about [Why can\u2019t rootless Podman pull my image?](https://www.redhat.com/sysadmin/rootless-podman). In the blog Matt discusses why restrictions on rootless containers can be inconvenient, but why they\'re necessary. In the blog Matt covers the use of user namespace and the allocations of uid and gid\'s that are required to make rootless containers work securely in your environment."},{"id":"/2019/08/28/buildah-in-containers","metadata":{"permalink":"/blogs/2019/08/28/buildah-in-containers","source":"@site/blog/2019-08-28-buildah-in-containers.md","title":"Best practices for running Buildah in a container","description":"podman logo","date":"2019-08-28T00:00:00.000Z","formattedDate":"August 28, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.48,"hasTruncateMarker":false,"authors":[{"name":"dwalsh"}],"frontMatter":{"title":"Best practices for running Buildah in a container","layout":"default","author":"dwalsh","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Why can\u2019t rootless Podman pull my image?","permalink":"/blogs/2019/09/11/rootless-pulling"},"nextItem":{"title":"Best practices for running Buildah in a container","permalink":"/blogs/2019/08/28/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Best practices for running Buildah in a container\\n\\n## By Dan Walsh [GitHub](https://github.com/rhatdan)\\n\\nDan Walsh has recently posted a blog on the Red Hat Developer Blog, [Best practices for running Buildah in a container](https://developers.redhat.com/blog/2019/08/14/best-practices-for-running-buildah-in-a-container/). The post walks you through the balancing act of running a container securely using while keeping an eye on performance. A big boost to the performance side of things is the concept of \\"Additional Stores\\". Dan walks you through the use of those in this blog and then wraps it all up with an on-line video at the end."},{"id":"/2019/08/28/new","metadata":{"permalink":"/blogs/2019/08/28/new","source":"@site/blog/2019-08-28-new.md","title":"Best practices for running Buildah in a container","description":"Dan Walsh has recently posted a blog on the Red Hat Developer Blog, Best practices for running Buildah in a container. The post walks you through the balancing act of running a container securely using Podman while keeping an eye on performance. A big boost to the performance side of things is the concept of \\"Additional Stores\\". Dan walks you through the use of those in this blog and then wraps it all up with an on-line video at the end.","date":"2019-08-28T00:00:00.000Z","formattedDate":"August 28, 2019","tags":[],"readingTime":0.405,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Best practices for running Buildah in a container","layout":"default","categories":["new"]},"prevItem":{"title":"Best practices for running Buildah in a container","permalink":"/blogs/2019/08/28/buildah-in-containers"},"nextItem":{"title":"Podman, contenedores sin Docker","permalink":"/blogs/2019/08/23/new"}},"content":"Dan Walsh has recently posted a blog on the Red Hat Developer Blog, [Best practices for running Buildah in a container](https://developers.redhat.com/blog/2019/08/14/best-practices-for-running-buildah-in-a-container/). The post walks you through the balancing act of running a container securely using Podman while keeping an eye on performance. A big boost to the performance side of things is the concept of \\"Additional Stores\\". Dan walks you through the use of those in this blog and then wraps it all up with an on-line video at the end."},{"id":"/2019/08/23/new","metadata":{"permalink":"/blogs/2019/08/23/new","source":"@site/blog/2019-08-23-new.md","title":"Podman, contenedores sin Docker","description":"How\'s your espanol? If it\'s good, checkout this video blog on YouTube Podman, contenedores sin Docker! In it I\xf1igo Serrano shows how to run Wildfly in a Podman container without Docker.","date":"2019-08-23T00:00:00.000Z","formattedDate":"August 23, 2019","tags":[],"readingTime":0.155,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Podman, contenedores sin Docker","layout":"default","categories":["new"]},"prevItem":{"title":"Best practices for running Buildah in a container","permalink":"/blogs/2019/08/28/new"},"nextItem":{"title":"Podman, contenedores sin Docker","permalink":"/blogs/2019/08/23/podman-en-espanol"}},"content":"How\'s your espanol? If it\'s good, checkout this video blog on YouTube [Podman, contenedores sin Docker](https://www.youtube.com/watch?v=pzRf0G43DYw&feature=youtu.be)! In it I\xf1igo Serrano shows how to run Wildfly in a Podman container without Docker."},{"id":"/2019/08/23/podman-en-espanol","metadata":{"permalink":"/blogs/2019/08/23/podman-en-espanol","source":"@site/blog/2019-08-23-podman-en-espanol.md","title":"Podman, contenedores sin Docker","description":"podman logo","date":"2019-08-23T00:00:00.000Z","formattedDate":"August 23, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.265,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman, contenedores sin Docker","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Podman, contenedores sin Docker","permalink":"/blogs/2019/08/23/new"},"nextItem":{"title":"Using the rootless containers Tech Preview in RHEL 8.0","permalink":"/blogs/2019/08/22/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman, contendores sin Docker\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nHow\'s your espanol? If it\'s good or you want to work on it, checkout this video blog on YouTube from I\xf1igo Serrano [Podman, contenedores sin Docker](https://www.youtube.com/watch?v=pzRf0G43DYw&feature=youtu.be). In it I\xf1igo Serrano shows how to run Wildfly in a Podman container without Docker."},{"id":"/2019/08/22/new","metadata":{"permalink":"/blogs/2019/08/22/new","source":"@site/blog/2019-08-22-new.md","title":"Using the rootless containers Tech Preview in RHEL 8.0","description":"Scott McCarty has a blog post on the Red Hat Blog about Using the rootless containers Tech Preview in RHEL 8.0. Podman rootless containers has hit Tech Preview for RHEL 8.0 and Scott walks you through the setup necessary for rootless containers. Small hint, it\'s a short post because it\'s just that easy.","date":"2019-08-22T00:00:00.000Z","formattedDate":"August 22, 2019","tags":[],"readingTime":0.265,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Using the rootless containers Tech Preview in RHEL 8.0","layout":"default","categories":["new"]},"prevItem":{"title":"Podman, contenedores sin Docker","permalink":"/blogs/2019/08/23/podman-en-espanol"},"nextItem":{"title":"Using the rootless containers Tech Preview in RHEL 8.0","permalink":"/blogs/2019/08/22/podman-tech-preview"}},"content":"Scott McCarty has a blog post on the [Red Hat Blog](https://www.redhat.com/en/blog) about [Using the rootless containers Tech Preview in RHEL 8.0](https://www.redhat.com/en/blog/using-rootless-containers-tech-preview-rhel-80). Podman rootless containers has hit Tech Preview for RHEL 8.0 and Scott walks you through the setup necessary for rootless containers. Small hint, it\'s a short post because it\'s just that easy."},{"id":"/2019/08/22/podman-tech-preview","metadata":{"permalink":"/blogs/2019/08/22/podman-tech-preview","source":"@site/blog/2019-08-22-podman-tech-preview.md","title":"Using the rootless containers Tech Preview in RHEL 8.0","description":"podman logo","date":"2019-08-22T00:00:00.000Z","formattedDate":"August 22, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.35,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Using the rootless containers Tech Preview in RHEL 8.0","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Using the rootless containers Tech Preview in RHEL 8.0","permalink":"/blogs/2019/08/22/new"},"nextItem":{"title":"Podman v1.5.0 Released","permalink":"/blogs/2019/08/14/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Using the rootless containers Tech Preview in RHEL 8.0\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nScott McCarty has a blog post on the [Red Hat Blog](https://www.redhat.com/en/blog) about [Using the rootless containers Tech Preview in RHEL 8.0](https://www.redhat.com/en/blog/using-rootless-containers-tech-preview-rhel-80). Podman rootless containers has hit Tech Preview for RHEL 8.0 and Scott walks you through the setup necessary for rootless containers. Small hint, it\'s a short post because it\'s just that easy."},{"id":"/2019/08/14/new","metadata":{"permalink":"/blogs/2019/08/14/new","source":"@site/blog/2019-08-14-new.md","title":"Podman v1.5.0 Released","description":"Podman has gone 1.5.0!","date":"2019-08-14T00:00:00.000Z","formattedDate":"August 14, 2019","tags":[],"readingTime":0.025,"hasTruncateMarker":false,"authors":[],"frontMatter":{"layout":"default","title":"Podman v1.5.0 Released","categories":["new"]},"prevItem":{"title":"Using the rootless containers Tech Preview in RHEL 8.0","permalink":"/blogs/2019/08/22/podman-tech-preview"},"nextItem":{"title":"How templating works with Podman, Kubernetes, and Red Hat OpenShift","permalink":"/blogs/2019/08/10/new"}},"content":"## [Podman has gone 1.5.0!](https://podman.io/releases/2019/08/14/podman-release-v1.5.0.html)"},{"id":"/2019/08/10/new","metadata":{"permalink":"/blogs/2019/08/10/new","source":"@site/blog/2019-08-10-new.md","title":"How templating works with Podman, Kubernetes, and Red Hat OpenShift","description":"Olaph Wagner has put together a nice introduction on How templating works with Podman, Kubernetes, and Red Hat OpenShift on the IBM Developer blog site. If you want to find out how to use Podman to create images that helps Red Hat OpenShift to make templates on the IBM Cloud(TM), then this is the article for you!","date":"2019-08-10T00:00:00.000Z","formattedDate":"August 10, 2019","tags":[],"readingTime":0.285,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"How templating works with Podman, Kubernetes, and Red Hat OpenShift","layout":"default","categories":["new"]},"prevItem":{"title":"Podman v1.5.0 Released","permalink":"/blogs/2019/08/14/new"},"nextItem":{"title":"How templating works with Podman, Kubernetes, and Red Hat OpenShift","permalink":"/blogs/2019/08/10/podman-ibm-developer"}},"content":"Olaph Wagner has put together a nice introduction on [How templating works with Podman, Kubernetes, and Red Hat OpenShift](https://developer.ibm.com/articles/templating-and-podman-openshift/?cm_mmc=OSocial_Twitter-_-Developer_IBM+Developer-_-WW_WW-_-ibmdev-&cm_mmca1=000037FD&cm_mmca2=10010797&linkId=71651828&es_p=9869602) on the [IBM Developer](https://developer.ibm.com/) blog site. If you want to find out how to use Podman to create images that helps Red Hat OpenShift to make templates on the IBM Cloud(TM), then this is the article for you!"},{"id":"/2019/08/10/podman-ibm-developer","metadata":{"permalink":"/blogs/2019/08/10/podman-ibm-developer","source":"@site/blog/2019-08-10-podman-ibm-developer.md","title":"How templating works with Podman, Kubernetes, and Red Hat OpenShift","description":"podman logo","date":"2019-08-10T00:00:00.000Z","formattedDate":"August 10, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.375,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"How templating works with Podman, Kubernetes, and Red Hat OpenShift","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"How templating works with Podman, Kubernetes, and Red Hat OpenShift","permalink":"/blogs/2019/08/10/new"},"nextItem":{"title":"Command Highlight: podman images","permalink":"/blogs/2019/08/08/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# How templating works with Podman, Kubernetes, and Red Hat OpenShift\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nOlaph Wagner has put together a nice introduction on [How templating works with Podman, Kubernetes, and Red Hat OpenShift](https://developer.ibm.com/articles/templating-and-podman-openshift/?cm_mmc=OSocial_Twitter-_-Developer_IBM+Developer-_-WW_WW-_-ibmdev-&cm_mmca1=000037FD&cm_mmca2=10010797&linkId=71651828&es_p=9869602) on the [IBM Developer](https://developer.ibm.com/) blog site. If you want to find out how to\\nuse Podman to create images that helps Red Hat OpenShift to make templates on the IBM Cloud(TM), then this is the article for you!"},{"id":"/2019/08/08/new","metadata":{"permalink":"/blogs/2019/08/08/new","source":"@site/blog/2019-08-08-new.md","title":"Command Highlight: podman images","description":"A quick asciinema demo highlighting what the podman images command can do. A great way to get quickly immersed with this command in just a few minutes time. Checkout the demo here and if you want to run the script yourself, it can be found here.","date":"2019-08-08T00:00:00.000Z","formattedDate":"August 8, 2019","tags":[],"readingTime":0.23,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Command Highlight: podman images","layout":"default","categories":["new"]},"prevItem":{"title":"How templating works with Podman, Kubernetes, and Red Hat OpenShift","permalink":"/blogs/2019/08/10/podman-ibm-developer"},"nextItem":{"title":"Command Highlight: podman images","permalink":"/blogs/2019/08/08/podman-images"}},"content":"A quick [asciinema](https://asciinema.org/) demo highlighting what the `podman images` command can do. A great way to get quickly immersed with this command in just a few minutes time. Checkout the demo [here](https://podman.io/asciinema/podman/images/) and if you want to run the script yourself, it can be found [here](https://github.com/containers/Demos/blob/main/podman_cli/podman_images.sh)."},{"id":"/2019/08/08/podman-images","metadata":{"permalink":"/blogs/2019/08/08/podman-images","source":"@site/blog/2019-08-08-podman-images.md","title":"Command Highlight: podman images","description":"podman logo","date":"2019-08-08T00:00:00.000Z","formattedDate":"August 8, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.29,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Command Highlight: podman images","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Command Highlight: podman images","permalink":"/blogs/2019/08/08/new"},"nextItem":{"title":"Podman: Linux containers made easy, part 3","permalink":"/blogs/2019/07/29/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Command Highlight: podman images\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nA quick [asciinema](https://asciinema.org/) demo highlighting what the `podman images` command can do. A great way to get quickly immersed with this command in just a few minutes time. Checkout the demo [here](https://podman.io/asciinema/podman/images/) and if you want to run the script yourself, it can be found [here](https://github.com/containers/Demos/blob/main/podman_cli/podman_images.sh)."},{"id":"/2019/07/29/new","metadata":{"permalink":"/blogs/2019/07/29/new","source":"@site/blog/2019-07-29-new.md","title":"Podman: Linux containers made easy, part 3","description":"It\'s in German again, but a worthy read Podman: Linux containers made easy, part 3. Valentin Rothberg (@vrothberg) introduces Podman to the reader and talks about how it fits in the container eco-system. If your German is a little rusty, you may need to lean on Google Translate.","date":"2019-07-29T00:00:00.000Z","formattedDate":"July 29, 2019","tags":[],"readingTime":0.24,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Podman: Linux containers made easy, part 3","layout":"default","categories":["new"]},"prevItem":{"title":"Command Highlight: podman images","permalink":"/blogs/2019/08/08/podman-images"},"nextItem":{"title":"Podman: Linux containers made easy, part 3","permalink":"/blogs/2019/07/29/podman-made-easy3"}},"content":"It\'s in German again, but a worthy read [Podman: Linux containers made easy, part 3](https://www.heise.de/developer/artikel/Podman-Linux-Container-einfach-gemacht-Teil-3-4476343.html). Valentin Rothberg (@vrothberg) introduces Podman to the reader and talks about how it fits in the container eco-system. If your German is a little rusty, you may need to lean on [Google Translate](https://translate.google.com/?hl=en&tab=TT&authuser=0)."},{"id":"/2019/07/29/podman-made-easy3","metadata":{"permalink":"/blogs/2019/07/29/podman-made-easy3","source":"@site/blog/2019-07-29-podman-made-easy3.md","title":"Podman: Linux containers made easy, part 3","description":"podman logo","date":"2019-07-29T00:00:00.000Z","formattedDate":"July 29, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.315,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman: Linux containers made easy, part 3","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Podman: Linux containers made easy, part 3","permalink":"/blogs/2019/07/29/new"},"nextItem":{"title":"How Podman replaces Docker and Docker Compose for local development","permalink":"/blogs/2019/07/06/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman: Linux containers made easy, part 3\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nIt\'s in German again, but a worthy read [Podman: Linux containers made easy, part 3](https://www.heise.de/developer/artikel/Podman-Linux-Container-einfach-gemacht-Teil-3-4476343.html) Valentin Rothberg (@vrothberg) introduces Podman to the reader and talks about how it fits in the container eco-system. If your German is a little rusty, you may need to lean on [Google Translate](https://translate.google.com/?hl=en&tab=TT&authuser=0)."},{"id":"/2019/07/06/new","metadata":{"permalink":"/blogs/2019/07/06/new","source":"@site/blog/2019-07-06-new.md","title":"How Podman replaces Docker and Docker Compose for local development","description":"Is it possible to completely replace Docker with Podman without any loss","date":"2019-07-06T00:00:00.000Z","formattedDate":"July 6, 2019","tags":[],"readingTime":0.18,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"How Podman replaces Docker and Docker Compose for local development","layout":"default","categories":["new"]},"prevItem":{"title":"Podman: Linux containers made easy, part 3","permalink":"/blogs/2019/07/29/podman-made-easy3"},"nextItem":{"title":"How Podman replaces Docker and Docker Compose for local development","permalink":"/blogs/2019/07/06/ruby"}},"content":"Is it possible to completely replace Docker with Podman without any loss\\nof developer\'s productivity? Read about real use case in new article on\\nmkdev.me blog: [Dockerless, part 3: Moving development environment to containers with Podman](https://mkdev.me/en/posts/dockerless-part-3-moving-development-environment-to-containers-with-podman)."},{"id":"/2019/07/06/ruby","metadata":{"permalink":"/blogs/2019/07/06/ruby","source":"@site/blog/2019-07-06-ruby.md","title":"How Podman replaces Docker and Docker Compose for local development","description":"podman logo","date":"2019-07-06T00:00:00.000Z","formattedDate":"July 6, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"ruby","permalink":"/blogs/tags/ruby"},{"label":"rails","permalink":"/blogs/tags/rails"}],"readingTime":0.305,"hasTruncateMarker":false,"authors":[{"name":"kshirinkin"}],"frontMatter":{"title":"How Podman replaces Docker and Docker Compose for local development","layout":"default","author":"kshirinkin","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","ruby","rails"]},"prevItem":{"title":"How Podman replaces Docker and Docker Compose for local development","permalink":"/blogs/2019/07/06/new"},"nextItem":{"title":"Replacing Docker with Podman","permalink":"/blogs/2019/06/26/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# How Podman replaces Docker and Docker Compose for local development\\n\\n## By Kirill Shirinkin [GitHub](https://github.com/Fodoj)\\n\\nIs it possible to completely replace Docker with Podman without any loss\\nof developer\'s productivity? Read about how one company did it for\\nRuby on Rails application in new article on\\nmkdev.me blog: [Dockerless, part 3: Moving development environment to containers with Podman](https://mkdev.me/en/posts/dockerless-part-3-moving-development-environment-to-containers-with-podman)."},{"id":"/2019/06/26/new","metadata":{"permalink":"/blogs/2019/06/26/new","source":"@site/blog/2019-06-26-new.md","title":"Replacing Docker with Podman","description":"Ganesh Mani recently wrote the blog Replacing Docker with Podman\u200a\u2014\u200aPower of Podman\u200a\u2014\u200aCloudnweb. The article gives a nice overview of Docker, Podman, their differences, and how you can use Podman to replace Docker. A nice read and really, who doesn\'t love a blog that wraps up with a meme featuring The Rock?","date":"2019-06-26T00:00:00.000Z","formattedDate":"June 26, 2019","tags":[],"readingTime":0.255,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Replacing Docker with Podman","layout":"default","categories":["new"]},"prevItem":{"title":"How Podman replaces Docker and Docker Compose for local development","permalink":"/blogs/2019/07/06/ruby"},"nextItem":{"title":"Replacing Docker with Podman","permalink":"/blogs/2019/06/26/replace-docker-with-podman"}},"content":"Ganesh Mani recently wrote the blog [Replacing Docker with Podman\u200a\u2014\u200aPower of Podman\u200a\u2014\u200aCloudnweb](https://medium.com/@ganeshmani009/replacing-docker-with-podman-power-of-podman-cloudnweb-23cfb7541538). The article gives a nice overview of Docker, Podman, their differences, and how you can use Podman to replace Docker. A nice read and really, who doesn\'t love a blog that wraps up with a meme featuring The Rock?"},{"id":"/2019/06/26/replace-docker-with-podman","metadata":{"permalink":"/blogs/2019/06/26/replace-docker-with-podman","source":"@site/blog/2019-06-26-replace-docker-with-podman.md","title":"Replacing Docker with Podman","description":"podman logo","date":"2019-06-26T00:00:00.000Z","formattedDate":"June 26, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.315,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Replacing Docker with Podman","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Replacing Docker with Podman","permalink":"/blogs/2019/06/26/new"},"nextItem":{"title":"OnDemand Course: Container pipelines for sys admins\u2014and anyone, really\u2014with Buildah and Podman","permalink":"/blogs/2019/06/19/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Replacing Docker with Podman\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nGanesh Mani recently wrote the blog [Replacing Docker with Podman\u200a\u2014\u200aPower of Podman\u200a\u2014\u200aCloudnweb](https://medium.com/@ganeshmani009/replacing-docker-with-podman-power-of-podman-cloudnweb-23cfb7541538). The article gives a nice overview of Docker, Podman, their differences, and how you can use Podman to replace Docker. A nice read and\\nreally, who doesn\'t love a blog that wraps up with a meme featuring The Rock?"},{"id":"/2019/06/19/new","metadata":{"permalink":"/blogs/2019/06/19/new","source":"@site/blog/2019-06-19-new.md","title":"OnDemand Course: Container pipelines for sys admins\u2014and anyone, really\u2014with Buildah and Podman","description":"Red Hat has recently posted an OnDemand course: Container pipelines for sys admins\u2014and anyone, really\u2014with Buildah and Podman. The session teaches you how to integrate both Podman and Buildah into your continuous delivery (CI/CD) solutions and also serves as a good introduction to both tools. The cost can\'t be beat (free!), so if you\'re looking for a quick introduction into the tools, this is a good way to go.","date":"2019-06-19T00:00:00.000Z","formattedDate":"June 19, 2019","tags":[],"readingTime":0.345,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"OnDemand Course: Container pipelines for sys admins\u2014and anyone, really\u2014with Buildah and Podman","layout":"default","categories":["new"]},"prevItem":{"title":"Replacing Docker with Podman","permalink":"/blogs/2019/06/26/replace-docker-with-podman"},"nextItem":{"title":"OnDemand Course: Container pipelines for sys admins\u2014and anyone, really\u2014with Buildah and Podman","permalink":"/blogs/2019/06/19/ondemand-course"}},"content":"Red Hat has recently posted an OnDemand course: [Container pipelines for sys admins\u2014and anyone, really\u2014with Buildah and Podman](https://www.redhat.com/en/events/webinar/container-pipelines-sys-admins-and-anyone-really-buildah-and-podman?sc_cid=701f2000000txokAAA&utm_source=bambu&utm_medium=social&utm_campaign=abm). The session teaches you how to integrate both Podman and Buildah into your continuous delivery (CI/CD) solutions and also serves as a good introduction to both tools. The cost can\'t be beat (free!), so if you\'re looking for a quick introduction into the tools, this is a good way to go."},{"id":"/2019/06/19/ondemand-course","metadata":{"permalink":"/blogs/2019/06/19/ondemand-course","source":"@site/blog/2019-06-19-ondemand-course.md","title":"OnDemand Course: Container pipelines for sys admins\u2014and anyone, really\u2014with Buildah and Podman","description":"podman logo","date":"2019-06-19T00:00:00.000Z","formattedDate":"June 19, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.445,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"OnDemand Course: Container pipelines for sys admins\u2014and anyone, really\u2014with Buildah and Podman","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"OnDemand Course: Container pipelines for sys admins\u2014and anyone, really\u2014with Buildah and Podman","permalink":"/blogs/2019/06/19/new"},"nextItem":{"title":"Podman Mailing list","permalink":"/blogs/2019/06/17/mailinglist"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# OnDemand Course: Container pipelines for sys admins\u2014and anyone, really\u2014with Buildah and Podman\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nRed Hat has recently posted an OnDemand course: [Container pipelines for sys admins\u2014and anyone, really\u2014with Buildah and Podman](https://www.redhat.com/en/events/webinar/container-pipelines-sys-admins-and-anyone-really-buildah-and-podman?sc_cid=701f2000000txokAAA&utm_source=bambu&utm_medium=social&utm_campaign=abm). The session teaches you how to integrate both Podman and Buildah into your continuous delivery (CI/CD) solutions and also serves as a good introduction to both tools. The cost can\'t be beat (free!), so if you\'re looking for a quick introduction into the tools, this is a good way to go."},{"id":"/2019/06/17/mailinglist","metadata":{"permalink":"/blogs/2019/06/17/mailinglist","source":"@site/blog/2019-06-17-mailinglist.md","title":"Podman Mailing list","description":"podman logo","date":"2019-06-17T00:00:00.000Z","formattedDate":"June 17, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":1.395,"hasTruncateMarker":true,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Mailing list","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"OnDemand Course: Container pipelines for sys admins\u2014and anyone, really\u2014with Buildah and Podman","permalink":"/blogs/2019/06/19/ondemand-course"},"nextItem":{"title":"Announcing the Podman Mailing List!","permalink":"/blogs/2019/06/17/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman Mailing List\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nWe\'ve received a number of requests for a mailing list for Podman and we\'re happy to announce that one has just been created! We\'ve built a friendly community on IRC and GitHub and plan to continue that growth in this new mailing list. The maintainers of the project are all members of the list and we\'re happy to take any and all questions there about Podman. You can also just use the list as a way to track what\'s going on with Podman as release announcements and other important news will be posted there.\\n\\n\x3c!--truncate--\x3e\\n\\nTo sign up for the mailing list use email or the web interface:\\n\\n- Send an email to [podman-join@lists.podman.io](mailto:podman-join@lists.podman.io?subject=subscribe) with the word \\"Subscribe\\" in the subject.\\n- Go to this [page](https://lists.podman.io/admin/lists/podman.lists.podman.io/) on the [https://lists.podman.io](https://lists.podman.io) site, scroll down to the bottom of the page and enter your email and optionally name, then click on the \\"Subscribe\\" button.\\n\\nRegardless of which method you use, a confirmation email will be sent to you. After you reply back to that confirmation email, you\'ll then be able to send mail directly to [podman@lists.podman.io](mailto:podman@lists.podman.io). You can then also go to the list\'s web page at [lists.podman.io](https://lists.podman.io), click on the [Podman](https://lists.podman.io/archives/list/podman@lists.podman.io/) link and from there you can see all of the past conversations on the list or manage your subscription.\\n\\nPlease note, if you have a bug that you\'d like to report, it\'s best to report them [here](https://github.com/containers/podman/issues) by creating a \\"New issue\\" rather than sending an email to the list.\\n\\nWe hope over time this mailing list will be a friendly and useful tool for the entire Podman community."},{"id":"/2019/06/17/new","metadata":{"permalink":"/blogs/2019/06/17/new","source":"@site/blog/2019-06-17-new.md","title":"Announcing the Podman Mailing List!","description":"We\'ve received a number of requests for a mailing list for Podman and we\'re happy to announce that one has just been created! We\'ve built a friendly community on IRC and GitHub and plan to continue that growth in this new mailing list. The maintainers of the project are all members of the list and we\'re happy to take any and all questions there about Podman. You can also just use the list as a way to track what\'s going on with Podman as release announcements and other important news will be posted there.","date":"2019-06-17T00:00:00.000Z","formattedDate":"June 17, 2019","tags":[],"readingTime":0.51,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Announcing the Podman Mailing List!","layout":"default","categories":["new"]},"prevItem":{"title":"Podman Mailing list","permalink":"/blogs/2019/06/17/mailinglist"},"nextItem":{"title":"Podman Cheat Sheet","permalink":"/blogs/2019/06/13/new"}},"content":"We\'ve received a number of requests for a mailing list for Podman and we\'re happy to announce that one has just been created! We\'ve built a friendly community on IRC and GitHub and plan to continue that growth in this new mailing list. The maintainers of the project are all members of the list and we\'re happy to take any and all questions there about Podman. You can also just use the list as a way to track what\'s going on with Podman as release announcements and other important news will be posted there.\\n\\nGet all the details on this [blog](https://podman.io/blogs/2019/06/17/mailinglist.html) post!"},{"id":"/2019/06/13/new","metadata":{"permalink":"/blogs/2019/06/13/new","source":"@site/blog/2019-06-13-new.md","title":"Podman Cheat Sheet","description":"Red Hat Developer recently posted a new Podman Cheat Sheet on their blog. It\'s a handy guide that cover the commands that focus on images, containers and container resources. Check it out!","date":"2019-06-13T00:00:00.000Z","formattedDate":"June 13, 2019","tags":[],"readingTime":0.16,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Podman Cheat Sheet","layout":"default","categories":["new"]},"prevItem":{"title":"Announcing the Podman Mailing List!","permalink":"/blogs/2019/06/17/new"},"nextItem":{"title":"Podman Cheat Sheet","permalink":"/blogs/2019/06/13/podman-cheatsheet"}},"content":"Red Hat Developer recently posted a new [Podman Cheat Sheet](https://developers.redhat.com/cheat-sheets/podman-basics/) on their blog. It\'s a handy guide that cover the commands that focus on images, containers and container resources. Check it out!"},{"id":"/2019/06/13/podman-cheatsheet","metadata":{"permalink":"/blogs/2019/06/13/podman-cheatsheet","source":"@site/blog/2019-06-13-podman-cheatsheet.md","title":"Podman Cheat Sheet","description":"podman logo","date":"2019-06-13T00:00:00.000Z","formattedDate":"June 13, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.215,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Cheat Sheet","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Podman Cheat Sheet","permalink":"/blogs/2019/06/13/new"},"nextItem":{"title":"Podman: Linux containers made easy, part 2","permalink":"/blogs/2019/05/24/podman-made-easy2"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman Cheat Sheet\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nRed Hat Developer recently posted a new [Podman Cheat Sheet](https://developers.redhat.com/cheat-sheets/podman-basics/) on their blog. It\'s a handy guide that cover the commands that focus on images, containers and container resources. Check it out!"},{"id":"/2019/05/24/podman-made-easy2","metadata":{"permalink":"/blogs/2019/05/24/podman-made-easy2","source":"@site/blog/2019-05-24-podman-made-easy2.md","title":"Podman: Linux containers made easy, part 2","description":"podman logo","date":"2019-05-24T00:00:00.000Z","formattedDate":"May 24, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.315,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman: Linux containers made easy, part 2","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Podman Cheat Sheet","permalink":"/blogs/2019/06/13/podman-cheatsheet"},"nextItem":{"title":"Building Smaller Container Images","permalink":"/blogs/2019/05/18/micro-dnf"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman: Linux containers made easy, part 2\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nIt\'s in German again, but a worthy read [Podman: Linux containers made easy, part 2](https://www.heise.de/developer/artikel/Podman-Linux-Container-einfach-gemacht-Teil-2-4429630.html) Valentin Rothberg (@vrothberg) introduces Podman to the reader and talks about how it fits in the container eco-system. If your German is a little rusty, you may need to lean on [Google Translate](https://translate.google.com/?hl=en&tab=TT&authuser=0)."},{"id":"/2019/05/18/micro-dnf","metadata":{"permalink":"/blogs/2019/05/18/micro-dnf","source":"@site/blog/2019-05-18-micro-dnf.md","title":"Building Smaller Container Images","description":"podman logo","date":"2019-05-18T00:00:00.000Z","formattedDate":"May 18, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.21,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Building Smaller Container Images","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Podman: Linux containers made easy, part 2","permalink":"/blogs/2019/05/24/podman-made-easy2"},"nextItem":{"title":"Monitoring container vitality and availability with Podman","permalink":"/blogs/2019/04/22/health"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Building Smaller Container Images\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nMuayyad Alsadi\'s article in Fedora Magazine talks about [Building Smaller Container Images](https://fedoramagazine.org/building-smaller-container-images/) by leveraging microdnf within fedora-minimal. It\'s a really nice way to save space and build more compact containers."},{"id":"/2019/04/22/health","metadata":{"permalink":"/blogs/2019/04/22/health","source":"@site/blog/2019-04-22-health.md","title":"Monitoring container vitality and availability with Podman","description":"podman logo","date":"2019-04-22T00:00:00.000Z","formattedDate":"April 22, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.35,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Monitoring container vitality and availability with Podman","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Building Smaller Container Images","permalink":"/blogs/2019/05/18/micro-dnf"},"nextItem":{"title":"Build and run Buildah inside a Podman container","permalink":"/blogs/2019/04/16/cinc"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Monitoring container vitality and availability with Podman\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\nWho doesn\'t want a healthy container in their environment? Now with Podman you can setup healthchecks so you can check if your container and it\'s application is up and running as you\'d expect. [Brent Baude](https://developers.redhat.com/blog/author/bbaude/) introduces the new functionality in this article on the Red Hat Developer Blog: [Monitoring container vitality and availability with Podman](https://developers.redhat.com/blog/2019/04/18/monitoring-container-vitality-and-availability-with-podman)."},{"id":"/2019/04/16/cinc","metadata":{"permalink":"/blogs/2019/04/16/cinc","source":"@site/blog/2019-04-16-cinc.md","title":"Build and run Buildah inside a Podman container","description":"podman logo","date":"2019-04-16T00:00:00.000Z","formattedDate":"April 16, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.275,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Build and run Buildah inside a Podman container","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Monitoring container vitality and availability with Podman","permalink":"/blogs/2019/04/22/health"},"nextItem":{"title":"Podman Saves My Crossword Habit","permalink":"/blogs/2019/04/01/podman-crosswords"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Build and run Buildah inside a Podman container\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nWhat happens when you combine [Matryoshka Dolls](https://en.wikipedia.org/wiki/Matryoshka_doll) with containers? Why you get containers in containers in containers! Read all about it with this new article on the Red Hat Developer Blog: [Build and run Buildah inside a Podman container](https://developers.redhat.com/blog/2019/04/04/build-and-run-buildah-inside-a-podman-container/)."},{"id":"/2019/04/01/podman-crosswords","metadata":{"permalink":"/blogs/2019/04/01/podman-crosswords","source":"@site/blog/2019-04-01-podman-crosswords.md","title":"Podman Saves My Crossword Habit","description":"podman logo","date":"2019-04-01T00:00:00.000Z","formattedDate":"April 1, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.29,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Saves My Crossword Habit","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Build and run Buildah inside a Podman container","permalink":"/blogs/2019/04/16/cinc"},"nextItem":{"title":"Podman: Linux containers made easy, part 1","permalink":"/blogs/2019/03/22/podman-made-easy"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman Saves My Crossword Habit\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nEd Santiago (@edsantiago) needed help with his New York Times crossword puzzle. So naturally he turned to Podman to save the day. Read about it in his blog post: [Podman Saves My Crossword Habit](http://blog.edsantiago.com/2019/03/podman-saves-my-crossword/). Many thanks to Ed for sharing this\\ninnovative use of Podman."},{"id":"/2019/03/22/podman-made-easy","metadata":{"permalink":"/blogs/2019/03/22/podman-made-easy","source":"@site/blog/2019-03-22-podman-made-easy.md","title":"Podman: Linux containers made easy, part 1","description":"podman logo","date":"2019-03-22T00:00:00.000Z","formattedDate":"March 22, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.31,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman: Linux containers made easy, part 1","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Podman Saves My Crossword Habit","permalink":"/blogs/2019/04/01/podman-crosswords"},"nextItem":{"title":"CI, and CI, and CI, oh my! (then more CI)","permalink":"/blogs/2019/03/18/CI3"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman: Linux containers made easy, part 1\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nIt\'s in German, but a worthy read [Podman: Linux containers made easy, part 1](https://www.heise.de/developer/artikel/Podman-Linux-Container-einfach-gemacht-Teil-1-4329067.html). Valentin Rothberg (@vrothberg) introduces Podman to the reader and talks about how it fits in the container eco-system. If your German is a little rusty, you may need to lean on [Google Translate](https://translate.google.com/?hl=en&tab=TT&authuser=0)."},{"id":"/2019/03/18/CI3","metadata":{"permalink":"/blogs/2019/03/18/CI3","source":"@site/blog/2019-03-18-CI3.md","title":"CI, and CI, and CI, oh my! (then more CI)","description":"podman logo","date":"2019-03-18T00:00:00.000Z","formattedDate":"March 18, 2019","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"ci","permalink":"/blogs/tags/ci"},{"label":"automation","permalink":"/blogs/tags/automation"},{"label":"test","permalink":"/blogs/tags/test"},{"label":"cloud","permalink":"/blogs/tags/cloud"}],"readingTime":8.455,"hasTruncateMarker":true,"authors":[{"name":"cevich"}],"frontMatter":{"title":"CI, and CI, and CI, oh my! (then more CI)","layout":"default","author":"cevich","categories":["blogs"],"tags":["podman","ci","automation","test","cloud"]},"prevItem":{"title":"Podman: Linux containers made easy, part 1","permalink":"/blogs/2019/03/22/podman-made-easy"},"nextItem":{"title":"podman-install","permalink":"/blogs/2019/03/16/podman-install"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# CI, and CI, and CI, oh my! (then more CI)\\n\\n## By Chris Evich [GitHub](https://github.com/cevich)\\n\\nI wanted to write a detailed post about the CI setup we use for exercising proposed\\nchanges to [libpod (podman repo)](https://github.com/containers/podman). \xa0Unfortunately\\nthis topic (and automation in general)\\nis so big, most readers would end up on the floor, sound asleep, in a puddle of their\\nown drool. \xa0Instead, I will keep your fidget-spinner twirling, by jumping around\\nseveral topics.\\n\\n\x3c!--truncate--\x3e\\n\\nStarting with an overview on why we chose to use [Cirrus CI](https://cirrus-ci.org/), I\'ll\\nprovide a short 3-step\\nwalk-through of how it works, along with lots of links. \xa0Then, we\'ll go into more detail\\nregarding VM Image orchestration, before connecting that back to our Cirrus-CI\\nconfiguration.\\n\\n### Why Cirrus-CI\\n\\nI once said \\"testing code is at least 10x harder than writing it\\". This is especially true when a\\nsoftware-engineer believes their code is \\"perfectly good\\" (meaning, tons of bugs). At the same\\ntime, test automation is generally as reliable, as the inverse of its simplicity (especially when\\nit\'s never simple). Which brings me back to around July/August of \'18:\\n\\nThe libpod project was considered by many to be \\"perfectly good\\", but its automation was definitely\\nnot simple. At least one part or another constantly [jacked-up](https://en.wiktionary.org/wiki/jacked_up#English).\\nAt the time, automation was split\\nacross two totally different services, operating with incompatible yet duplicate configurations.\\nThe third service is a downstream consumer of libpod, but at the time was also under consideration\\nto take over pull-request automation from the first two:\\n\\n- Travis\\n\\n - With [Ubuntu Trusty only a few years old](https://lists.ubuntu.com/archives/ubuntu-announce/2014-April/000182.html),\\n we ran tests on a platform version nobody was using,\\n with bleeding edge-code jammed on top. \xa0Some OS-X tests ran, and we think at least one person\\n looked at the results, some of the time, every once in a while.\\n - Required a contrived containerized-environment to workaround host-side limitations. \xa0Fixes for\\n fake environments almost never improve reality. e.g. impossible to test or fix AppArmor or\\n SELinux problems from inside a container.\\n - The tests did not represent reality. \xa0Most people would never run container tools within a\\n container, and certain security tools like SELinux and AppArmor would not be tested running\\n inside this environment.\\n\\n- PAPR\\n\\n - An internal \\"maintenance mode\\" service, meaning only bug-fixes, no new features. Supported by a\\n single, talented engineer, from another group, perfectly happy to be working on something else.\\n - Fortunately it does have great support for running things on Atomic Host, which we still use to\\n maintain our insanity...I mean, double-check some things.\\n - The underlying infrastructure is unpredictably reliable. Mainly due to frequent\\n [dog-food poisoning](https://en.wikipedia.org/wiki/Eating_your_own_dog_food).\\n\\n- OpenShift\\n - An elegant, impressive piece of machinery, with tests so numerous that most other projects would\\n have trouble calling up enough drool.\\n - Fantastic at testing containers and at-scale orchestration. \xa0However way too complex for our\\n low-level, host-side poking of runtimes, and userspace.\\n - Downstream from libpod by weeks or months depending on the platform, like RHEL for example.\\n - Both Travis and PAPR already demonstrated the pain of testing host-side libraries/tools\\n within a container, no further lessons or reruns required.\\n\\nAs if this vegetarian sausage wasn\'t already dripping with liquid goodness. \xa0The smallest little\\nnetwork blip, and you have to re-run the entire suite again. \xa0The importance of network speed and\\nrobustness can never be overstated. So I set out on a mission against complexity, toward being\\nable to reliably and frequently ruin engineer\'s \\"perfectly good\\" code before it merges.\\n\\n### GET OFF MY LAWWWWWN!\\n\\nThe Cirrus CI killer feature. \xa0You can selfishly\\n[bring\xa0your own cloud](https://cirrus-ci.org/guide/supported-computing-services/)\\nand everything else to make\\nit work, and not have to share with Billy Bob\'s Used tire and doughnut shop. \xa0You\'re the master of\\nthe entire host and runtime environment, OS, kernel, packages, updates, everything! \xa0Then, with\\n[the Cirrus CI app](https://github.com/marketplace/cirrus-ci)\\non your code repository, testing follows this simple automated sequence:\\n\\n1. Create VMs (or containers) in your cloud, using your encrypted credentials.\\n2. Follow [instructions you\'ve spelled out like B-A-S-H](https://cirrus-ci.org/guide/writing-tasks/#script-instruction).\\n3. Show green on exit(0) - the \\"pretty\\" engineer\'s code is properly spoiled (i.e. functional).\\n\\nSo\\n[Cirrus CI gives all the power](https://cirrus-ci.org/#comparison-with-popular-ciaas)\\nfor success, and/or blasting giant, perfectly round, holes in your own two feet!\\nOur CI experience can be as simple or complex as we like, and reliability will match that of major\\ncloud providers and the inverse of our cleverness. What could possibly go wrong? :D\\n\\n### VM Image Orchestration\\n\\nImplementing the bowels of any CI/Automation stack usually begins with orchestrate the initial\\noperating system state. \xa0Therefore, for efficiency-sake, it\'s handy to cache this work before,\\nexercising project-code changes. Otherwise, it\'s a complete waste of (expensive) engineer-time\\nto constantly install, update, and configure all aspects of the system during every test run.\\n\\nAs\\n[recommended by Cirrus CI](https://cirrus-ci.org/guide/supported-computing-services/#custom-vm-images)\\n, we utilize a tool by the inventors of Vagrant: [Packer](https://www.packer.io/). \xa0I was able to\\nmake it do things in a matter of minutes, as packer is fairly brain-dead-simple. \xa0It accepts a JSON\\nfile, which I have simplified as YAML for readability. A simple (non-functional) example will\\ndemonstrate the basic ideas:\\n{% raw %}\\n\\n````yaml\\n---\\n\\nvariables: \xa0# all up-front, no guessing allowed!\\n \xa0\xa0\xa0foo: \\"bar\\" # simple\\n \xa0\xa0\xa0build_image_suffix: \\"-libpod-{{env `COMMIT_SHA`}}\\"# from env. var\\n\\nbuilders: \xa0# Where to do stuff\\n\\n \xa0\xa0\xa0- type: \\"googlecompute\\" \xa0\xa0# TONS of others supported too\\n \xa0\xa0\xa0\xa0\xa0image_name: \'{{build_name}}{{user `build_image_suffix`}}\'\\n \xa0\xa0\xa0\xa0\xa0# ... more details ...\\n\\n \xa0\xa0\xa0- type \\"googlecompute\\"\\n \xa0\xa0\xa0\xa0\xa0# ...other OSes...\\n\\nprovisioners: \xa0# How to do stuff\\n\\n - type: \\"shell\\"\\n script: \\"/path/to/{{build_name}}_setup.sh\\" \xa0# macro looks up OS\\n\\npost-processors: \xa0# Where to stick stuff\\n - - type: \'googlecompute-export\'\\n paths: ... # name of storage bucket where VM Image will rest.\\n```{% endraw %}\\n\\nIn English, the above translates to:\\n\\n1. Using some provided variables like `foo`, but fill the variable `build_image_suffix`\\n using the env. vars `$COMMIT_SHA`\\n2. Spin up some VMs in GCE.\\n3. Upload and execute a shell script on each VM (in parallel).\\n4. Assuming success, store the resulting VM image into a storage bucket for\\n later use as needed, or will expire and get automatically deleted after a time.\\n\\nPerhaps that\'s over-simplifying things a little, but\\npacker provides mostly [just the bear-necessities](https://www.packer.io/docs/provisioners/index.html)\\n(sorry, [song is stuck in my head](https://www.youtube.com/watch?v=08NlhjpVFsU)). Roughly ten\\nminutes after running a simple packer build command, the VMs are automatically torn down, and their disks\\nsaved. \xa0At a time of our choosing, an image can be imported from the storage bucket,\\nthen a small PR tossed up to activate the images for Cirrus.\\n\\n### Packer → Cirrus-CI Connection\\n\\nNext up the stack, we\'ll dig into some basic details of the Cirrus CI system. \xa0If you\'ve used\\nservices like Travis before, this example .cirrus.yml file won\'t be too surprising (simplified\\nsomewhat for example purposes):\\n\\n```yaml\\n---\\n\\n# Safely stored details about accessing our cloud\\ngcp_credentials: ENCRYPTED[blahblah]\\n\\nenv: \xa0# environment and behavioral values for all tasks and scripts\\n \xa0\xa0\xa0# Where to clone the source code into\\n \xa0\xa0\xa0CIRRUS_WORKING_DIR: \\"/var/tmp/go/src/github.com/containers/libpod\\"\\n \xa0\xa0\xa0SCRIPT_BASE: ./contrib/cirrus \xa0# saves some typing (below)\\n\\ntesting_task: \xa0# One particular set of things to do\\n\\n \xa0\xa0\xa0gce_instance: \xa0# What kind of VM to use\\n \xa0\xa0\xa0\xa0\xa0\xa0\xa0image_name: \xa0# Same as image_name produced by packer (above)\\n\\n \xa0\xa0\xa0script: \xa0# Step by step\\n \xa0\xa0\xa0\xa0\xa0\xa0\xa0- $SCRIPT_BASE/setup_environment.sh \xa0\xa0# does what it says\\n \xa0\xa0\xa0\xa0\xa0\xa0\xa0- $SCRIPT_BASE/unit_test.sh \xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0# this too\\n \xa0\xa0\xa0\xa0\xa0\xa0\xa0- $SCRIPT_BASE/integration_test.sh \xa0\xa0\xa0# and this\\n````\\n\\nWith [Cirrus CI \\"installed\\"](https://cirrus-ci.org/guide/quick-start/)\\non a GitHub repository, upon any pull\\nrequest change, Cirrus CI will step\\nin to kick things within GCE, then report back results in your pull request.\\n\\nHowever, we also need to test more than one OS. \xa0This is easily accomplished in Cirrus CI, by\\nusing what they call a\\n[matrix modification](https://cirrus-ci.org/guide/writing-tasks/#matrix-modification).\\nRoughly translated into simple country-folk speak as: \\"_we done messed up our YAML parser\\nto do more fancier things, and stuff_\\". Illustrated in part by looking at an\\nexcerpt from our\\n[actual .cirrus.yml file](https://github.com/containers/podman/blob/main/.cirrus.yml)\\nin the libpod repository:\\n\\n```yaml\\n...cut...\\n\\ntesting_task:\\n\\n \xa0\xa0gce_instance:\\n \xa0\xa0\xa0\xa0\xa0\xa0\xa0image_project: \\"libpod-123456\\"\\n \xa0\xa0\xa0\xa0\xa0\xa0\xa0zone: \\"us-central1-a\\"\\n \xa0\xa0\xa0\xa0\xa0\xa0\xa0cpu: 2\\n \xa0\xa0\xa0\xa0\xa0\xa0\xa0memory: \\"4Gb\\"\\n \xa0\xa0\xa0\xa0\xa0\xa0\xa0disk: 200\\n \xa0\xa0\xa0\xa0\xa0\xa0\xa0matrix:\\n \xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0image_name: \\"ubuntu-18-libpod-a250386d\\" # <-- name from packer\\n \xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0image_name: \\"fedora-28-libpod-a250386d\\"\\n \xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0image_name: \\"fedora-29-libpod-a250386d\\"\\n...cut...\\n```\\n\\nThe above will automatically duplicate the `testing_task` three times, running a different VM image\\nfor each. You can run a matrix across other items as well, like environment variables. There are\\nalso options for filtering your matrix, and adding dependencies between tasks. I\'d spell those\\nour for you, but it\'s liable to suck the lubrication from your fidget-spinner.\\n\\n### Good looks and clean presentation\\n\\nAnother Cirrus CI feature we utilize, has to do with the way\\n[the scripting](https://cirrus-ci.org/guide/writing-tasks/#script-instruction) output is\\npresented. This\\nincludes what you don\'t see, like extraneous buttons and widgets. The way details are presented\\ncan be critical for debugging. Here\'s how we leverage that simplicity:\\n\\n```yaml\\ntesting_task:\\n\\n \xa0\xa0\xa0...cut...\\n\\n \xa0\xa0\xa0setup_environment_script: $SCRIPT_BASE/setup_environment.sh\\n\\n \xa0\xa0\xa0unit_test_script: $SCRIPT_BASE/unit_test.sh\\n \xa0\xa0\xa0integration_test_script: $SCRIPT_BASE/integration_test.sh\\n\\n \xa0\xa0\xa0...cut...\\n```\\n\\nIt\'s possible to have multiple scripts or commands per \\\\_script section. \xa0Because we dedicate one\\nper, the output is presented in bite-size pieces:\\n\\nThis makes it super easy to find what you\'re looking for. If the unit-tests fail with a complaint about\\nsome invalid environment variable. It\'s easier to drop down that box than to go scrolling through\\na giant\\n[wall of text](https://en.wikipedia.org/wiki/Wikipedia:Wall_of_text)\\n(though that\'s sometimes necessary also). On the other hand, if the output\\nwas all jammed into a single \\\\_script block, tracking down problems might get too challenging\\nfor my old-fogy sensibilities. Mind I\'ve only celebrated my 38th birthday four times so far...and\\nremember exactly zero of what happened those nights.\\n\\n### Conclusion\\n\\nThere are many other details I could get into, but sadly, my coffee mug is empty and I can see that I\\nforgot to wash it (again). \xa0Nevertheless, if you need some simple nuts-and-bolts automation, I\\nhighly recommend [Cirrus-CI](https://cirrus-ci.org). It\'s (beer) free to use for open-source\\nprojects. The\\n[Google Cloud Engine](https://cloud.google.com)\\nis also pseudo-free for quite a while, since they give you a\\nvery generous, and substantial startup credit.\\n\\nOther than finding a new mug or my soap, if there are any burning questions here,\\nor snide remarks there, please feel free to find me in #podman on Freenode (IRC).\\nUnless the question is too-smart, I might even be able to answer it. Until then,\\nmay your pretty code keep its bugs well hidden _and_ out of sight."},{"id":"/2019/03/16/podman-install","metadata":{"permalink":"/blogs/2019/03/16/podman-install","source":"@site/blog/2019-03-16-podman-install.md","title":"podman-install","description":"x---","date":"2019-03-16T00:00:00.000Z","formattedDate":"March 16, 2019","tags":[],"readingTime":0.36,"hasTruncateMarker":false,"authors":[],"frontMatter":{},"prevItem":{"title":"CI, and CI, and CI, oh my! (then more CI)","permalink":"/blogs/2019/03/18/CI3"},"nextItem":{"title":"Podman and Buildah for Docker Users!","permalink":"/blogs/2019/02/21/pandb-4-users"}},"content":"x---\\ntitle: Installation of Podman to Run Docker Container - Part 1 \\nlayout: default\\nauthor: tsweeney\\ncategories: [blogs]\\ntags: [containers, images, docker, buildah, podman, oci]\\n\\n---\\n\\n![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Installation of Podman to Run Docker Container - Part 1\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nA new article about how Opvizor installed [Podman to run Docker containers](https://www.opvizor.com/installation-of-podman-to-run-docker-container-part-1?sp_url=6k5w). This blog entry at Opvizor looks into their installation process and their early takeaways on Podman."},{"id":"/2019/02/21/pandb-4-users","metadata":{"permalink":"/blogs/2019/02/21/pandb-4-users","source":"@site/blog/2019-02-21-pandb-4-users.md","title":"Podman and Buildah for Docker Users!","description":"podman logo","date":"2019-02-21T00:00:00.000Z","formattedDate":"February 21, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.295,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman and Buildah for Docker Users!","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"podman-install","permalink":"/blogs/2019/03/16/podman-install"},"nextItem":{"title":"Container Tools on RHEL 8 & How to Hack Podman","permalink":"/blogs/2019/02/07/hack-and-tools"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman and Buildah for Docker Users\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nA new article about how Docker users can use Podman and Buildah on the [Red Hat Developer Site](https://developers.redhat.com/blog/2019/02/21/podman-and-buildah-for-docker-users/). William Henry (@ipbabble) introduces the two tools to Docker users and explains how they can be used to replace Docker and how the two tools are related."},{"id":"/2019/02/07/hack-and-tools","metadata":{"permalink":"/blogs/2019/02/07/hack-and-tools","source":"@site/blog/2019-02-07-hack-and-tools.md","title":"Container Tools on RHEL 8 & How to Hack Podman","description":"podman logo","date":"2019-02-07T00:00:00.000Z","formattedDate":"February 7, 2019","tags":[],"readingTime":0.355,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"layout":"default","title":"Container Tools on RHEL 8 & How to Hack Podman","author":"tsweeney","categories":["blogs"]},"prevItem":{"title":"Podman and Buildah for Docker Users!","permalink":"/blogs/2019/02/21/pandb-4-users"},"nextItem":{"title":"Programmatic remote access to Podman via the varlink protocol","permalink":"/blogs/2019/01/16/podman-varlink"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\nScott McCarty wrote \\"[Red Hat Enterprise Linux 8 Beta: A new set of container tools](https://www.redhat.com/en/blog/red-hat-enterprise-linux-8-beta-new-set-container-tools)\\". In the blog Scott introduces the new container tools in RHEL 8 Beta. Spoiler Alert! No Big Fat Daemons were harmed in the examples Scott provides!\\n\\nHerv\xe9 Beraud wrote \\"[How to Hack on Podman](https://herve.beraud.io/containers/linux/podman/isolate/environment/2019/02/06/how-to-hack-on-podman.html), which walks you through contributing to the Podman project.\\n\\nBoth are great reads to help build your container tools knowledge."},{"id":"/2019/01/16/podman-varlink","metadata":{"permalink":"/blogs/2019/01/16/podman-varlink","source":"@site/blog/2019-01-16-podman-varlink.md","title":"Programmatic remote access to Podman via the varlink protocol","description":"podman logo","date":"2019-01-16T00:00:00.000Z","formattedDate":"January 16, 2019","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"varlink","permalink":"/blogs/tags/varlink"},{"label":"rust","permalink":"/blogs/tags/rust"},{"label":"python","permalink":"/blogs/tags/python"},{"label":"go","permalink":"/blogs/tags/go"},{"label":"golang","permalink":"/blogs/tags/golang"}],"readingTime":7.015,"hasTruncateMarker":true,"authors":[{"name":"haraldh"}],"frontMatter":{"title":"Programmatic remote access to Podman via the varlink protocol","layout":"default","author":"haraldh","categories":["blogs"],"tags":["podman","varlink","rust","python","go","golang"]},"prevItem":{"title":"Container Tools on RHEL 8 & How to Hack Podman","permalink":"/blogs/2019/02/07/hack-and-tools"},"nextItem":{"title":"Managing pods and containers in a local container runtime","permalink":"/blogs/2019/01/15/podman-pods"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Programmatic remote access to Podman via the varlink protocol\\n\\n## By Harald Hoyer [GitHub](https://github.com/haraldh)\\n\\nThis guide shows how to access Podman remotely via the [varlink interface](https://varlink.org)\\nwith CLI tools and programmatically with python, go and rust.\\n\\nThis should work on Linux, MacOS and Windows 10.\\n\\nThe [compatibility matrix](https://varlink.org/Language-Bindings) shows which feature is supported on which OS in which language.\\n\\n> Note: replace `` in this guide with the IP or hostname of your\\n> Podman machine\\n\\n\x3c!--truncate--\x3e\\n\\n## Prerequisites\\n\\n### Windows ssh\\n\\nIf you are on a windows client machine, install the OpenSSH Client built by Microsoft in a cmd.exe in\\nadmin mode:\\n\\n```cmd\\n> dism /online /Add-Capability /CapabilityName:OpenSSH.Client~~~~0.0.1.0\\n```\\n\\nClose cmd.exe window.\\n\\n> Note: Works also with other ssh clients, e.g. ssh from [Git Bash](https://gitforwindows.org/).\\n\\n### Generate ssh keys\\n\\nIf you don\'t want to type your password all the time, or not use an ssh agent, set an empty password.\\n\\n```bash\\n$ ssh-keygen -f ~/.ssh/podmanuser\\n```\\n\\n## Set up Podman on the Fedora/RHEL machine\\n\\n```bash\\n$ sudo yum install podman libvarlink-util\\n$ sudo groupadd podman\\n```\\n\\nCopy `/lib/tmpfiles.d/podman.conf` to `/etc/tmpfiles.d/podman.conf`.\\n\\n```bash\\n$ sudo cp /lib/tmpfiles.d/podman.conf /etc/tmpfiles.d/podman.conf\\n```\\n\\nEdit `/etc/tmpfiles.d/podman.conf`:\\n\\n```\\nd /run/podman 0750 root podman\\n```\\n\\nCopy `/lib/systemd/system/io.podman.socket` to `/etc/systemd/system/io.podman.socket`.\\n\\n```bash\\n$ sudo cp /lib/systemd/system/io.podman.socket /etc/systemd/system/io.podman.socket\\n```\\n\\nEdit section `[Socket]` of `/etc/systemd/system/io.podman.socket`:\\n\\n```\\n[Socket]\\nListenStream=/run/podman/io.podman\\nSocketMode=0660\\nSocketGroup=podman\\n```\\n\\nThen activate the changes:\\n\\n```bash\\n$ sudo systemctl daemon-reload\\n$ sudo systemd-tmpfiles --create\\n$ sudo systemctl enable --now io.podman.socket\\n```\\n\\nThe directory and socket now belongs to the podman group\\n\\n```bash\\n$ sudo ls -al /run/podman\\ndrwxr-x---. 2 root podman 60 14. Jan 14:50 .\\ndrwxr-xr-x. 51 root root 1420 14. Jan 14:36 ..\\nsrw-rw----. 1 root podman 0 14. Jan 14:50 io.podman\\n```\\n\\n> Note: Wouldn\'t it be nice, if there was a Podman group owning the socket already? ;-)\\n\\nNow we are adding a user `podmanuser` and set a password:\\n\\n```bash\\n$ sudo useradd podmanuser -G podman\\n$ sudo passwd podmanuser\\n```\\n\\nFrom your client machine do\\n\\n```bash\\n$ ssh-copy-id -f ~/.ssh/podmanuser podmanuser@\\n```\\n\\n### ssh config\\n\\nEdit `.ssh/config`\\n\\n```\\nHost \\n RequestTTY no\\n IdentityFile ~/.ssh/podmanuser\\n User podmanuser\\n VisualHostKey no\\n RemoteCommand /usr/bin/varlink bridge --connect unix:/run/podman/io.podman\\n GSSAPIAuthentication no\\n ForwardX11 no\\n```\\n\\n### Optional Lock Down\\n\\nLog into ``\\n\\n```bash\\n$ ssh podmanuser@\\n```\\n\\nNow we lock down `podmanuser` to only be used with the varlink bridge from your client machine:\\n\\nEdit `.ssh/authorized-keys` so that the line begins with:\\n\\n```\\ncommand=\\"/usr/bin/varlink bridge --connect unix:/run/podman/io.podman\\",no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-X11-forwarding ssh-rsa [\u2026]\\n```\\n\\nLog out of ``\\n\\n## Python\\n\\n### Install Python\\n\\nhttps://www.python.org/downloads/\\n\\n### Install varlink for Python\\n\\n```bash\\n$ pip install --user \\"varlink>=30.0.2\\"\\n```\\n\\n### Test if the varlink cli module works\\n\\n```bash\\n$ python -m varlink.cli --help\\nusage: cli.py [-h] [-r RESOLVER] [-A ACTIVATE] [-b BRIDGE]\\n {info,help,bridge,call} ...\\n\u2026\\n```\\n\\n### Interfacing Podman with the python cli module\\n\\n```bash\\n$ python -m varlink.cli --bridge \\"ssh \\" info\\ninfo\\n.1:1234\\nVendor: Atomic\\nProduct: podman\\nVersion: 0.10.1\\nURL: https://github.com/containers/podman\\nInterfaces:\\n org.varlink.service\\n io.podman\\n\\n$ python -m varlink.cli --bridge \\"ssh \\" call io.podman.Ping {}\\n{\\n \\"ping\\": {\\n \\"message\\": \\"OK\\"\\n }\\n}\\n```\\n\\n### Python Client Example\\n\\n`podmanclient.py`:\\n\\n```python\\nimport varlink\\n\\nwith varlink.Client.new_with_bridge([\\"ssh\\", \\"\\"]) as client:\\n with client.open(\\"io.podman\\") as podman:\\n print(podman.Ping())\\n print(podman.GetInfo())\\n print(podman.GetVersion())\\n\\n info = podman.GetInfo()\\n print(\\"Uptime:\\", info[\\"info\\"][\\"host\\"][\\"uptime\\"])\\n print(\\"Os:\\", info[\\"info\\"][\\"host\\"][\\"os\\"])\\n\\n try:\\n podman.MountContainer(\\"container-id\\")\\n except varlink.error.VarlinkError as e:\\n print(e.error(), e.parameters())\\n print(e.as_dict())\\n```\\n\\nTo find out more about the Podman varlink interface read the [io.podman.varlink](https://github.com/containers/podman/blob/main/cmd/podman/varlink/io.podman.varlink) file or\\nthe rendered [API.md](https://github.com/containers/podman/blob/main/API.md).\\n\\nOr you can inspect, what methods your Podman version on `` provides:\\n\\n```bash\\n$ python -m varlink.cli --bridge \\"ssh \\" help io.podman\\n```\\n\\n## Go\\n\\n### Installation\\n\\n```bash\\n$ go get -u github.com/varlink/go/varlink\\n$ go install github.com/varlink/go/cmd/varlink\\n$ go install github.com/varlink/go/cmd/varlink-go-interface-generator\\n```\\n\\n### Running the varlink CLI command\\n\\nThe `varlink` CLI command in `$GOPATH/bin` should output:\\n\\n```bash\\n$ varlink --bridge \\"ssh \\" info\\nVendor: Atomic\\nProduct: podman\\nVersion: 0.10.1\\nURL: https://github.com/containers/podman\\nInterfaces:\\n org.varlink.service\\n io.podman\\n$ varlink --bridge \\"ssh \\" call io.podman.Ping\\n{\\n \\"ping\\": {\\n \\"message\\": \\"OK\\"\\n }\\n}\\n\\n$ varlink --bridge \\"ssh \\" call io.podman.MountContainer \\"{\\\\\\"name\\\\\\": \\\\\\"container-id\\\\\\"}\\"\\nError: Call failed with error: io.podman.ErrorOccurred\\n{\\n \\"reason\\": \\"no container with name or ID container-id found: no such container\\"\\n}\\n```\\n\\nTo find out more about the Podman varlink interface read the [io.podman.varlink](https://github.com/containers/podman/blob/main/cmd/podman/varlink/io.podman.varlink) file or\\nthe rendered [API.md](https://github.com/containers/podman/blob/main/API.md).\\n\\nOr you can inspect, what methods your Podman version on `` provides:\\n\\n```bash\\n$ varlink --bridge \\"ssh \\" help io.podman\\n```\\n\\n### Go Client Example\\n\\nEither clone this [repository](https://github.com/haraldh/podmangoexampleclient) or:\\n\\nCreate a new go project.\\nCreate a sub directory `iopodman` in the project.\\n\\nCreate the `io.podman.varlink` either from the podman github sources or dynamically with:\\n\\n```bash\\n$ varlink --bridge \\"ssh \\" help io.podman > iopodman/io.podman.varlink\\n```\\n\\nCreate iopodman/generate.go:\\n\\n```go\\npackage iopodman\\n\\n//go:generate $GOPATH/bin/varlink-go-interface-generator io.podman.varlink\\n```\\n\\nRun `go generate`:\\n\\n```bash\\n$ go generate ./...\\n```\\n\\nCreate your main.go:\\n\\n```go\\npackage main\\n\\nimport (\\n\\t\\"flag\\"\\n\\t\\"fmt\\"\\n\\t\\"github.com/haraldh/podmangoexampleclient/iopodman\\"\\n\\t\\"github.com/varlink/go/varlink\\"\\n\\t\\"io\\"\\n\\t\\"os\\"\\n)\\n\\nfunc printError(methodname string, err error) {\\n\\tfmt.Fprintf(os.Stderr, \\"Error calling %s: \\", methodname)\\n\\tswitch e := err.(type) {\\n\\tcase *iopodman.ImageNotFound:\\n\\t\\t//error ImageNotFound (name: string)\\n\\t\\tfmt.Fprintf(os.Stderr, \\"\'%v\' name=\'%s\'\\\\n\\", e, e.Name)\\n\\n\\tcase *iopodman.ContainerNotFound:\\n\\t\\t//error ContainerNotFound (name: string)\\n\\t\\tfmt.Fprintf(os.Stderr, \\"\'%v\' name=\'%s\'\\\\n\\", e, e.Name)\\n\\n\\tcase *iopodman.NoContainerRunning:\\n\\t\\t//error NoContainerRunning ()\\n\\t\\tfmt.Fprintf(os.Stderr, \\"\'%v\'\\\\n\\", e)\\n\\n\\tcase *iopodman.PodNotFound:\\n\\t\\t//error PodNotFound (name: string)\\n\\t\\tfmt.Fprintf(os.Stderr, \\"\'%v\' name=\'%s\'\\\\n\\", e, e.Name)\\n\\n\\tcase *iopodman.PodContainerError:\\n\\t\\t//error PodContainerError (podname: string, errors: []PodContainerErrorData)\\n\\t\\tfmt.Fprintf(os.Stderr, \\"\'%v\' podname=\'%s\' errors=\'%v\'\\\\n\\", e, e.Podname, e.Errors)\\n\\n\\tcase *iopodman.NoContainersInPod:\\n\\t\\t//error NoContainersInPod (name: string)\\n\\t\\tfmt.Fprintf(os.Stderr, \\"\'%v\' name=\'%s\'\\\\n\\", e, e.Name)\\n\\n\\tcase *iopodman.ErrorOccurred:\\n\\t\\t//error ErrorOccurred (reason: string)\\n\\t\\tfmt.Fprintf(os.Stderr, \\"\'%v\' reason=\'%s\'\\\\n\\", e, e.Reason)\\n\\n\\tcase *iopodman.RuntimeError:\\n\\t\\t//error RuntimeError (reason: string)\\n\\t\\tfmt.Fprintf(os.Stderr, \\"\'%v\' reason=\'%s\'\\\\n\\", e, e.Reason)\\n\\n\\tcase *varlink.InvalidParameter:\\n\\t\\tfmt.Fprintf(os.Stderr, \\"\'%v\' parameter=\'%s\'\\\\n\\", e, e.Parameter)\\n\\n\\tcase *varlink.MethodNotFound:\\n\\t\\tfmt.Fprintf(os.Stderr, \\"\'%v\' method=\'%s\'\\\\n\\", e, e.Method)\\n\\n\\tcase *varlink.MethodNotImplemented:\\n\\t\\tfmt.Fprintf(os.Stderr, \\"\'%v\' method=\'%s\'\\\\n\\", e, e.Method)\\n\\n\\tcase *varlink.InterfaceNotFound:\\n\\t\\tfmt.Fprintf(os.Stderr, \\"\'%v\' interface=\'%s\'\\\\n\\", e, e.Interface)\\n\\n\\tcase *varlink.Error:\\n\\t\\tfmt.Fprintf(os.Stderr, \\"\'%v\' parameters=\'%v\'\\\\n\\", e, e.Parameters)\\n\\n\\tdefault:\\n\\t\\tif err == io.EOF {\\n\\t\\t\\tfmt.Fprintf(os.Stderr, \\"Connection closed\\\\n\\", )\\n\\t\\t} else if err == io.ErrUnexpectedEOF {\\n\\t\\t\\tfmt.Fprintf(os.Stderr, \\"Connection aborted\\\\n\\", )\\n\\t\\t} else {\\n\\t\\t\\tfmt.Fprintf(os.Stderr, \\"%T - \'%v\'\\\\n\\", err, err)\\n\\t\\t}\\n\\t}\\n}\\n\\nfunc main() {\\n\\tvar c *varlink.Connection\\n\\tvar err error\\n\\n c, err = varlink.NewBridge(\\"ssh \\")\\n\\tif err != nil {\\n\\t\\tfmt.Fprintf(os.Stderr, \\"Error connecting: %T - \'%v\'\\\\n\\", err, err)\\n\\t\\tos.Exit(1)\\n\\t}\\n\\n\\t// Be nice and cleanup\\n\\tdefer c.Close()\\n\\n\\tinfo, err := iopodman.GetInfo().Call(c)\\n\\n\\tif err != nil {\\n\\t\\tprintError(\\"GetInfo()\\", err)\\n\\t\\tos.Exit(1)\\n\\t}\\n\\n\\tfmt.Printf(\\"Info: %+v\\\\n\\\\n\\", info)\\n\\n\\tfmt.Printf(\\"Podman Version: %+v\\\\n\\\\n\\", info.Podman.Podman_version)\\n\\n\\tcontainers, err := iopodman.ListContainers().Call(c)\\n\\n\\tif err != nil {\\n\\t\\tprintError(\\"ListContainers()\\", err)\\n\\t\\tos.Exit(1)\\n\\t}\\n\\n\\tfor container := range containers {\\n\\t\\tprint(container)\\n\\t}\\n\\n\\tmount, err := iopodman.MountContainer().Call(c, \\"foo\\")\\n\\tif err != nil {\\n\\t\\tprintError(\\"MountContainer()\\", err)\\n\\t} else {\\n\\t\\tprint(mount)\\n\\t}\\n}\\n```\\n\\n## Rust\\n\\n### Install the rust toolchain\\n\\n#### Windows\\n\\nFirst install the C++ part of https://visualstudio.microsoft.com/downloads/\\n\\n#### All\\n\\nhttps://rustup.rs/\\n\\n### Install varlink-cli\\n\\n#### For non-Linux systems:\\n\\n```bash\\n$ cargo install varlink-cli\\n```\\n\\n> Note: Ensure that $HOME/.cargo/bin is in your PATH or copy $HOME/.cargo/bin/varlink\\n> in one of your path directories\\n\\n#### For Linux systems:\\n\\nYou can also use `varlink` util from [libvarlink](https://github.com/varlink/libvarlink)\\nor install `libvarlink-util` on Fedora/RHEL machines.\\n\\n### Running the varlink CLI command\\n\\nThe `varlink` CLI command in `~/.cargo/bin` should output:\\n\\n```bash\\n$ varlink --bridge \\"ssh \\" info\\nVendor: Atomic\\nProduct: podman\\nVersion: 0.10.1\\nURL: https://github.com/containers/podman\\nInterfaces:\\n org.varlink.service\\n io.podman\\n$ varlink --bridge \\"ssh \\" call io.podman.Ping\\n{\\n \\"ping\\": {\\n \\"message\\": \\"OK\\"\\n }\\n}\\n\\n$ varlink --bridge \\"ssh \\" call io.podman.MountContainer \\"{\\\\\\"name\\\\\\": \\\\\\"container-id\\\\\\"}\\"\\nError: Call failed with error: io.podman.ErrorOccurred\\n{\\n \\"reason\\": \\"no container with name or ID container-id found: no such container\\"\\n}\\n```\\n\\nTo find out more about the Podman varlink interface read the [io.podman.varlink](https://github.com/containers/podman/blob/main/cmd/podman/varlink/io.podman.varlink) file or\\nthe rendered [API.md](https://github.com/containers/podman/blob/main/API.md).\\n\\nOr you can inspect, what methods your Podman version on `` provides:\\n\\n```bash\\n$ varlink --bridge \\"ssh \\" help io.podman\\n```\\n\\n### Rust Client Example\\n\\nEither clone this [repository](https://github.com/haraldh/podmanrs) or:\\n\\n```bash\\n$ cargo new --bin podmanrs\\n$ cd podmanrs\\n```\\n\\nDownload the varlink interface from the running Podman varlink service:\\n\\n```bash\\n$ varlink --bridge \\"ssh \\" help io.podman > src/io.podman.varlink\\n```\\n\\ncreate `build.rs`:\\n\\n```rust\\nextern crate varlink_generator;\\n\\nfn main() {\\n varlink_generator::cargo_build_tosource(\\"src/io.podman.varlink\\", true);\\n}\\n```\\n\\ncreate `Cargo.toml`:\\n\\n```toml\\n[package]\\nname = \\"podmanrs\\"\\nversion = \\"0.1.0\\"\\nauthors = [\\"Harald Hoyer \\"]\\nbuild = \\"build.rs\\"\\nedition = \\"2018\\"\\n\\n[dependencies]\\nvarlink = \\"7\\"\\nserde = \\"1\\"\\nserde_derive = \\"1\\"\\nserde_json = \\"1\\"\\nchainerror = \\"0.4\\"\\n[build-dependencies]\\nvarlink_generator = \\"7\\"\\n```\\n\\ncreate `src/main.rs`:\\n\\n```rust\\nmod io_podman;\\n\\nuse crate::io_podman::*;\\nuse varlink::Connection;\\nuse std::result::Result;\\nuse std::error::Error;\\n\\nfn main() -> Result<(), Box> {\\n let connection = Connection::with_bridge(\\n \\"ssh \\",\\n )?;\\n let mut podman = VarlinkClient::new(connection.clone());\\n let reply = podman.ping().call()?;\\n println!(\\"Ping() replied with \'{}\'\\", reply.ping.message);\\n let reply = podman.get_info().call()?;\\n println!(\\"Hostname: {}\\", reply.info.host.hostname);\\n println!(\\"Info: {:#?}\\", reply.info);\\n Ok(())\\n}\\n```\\n\\nNow run it:\\n\\n```bash\\n$ cargo run\\n```"},{"id":"/2019/01/15/podman-pods","metadata":{"permalink":"/blogs/2019/01/15/podman-pods","source":"@site/blog/2019-01-15-podman-pods.md","title":"Managing pods and containers in a local container runtime","description":"Brent Baude has written a new article called \\"Managing pods and containers in a local container runtime\\" on the","date":"2019-01-15T00:00:00.000Z","formattedDate":"January 15, 2019","tags":[],"readingTime":0.18,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"layout":"default","title":"Managing pods and containers in a local container runtime","author":"baude","categories":["blogs"]},"prevItem":{"title":"Programmatic remote access to Podman via the varlink protocol","permalink":"/blogs/2019/01/16/podman-varlink"},"nextItem":{"title":"Podman Machine and Boot2podman","permalink":"/blogs/2019/01/14/podman-machine-and-boot2podman"}},"content":"Brent Baude has written a new article called \\"[Managing pods and containers in a local container runtime](https://developers.redhat.com/blog/2019/01/15/podman-managing-containers-pods/)\\" on the\\nRed Hat Developer site. Learn how using pods in Podman can help organize and orchestrate your containers."},{"id":"/2019/01/14/podman-machine-and-boot2podman","metadata":{"permalink":"/blogs/2019/01/14/podman-machine-and-boot2podman","source":"@site/blog/2019-01-14-podman-machine-and-boot2podman.md","title":"Podman Machine and Boot2podman","description":"boot2podman logo","date":"2019-01-14T00:00:00.000Z","formattedDate":"January 14, 2019","tags":[{"label":"boot2podman","permalink":"/blogs/tags/boot-2-podman"},{"label":"podman+machine","permalink":"/blogs/tags/podman-machine"}],"readingTime":2.835,"hasTruncateMarker":true,"authors":[{"name":"afbjorklund"}],"frontMatter":{"title":"Podman Machine and Boot2podman","layout":"default","author":"afbjorklund","categories":["blogs"],"tags":["boot2podman","podman+machine"]},"prevItem":{"title":"Managing pods and containers in a local container runtime","permalink":"/blogs/2019/01/15/podman-pods"},"nextItem":{"title":"RHEl 8 beta and Podman","permalink":"/blogs/2019/01/08/rhel-8-and-podman"}},"content":"![boot2podman logo](https://raw.githubusercontent.com/boot2podman/boot2podman/master/logo.png)\\n\\n# Podman Machine and Boot2podman\\n\\n## By Anders F Bj\xf6rklund [GitHub](https://github.com/afbjorklund)\\n\\n### Update: September 9, 2021 - Tom Sweeney\\n\\nThis post initially discussed the boot2podman/machine project, which Anders has since deprecated. Starting with Podman v3.3, the `podman machine` command now does that same function and is part of the Podman project. Please see Brent Baude\'s [update](https://podman.io/blogs/2021/09/06/podman-on-macs.html) or the [podman machine](https://docs.podman.io/en/latest/machine.html) man page on [docs.podman.io](https://docs.podman.io/) for more information on how to run Podman machine. The `podman-machine` command has been deprecated.\\n\\nIn addition, the Podman team is investigating the possibility of creating `Podman Desktop`. Please see the issue on [GitHub](https://github.com/containers/podman/issues/11494), and please add your comments or thoughts to that issue.\\n\\nMore updates are coming, and please keep your eye on the [Podman Mailing List](https://podman.io/community/#mailing-list) and [podman.io](https://podman.io) for further information and developments.\\n\\nFinally, a very big thank you to Anders for his many contributions to Podman, particularly for his work in getting Podman to work smoothly on macOS.\\n\\n## Original Post\\n\\nBy using `podman-machine` and indirectly `boot2podman`, it is easy to get started with podman even if your local host does not support it...\\n\\nIt will start a virtual machine, with everything to run containers. This includes `podman` and `buildah`, and remote access over `varlink`.\\n\\n\x3c!--truncate--\x3e\\n\\nThe command-line tool `podman-machine` is a simple way to create virtual machines running `boot2podman.iso`.\\nIt will create a \\"machine\\" with Linux prepared for running Linux containers, with [Podman](https://podman.io) and [Buildah](https://buildah.io) (and their dependencies) pre-installed.\\n\\nThis way any client will be able to run containers, even though not possible on their operating system.\\nWhether their Linux distribution is too old or too unprivileged, or if they are running Windows or OS X operating systems without native Linux support.\\n\\n## Podman Machine\\n\\nMachine lets you create servers with Podman, then configures the Podman clients.\\n\\n```console\\n$ podman-machine create box\\n$ podman-machine ssh box\\n\\ntc@box:~$ sudo podman\\n```\\n\\nWill automatically download the latest version of the ISO, if not available in the cache.\\n\\n_See:_ [https://github.com/boot2podman/machine](https://github.com/boot2podman/machine)\\n\\n## Boot2Podman ISO\\n\\nBoot2podman is a lightweight Linux distribution made specifically to run Linux containers.\\n\\n- Tiny Core Linux 9.x (x86_64)\\n- Buildah / Varlink / Podman\\n\\nThe distribution runs entirely from RAM, while persisting the containers and ssh keys.\\n\\n_See:_ [https://github.com/boot2podman/boot2podman](https://github.com/boot2podman/boot2podman)\\n\\n## Remote Access\\n\\nIt is possible to use the `pypodman` command-line tool, to control podman remotely:\\n\\n```console\\n$ eval $(podman-machine env box)\\n$ pypodman version\\n```\\n\\n[https://github.com/containers/python-podman](https://github.com/containers/python-podman)\\n\\nOr alternatively to use the `varlink-go` command-line tool, to access the podman API:\\n\\n```console\\n$ eval $(podman-machine env box --varlink)\\n$ varlink-go call io.podman.GetVersion\\n```\\n\\n[https://github.com/boot2podman/varlink-go](https://github.com/boot2podman/varlink-go)\\n\\nBoth methods use SSH, in order to access the podman varlink socket of the VM.\\n\\nThe SSH keys and other configuration is automatically created with the machine.\\n\\n## Tiny Core\\n\\nThe regular `boot2podman.iso` is based on [Tiny Core Linux](http://tinycorelinux.net):\\n\\n[https://github.com/boot2podman/boot2podman/releases](https://github.com/boot2podman/boot2podman/releases)\\n\\nThis is a minimal system, that runs entirely from RAM and uses `init(1)`.\\n\\nThe package manager uses TCZ packages, handled by the `tce-load` program.\\n\\n_See:_ [https://en.wikipedia.org/wiki/Tiny_Core_Linux](https://en.wikipedia.org/wiki/Tiny_Core_Linux)\\n\\n## Fedora\\n\\nThere is also an alternative version, based on [Fedora Linux](https://getfedora.org/):\\n\\n[https://github.com/boot2podman/boot2podman-fedora-iso/releases](https://github.com/boot2podman/boot2podman-fedora-iso/releases)\\n\\nThis is a full system, that boots a regular image and uses `systemd(1)`.\\n\\nThe package manager uses RPM packages, handled by the `dnf` program.\\n\\n_See:_ [https://en.wikipedia.org/wiki/Fedora\\\\_(operating_system)]()\\n\\nBoth versions will do the same thing, in that they will both offer the Podman varlink socket.\\n\\nThe Podman Machine can set up virtual machines for either, by using the \\"url\\" parameters.\\n\\n---\\n\\nFor more posts about boot2podman, see: [https://boot2podman.github.io/](https://boot2podman.github.io/)"},{"id":"/2019/01/08/rhel-8-and-podman","metadata":{"permalink":"/blogs/2019/01/08/rhel-8-and-podman","source":"@site/blog/2019-01-08-rhel-8-and-podman.md","title":"RHEl 8 beta and Podman","description":"Daniel Koszegi has posted a new blog: \\"First look at RHEL 8 and Podman\\". Daniel talks about the RHEL 8 beta and how Podman figures into it!.","date":"2019-01-08T00:00:00.000Z","formattedDate":"January 8, 2019","tags":[],"readingTime":0.135,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"layout":"default","title":"RHEl 8 beta and Podman","author":"tsweeney","categories":["blogs"]},"prevItem":{"title":"Podman Machine and Boot2podman","permalink":"/blogs/2019/01/14/podman-machine-and-boot2podman"},"nextItem":{"title":"Software Factory Container With Buildah And Podman","permalink":"/blogs/2019/01/07/software-factory-podman"}},"content":"Daniel Koszegi has posted a new blog: \\"[First look at RHEL 8 and Podman](https://medium.com/@danielkoszegi/first-look-at-rhel-8-beta-and-podman-f344165c1620)\\". Daniel talks about the RHEL 8 beta and how Podman figures into it!."},{"id":"/2019/01/07/software-factory-podman","metadata":{"permalink":"/blogs/2019/01/07/software-factory-podman","source":"@site/blog/2019-01-07-software-factory-podman.md","title":"Software Factory Container With Buildah And Podman","description":"Tristan de Cacqueray has posted a new blog: \\"Software Factory Container With Buildah And Podman\\".","date":"2019-01-07T00:00:00.000Z","formattedDate":"January 7, 2019","tags":[],"readingTime":0.15,"hasTruncateMarker":false,"authors":[{"name":"tristanC"}],"frontMatter":{"layout":"default","title":"Software Factory Container With Buildah And Podman","author":"tristanC","categories":["blogs"]},"prevItem":{"title":"RHEl 8 beta and Podman","permalink":"/blogs/2019/01/08/rhel-8-and-podman"},"nextItem":{"title":"New Blog from Emilien Macchi, Part 4!","permalink":"/blogs/2018/12/14/openstack-podman-healthchecks"}},"content":"Tristan de Cacqueray has posted a new blog: \\"[Software Factory Container With Buildah And Podman](https://www.softwarefactory-project.io/software-factory-container-with-buildah-and-podman.html)\\".\\nTristan explains how to use Buildah and Podman to containerize a systemd based service suite."},{"id":"/2018/12/14/openstack-podman-healthchecks","metadata":{"permalink":"/blogs/2018/12/14/openstack-podman-healthchecks","source":"@site/blog/2018-12-14-openstack-podman-healthchecks.md","title":"New Blog from Emilien Macchi, Part 4!","description":"Emilien Macchi has posted a fourth blog on how his group is running Healthchecks for Podman containers: \\"OpenStack Containerization with Podman \u2013 Part 4 (Healthchecks)\\". Check it out!","date":"2018-12-14T00:00:00.000Z","formattedDate":"December 14, 2018","tags":[],"readingTime":0.14,"hasTruncateMarker":false,"authors":[],"frontMatter":{"layout":"default","title":"New Blog from Emilien Macchi, Part 4!","categories":["new"]},"prevItem":{"title":"Software Factory Container With Buildah And Podman","permalink":"/blogs/2019/01/07/software-factory-podman"},"nextItem":{"title":"Simplifying Podman commands with labels","permalink":"/blogs/2018/12/03/podman-runlabel"}},"content":"[Emilien Macchi](https://twitter.com/EmilienMacchi) has posted a fourth blog on how his group is running Healthchecks for Podman containers: \\"[OpenStack Containerization with Podman \u2013 Part 4 (Healthchecks)](https://my1.fr/blog/openstack-containerization-with-podman-part-4-healthchecks/)\\". Check it out!"},{"id":"/2018/12/03/podman-runlabel","metadata":{"permalink":"/blogs/2018/12/03/podman-runlabel","source":"@site/blog/2018-12-03-podman-runlabel.md","title":"Simplifying Podman commands with labels","description":"podman logo","date":"2018-12-03T00:00:00.000Z","formattedDate":"December 3, 2018","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"}],"readingTime":2.015,"hasTruncateMarker":true,"authors":[{"name":"baude"}],"frontMatter":{"title":"Simplifying Podman commands with labels","layout":"default","author":"baude","categories":["blogs"],"tags":["podman","containers"]},"prevItem":{"title":"New Blog from Emilien Macchi, Part 4!","permalink":"/blogs/2018/12/14/openstack-podman-healthchecks"},"nextItem":{"title":"Podman container|image exists","permalink":"/blogs/2018/11/27/podman-exists"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Simplifying Podman commands with labels\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\nCommands used by container runtimes to create containers have become complex. It is on purpose of course. When creating\\ncontainers, we want the ability to specify various security or network attributes. But if you are in the unenviable position to have to keystroke in some of these lengthy commands, it can grow tiresome. Defining labels on the container image is a great way to define how the container should be run; however, now with Podman we can read and execute that label saving you potential command line bloat.\\n\\n\x3c!--truncate--\x3e\\n\\n### Container image Labels\\n\\nContainer images have had the concept of a label for quite some time. They are often used as identifiers for the image; i.e. version, release, author, etc. But you can create a container label for just about anything. With the Atomic CLI project, we used to leverage labels such as RUN, INSTALL, and UNINSTALL. These labels we defined for the purpose of their verbiage.\\n\\n### Podman container runlabel\\n\\nTo mimic the Atomic CLI project, we added a sub-command called `podman container runlabel`. This command will execute the contents of a given label as defined by the container image.\\n\\nLets consider an example. I have a simple container image based on mariab that I use for my Podman development. The image is made like so:\\n\\n```\\nFROM docker.io/library/mariadb:latest\\nLABEL RUN=\\"podman run --name some-mariadb -P -e MYSQL_ROOT_PASSWORD=x -dt IMAGE\\"\\nRUN echo \\"bind-address = 0.0.0.0\\" >> /etc/mysql/my.cnf\\n```\\n\\nNote the definition of the RUN label in the image. It contains the complete command line description of how to run it. The use of IMAGE here is a placeholder is automatically substituted by Podman to the real image name. On my system, this image exists as `quay.io/baude/demodb:latest`.\\n\\nWe can get a preview of what Podman would run using the `--display` switch. In the case of my mariab image, a dry-run would show something like this:\\n\\n```\\n$ sudo podman container runlabel --display run quay.io/baude/demodb:latest\\nCommand: /proc/self/exe run --name some-mariadb -P -e MYSQL_ROOT_PASSWORD=x -dt quay.io/baude/demodb:latest\\n```\\n\\nNote how the IMAGE was translated into the image name. If we rerun the previous command and subtract the `--display` option, podman will create the container exactly as described by the run label.\\n\\nSo, next time you create your own image, do yourself a favor and construct labels that Podman can read and simplify your life."},{"id":"/2018/11/27/podman-exists","metadata":{"permalink":"/blogs/2018/11/27/podman-exists","source":"@site/blog/2018-11-27-podman-exists.md","title":"Podman container|image exists","description":"podman logo","date":"2018-11-27T00:00:00.000Z","formattedDate":"November 27, 2018","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"}],"readingTime":2.165,"hasTruncateMarker":true,"authors":[{"name":"baude"}],"frontMatter":{"title":"Podman container|image exists","layout":"default","author":"baude","categories":["blogs"],"tags":["podman","containers"]},"prevItem":{"title":"Simplifying Podman commands with labels","permalink":"/blogs/2018/12/03/podman-runlabel"},"nextItem":{"title":"Build Podman RPMs with a container image","permalink":"/blogs/2018/11/19/build_libpod-container-images"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman container|image exists\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\nWe are seeing a proliferation of Podman usage in users\' daily workflows. As such, these workflows are often scripted -- in something like bash -- and clear exit codes from the applications being run are paramount. One of the tasks we often see is a user wanting to verify if an image or a container exists in local storage. We saw several different approaches approaches to solving this including running `podman ps` or `podman images` with filters or complex uses of grep.\\n\\n\x3c!--truncate--\x3e\\n\\n### Solution\\n\\nAfter a bit of discussion with our users, recorded in [issue #1845] (https://github.com/containers/podman/issues/1845), a plan was hatched to have a specific command that satisfies this use case. It was implemented for both containers and images; and I suppose if users wish, we could implement it for pods as well. If the image or container exists, Podman will return an exit code of `0`. If it does not exist, Podman will return an exit code of `1`. Any other exit code can be attributed to non-verification failures like permissions or failure in reading local storage.\\n\\n### Check on an images\\n\\nTo verify the existence of an image in your local storage, you can use the command `podman image exists `. Let\'s clarify through the use of an example.\\n\\nThe images we have in our local storage are as follows:\\n\\n```\\n$ sudo podman images\\nREPOSITORY TAG IMAGE ID CREATED SIZE\\ndocker.io/library/alpine latest 196d12cf6ab1 2 months ago 4.67 MB\\n```\\n\\nIf we wanted to verify the existence of the image `docker.io/library/alpine:latest`, we would:\\n\\n```\\n$ sudo podman image exists docker.io/library/alpine:latest\\n$ echo $?\\n0\\n```\\n\\nYou can also verify by short-name if preferable:\\n\\n```\\n$ sudo podman image exists alpine\\n$ echo $?\\n0\\n```\\n\\nYou can also verify an image by an image\'s full or shortened ID.\\n\\n```\\n$ sudo podman image exists 196d12cf6ab1\\n$ echo $?\\n0\\n```\\n\\nAnd finally, a failure to verify example would look like:\\n\\n```\\n$ sudo podman image exists busybox\\n$ echo $?\\n1\\n```\\n\\n### Check on a container\\n\\nWe can verify the existence of a container in much the same way as an image. The grammar differs slightly.\\n\\nMy system has the following container:\\n\\n```\\n$ sudo podman ps --format {% raw %}\\"{{.ID}} {{.Names}}\\"{% endraw %}\\n472fde2f48c7 foobar\\n```\\n\\nAnd I can verify the existence of the container with `podman container exists `.\\n\\n```\\n$ sudo podman container exists foobar\\n$ echo $?\\n0\\n```\\n\\nLike images, you can also verify a container using its full or partial container ID."},{"id":"/2018/11/19/build_libpod-container-images","metadata":{"permalink":"/blogs/2018/11/19/build_libpod-container-images","source":"@site/blog/2018-11-19-build_libpod-container-images.md","title":"Build Podman RPMs with a container image","description":"podman logo","date":"2018-11-19T00:00:00.000Z","formattedDate":"November 19, 2018","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"}],"readingTime":2.395,"hasTruncateMarker":true,"authors":[{"name":"baude"}],"frontMatter":{"title":"Build Podman RPMs with a container image","layout":"default","author":"baude","categories":["blogs"],"tags":["podman","containers"]},"prevItem":{"title":"Podman container|image exists","permalink":"/blogs/2018/11/27/podman-exists"},"nextItem":{"title":"The State of Container Technologies in the Operating System","permalink":"/blogs/2018/11/01/talk-state_of_container_technologies"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Build Podman RPMs with a container image\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\nLibpod development is still very much active and on-going. We often have folks who are looking\\nto test out the latest libpod and Podman for either new features or bug fixes. We typically\\nbuild RPMs for distributions like Fedora on a release cadence, which used to be weekly but now\\nhas slowed down as libpod has stabilized. Building libpod from source is not difficult, but\\nsometimes the user\'s environment will not allow them to install all the packages needed; or\\nperhaps the user is intimidated by building from source; or perhaps the user would prefer\\nthe RPM package because it will make the upgrade process easier down the road.\\n\\nTo solve this problem, I have created a series of container images for CentOS7, Fedora 28, and Fedora 29 that are capable of building a development Podman RPM and associated packages.\\n\\n\x3c!--truncate--\x3e\\n\\n#### A bit about the images themselves\\n\\nThe image that can used to build the RPMs is called _quay.io/libpod/build_libpod_. You simply\\nalter the tag to build for the various distributions. The _latest_ tag will build CentOS7\\nRPMs. Two other tags exist: _fedora28_ and _fedora29_.\\n\\n### Create the temporary directory\\n\\nCreate a directory for where the RPMs will be volume mounted. It **must** be _/tmp/rpms_.\\n\\n```\\n$ mkdir /tmp/rpms\\n```\\n\\n### Build the RPMs\\n\\nBuilding the RPMs is a simple Podman command that leverages the `container runlabel` function in Podman. Once the image is pulled by Podman, it will install the required packages for building the RPMs. After the build is complete, the container will also test to make sure the RPMs install correctly.\\n\\n```\\n$ sudo podman container runlabel -p run quay.io/libpod/build_libpod:fedora29\\nTrying to pull quay.io/libpod/build_libpod:fedora29...Getting image source signatures\\nSkipping fetch of repeat blob sha256:7692efc5f81cadc73ca1afde08b1a5ea126749fd7520537ceea1a9871329efde\\nCopying blob sha256:af79f3045c1f7e253b5952752ae4ecabb15f5ee1e2c7e4148132ed37ea7e0091\\n 24.70 MB / 24.70 MB [======================================================] 2s\\nCopying blob sha256:ff2caf91b3889620d64f6fa5529531c3fed78222ce33a89ac85318e410d302fb\\n 206 B / 206 B [============================================================] 0s\\nCopying blob sha256:dd6fe2d1ef4e4ca5252881a6ab2db0eecc1166486af08384eab121512fd8e1dd\\n 253 B / 253 B [============================================================] 0s\\nCopying blob sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4\\n 32 B / 32 B [==============================================================] 0s\\nSkipping fetch of repeat blob sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4\\nWriting manifest to image destination\\nStoring signatures\\nCommand: /proc/self/exe run -it --rm --net=host -v /tmp/rpms:/root/rpmbuild/RPMS/x86_64/:Z quay.io/libpod/build_libpod:fedora29\\nCloning into \'/go/src/github.com/containers/libpod\'...\\nwarning: redirecting to https://github.com/containers/podman/\\nremote: Enumerating objects: 34, done.\\nremote: Counting objects: 100% (34/34), done.\\nremote: Compressing objects: 100% (31/31), done.\\nremote: Total 23112 (delta 12), reused 12 (delta 3), pack-reused 23078\\nReceiving objects: 100% (23112/23112), 15.96 MiB | 10.16 MiB/s, done.\\nResolving deltas: 100% (13753/13753), done.\\n/go/src/github.com/containers/libpod\\n++ command -v dnf\\n+ pkg_manager=/usr/bin/dnf\\n\\n... ** SHORTENED FOR BREVITY ***\\n\\nInstalled:\\n python3-podman-0.11.2-1542207420.git2b911b0c.fc29.noarch python3-pypodman-0.11.2-1542207420.git2b911b0c.fc29.noarch\\n python3-dateutil-1:2.7.0-3.fc29.noarch python3-humanize-0.5.1-14.fc29.noarch\\n python3-psutil-5.4.3-6.fc29.x86_64\\n\\nComplete!\\n```\\n\\nThe resulting RPMs will end up in your temporary directory of _/tmp/rpms_.\\n\\n```\\n$ find /tmp/rpms/\\n/tmp/rpms/\\n/tmp/rpms/noarch\\n/tmp/rpms/noarch/python3-pypodman-0.11.2-1542210510.git2b911b0c.fc29.noarch.rpm\\n/tmp/rpms/noarch/python3-podman-0.11.2-1542210510.git2b911b0c.fc29.noarch.rpm\\n/tmp/rpms/x86_64\\n/tmp/rpms/x86_64/podman-debuginfo-0.11.2-1542210510.git2b911b0c.fc29.x86_64.rpm\\n/tmp/rpms/x86_64/podman-debugsource-0.11.2-1542210510.git2b911b0c.fc29.x86_64.rpm\\n/tmp/rpms/x86_64/podman-0.11.2-1542210510.git2b911b0c.fc29.x86_64.rpm\\n```\\n\\n### Future\\n\\nIf folks like this, I\'ll consider adding the ability to pass in a specific git commit to build."},{"id":"/2018/11/01/talk-state_of_container_technologies","metadata":{"permalink":"/blogs/2018/11/01/talk-state_of_container_technologies","source":"@site/blog/2018-11-01-talk-state_of_container_technologies.md","title":"The State of Container Technologies in the Operating System","description":"podman logo","date":"2018-11-01T00:00:00.000Z","formattedDate":"November 1, 2018","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"}],"readingTime":0.26,"hasTruncateMarker":false,"authors":[{"name":"dwalsh"}],"frontMatter":{"title":"The State of Container Technologies in the Operating System","layout":"default","author":"dwalsh","categories":["talks"],"tags":["podman","containers"]},"prevItem":{"title":"Build Podman RPMs with a container image","permalink":"/blogs/2018/11/19/build_libpod-container-images"},"nextItem":{"title":"Buildah and Podman Relationship","permalink":"/blogs/2018/10/31/podman-buildah-relationship"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# The State of Container Technologies in the Operating System Talk\\n\\n## By Dan Walsh [GitHub](https://github.com/rhatdan)\\n\\nAt the \\"LISA18\\" conference on October 29-31, 2018 in Nashville, TN, USA, Dan Walsh gave a talk on the State of Container Technologies in the Operating System.\\n\\nThe slides in PDF format are [here](https://podman.io/slides/2018-11-01-state_of_container_technologies_in_the_operating_system.pdf)."},{"id":"/2018/10/31/podman-buildah-relationship","metadata":{"permalink":"/blogs/2018/10/31/podman-buildah-relationship","source":"@site/blog/2018-10-31-podman-buildah-relationship.md","title":"Buildah and Podman Relationship","description":"podman logo","date":"2018-10-31T00:00:00.000Z","formattedDate":"October 31, 2018","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":4.865,"hasTruncateMarker":true,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Buildah and Podman Relationship","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"The State of Container Technologies in the Operating System","permalink":"/blogs/2018/11/01/talk-state_of_container_technologies"},"nextItem":{"title":"Adding checkpoint/restore support to Podman","permalink":"/blogs/2018/10/10/checkpoint-restore"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n![buildah logo](https://buildah.io/images/buildah.png)\\n\\n# Buildah and Podman Relationship\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nKubernetes installations can be complex with multiple runtime dependencies and runtime engines. [CRI-O](https://cri-o.io/) was created to provide a lightweight runtime for Kubernetes which adds an abstraction layer between the cluster and the runtime that allows for various OCI runtime technologies. However you still have the problem of daemon dependencies in your cluster for builds - I.e. if you are using the cluster for builds you still need a Docker daemon.\\n\\nEnter Buildah. Buildah allows you to have a Kubernetes cluster without any Docker daemon for both runtime and builds. Excellent. But what if things go wrong? What if you want to do troubleshooting or debugging of containers in your cluster? Buildah isn\u2019t really built for that, what you need is a client tool for working with containers and the one that comes to mind is Docker CLI - but then you\u2019re back to using the daemon.\\n\\nThis is where Podman steps in. Podman allows you to do all of the Docker commands without the daemon dependency. With Podman you can run, build (it calls Buildah under the covers for this), modify and troubleshoot containers in your Kubernetes cluster. With the two projects together, you have a well rounded solution for your OCI container image and container needs.\\n\\n\x3c!--truncate--\x3e\\n\\nBuildah and Podman are two complementary Open-source projects that are available on\\nmost Linux platforms and both projects reside at [GitHub.com](https://github.com)\\nwith Buildah [here](https://github.com/containers/buildah) and Podman [here](https://github.com/containers/podman). Both Buildah and Podman are command line tools that work on OCI images and containers. The two projects are related, but differ in their specialization.\\n\\nBuildah specializes in building OCI images. Buildah\'s commands replicate all\\nof the commands that are found in a Dockerfile. Buildah\u2019s goal is also to provide a lower level coreutils interface to build container images, allowing people to build containers without requiring a Dockerfile. Buildah\u2019s other goal is to allow you to use other scripting languages to build container images without requiring a daemon.\\n\\nPodman specializes in all of the commands and functions that help you to maintain and modify those OCI container images, such as pulling and tagging. It also allows you to create, run, and maintain those containers. If you can do a command in the Docker CLI, you can do the same command in the Podman CLI. In fact you can just alias \u2018podman\u2019 for \u2018docker\u2019 on your machine and you can then build, create and maintain container images and containers without a daemon being present, just as you always have.\\n\\nAlthough Podman uses Buildah\u2019s build functionality under the covers to create a container image, the two projects have differences. The major difference between Podman and Buildah is their concept of a container. Podman allows users to create `traditional containers` and the intent of these containers is to be controlled through the entirety of a container life cycle (pause, checkpoint/restore, etc). While Buildah containers are really created just to allow content to be added to the container _image_. Each project has a separate internal representation of a container that is not shared. Because of this you cannot see Podman containers from within Buildah or vice versa. However the internal representation of a container image is the same between Buildah and Podman. Given this, any container image that has been created, pulled or modified by one can be seen and used by the other.\\n\\nSome of the commands between the two projects overlap significantly but in some cases have slightly different behaviors. The following table illustrates the commands with some overlap between the projects.\\n\\n| Command | Podman Behavior | Buildah Behavior |\\n| :---------------- | :------------------------------------------------------------------------------------------------------------------------------------------------------------------- | :-------------------------------------------------------------------------------------------------------------------------------------------------------------------- |\\n| build | Calls `buildah bud` | Provides the build-using-dockerfile (bud) command that emulates Docker\u2019s build command. |\\n| commit | Commits a Podman container into a container image. Does not work on a Buildah container. Once committed the resulting image can be used by either Podman or Buildah. | Commits a Buildah container into a container image. Does not work on a Podman container. Once committed, the resulting image can be used by either Buildah or Podman. |\\n| mount | Mounts a Podman container. Does not work on a Buildah container. | Mounts a Buildah container. Does not work on a Podman container. |\\n| pull and push | Pull or push an image from a container image registry. Functionally the same as Buildah. | Pull or push an image from a container image registry. Functionally the same as Podman. |\\n| run | Run a process in a new container in the same manner as `docker run`. | Runs the container in the same way as the RUN command in a Dockerfile. |\\n| rm | Removes a Podman container. Does not work on a Buildah container. | Removes a Buildah container. Does not work on a Podman container. |\\n| rmi, images, tag | Equivalent on both projects. | Equivalent on both projects. |\\n| containers and ps | `ps` is used to list Podman containers. The `containers` command does not exist. | containers is used to list Buildah containers. The `ps` command does not exist. |\\n\\nA quick and easy way to summarize the difference between the two projects is the `buildah run` command emulates the RUN command in a Dockerfile while the `podman run` command emulates the `docker run` command in functionality.\\n\\nBuildah is an efficient way to create OCI images while Podman allows you to manage and maintain those images and containers in a production environment using familiar container cli commands. Together they form a strong foundation to support your OCI container image and container needs. Best yet, they are both Open-source projects and you are more than welcome to contribute to either or both projects. Hope to see you there!"},{"id":"/2018/10/10/checkpoint-restore","metadata":{"permalink":"/blogs/2018/10/10/checkpoint-restore","source":"@site/blog/2018-10-10-checkpoint-restore.md","title":"Adding checkpoint/restore support to Podman","description":"podman logo","date":"2018-10-10T00:00:00.000Z","formattedDate":"October 10, 2018","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"}],"readingTime":4.2,"hasTruncateMarker":true,"authors":[{"name":"Adrian Reber"}],"frontMatter":{"title":"Adding checkpoint/restore support to Podman","layout":"default","author":"Adrian Reber","categories":["blogs"],"tags":["podman","containers"]},"prevItem":{"title":"Buildah and Podman Relationship","permalink":"/blogs/2018/10/31/podman-buildah-relationship"},"nextItem":{"title":"OpenStack Containerization with Podman \u2013 Part 3 (Upgrades)","permalink":"/blogs/2018/10/07/tripleo-upgrade"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Adding checkpoint/restore support to Podman\\n\\n## By Adrian Reber\\n\\nWith the help of [Checkpoint/Restore In Userspace (CRIU)](https://criu.org) I\\nwas able to add initial checkpoint/restore support to Podman. Using\\ncheckpoint/restore it is now possible to resume a container after a reboot at\\nexactly the same point in time it was checkpointed.\\n\\n\x3c!--truncate--\x3e\\n\\nIn January 2018 I started to think about bringing checkpoint/restore support to\\nPodman. After a few initial discussions I started to actually look at the\\nnecessary code changes. As Podman uses\\n[runc](https://github.com/opencontainers/runc) to run containers the initial\\nsupport for checkpointing containers was implemented pretty fast. Restoring was\\na bit more complicated as it required additional changes to\\n[conmon](https://github.com/kubernetes-sigs/cri-o/pull/1427).\\n\\nAt that point I was able to checkpoint and restore a simple container.\\n\\nTo make checkpointing and restoring containers actually useful the restored\\ncontainer needs to have the same IP address as the checkpointed container. That\\nwas the point where the implementation got a bit complicated.\\n\\nAlthough having worked on and with different container runtime\'s\\ncheckpoint/restore support I never had a closer look at the networking setup.\\nIt always worked. With Podman it did not at the beginning. The biggest\\ndifference is, as far as I understand it right now, is that Podman uses\\n[Container Network Interface (CNI)](https://github.com/containernetworking/cni)\\nto configure the container\'s network. CNI creates a network namespace and after\\nconfiguring it tells `runc` to use that network namespace for the container.\\n\\nThe difference with this setup is that other container runtimes did not really\\ncare about the actual name of the network namespace and CRIU just created on\\nrestore a **new** network namespace with the same properties as during checkpoint.\\nSo a new network namespace was created. For Podman this needs to be different.\\nCRIU needs to ignore/skip the network namespace and to handle this correctly I\\nhad to adapt runc\\n([Add support to checkpoint and restore into external network namespaces](https://github.com/opencontainers/runc/pull/1849))\\nas well as CRIU\\n([criu: add support for external net namespaces ](https://github.com/checkpoint-restore/criu/commit/a8a3eb902305f0af603afa4c95b1b632fe7bd149)).\\n\\nSo after spending time on `runc` and CRIU I was able to return to Podman and\\nimplement the [necessary changes](https://github.com/containers/podman/pull/469)\\nwhich have been merged into Podman at the beginning of October 2018.\\n\\nWith all the background information out of the way, now finally some examples\\nhow checkpoint/restore can be used in Podman. In my example I am using a\\ncontainer running [Apache Tomcat](https://tomcat.apache.org/) with a slightly\\nmodified HelloWorldExample. The HelloWorldExample has been modified to return\\na single integer which is is incremented after each request.\\n\\nThe following starts my test container:\\n\\n```shell\\n# podman run --security-opt=\\"seccomp=unconfined\\" --tmpfs /tmp --name podman-criu-test -d docker://docker.io/yovfiatbeb/podman-criu-test\\n```\\n\\nAs I am running my tests on a RHEL7 system I have to add\\n`--security-opt=\\"seccomp=unconfined\\"` because CRIU cannot correctly handle\\n`seccomp` on RHEL7. The option `--tmpfs /tmp` is necessary as `tomcat` creates\\ntemporary files in `/tmp` which are only correctly restored by CRIU if `/tmp`\\nis a `tmpfs`.\\n\\nOnce the container is up and running I can use `curl` to make requests to `tomcat`:\\n\\n```shell\\n$ curl 10.22.0.53:8080/examples/servlets/servlet/HelloWorldExample\\n1\\n$ curl 10.22.0.53:8080/examples/servlets/servlet/HelloWorldExample\\n2\\n```\\n\\nI can now checkpoint the container:\\n\\n```shell\\n# podman container checkpoint podman-criu-test\\n```\\n\\nNow the container is no longer running and could be restored. If I would\\nrestore the container now the result would basically be the same as pausing and\\nunpausing the container. To make checkpointing useful I am now rebooting the\\nsystem before restoring the container. Once the system is up again I can\\nrestore the container:\\n\\n```shell\\n# podman container restore --keep podman-criu-test\\n```\\n\\nUsing `curl` to make requests to the container the result will now **not** start at\\n\'1\' again, but continue at the previous value:\\n\\n```shell\\n$ curl 10.22.0.53:8080/examples/servlets/servlet/HelloWorldExample\\n3\\n$ curl 10.22.0.53:8080/examples/servlets/servlet/HelloWorldExample\\n4\\n$ curl 10.22.0.53:8080/examples/servlets/servlet/HelloWorldExample\\n5\\n```\\n\\nAs I have been using the `--keep` flag during restore, Podman has not deleted\\nthe checkpoint after the restore, which would be the normal operation. If I\\nreboot the system again I can restore the container again:\\n\\n```shell\\n$ podman container restore --keep podman-criu-test\\n```\\n\\nAnd now the result from `curl` is the same as before:\\n\\n```shell\\n$ curl 10.22.0.53:8080/examples/servlets/servlet/HelloWorldExample\\n3\\n$ curl 10.22.0.53:8080/examples/servlets/servlet/HelloWorldExample\\n4\\n$ curl 10.22.0.53:8080/examples/servlets/servlet/HelloWorldExample\\n5\\n```\\n\\nSo right now checkpointing and restoring can be used as either a stateful\\npause/unpause between reboots or as way to go back in time of the container\'s\\nlife.\\n\\nI recorded all those steps in the demo below:\\n\\n\\n\\nThe checkpoint/restore support in Podman is still very new and requires a git\\ncheckout of CRIU using the `criu-dev` branch to work right now. The necessary\\nCRIU changes will be in the upcoming CRIU 3.11 release. `runc` and `conmon`\\nalso need to be new enough for checkpoint/restore to work.\\n\\nCurrently only checkpoint/restore on the same system is supported, but to\\nmake this feature really interesting it would be nice to be able to\\nmigrate containers. To make container migration easy I want to offer\\nthe possibility to easily export the checkpoint and appropriate container\\nstate from one Podman instance to another Podman instance to be able to\\nrestore the checkpointed container."},{"id":"/2018/10/07/tripleo-upgrade","metadata":{"permalink":"/blogs/2018/10/07/tripleo-upgrade","source":"@site/blog/2018-10-07-tripleo-upgrade.md","title":"OpenStack Containerization with Podman \u2013 Part 3 (Upgrades)","description":"podman logo","date":"2018-10-07T00:00:00.000Z","formattedDate":"October 7, 2018","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"openstack","permalink":"/blogs/tags/openstack"}],"readingTime":0.185,"hasTruncateMarker":false,"authors":[{"name":"emacchi"}],"frontMatter":{"title":"OpenStack Containerization with Podman \u2013 Part 3 (Upgrades)","layout":"default","author":"emacchi","categories":["blogs"],"tags":["podman","containers","openstack"]},"prevItem":{"title":"Adding checkpoint/restore support to Podman","permalink":"/blogs/2018/10/10/checkpoint-restore"},"nextItem":{"title":"OpenStack Containerization with Podman \u2013 Part 2 (systemd)","permalink":"/blogs/2018/10/05/tripleo-systemd"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Upgrade OpenStack TripleO Undercloud from Docker to Podman containers\\n\\n## By Emilien Macchi [GitHub](https://github.com/EmilienM)\\n\\nI wrote a blog post about how we could upgrade OpenStack TripleO Undercloud\\nfrom Docker to Podman containers.\\n\\n[Read More](https://my1.fr/blog/openstack-containerization-with-podman-part-3-upgrades/)"},{"id":"/2018/10/05/tripleo-systemd","metadata":{"permalink":"/blogs/2018/10/05/tripleo-systemd","source":"@site/blog/2018-10-05-tripleo-systemd.md","title":"OpenStack Containerization with Podman \u2013 Part 2 (systemd)","description":"podman logo","date":"2018-10-05T00:00:00.000Z","formattedDate":"October 5, 2018","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"openstack","permalink":"/blogs/tags/openstack"}],"readingTime":0.155,"hasTruncateMarker":false,"authors":[{"name":"emacchi"}],"frontMatter":{"title":"OpenStack Containerization with Podman \u2013 Part 2 (systemd)","layout":"default","author":"emacchi","categories":["blogs"],"tags":["podman","containers","openstack"]},"prevItem":{"title":"OpenStack Containerization with Podman \u2013 Part 3 (Upgrades)","permalink":"/blogs/2018/10/07/tripleo-upgrade"},"nextItem":{"title":"OpenStack Containerization with Podman \u2013 Part 1 (Undercloud)","permalink":"/blogs/2018/10/05/tripleo-undercloud"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Manage Podman containers with systemd\\n\\n## By Emilien Macchi [GitHub](https://github.com/EmilienM)\\n\\nI wrote a blog post about how we manage Podman containers with systemd in\\nOpenStack TripleO.\\n\\n[Read More](https://my1.fr/blog/openstack-containerization-with-podman-part-2-operations/)"},{"id":"/2018/10/05/tripleo-undercloud","metadata":{"permalink":"/blogs/2018/10/05/tripleo-undercloud","source":"@site/blog/2018-10-05-tripleo-undercloud.md","title":"OpenStack Containerization with Podman \u2013 Part 1 (Undercloud)","description":"podman logo","date":"2018-10-05T00:00:00.000Z","formattedDate":"October 5, 2018","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"openstack","permalink":"/blogs/tags/openstack"}],"readingTime":0.155,"hasTruncateMarker":false,"authors":[{"name":"emacchi"}],"frontMatter":{"title":"OpenStack Containerization with Podman \u2013 Part 1 (Undercloud)","layout":"default","author":"emacchi","categories":["blogs"],"tags":["podman","containers","openstack"]},"prevItem":{"title":"OpenStack Containerization with Podman \u2013 Part 2 (systemd)","permalink":"/blogs/2018/10/05/tripleo-systemd"},"nextItem":{"title":"SELinux blocks Podman container from talking to libvirt","permalink":"/blogs/2018/10/04/selinux-libvirt"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Deploy OpenStack TripleO Undercloud Podman containers\\n\\n## By Emilien Macchi [GitHub](https://github.com/EmilienM)\\n\\nI wrote a blog post about how we deploy OpenStack TripleO Undercloud with\\nPodman containers.\\n\\n[Read More](https://my1.fr/blog/openstack-containerization-with-podman-part-1-undercloud/)"},{"id":"/2018/10/04/selinux-libvirt","metadata":{"permalink":"/blogs/2018/10/04/selinux-libvirt","source":"@site/blog/2018-10-04-selinux-libvirt.md","title":"SELinux blocks Podman container from talking to libvirt","description":"podman logo","date":"2018-10-04T00:00:00.000Z","formattedDate":"October 4, 2018","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"}],"readingTime":0.28,"hasTruncateMarker":false,"authors":[{"name":"dwalsh"}],"frontMatter":{"title":"SELinux blocks Podman container from talking to libvirt","layout":"default","author":"dwalsh","categories":["blogs"],"tags":["podman","containers"]},"prevItem":{"title":"OpenStack Containerization with Podman \u2013 Part 1 (Undercloud)","permalink":"/blogs/2018/10/05/tripleo-undercloud"},"nextItem":{"title":"Why can\u2019t I delete storage files created by non-root podman?","permalink":"/blogs/2018/10/03/podman-remove-content-homedir"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# SELinux blocks Podman container from talking to libvirt\\n\\n## By Dan Walsh [GitHub](https://github.com/rhatdan)\\n\\nI wrote a SELinux blog on running a container with Podman. The talks explains why SELinux blocks the connection to the\\nlibvirt socket. It then goes on to explain how to setup the container to allow\\nthe communication.\\n\\n[Read More](https://danwalsh.livejournal.com/81143.html)"},{"id":"/2018/10/03/podman-remove-content-homedir","metadata":{"permalink":"/blogs/2018/10/03/podman-remove-content-homedir","source":"@site/blog/2018-10-03-podman-remove-content-homedir.md","title":"Why can\u2019t I delete storage files created by non-root podman?","description":"podman logo","date":"2018-10-03T00:00:00.000Z","formattedDate":"October 3, 2018","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"}],"readingTime":4.41,"hasTruncateMarker":true,"authors":[{"name":"dwalsh"}],"frontMatter":{"title":"Why can\u2019t I delete storage files created by non-root podman?","layout":"default","author":"dwalsh","categories":["blogs"],"tags":["podman","containers"]},"prevItem":{"title":"SELinux blocks Podman container from talking to libvirt","permalink":"/blogs/2018/10/04/selinux-libvirt"},"nextItem":{"title":"Replacing Docker with Podman","permalink":"/blogs/2018/10/01/talk-replace-docker-with-podman"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Why can\u2019t I delete storage files created by non-root Podman?\\n\\n## By Dan Walsh [GitHub](https://github.com/rhatdan)\\n\\n## Cool things you can do with Podman\\n\\nWhen running [Podman](https://podman.io) as root, the default location for storage is /var/lib/containers/storage. Of course, users cannot use this directory when running as non root, so Podman creates the storage by default in $HOME/.local/share/containers.\\n\\n\x3c!--truncate--\x3e\\n\\nWhen Podman creates this storage it is running inside of a user namespace and is allowed to create UIDs and GIDs based off the UID ranges stored in /etc/subuid and the GIDs listed in /etc/subgid.\\n\\nFor example my account has UID and GID ranges 100000 through 165535 reserved for it, as well as my UID and primary GID, 3267.\\n\\n```\\n#grep dwalsh /etc/subuid\\ndwalsh:100000:65536\\n$ grep dwalsh /etc/subgid\\ndwalsh:100000:65536\\n```\\n\\nWhen Podman starts a container as non root, by default, it maps my UID, 3267, to UID 0 inside of the container, then it maps 100,000->1, 100,001->2, 100,002->3 \u2026 165,535->65536.\\n\\nYou can see this mapping inside of the container\\n\\n```\\n$ podman run -ti fedora cat /proc/self/uid_map\\n\\t 0 3267 1\\n\\t 1 100000 65536\\n$ podman run -ti fedora cat /proc/self/gid_map\\n\\t 0 3267 1\\n\\t 1 100000 65536\\n```\\n\\nSince I\u2019m root in the container, I can create and set ownership of files inside of the container for using any UIDs and GIDs that are mapped into the container.\\n\\nTo see what happens, I will create a file and directory owned by a non root user inside of a container.\\n\\n```\\npodman run -ti --name testfile fedora bash -c \\"mkdir /testdir; touch /testdir/testfile; chown -R 1:1 /testdir\\"\\n```\\n\\nSince that was successful, let\u2019s mount the container and see what it looks like from outside of the user namespace that\u2019s used for running the container.\\n\\n```\\n$ mnt=$(podman mount testfile)\\n$ echo $mnt\\n/home/dwalsh/.local/share/containers/storage/vfs/dir/691e874b6e1ba6807ecbe73910396b10f118617233aacc3df3297ffc4e1332f9\\n$ ls -l $mnt\\ntotal 4\\nlrwxrwxrwx. 1 dwalsh dwalsh 7 Feb 7 2018 bin -> usr/bin\\ndr-xr-xr-x. 2 dwalsh dwalsh 6 Feb 7 2018 boot\\ndrwxr-xr-x. 2 dwalsh dwalsh 6 Apr 26 09:03 dev\\ndrwxr-xr-x. 44 dwalsh dwalsh 4096 Apr 26 09:03 etc\\ndrwxr-xr-x. 2 dwalsh dwalsh 6 Feb 7 2018 home\\nlrwxrwxrwx. 1 dwalsh dwalsh 7 Feb 7 2018 lib -> usr/lib\\nlrwxrwxrwx. 1 dwalsh dwalsh 9 Feb 7 2018 lib64 -> usr/lib64\\ndrwx------. 2 dwalsh dwalsh 6 Apr 26 09:03 lost+found\\ndrwxr-xr-x. 2 dwalsh dwalsh 6 Feb 7 2018 media\\ndrwxr-xr-x. 2 dwalsh dwalsh 6 Feb 7 2018 mnt\\ndrwxr-xr-x. 2 dwalsh dwalsh 6 Feb 7 2018 opt\\ndrwxr-xr-x. 2 dwalsh dwalsh 6 Apr 26 09:03 proc\\ndr-xr-x---. 2 dwalsh dwalsh 162 Apr 26 09:03 root\\ndrwxr-xr-x. 11 dwalsh dwalsh 169 Sep 25 09:11 run\\nlrwxrwxrwx. 1 dwalsh dwalsh 8 Feb 7 2018 sbin -> usr/sbin\\ndrwxr-xr-x. 2 dwalsh dwalsh 6 Feb 7 2018 srv\\ndrwxr-xr-x. 2 dwalsh dwalsh 6 Apr 26 09:03 sys\\ndrwxr-xr-x. 2 100000 100000 22 Sep 25 13:38 testdir\\ndrwxrwxrwt. 2 dwalsh dwalsh 32 Apr 26 09:03 tmp\\ndrwxr-xr-x. 12 dwalsh dwalsh 144 Apr 26 09:03 usr\\ndrwxr-xr-x. 19 dwalsh dwalsh 249 Apr 26 09:03 var\\n```\\n\\nNotice the ownership of testdir and testfile. The namespace that was used for running the container mapped UID 100000 from outside of the namespace to UID 1 inside of the namespace, and did the same for GID 100000, mapping it to GID 1 inside of the namespace. When I set the ownership to UID and GID 1 from inside of the namespace, the corresponding values from outside of the namespace were what were recorded to disk.\\n\\n```\\n$ ls -la $mnt/testdir\\ntotal 0\\ndrwxr-xr-x. 2 100000 100000 22 Sep 25 13:38 .\\ndrwxr-xr-x. 19 dwalsh dwalsh 257 Sep 25 13:38 ..\\n-rw-r--r--. 1 100000 100000 0 Sep 25 13:38 testfile\\n```\\n\\nIf i just try to clean up my directory I will get lots of errors.\\n\\n```\\nrm -rf .local/share/containers/ 2>&1 | head -2\\nrm: cannot remove \'.local/share/containers/storage/vfs/dir/891e1e4ef82ad02a4ea1f030831f942d722c7694c4db64ca3239c8163b811c58/bin\': Permission denied\\nrm: cannot remove \'.local/share/containers/storage/vfs/dir/891e1e4ef82ad02a4ea1f030831f942d722c7694c4db64ca3239c8163b811c58/boot\': Permission denied\\n```\\n\\nThis is because this content was created from inside of a user namespace where I was UID 0, and because I was UID 0 in that namespace, I could set and change ownership of anything owned by any ID that was mapped into the namespace. In this case, I assigned it an owner that wasn\u2019t mapped to my own user. Once I left the namespace, and I was back in the host namespace where I was just myself again, the contents belonged to the UID that I had mapped to 1 for the user namespace, which wasn\u2019t my own UID.\\n\\nBecause of this, if I wanted to clean it all up, I could become root to remove the directory. But if I don\u2019t have root on the machine, what could I do?\\n\\n### `Buildah unshare` or `rootlesskit bash`\\n\\nWell currently [Buildah](https://buildah.io) or [rootlesskit](https://github.com/rootless-containers/rootlesskit) can put you into the user namespace without launching a container and then you can remove the images.\\n\\n```\\n$ buildah unshare\\n[root@localhost ~]# id\\nuid=0(root) gid=0(root) groups=0(root) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023\\n```\\n\\nI am now root inside of a namespace with the same mappings I\u2019d use for a container, but everything else is the same. In particular, I\u2019m not using the container\u2019s root filesystem.\\n\\n```\\n[root@localhost ~]# pwd\\n/home/dwalsh\\n[root@localhost ~]# rm -rf .local/share/containers/\\n[root@localhost ~]#\\n```\\n\\n### I am able to delete all the files in my homedir."},{"id":"/2018/10/01/talk-replace-docker-with-podman","metadata":{"permalink":"/blogs/2018/10/01/talk-replace-docker-with-podman","source":"@site/blog/2018-10-01-talk-replace-docker-with-podman.md","title":"Replacing Docker with Podman","description":"podman logo","date":"2018-10-01T00:00:00.000Z","formattedDate":"October 1, 2018","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"}],"readingTime":0.295,"hasTruncateMarker":false,"authors":[{"name":"dwalsh"}],"frontMatter":{"title":"Replacing Docker with Podman","layout":"default","author":"dwalsh","categories":["talks"],"tags":["podman","containers"]},"prevItem":{"title":"Why can\u2019t I delete storage files created by non-root podman?","permalink":"/blogs/2018/10/03/podman-remove-content-homedir"},"nextItem":{"title":"Cool thing: Pulling content directly from the Docker Daemon...","permalink":"/blogs/2018/09/25/pulling-images-from-docker"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Replacing Docker with Podman\\n\\n## By Dan Walsh [GitHub](https://github.com/rhatdan)\\n\\nAt the \\"All Systems Go!\\" conference on September 28-30, 2018 in Berlin Germany, Dan Walsh gave a talk on how you can replace `docker` with `podman` and not skip a beat. The talk was taped and can be viewed [here](https://media.ccc.de/v/ASG2018-177-replacing_docker_with_podman#t=3).\\n\\nThe slides in PDF format are [here](https://podman.io/slides/2018_10_01_Replacing_Docker_With_Podman.pdf)."},{"id":"/2018/09/25/pulling-images-from-docker","metadata":{"permalink":"/blogs/2018/09/25/pulling-images-from-docker","source":"@site/blog/2018-09-25-pulling-images-from-docker.md","title":"Cool thing: Pulling content directly from the Docker Daemon...","description":"podman logo","date":"2018-09-25T00:00:00.000Z","formattedDate":"September 25, 2018","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"}],"readingTime":1.39,"hasTruncateMarker":true,"authors":[{"name":"dwalsh"}],"frontMatter":{"title":"Cool thing: Pulling content directly from the Docker Daemon...","layout":"default","author":"dwalsh","categories":["blogs"],"tags":["podman","containers"]},"prevItem":{"title":"Replacing Docker with Podman","permalink":"/blogs/2018/10/01/talk-replace-docker-with-podman"},"nextItem":{"title":"Using systemd to control the startup of Podman containers","permalink":"/blogs/2018/09/13/systemd"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Pulling content directly from the Docker Daemon...\\n\\n## By Dan Walsh [GitHub](https://github.com/rhatdan)\\n\\n## Cool things you can do with Podman.\\n\\nI recently received a bug report about some huge container images not working correctly in Docker. So I suggested to the reporter that they try them with Podman. He responded that he saw the images with docker images, but did not see them with podman images.\\n\\nI explained to him that the Docker image and container database are separate from the Podman image and container database. I told him he would have to pull the images into Podman. Then I decided to try a cool feature of Podman, where I could pull images directly out of the Docker daemon.\\n\\n\x3c!--truncate--\x3e\\n\\n### First I look for the Centos Image inside of Docker.\\n\\n```\\n# docker images | grep centos\\ndocker.io/centos \\t7 \\t49f7960eb7e4 \\t2 months ago \\t200 MB\\n```\\n\\nPodman has the ability through its use of containers/image to pull images using many different transports other than just pulling from Container Registries. It supports pulling directly from the Docker daemon, using the docker-daemon transport.\\n\\n```\\n# podman pull docker-daemon:docker.io/centos:7\\nGetting image source signatures\\nCopying blob sha256:bcc97fbfc9e1a709f0eb78c1da59caeb65f43dc32cd5deeb12b8c1784e5b8237\\n 198.59 MB / 198.59 MB [====================================================] 1s\\nCopying config sha256:49f7960eb7e4cb46f1a02c1f8174c6fac07ebf1eb6d8deffbcb5c695f1c9edd5\\n 2.15 KB / 2.15 KB [========================================================] 0s\\nWriting manifest to image destination\\nStoring signatures\\n49f7960eb7e4cb46f1a02c1f8174c6fac07ebf1eb6d8deffbcb5c695f1c9edd5\\n```\\n\\nNow you have the Centos 7 image in Podman containers/storage datastore.\\n\\n```\\n#podman images | grep centos\\ndocker.io/library/centos \\t7 \\t49f7960eb7e4 2 months ago .com208MB\\n```\\n\\nNow you can start using the image with Podman, Buildah and CRI-O.\\nYou can even create new images and push them back into the Docker daemon.\\n\\n### Try it out\u2026"},{"id":"/2018/09/13/systemd","metadata":{"permalink":"/blogs/2018/09/13/systemd","source":"@site/blog/2018-09-13-systemd.md","title":"Using systemd to control the startup of Podman containers","description":"podman logo","date":"2018-09-13T00:00:00.000Z","formattedDate":"September 13, 2018","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"systemd","permalink":"/blogs/tags/systemd"}],"readingTime":1.795,"hasTruncateMarker":true,"authors":[{"name":"emacchi"}],"frontMatter":{"title":"Using systemd to control the startup of Podman containers","layout":"default","author":"emacchi","categories":["blogs"],"tags":["podman","containers","systemd"]},"prevItem":{"title":"Cool thing: Pulling content directly from the Docker Daemon...","permalink":"/blogs/2018/09/25/pulling-images-from-docker"},"nextItem":{"title":"What\'s NEW!","permalink":"/blogs/2018/09/10/welcome"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Using systemd to control the startup of Podman containers\\n\\n## By Emilien Macchi [GitHub](https://github.com/EmilienM)\\n\\nPodman wasn\'t designed to manage containers startup order, dependency\\nchecking or failed container recovery.\\nIn fact, this job can be done by external tools and this blog post describes\\nhow we can use the systemd initialization service to work with Podman\\ncontainers.\\n\\n\x3c!--truncate--\x3e\\n\\nThanks to systemd, containers can be managed in the same way as other\\nservices on a Linux system.\\n\\nBy setting up a systemd unit file on the host, we can have the host\\nautomatically start, stop, check the status, and otherwise manage a container\\nas a regular systemd service.\\n\\nLet\'s prepare the container (example with Redis):\\n\\n```shell\\npodman pull docker.io/redis\\nsudo podman run -d --name redis -p 6379:6379 redis\\n```\\n\\nCheck that the container is actually running with `podman ps`:\\n\\n```\\nCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES\\n411a6c6be7d8 docker.io/library/redis:latest docker-entrypoint.s... 10 minutes ago Up 5 minutes ago 0.0.0.0:6379->6379/tcp redis\\n```\\n\\nNow, let\'s create the systemd unit file in `/etc/systemd/system/redis.service`:\\n\\n```ini\\n[Unit]\\nDescription=Redis Podman container\\nWants=syslog.service\\n[Service]\\nRestart=always\\nExecStart=/usr/bin/podman start -a redis\\nExecStop=/usr/bin/podman stop -t 10 redis\\n[Install]\\nWantedBy=multi-user.target\\n```\\n\\nEnable and start the systemd service:\\n\\n```shell\\nsudo systemctl enable redis.service\\nsudo systemctl start redis.service\\n```\\n\\nThe container is running redis-server:\\n\\n```\\n$ sudo podman top redis\\nUSER PID PPID %CPU ELAPSED TTY TIME COMMAND\\nredis 1 0 0.000 15m14.490268713s ? 0s redis-server *:6379\\n```\\n\\nCheck that the service is seen as active in systemd with\\n`sudo systemctl status redis`:\\n\\n```\\nredis.service - Redis Podman container\\n Loaded: loaded (/etc/systemd/system/redis.service; enabled; vendor preset: disabled)\\n Active: active (running) since Thu 2018-09-13 12:24:00 PDT; 1s ago\\n Main PID: 1520 (podman)\\n Tasks: 8 (limit: 4708)\\n Memory: 7.8M\\n CGroup: /system.slice/redis.service\\n \u2514\u25001520 /usr/local/bin/podman start -a redis\\n\\nSep 13 12:24:00 fedora28.localdomain systemd[1]: Started Redis Podman container.\\n```\\n\\nNote that if you try to run `podman stop redis`, the container will be\\nrestarted by systemd because of to the \\"Restart=always\\" policy.\\nThe proper way to stop the container is to run `sudo service redis stop`.\\n\\nAn alternative to systemd for controlling containers lifecycle is to use\\n[CRI-O](https://github.com/kubernetes-sigs/cri-o) but this would be for\\nanother blog post :-)."},{"id":"/2018/09/10/welcome","metadata":{"permalink":"/blogs/2018/09/10/welcome","source":"@site/blog/2018-09-10-welcome.md","title":"What\'s NEW!","description":"If you\'ve missed the news so far, CoreOS was acquired by Red Hat at the beginning of 2018. This also means some changes for Buildah and Podman.","date":"2018-09-10T00:00:00.000Z","formattedDate":"September 10, 2018","tags":[],"readingTime":0.5,"hasTruncateMarker":false,"authors":[],"frontMatter":{"layout":"default","title":"What\'s NEW!","categories":["new"]},"prevItem":{"title":"Using systemd to control the startup of Podman containers","permalink":"/blogs/2018/09/13/systemd"},"nextItem":{"title":"Python3 support for Podman","permalink":"/blogs/2018/08/15/python-support-for-podman"}},"content":"If you\'ve missed the news so far, CoreOS was acquired by Red Hat at the beginning of 2018. This also means some changes for Buildah and Podman.\\n\\nBuildah and Podman were previously projects within Project Atomic which is going to be sunset in favor of an immutable host combination of Container Linux and Fedora Atomic Host: this combination is called [Fedora CoreOS](https://coreos.fedoraproject.org). We therefore welcome you to the new websites, [buildah.io](https://buildah.io) and [podman.io](https://podman.io) where you will find news, announcements, and more around the respective projects.\\n\\nTo start it up, check out the new [Blogs](https://podman.io/blogs) and [Releases](https://podman.io/releases) sections on the site."},{"id":"/2018/08/15/python-support-for-podman","metadata":{"permalink":"/blogs/2018/08/15/python-support-for-podman","source":"@site/blog/2018-08-15-python-support-for-podman.md","title":"Python3 support for Podman","description":"podman logo","date":"2018-08-15T00:00:00.000Z","formattedDate":"August 15, 2018","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"}],"readingTime":5.175,"hasTruncateMarker":true,"authors":[{"name":"jwhonce"}],"frontMatter":{"title":"Python3 support for Podman","layout":"default","author":"jwhonce","categories":["blogs"],"tags":["podman","containers"]},"prevItem":{"title":"What\'s NEW!","permalink":"/blogs/2018/09/10/welcome"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Python3 support for Podman\\n\\n## By Jhon Honce [GitHub](https://github.com/jwhonce)\\n\\nYou\u2019ve learned of Podman and all it\u2019s coolness for running OCI-based containers, but you need a solution that is repeatable and scripted. Rather than just executing Podman commands, you want a stable API to call into and not need to screen scrape the output.\\n\\nWe heard you and now provide a Python package, python3-podman. This package allows you to access the facilities of a Podman service with #nobigfatdaemons.\\n\\n\x3c!--truncate--\x3e\\n\\nThe python3-podman package containers a module that allows you to connect to a Podman socket activated systemd service on the same host or a remote host using a ssh tunnel. Using the python interface means you can run these commands from a MAC or Windows Box, as long as you have a Linux box with podman installed. We connect using _varlink_ for the messaging protocol between client and service.\\n\\nFor the environment, you will need:\\n\\n * Linux host\\n * podman package\\n * enable the io.podman.socket systemd unit file by executing\\n\\nsystemctl enable --now io.podman.socket\\n\\n * Python3\\n * The python3-podman rpm, or podman package from PyPi.\\n\\n_Note: Currently, there is a matching rpm for each version of podman. In time, after the API stabilizes that may no longer be true._\\n\\n## Now lets start coding:\\n\\nUsing your favorite code editor you can copy and paste the following Python program into a file named latest_containers.py. Don\u2019t forget Python uses whitespace to signify end-of-line and code blocks when you paste. The below python code will show all of the containers created since midnight UTC when it is run. The code comments provide a running commentary on how the module works in context.\\n\\n```console\\n#!/usr/bin/env python3\\n\\n# Python standard date/time support\\nfrom datetime import datetime, time, timezone\\n\\n# the module with all the goodness\\nimport podman\\n\\nmidnight = datetime.combine(datetime.today(), time.min, tzinfo=timezone.utc)\\n\\n# Our client is a context manager to make resource clean up easy. No arguments implies\\n# connect to a local Podman service using the default interfaces.\\nwith podman.Client() as client:\\n\\n # Retrieve all containers in containers storage. Each container is presented\\n # as a Namespace and dict. You determine which is easiest for you to use\\n # for your solution.\\n for c in client.containers.list():\\n\\n\\t # A bit of sugar, convert any podman-formatted timestamp to\\n # a python datetime\\n created_at = podman.datetime_parse(c.createdat)\\n\\n if created_at > midnight:\\n\\n # Now the results. We provide datetime_format() for consistent\\n\\t # iso format in results if you wish to use it.\\n print(\'ID: {}\\\\n image: {}\\\\n createdAt: {}\'.format(\\nc.id[:12], c.image[:33], podman.datetime_format(created_at)))\\n```\\n\\nOnce you have this code copied into the file:\\n\\n * chmod 755 latest_containers.py\\n * podman run fedora sleep 300 &\\n * ./latest_containers.py\\n\\n```console\\nID: d7337530c6d1\\n image: registry.fedoraproject.org/fedora\\n createdAt: 2018\u201308\u201310T09:18:09.728858\u201307:00\\n```\\n\\nYou can watch the whole process [here](https://asciinema.org/a/mu8Knm5dj8mII19evrF9heNCF).\\n\\nThe container object above supports the Namespace and dict protocols. This is our most used data structure providing you the ability to use the returned object in your code as you wish.\\n\\nConnecting to a remote host, requires only changing how you create the Client() in any script:\\n\\n```console\\nWith podman.Client(uri=\'unix:/run/user/17945/podman/io.podman\',\\nremote_uri=\'ssh://ruser@podman.example.com:22/run/podman/io.podman\') as client:\\n```\\n\\n * uri provides the local side of the ssh tunnel\\n * user is your username\\n * remote_uri provides the details needed to connect to the remote host, plus the socket file for podman. A complete ssh uri is supported to allow configuration of ports etc.\\n * ruser is the remote host username to be used for authentication\\n * podman.example.com is the FQDN of the host you are running the podman service on\\n * The port number of 22 is given above for completeness, that is the default and may be omitted.\\n * An identity file may be provided via identity_file, otherwise the podman library will defer to ssh for authenticating.\\n\\nAll other function and method calls are the same whether they are remote or local. Note: all filesystem paths are resolved on the host running the podman service not the podman client.\\n\\n## But wait there is more!\\n\\nTo iterate over all the images stored on the system, you only need to change containers to images like:\\n\\n```console\\nfor i in client.images.list():\\n```\\n\\nTo find podman system information, you need to use: `client.system.info()`. Or, `client.system.versions()` if you need to know the release of the podman service components.\\n\\nTo determine if the podman service is available and working, `client.system.ping()` will return `True` if everything is working correctly.\\n\\nOne of the most complex operations is creating a new container from an image, the workflow:\\n\\n * Pull image from registry\\n * Instantiate image object\\n * Set container options\\n * Create OCI container and object\\n\\n```console\\nwith podman.Client() as client:\\n ident = client.images.pull(name)\\n img = client.images.get(ident)\\nopts = {\\n \'memory\': \'1G\',\\n \'memory-reservation\': \'750M\',\\n \'Memory-swap\': \'1.5G\',\\n }\\nctnr = img.container(**opts)\\n```\\n\\nOur calling pattern is \u201cclient.<model>.<method>(<options>)\u201d, where the current models are:\\n\\n * Images\\n * Containers\\n * System\\n\\nThe Podman man pages provide details on the methods and options to be used for each.\\n\\nWhat\u2019s been shown in this blog is how easy it is to use the Python module to do Podman commands from your Linux host. These bindings can be used on the same host that Podman is running on, or they could be used on a remote host. Although there is not a complete one to one correspondence between the Podman commands and the ones available via the Python bindings\u200a\u2014\u200ayet, the end goal for this project is to get to that point. For instance the commands for interacting with pods are currently under development and when available, the Python module will be updated to allow access. In addition to that, there\u2019s work underway to make this Python module available on MacOS and Windows via PyPi. When these ports go live, you will be able to interact with Podman service from any Linux, MacOS or Windows host.\\n\\nI hope you have found the information in this blog to be useful and gives you further insight into Podman and this Python module. If you have any questions a great place to ask them is the IRC channel _#podman_ on _FREENODE_.\\n\\nBetter yet if you\u2019d like to help contribute to Podman or this Python module, please feel free to join us on GitHub!\\n\\n[https://github.com/containers/podman](https://github.com/containers/podman)\\n[https://github.com/containers/podman/tree/main/contrib/python](https://github.com/containers/podman/tree/main/contrib/python)"}]}')}}]); \ No newline at end of file diff --git a/assets/js/16029c63.50716be8.js b/assets/js/16029c63.50716be8.js deleted file mode 100644 index 73c96c9d9..000000000 --- a/assets/js/16029c63.50716be8.js +++ /dev/null @@ -1 +0,0 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[61766],{86039:e=>{e.exports=JSON.parse('{"blogPosts":[{"id":"/2022/12/07/new","metadata":{"permalink":"/blogs/2022/12/07/new","source":"@site/blog/2022-12-07-new.md","title":"Website Updates","description":"Several updates have been planned for this site for quite a while, and work has been ongoing. The first significant change that is happening is with our blog posts. A new WordPress-based site has been created for our posts at blog.podman.io. The new site has a fresh look and feel and shows the direction we\u2019re hoping to take this entire site eventually. You\'ll probably notice the similarities if you have tried Podman Desktop.","date":"2022-12-07T00:00:00.000Z","formattedDate":"December 7, 2022","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.82,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Website Updates","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"nextItem":{"title":"Netavark and Aardvark-dns v1.3.0 released","permalink":"/blogs/2022/11/11/nvav1.3"}},"content":"Several updates have been planned for this site for quite a while, and work has been ongoing. The first significant change that is happening is with our blog posts. A new WordPress-based site has been created for our posts at [blog.podman.io](https://blog.podman.io). The new site has a fresh look and feel and shows the direction we\u2019re hoping to take this entire site eventually. You\'ll probably notice the similarities if you have tried [Podman Desktop](https://podman-desktop.io/).\\n\\nWe are contemplating moving the blog posts from this site to the new one. At least for the moment, the blog posts created before today (December 7, 2022) can now be found under the \u201cArchived Blogs\u201d link on the left side menu. The \u201cBlogs\u201d link in that same menu will take you to the new site.\\n\\nWe hope you enjoy the new blog site and would love to hear from you about what you think about it. As on this site, blog posts from the community will always be gratefully accepted!"},{"id":"/2022/11/11/nvav1.3","metadata":{"permalink":"/blogs/2022/11/11/nvav1.3","source":"@site/blog/2022-11-11-nvav1.3.md","title":"Netavark and Aardvark-dns v1.3.0 released","description":"podman logo","date":"2022-11-11T00:00:00.000Z","formattedDate":"November 11, 2022","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"}],"readingTime":0.71,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Netavark and Aardvark-dns v1.3.0 released","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","podman"]},"prevItem":{"title":"Website Updates","permalink":"/blogs/2022/12/07/new"},"nextItem":{"title":"Podman v4.3.0 Released","permalink":"/blogs/2022/10/22/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Netavark and Aardvark-dns v1.3.0 release\\n\\nWe have cut new releases of the network stack components for [netavark](https://github.com/containers/netavark/releases/tag/v1.3.0)\\nand [aardvark-dns](https://github.com/containers/aardvark-dns/releases/tag/v1.3.0). Both netavark and aardvark-dns\\nversions 1.3.0 were released. As the process works, the upstream releases will slowly work their way into\\nLinux distributions.\\n\\nA basic summary of changes for both are as follows:\\n\\n### v1.3.0 Netavark\\n\\n- Housekeeping and code cleanup\\n- macvlan: remove tmp interface when name already used in netns\\n- Add support for route metrics\\n- netlink: return better error if ipv6 is disabled\\n- macvlan: fix name collision on hostns\\n- Ignore dns-enabled for macvlan (BZ2137320)\\n- better errors on teardown\\n- allow customer dns servers for containers\\n- do not set route for internal-only networks\\n- do not use ipv6 autoconf\\n\\n### v1.3.0 Aardvark-dns\\n\\n- allow one or more dns servers in the aardvark config"},{"id":"/2022/10/22/new","metadata":{"permalink":"/blogs/2022/10/22/new","source":"@site/blog/2022-10-22-new.md","title":"Podman v4.3.0 Released","description":"Podman has gone 4.3.0!","date":"2022-10-22T00:00:00.000Z","formattedDate":"October 22, 2022","tags":[],"readingTime":0.025,"hasTruncateMarker":false,"authors":[],"frontMatter":{"layout":"default","title":"Podman v4.3.0 Released","categories":["new"]},"prevItem":{"title":"Netavark and Aardvark-dns v1.3.0 released","permalink":"/blogs/2022/11/11/nvav1.3"},"nextItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2022/10/12/new"}},"content":"## [Podman has gone 4.3.0!](https://podman.io/releases/2022/10/22/podman-release-v4.3.0.html)"},{"id":"/2022/10/12/new","metadata":{"permalink":"/blogs/2022/10/12/new","source":"@site/blog/2022-10-12-new.md","title":"Podman Posts of Interest","description":"Time for another \\"Podman Posts of Interest\\" post.","date":"2022-10-12T00:00:00.000Z","formattedDate":"October 12, 2022","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.085,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Posts of Interest","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman v4.3.0 Released","permalink":"/blogs/2022/10/22/new"},"nextItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2022/10/12/podman-posts-of-interests"}},"content":"Time for another \\"Podman Posts of Interest\\" post.\\nCheckout the [Podman Posts of Interest](https://podman.io/blogs/2022/10/12/podman-posts-of-interests.html) for the links!"},{"id":"/2022/10/12/podman-posts-of-interests","metadata":{"permalink":"/blogs/2022/10/12/podman-posts-of-interests","source":"@site/blog/2022-10-12-podman-posts-of-interests.md","title":"Podman Posts of Interest","description":"podman logo","date":"2022-10-12T00:00:00.000Z","formattedDate":"October 12, 2022","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":2.58,"hasTruncateMarker":true,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Posts of Interest","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2022/10/12/new"},"nextItem":{"title":"How Podman packaging works on Linux","permalink":"/blogs/2022/10/03/debbuild"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman Posts of Interest\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nA number of blog posts have flung by and I have not had a chance to get individual\\nlink posts to them, so thought I would add a few here that have popped up recently,\\nlinks after the break!.\\n\\n\x3c!--truncate--\x3e\\n\\n- [Mehdi Haghgoo](https://fedoramagazine.org/author/powergame/) - [Manage containers on Fedora Linux with Podman Desktop](https://fedoramagazine.org/manage-containers-on-fedora-linux-with-podman-desktop/) - Learn about the opensource GUI application for managing containers on Linux, macOS, and Windows.\\n- [Aditya Rajan](https://opensource.com/users/adir) and [Giuseppe Scrivano](https://twitter.com/gscrivano) - [Use OCI containers to run WebAssembly workloads](https://opensource.com/article/22/10/wasm-containers) - Use crun to run Wasm/WASI workloads on Podman and Kubernetes.\\n- [Scott McCarty](https://twitter.com/fatherlinux) - [The ever-widening world of Wasm](https://www.infoworld.com/article/3674124/the-ever-widening-world-of-wasm.html) - Bringing WebAssembly and OCI containers together could enable us to run the same container image on any hardware or operating system we want\u2014wherever it runs best, fastest, or cheapest.\\n- [Erdem Yasar](https://twitter.com/erdemyasar) - [RHEL 8.7 and 9.1 are focusing on Podman containers](https://cloud7.news/linux/rhel-8-7-and-9-1-are-focusing-on-podman-containers/) - Red Hat announced the beta release of its Red Hat Enterprise Linux (RHEL) versions 8.7 and 9.1.\\n- [Mark Lameriks](https://technology.amis.nl/author/marc-lameriksamis-nl/) - [Adding Podman to my VM with Minikube Part 1](https://technology.amis.nl/recent/adding-podman-to-my-vm-with-minikube-part-1/) - Mark looks at using the Podman driver as an alternative runtime to the Docker driver in an environment with Minikube.\\n- [Mark Lameriks](https://technology.amis.nl/author/marc-lameriksamis-nl/) - [Adding Podman to my VM with Minikube Part 2](https://technology.amis.nl/platform/podman/adding-podman-to-my-vm-with-minikube-part-2/) - Mark looks at using the Podman driver as an alternative runtime to the Docker driver in an environment with Minikube.\\n- [Jack Wallen](https://www.techrepublic.com/meet-the-team/us/jack-wallen/) - [How to enable Podman sudo-less container management \\\\| #linux \\\\| #linuxsecurity](https://nationalcybersecuritynews.today/how-to-enable-podman-sudo-less-container-management-linux-linuxsecurity/) - Jack shows you how to setup a secure rootless environment with Podman.\\n- [Lokesh Mandvekar](https://twitter.com/rakevdnamhsekol) - [How Podman packaging works on Linux](https://opensource.com/article/22/9/podman-packages-linux) - Get a deep dive into Podman packages for Debian and Ubuntu using Fedora Sources, OBS, and Debbuild.\\n- [Srivalli Patchava](https://twitter.com/Srivallipatcha1) - [Podman vs Docker](https://hkrtrainings.com/podman-vs-docker) - Srivalli compare Podman vs Docker, the industry-standard container management tool for nearly a decade because these two systems have intrinsic distinctions yet are well-suited for collaboration.\\n- Pratham Patel - [Understanding the Differences Between Podman and Docker](https://linuxhandbook.com/docker-vs-podman/amp/) - Pratham investigates the advantages one holds over the other.\\n- Cameron Pavey - [Podman: The Rootless Docker Alternative](https://earthly.dev/blog/podman-rootless/?utm_campaign=meetedgar&utm_medium=social&utm_source=meetedgar.com) - Cameron explores how Podman can be a rootless alternative to Docker.\\n- [Trevor Bryant](https://www.redhat.com/en/authors/trevor-bryant) and [Samuel Walker]](https://www.redhat.com/en/authors/samuel-walker) - [Enhancing application container security and compliance with Podman ](https://www.redhat.com/en/blog/enhancing-application-container-security-and-compliance-podman) - A look into enhancing the security of OCI compliant containers by using Podman.\\n- [Will Dinyes](https://blog.min.io/author/will/) - [MinIO, Podman, and Apple Silicon](https://blog.min.io/minio-podman-and-apple-silicon/?utm_content=221575511&utm_medium=social&utm_source=twitter&hss_channel=tw-3017977255) - Getting MinIO containers working on a Mac using Podman.\\n- [Pradeesh Parameswaran](https://medium.com/@techpradeesh) - [Build A Python Flask Application Container Using Podman \u2014A Docker Alternative](https://medium.com/@techpradeesh/build-a-python-flask-application-container-using-podman-a-docker-alternative-3f6b6d798207) - Pradesh walks you through building a python flask application that runs as a container.\\n- [Valentin Rothberg](https://twitter.com/vlntnrthbrg), [Preethi Thomas](https://twitter.com/preethit), and [Dan Walsh](https://twitter.com/rhatdan) - [https://www.redhat.com/sysadmin/kubernetes-workloads-podman-systemd](How to run Kubernetes workloads in systemd with Podman) - Kubernetes YAML gives Podman a unified solution to declare container workloads across environments and simplify complexity for developers and sysadmins.\\n- [Cedric Clyburn](https://twitter.com/cedricclyburn) - [Containers without Docker (podman, buildah, and skopeo)](https://dev.to/cedricclyburn/containers-without-docker-podman-buildah-and-skopeo-1eal) - Cedric shows how to work with containers using Podman, Buildah, and Skopeo."},{"id":"/2022/10/03/debbuild","metadata":{"permalink":"/blogs/2022/10/03/debbuild","source":"@site/blog/2022-10-03-debbuild.md","title":"How Podman packaging works on Linux","description":"Get a deep dive into Podman packages for Debian and Ubuntu using Fedora Sources, OBS and Debbuild. Learn More!.","date":"2022-10-03T00:00:00.000Z","formattedDate":"October 3, 2022","tags":[],"readingTime":0.1,"hasTruncateMarker":false,"authors":[],"frontMatter":{"layout":"default","title":"How Podman packaging works on Linux","categories":["blogs"]},"prevItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2022/10/12/podman-posts-of-interests"},"nextItem":{"title":"How Podman packaging works on Linux","permalink":"/blogs/2022/10/03/new"}},"content":"## Get a deep dive into Podman packages for Debian and Ubuntu using Fedora Sources, OBS and Debbuild. [Learn More!](https://opensource.com/article/22/9/podman-packages-linux)."},{"id":"/2022/10/03/new","metadata":{"permalink":"/blogs/2022/10/03/new","source":"@site/blog/2022-10-03-new.md","title":"How Podman packaging works on Linux","description":"Get a deep dive into Podman packages for Debian and Ubuntu using Fedora Sources, OBS and Debbuild. Learn More!.","date":"2022-10-03T00:00:00.000Z","formattedDate":"October 3, 2022","tags":[],"readingTime":0.1,"hasTruncateMarker":false,"authors":[],"frontMatter":{"layout":"default","title":"How Podman packaging works on Linux","categories":["new"]},"prevItem":{"title":"How Podman packaging works on Linux","permalink":"/blogs/2022/10/03/debbuild"},"nextItem":{"title":"Netavark and Aardvark-dns 1.2.0 released","permalink":"/blogs/2022/09/28/updated-1.2.0"}},"content":"## Get a deep dive into Podman packages for Debian and Ubuntu using Fedora Sources, OBS and Debbuild. [Learn More!](https://opensource.com/article/22/9/podman-packages-linux)."},{"id":"/2022/09/28/updated-1.2.0","metadata":{"permalink":"/blogs/2022/09/28/updated-1.2.0","source":"@site/blog/2022-09-28-updated-1.2.0.md","title":"Netavark and Aardvark-dns 1.2.0 released","description":"Netavark and Aardvark-dns v1.2.0 has been released!","date":"2022-09-28T00:00:00.000Z","formattedDate":"September 28, 2022","tags":[{"label":"community","permalink":"/blogs/tags/community"},{"label":"podman","permalink":"/blogs/tags/podman"}],"readingTime":0.34,"hasTruncateMarker":true,"authors":[{"name":"baude"}],"frontMatter":{"title":"Netavark and Aardvark-dns 1.2.0 released","layout":"default","author":"baude","categories":["releases"],"tags":["community","podman"]},"prevItem":{"title":"How Podman packaging works on Linux","permalink":"/blogs/2022/10/03/new"},"nextItem":{"title":"Podman v4.2.0 Released","permalink":"/blogs/2022/08/17/new"}},"content":"## Netavark and Aardvark-dns v1.2.0 has been released!\\n\\nThe underlying network components for Podman have been updated. This consists of two projects:\\n\\n- [Netavark](https://github.com/containers/netavark/releases) - network configuration tool for Podman\\n- [Aardvark-dns](https://github.com/containers/aardvark-dns/releases) - container domain name resolution server for\\n Podman containers\\n\\n\x3c!--truncate--\x3e\\n\\nRelease v1.2.0 resolves a handful of edge case bugs that were found and reported. In addition, many of the libraries\\nused by the projects were updated."},{"id":"/2022/08/17/new","metadata":{"permalink":"/blogs/2022/08/17/new","source":"@site/blog/2022-08-17-new.md","title":"Podman v4.2.0 Released","description":"Podman has gone 4.2.0!","date":"2022-08-17T00:00:00.000Z","formattedDate":"August 17, 2022","tags":[],"readingTime":0.025,"hasTruncateMarker":false,"authors":[],"frontMatter":{"layout":"default","title":"Podman v4.2.0 Released","categories":["new"]},"prevItem":{"title":"Netavark and Aardvark-dns 1.2.0 released","permalink":"/blogs/2022/09/28/updated-1.2.0"},"nextItem":{"title":"Podman Windows Installer","permalink":"/blogs/2022/06/08/new"}},"content":"## [Podman has gone 4.2.0!](https://podman.io/releases/2022/08/17/podman-release-v4.2.0.html)"},{"id":"/2022/06/08/new","metadata":{"permalink":"/blogs/2022/06/08/new","source":"@site/blog/2022-06-08-new.md","title":"Podman Windows Installer","description":"If you want to run Podman on Windows, check out this Post!","date":"2022-06-08T00:00:00.000Z","formattedDate":"June 8, 2022","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.06,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Windows Installer","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman v4.2.0 Released","permalink":"/blogs/2022/08/17/new"},"nextItem":{"title":"Podman Windows Installer","permalink":"/blogs/2022/06/08/podman-on-windows"}},"content":"If you want to run Podman on Windows, check out this [Post](https://www.redhat.com/sysadmin/run-podman-windows)!"},{"id":"/2022/06/08/podman-on-windows","metadata":{"permalink":"/blogs/2022/06/08/podman-on-windows","source":"@site/blog/2022-06-08-podman-on-windows.md","title":"Podman Windows Installer","description":"podman logo","date":"2022-06-08T00:00:00.000Z","formattedDate":"June 8, 2022","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.46,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Windows Installer","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman Windows Installer","permalink":"/blogs/2022/06/08/new"},"nextItem":{"title":"Podman v4.1.0 Released","permalink":"/blogs/2022/05/09/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman Windows Installer\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nIf you are looking into running Podman on Windows, Tom Sweeney\'s latest blog post on\\n[EnableSysadmin](https://www.redhat.com/sysadmin/) shows you how easy it is now. The\\n[Run Podman on Windows: How-to instructions](https://www.redhat.com/sysadmin/run-podman-windows)\\nruns you through the four steps that take five minutes to complete. After that is done,\\nyou can then run Podman from your favorite Windows terminal without first having to get into\\na Virtual Machine. As a bonus, there\'s a link to a walk through video tutorial included\\nin the post."},{"id":"/2022/05/09/new","metadata":{"permalink":"/blogs/2022/05/09/new","source":"@site/blog/2022-05-09-new.md","title":"Podman v4.1.0 Released","description":"Podman has gone 4.1.0!","date":"2022-05-09T00:00:00.000Z","formattedDate":"May 9, 2022","tags":[],"readingTime":0.025,"hasTruncateMarker":false,"authors":[],"frontMatter":{"layout":"default","title":"Podman v4.1.0 Released","categories":["new"]},"prevItem":{"title":"Podman Windows Installer","permalink":"/blogs/2022/06/08/podman-on-windows"},"nextItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2022/05/08/new"}},"content":"## [Podman has gone 4.1.0!](https://podman.io/releases/2022/05/09/podman-release-v4.1.0.html)"},{"id":"/2022/05/08/new","metadata":{"permalink":"/blogs/2022/05/08/new","source":"@site/blog/2022-05-08-new.md","title":"Podman Posts of Interest","description":"Time for another \\"Podman Posts of Interest\\" post.","date":"2022-05-08T00:00:00.000Z","formattedDate":"May 8, 2022","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.085,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Posts of Interest","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman v4.1.0 Released","permalink":"/blogs/2022/05/09/new"},"nextItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2022/05/08/podman-posts-of-interests"}},"content":"Time for another \\"Podman Posts of Interest\\" post.\\nCheckout the [Podman Posts of Interest](https://podman.io/blogs/2022/05/08/podman-posts-of-interests.html) for the links!"},{"id":"/2022/05/08/podman-posts-of-interests","metadata":{"permalink":"/blogs/2022/05/08/podman-posts-of-interests","source":"@site/blog/2022-05-08-podman-posts-of-interests.md","title":"Podman Posts of Interest","description":"podman logo","date":"2022-05-08T00:00:00.000Z","formattedDate":"May 8, 2022","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":1.725,"hasTruncateMarker":true,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Posts of Interest","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2022/05/08/new"},"nextItem":{"title":"Podman, Buildah and Skopeo on Ubuntu 22.04 LTS","permalink":"/blogs/2022/04/05/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman Posts of Interest\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nA number of blog posts have flung by and I have not had a chance to get individual\\nlink posts to them, so thought I would add a few here that have popped up recently,\\nlinks after the break!.\\n\\n\x3c!--truncate--\x3e\\n\\n- [Charlie Doern](https://twitter.com/CharlieDoern) - [How Podman can transfer container images without a registry](https://www.redhat.com/sysadmin/podman-transfer-container-images-without-registry) - The new \'podman image scp\' command makes it easy to transfer container images between users on the same system or network.\\n- [Matt Heon](https://github.com/mheon) - [Podman 4.0\'s new network stack: What you need to know](https://www.redhat.com/sysadmin/podman-new-network-stack) - Podman\'s new Netavark and Aardvark-based stack offers three main advantages over the existing CNI-based stack.\\n- [Valentin Rothberg](https://twitter.com/vlntnrthbrg) - [How to run pods as systemd services with Podman](https://www.redhat.com/sysadmin/podman-run-pods-systemd-services) - Extending traditional Linux system administration practices with the modern world of containers.\\n- [Heyan Maurya](https://www.how2shout.com/linux/author/heyan/) - [How to install Podman on Ubuntu 22.04 LTS Jammy Linux](https://www.how2shout.com/linux/how-to-install-podman-on-ubuntu-22-04-lts-jammy-linux/) - Follow the steps in this tutorial to install the Podman container tool on Ubuntu 22.04 LTS Jammy JellyFish Linux.\\n- [Dan Walsh](https://twitter.com/rhatdan) - [Container permission denied: How to diagnose this error](https://www.redhat.com/sysadmin/container-permission-denied-errors) - Learn what is causing a container permission eeror and how to work around the error properly!\\n- [Brent Baude](https://twitter.com/bbaude) - [5 underused Podman features to try now](https://www.redhat.com/sysadmin/podman-features-2?utm_source=dlvr.it&utm_medium=twitter) - Simplify how you interact with containers by incorporating pods, init containers, additional image stores, system reset, and play kube into your work.\\n- [Red Hat Developer](https://developers.redhat.com/) - [Podman basics: Resources for beginners and experts](https://developers.redhat.com/articles/2022/05/02/podman-basics-resources-beginners-and-experts#) - This article offers resources both for developers getting started with Podman and for those seeking more advanced information.\\n- [Jack Chang](https://medium.com/@yunglinchang) - [Seal the Containerized ML Deal With Podman](https://towardsai.net/p/machine-learning/seal-the-containerized-ml-deal-with-podman?utm_source=twitter&utm_medium=social&utm_campaign=rop-content-recycle) - A movie recommendation system using Podman.\\n- [Lokesh Mandvekar](https://opensource.com/users/lsm5) - [What Linux users and packagers need to know about Podman 4.0 on Fedora](https://opensource.com/article/22/4/fedora-podman-40?sc_cid=7016000000127ECAAY) - New Podman features offer better support for containers and improved performance.\\n- [Dan Walsh](https://twitter.com/rhatdan) - [5 Podman features to try now](https://www.redhat.com/sysadmin/podman-features-1) - Improve how you use containers with these new Podman features: --latest, --replace, --all, --ignore, and --tz."},{"id":"/2022/04/05/new","metadata":{"permalink":"/blogs/2022/04/05/new","source":"@site/blog/2022-04-05-new.md","title":"Podman, Buildah and Skopeo on Ubuntu 22.04 LTS","description":"Podman, Buildah, and Skopeo will be included in Ubuntu 22.04 LTS Learn More!.","date":"2022-04-05T00:00:00.000Z","formattedDate":"April 5, 2022","tags":[],"readingTime":0.07,"hasTruncateMarker":false,"authors":[],"frontMatter":{"layout":"default","title":"Podman, Buildah and Skopeo on Ubuntu 22.04 LTS","categories":["new"]},"prevItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2022/05/08/podman-posts-of-interests"},"nextItem":{"title":"Podman, Buildah and Skopeo on Ubuntu 22.04 LTS","permalink":"/blogs/2022/04/05/ubuntu-2204-lts-kubic"}},"content":"## Podman, Buildah, and Skopeo will be included in Ubuntu 22.04 LTS [Learn More!](https://podman.io/blogs/2022/04/05/ubuntu-2204-lts-kubic.html)."},{"id":"/2022/04/05/ubuntu-2204-lts-kubic","metadata":{"permalink":"/blogs/2022/04/05/ubuntu-2204-lts-kubic","source":"@site/blog/2022-04-05-ubuntu-2204-lts-kubic.md","title":"Podman, Buildah and Skopeo on Ubuntu 22.04 LTS","description":"podman logo","date":"2022-04-05T00:00:00.000Z","formattedDate":"April 5, 2022","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"skopeo","permalink":"/blogs/tags/skopeo"},{"label":"ubuntu","permalink":"/blogs/tags/ubuntu"},{"label":"kubic","permalink":"/blogs/tags/kubic"}],"readingTime":0.575,"hasTruncateMarker":false,"authors":[{"name":"lsm5"}],"frontMatter":{"title":"Podman, Buildah and Skopeo on Ubuntu 22.04 LTS","layout":"default","author":"lsm5","categories":["blogs"],"tags":["containers","podman","buildah","skopeo","ubuntu","kubic"]},"prevItem":{"title":"Podman, Buildah and Skopeo on Ubuntu 22.04 LTS","permalink":"/blogs/2022/04/05/new"},"nextItem":{"title":"Netavark and Aardvark-dns v1.0.2 released","permalink":"/blogs/2022/03/23/nvav1.0.2"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman, Buildah and Skopeo on Ubuntu 22.04 LTS\\n\\n[Ubuntu 22.04 LTS Beta](https://releases.ubuntu.com/jammy/) is available for testing as of March 31st.\\nThis is the first LTS release with [Podman](https://packages.ubuntu.com/jammy/podman),\\n[Buildah](https://packages.ubuntu.com/jammy/buildah) and [Skopeo](https://packages.ubuntu.com/jammy/skopeo) in\\nthe default repos, thanks to the amazing work of Reinhard Tartler and team.\\n\\nThe package versions available currently are: Podman 3.4, Buildah 1.23 and Skopeo 1.4.\\n\\nThere won\'t be any further updates to the Kubic repos as far as Podman, Buildah and Skopeo are concerned,\\nso users are recommended to use the default repos on 22.04 LTS.\\n\\nIf you\'re currently using packages from the Kubic repos, it\u2019s highly recommended to uninstall the Kubic\\npackages prior to upgrading to 22.04 LTS."},{"id":"/2022/03/23/nvav1.0.2","metadata":{"permalink":"/blogs/2022/03/23/nvav1.0.2","source":"@site/blog/2022-03-23-nvav1.0.2.md","title":"Netavark and Aardvark-dns v1.0.2 released","description":"podman logo","date":"2022-03-23T00:00:00.000Z","formattedDate":"March 23, 2022","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"}],"readingTime":0.315,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Netavark and Aardvark-dns v1.0.2 released","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","podman"]},"prevItem":{"title":"Podman, Buildah and Skopeo on Ubuntu 22.04 LTS","permalink":"/blogs/2022/04/05/ubuntu-2204-lts-kubic"},"nextItem":{"title":"Podman 4.0.2 is available on Homebrew","permalink":"/blogs/2022/03/15/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Netavark and Aardvark-dns v1.0.2 release\\n\\nThe Podman development team has released new versions of both\\n[Netavark](https://github.com/containers/netavark/releases/tag/v1.0.2) and\\n[Aardvark-dns](https://github.com/containers/aardvark-dns/releases/tag/v1.0.2). The releases mostly consist of\\nupdated dependency libraries and bugfixes. Additionally, netavark is now capable of having a statically addressed\\nmacvlan without a gateway address. New packages for Fedora 36 and the\\n[Podman4 COPR](https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman4/) are being built and should be\\navailable shortly."},{"id":"/2022/03/15/new","metadata":{"permalink":"/blogs/2022/03/15/new","source":"@site/blog/2022-03-15-new.md","title":"Podman 4.0.2 is available on Homebrew","description":"Podman v4.0.2 is now on Homebrew! Learn More!.","date":"2022-03-15T00:00:00.000Z","formattedDate":"March 15, 2022","tags":[],"readingTime":0.045,"hasTruncateMarker":false,"authors":[],"frontMatter":{"layout":"default","title":"Podman 4.0.2 is available on Homebrew","categories":["new"]},"prevItem":{"title":"Netavark and Aardvark-dns v1.0.2 released","permalink":"/blogs/2022/03/23/nvav1.0.2"},"nextItem":{"title":"Podman v4.0.2 is available in Homebrew","permalink":"/blogs/2022/03/15/podman4.0.2brew"}},"content":"## Podman v4.0.2 is now on Homebrew! [Learn More!](https://podman.io/blogs/2022/03/15/podman4.0.2brew.html)."},{"id":"/2022/03/15/podman4.0.2brew","metadata":{"permalink":"/blogs/2022/03/15/podman4.0.2brew","source":"@site/blog/2022-03-15-podman4.0.2brew.md","title":"Podman v4.0.2 is available in Homebrew","description":"podman logo","date":"2022-03-15T00:00:00.000Z","formattedDate":"March 15, 2022","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"macOS","permalink":"/blogs/tags/mac-os"}],"readingTime":0.5,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Podman v4.0.2 is available in Homebrew","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","podman","macOS"]},"prevItem":{"title":"Podman 4.0.2 is available on Homebrew","permalink":"/blogs/2022/03/15/new"},"nextItem":{"title":"Podman 4 is not in Fedora 35","permalink":"/blogs/2022/03/06/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman v4.0.2 is available in Homebrew\\n\\n[Homebrew](https://brew.sh/), also known as `brew`, now has the Podman v4.0.2 available. Updating should be trivial\\nbut please make sure that Qemu is also upgraded alongside Podman. One cool feature that the community helped us\\ndeliver is the ability to mount volumes from MacOS into the virtual machine. We decided to backport some code to\\nmake it available to users more quickly. As such, it is possible if not likely that there will be more\\nchanges around volume mounts in subsequent Podman releases (i.e. default mounts, technology used to make the mount)."},{"id":"/2022/03/06/new","metadata":{"permalink":"/blogs/2022/03/06/new","source":"@site/blog/2022-03-06-new.md","title":"Podman 4 is not in Fedora 35","description":"Learn why Podman 4 is not in Fedora 35 in this blog post from Brent Baude.","date":"2022-03-06T00:00:00.000Z","formattedDate":"March 6, 2022","tags":[],"readingTime":0.085,"hasTruncateMarker":false,"authors":[],"frontMatter":{"layout":"default","title":"Podman 4 is not in Fedora 35","categories":["new"]},"prevItem":{"title":"Podman v4.0.2 is available in Homebrew","permalink":"/blogs/2022/03/15/podman4.0.2brew"},"nextItem":{"title":"Podman 4 is not in Fedora 35","permalink":"/blogs/2022/03/06/why_no_podman4_f35"}},"content":"## Learn why [Podman 4 is not in Fedora 35](https://podman.io/blogs/2022/03/06/why_no_podman4_f35.html) in this blog post from [Brent Baude](https://twitter.com/bbaude)."},{"id":"/2022/03/06/why_no_podman4_f35","metadata":{"permalink":"/blogs/2022/03/06/why_no_podman4_f35","source":"@site/blog/2022-03-06-why_no_podman4_f35.md","title":"Podman 4 is not in Fedora 35","description":"podman logo","date":"2022-03-06T00:00:00.000Z","formattedDate":"March 6, 2022","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"}],"readingTime":1.145,"hasTruncateMarker":true,"authors":[{"name":"baude"}],"frontMatter":{"title":"Podman 4 is not in Fedora 35","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","podman"]},"prevItem":{"title":"Podman 4 is not in Fedora 35","permalink":"/blogs/2022/03/06/new"},"nextItem":{"title":"Podman v4.0.0 Released","permalink":"/blogs/2022/02/22/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman 4 is not in Fedora 35\\n\\nPodman 4 will not officially ship in Fedora 35 because it has breaking changes from Podman 3. Fedora has well-founded\\npolicies that forbid updating a package in a Fedora release, like 35, that has breaking changes. This is true for\\nmost Linux distributions that are dependent on release versions.\\n\\n\x3c!--truncate--\x3e\\n\\nHowever, the Podman team has set up a COPR (Cool Other Package Repo) so that you can still install Podman and its\\ndependencies on Fedora 35. It is called [rhcontainerbot/podman4](https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman4/).\\nCOPRs are not officially supported by Fedora or its infrastructure. The podman4 COPR also has builds for\\nFedora 36 and CentOS 9 stream. There are even Fedora 36 builds as well.\\n\\n## Using podman4 COPR\\n\\nAdding the podman4 COPR is very easy. Instructions for doing so can be found on the\\n[rhcontainerbot/podman4](https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman4/) project site. But for\\na quick start, it is simply:\\n\\n```\\n $ sudo dnf copr enable rhcontainerbot/podman4\\n```\\n\\nOnce that command completes, you can install Podman.\\n\\n```\\n $ sudo dnf install podman\\n```\\n\\n_Note_: If you are upgrading an existing Podman 3 install and wish to run Podman 4\'s new network stack, be certain\\nyou that the aardvark and netavark packages are also installed (they are part of the same COPR). You will also\\nneed to then run `podman system reset --force` before running any new containers."},{"id":"/2022/02/22/new","metadata":{"permalink":"/blogs/2022/02/22/new","source":"@site/blog/2022-02-22-new.md","title":"Podman v4.0.0 Released","description":"Podman has gone 4.0.0!","date":"2022-02-22T00:00:00.000Z","formattedDate":"February 22, 2022","tags":[],"readingTime":0.025,"hasTruncateMarker":false,"authors":[],"frontMatter":{"layout":"default","title":"Podman v4.0.0 Released","categories":["new"]},"prevItem":{"title":"Podman 4 is not in Fedora 35","permalink":"/blogs/2022/03/06/why_no_podman4_f35"},"nextItem":{"title":"Testing Podman 4 with the new network stack","permalink":"/blogs/2022/02/04/network-usage"}},"content":"## [Podman has gone 4.0.0!](https://podman.io/releases/2022/02/22/podman-release-v4.0.0.html)"},{"id":"/2022/02/04/network-usage","metadata":{"permalink":"/blogs/2022/02/04/network-usage","source":"@site/blog/2022-02-04-network-usage.md","title":"Testing Podman 4 with the new network stack","description":"podman logo","date":"2022-02-04T00:00:00.000Z","formattedDate":"February 4, 2022","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"},{"label":"rootless","permalink":"/blogs/tags/rootless"},{"label":"sudo","permalink":"/blogs/tags/sudo"},{"label":"network","permalink":"/blogs/tags/network"},{"label":"netavark","permalink":"/blogs/tags/netavark"},{"label":"aardvark","permalink":"/blogs/tags/aardvark"},{"label":"aardvark-dns","permalink":"/blogs/tags/aardvark-dns"}],"readingTime":1.465,"hasTruncateMarker":true,"authors":[{"name":"baude"}],"frontMatter":{"title":"Testing Podman 4 with the new network stack","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac","rootless","sudo","network","netavark","aardvark","aardvark-dns"]},"prevItem":{"title":"Podman v4.0.0 Released","permalink":"/blogs/2022/02/22/new"},"nextItem":{"title":"Testing Podman 4 with new network stack","permalink":"/blogs/2022/02/04/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Testing Podman 4 with the new network stack\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\nPodman 4.0 will implement a new network stack instead of CNI plugins. There are two components to the new stack:\\n\\n\x3c!--truncate--\x3e\\n\\n- Netavark performs interface setup, IP address/etc assignment, NAT, and port mapping.\\n- Aardvark-dns that replaces the previous DNS name custom plugin. Aardvark-dns is a DNS server that provides name resolution and forwarding for container networks.\\n\\n> **Warning**: Before testing Podman 4 and the new network stack, you will have to destroy all your current containers, images, and network. Consider exporting/saving any import containers or images.\\n\\nIf you have run Podman 3.x before upgrading to Podman 4, Podman will continue to use CNI plugins as it had before. There is a marker in Podman\'s local storage that indicates this. In order to begin using Podman 4, you need to destroy that marker with podman system reset. This will destroy the marker, all of the images, all of the networks, and all of the containers.\\n\\n## Setting up Podman 4 with netavark and aardvark-dns on Fedora\\n\\nIf this is an upgrade to a current Podman install, destroy all current images, containers, and defined networks.\\n\\n> $ podman system reset --force\\n\\nEnsure you have the DNF copr extension.\\n\\n> $ sudo dnf install \'dnf-command(copr)\'\\n\\nAdd the podman4 test COPR to your system\\n\\n> $ sudo dnf copr enable rhcontainerbot/podman4\\n\\nIf you have never installed Podman, replace `upgrade` with `install` in the following command.\\n\\n> $ sudo dnf upgrade podman\\n\\nIf Podman was upgraded, you may have to install netavark explicitly. Otherwise, the Podman package will continue to use CNI.\\n\\n> $ sudo dnf install netavark aardvark-dns\\n\\nIf you find bugs, please report them to our [github issues page](https://github.com/containers/podman/issues)."},{"id":"/2022/02/04/new","metadata":{"permalink":"/blogs/2022/02/04/new","source":"@site/blog/2022-02-04-new.md","title":"Testing Podman 4 with new network stack","description":"The recent Podman v4.0 RC4 release containers the new network stack. Brent has just posted a new blog post: Testing Podman 4 with new network stack, to help you speed up your testing of the new stack. If you find any issues, please note them on the Podman issues on GitHub.","date":"2022-02-04T00:00:00.000Z","formattedDate":"February 4, 2022","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"},{"label":"rootless","permalink":"/blogs/tags/rootless"},{"label":"sudo","permalink":"/blogs/tags/sudo"},{"label":"network","permalink":"/blogs/tags/network"},{"label":"netavark","permalink":"/blogs/tags/netavark"},{"label":"aardvark","permalink":"/blogs/tags/aardvark"},{"label":"aardvark-dns","permalink":"/blogs/tags/aardvark-dns"}],"readingTime":0.255,"hasTruncateMarker":false,"authors":[{"name":"bbaude"}],"frontMatter":{"title":"Testing Podman 4 with new network stack","layout":"default","author":"bbaude","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac","rootless","sudo","network","netavark","aardvark","aardvark-dns"]},"prevItem":{"title":"Testing Podman 4 with the new network stack","permalink":"/blogs/2022/02/04/network-usage"},"nextItem":{"title":"Build Kubernetes pods with Podman play kube","permalink":"/blogs/2021/10/28/build-kubernetes-pods-with-podman-play-kube"}},"content":"The recent Podman v4.0 RC4 release containers the new network stack. Brent has just posted a new blog post: [Testing Podman 4 with new network stack](https://podman.io/blogs/2022/02/04/network-usage.html), to help you speed up your testing of the new stack. If you find any issues, please note them on the Podman [issues](https://github.com/containers/podman/issues) on GitHub."},{"id":"/2021/10/28/build-kubernetes-pods-with-podman-play-kube","metadata":{"permalink":"/blogs/2021/10/28/build-kubernetes-pods-with-podman-play-kube","source":"@site/blog/2021-10-28-build-kubernetes-pods-with-podman-play-kube.md","title":"Build Kubernetes pods with Podman play kube","description":"podman logo","date":"2021-10-28T00:00:00.000Z","formattedDate":"October 28, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"sudo","permalink":"/blogs/tags/sudo"},{"label":"rootless","permalink":"/blogs/tags/rootless"}],"readingTime":0.235,"hasTruncateMarker":false,"authors":[{"name":"bbaude"}],"frontMatter":{"title":"Build Kubernetes pods with Podman play kube","layout":"default","author":"bbaude","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","sudo","rootless"]},"prevItem":{"title":"Testing Podman 4 with new network stack","permalink":"/blogs/2022/02/04/new"},"nextItem":{"title":"Build Kubernetes pods with Podman play kube","permalink":"/blogs/2021/10/28/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Build Kubernetes pods with Podman play kube\\nThe `podman play kube` command has `docker compose` features in it to make it easier to transition your compose workloads. Brent Baude explains how in the recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [https://www.redhat.com/sysadmin/podman-play-kube-updates](https://www.redhat.com/sysadmin/podman-play-kube-updates)."},{"id":"/2021/10/28/new","metadata":{"permalink":"/blogs/2021/10/28/new","source":"@site/blog/2021-10-28-new.md","title":"Build Kubernetes pods with Podman play kube","description":"The podman play kube command has docker compose features in it to make it easier to transition your compose workloads. Brent Baude explains how in the recent blog post on the Red Hat Enable Sysadmin site, https://www.redhat.com/sysadmin/podman-play-kube-updates.","date":"2021-10-28T00:00:00.000Z","formattedDate":"October 28, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"},{"label":"rootless","permalink":"/blogs/tags/rootless"},{"label":"sudo","permalink":"/blogs/tags/sudo"}],"readingTime":0.185,"hasTruncateMarker":false,"authors":[{"name":"bbaude"}],"frontMatter":{"title":"Build Kubernetes pods with Podman play kube","layout":"default","author":"bbaude","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac","rootless","sudo"]},"prevItem":{"title":"Build Kubernetes pods with Podman play kube","permalink":"/blogs/2021/10/28/build-kubernetes-pods-with-podman-play-kube"},"nextItem":{"title":"How Podman runs on Macs and other container FAQs","permalink":"/blogs/2021/10/27/how-podman-runs-on-macs"}},"content":"The `podman play kube` command has `docker compose` features in it to make it easier to transition your compose workloads. Brent Baude explains how in the recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [https://www.redhat.com/sysadmin/podman-play-kube-updates](https://www.redhat.com/sysadmin/podman-play-kube-updates)."},{"id":"/2021/10/27/how-podman-runs-on-macs","metadata":{"permalink":"/blogs/2021/10/27/how-podman-runs-on-macs","source":"@site/blog/2021-10-27-how-podman-runs-on-macs.md","title":"How Podman runs on Macs and other container FAQs","description":"podman logo","date":"2021-10-27T00:00:00.000Z","formattedDate":"October 27, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"sudo","permalink":"/blogs/tags/sudo"},{"label":"rootless","permalink":"/blogs/tags/rootless"}],"readingTime":0.24,"hasTruncateMarker":false,"authors":[{"name":"bbaude"}],"frontMatter":{"title":"How Podman runs on Macs and other container FAQs","layout":"default","author":"bbaude","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","sudo","rootless"]},"prevItem":{"title":"Build Kubernetes pods with Podman play kube","permalink":"/blogs/2021/10/28/new"},"nextItem":{"title":"How Podman runs on Macs and other container FAQs","permalink":"/blogs/2021/10/27/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# How Podman runs on Macs and other container FAQs\\nBrent Baude clears up the confusion about Podman\'s machine architecture and other frequently asked questions in this recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [How Podman runs on Macs and other container FAQs](https://www.redhat.com/sysadmin/podman-mac-machine-architecture)."},{"id":"/2021/10/27/new","metadata":{"permalink":"/blogs/2021/10/27/new","source":"@site/blog/2021-10-27-new.md","title":"How Podman runs on Macs and other container FAQs","description":"Brent Baude clears up the confusion about Podman\'s machine architecture and other frequently asked questions in this recent blog post on the Red Hat Enable Sysadmin site, How Podman runs on Macs and other container FAQs.","date":"2021-10-27T00:00:00.000Z","formattedDate":"October 27, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"},{"label":"rootless","permalink":"/blogs/tags/rootless"},{"label":"sudo","permalink":"/blogs/tags/sudo"}],"readingTime":0.18,"hasTruncateMarker":false,"authors":[{"name":"bbaude"}],"frontMatter":{"title":"How Podman runs on Macs and other container FAQs","layout":"default","author":"bbaude","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac","rootless","sudo"]},"prevItem":{"title":"How Podman runs on Macs and other container FAQs","permalink":"/blogs/2021/10/27/how-podman-runs-on-macs"},"nextItem":{"title":"Why can\'t I use sudo with rootless Podman?","permalink":"/blogs/2021/10/16/new"}},"content":"Brent Baude clears up the confusion about Podman\'s machine architecture and other frequently asked questions in this recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [How Podman runs on Macs and other container FAQs](https://www.redhat.com/sysadmin/podman-mac-machine-architecture)."},{"id":"/2021/10/16/new","metadata":{"permalink":"/blogs/2021/10/16/new","source":"@site/blog/2021-10-16-new.md","title":"Why can\'t I use sudo with rootless Podman?","description":"So why can\'t I use sudo with rootless Podman? Matt Heon explains why and how you can safely work around the \\"need\\" if you have it in a recent blog post on the Red Hat Enable Sysadmin site, Why can\'t I use sudo with rootless Podman.","date":"2021-10-16T00:00:00.000Z","formattedDate":"October 16, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"},{"label":"rootless","permalink":"/blogs/tags/rootless"},{"label":"sudo","permalink":"/blogs/tags/sudo"}],"readingTime":0.23,"hasTruncateMarker":false,"authors":[{"name":"mheon"}],"frontMatter":{"title":"Why can\'t I use sudo with rootless Podman?","layout":"default","author":"mheon","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac","rootless","sudo"]},"prevItem":{"title":"How Podman runs on Macs and other container FAQs","permalink":"/blogs/2021/10/27/new"},"nextItem":{"title":"Why can\'t I use sudo with rootless Podman?","permalink":"/blogs/2021/10/16/sudo-with-rootless-podman"}},"content":"So why can\'t I use sudo with rootless Podman? Matt Heon explains why and how you can safely work around the \\"need\\" if you have it in a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [Why can\'t I use sudo with rootless Podman](https://www.redhat.com/sysadmin/sudo-rootless-podman)."},{"id":"/2021/10/16/sudo-with-rootless-podman","metadata":{"permalink":"/blogs/2021/10/16/sudo-with-rootless-podman","source":"@site/blog/2021-10-16-sudo-with-rootless-podman.md","title":"Why can\'t I use sudo with rootless Podman?","description":"podman logo","date":"2021-10-16T00:00:00.000Z","formattedDate":"October 16, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"sudo","permalink":"/blogs/tags/sudo"},{"label":"rootless","permalink":"/blogs/tags/rootless"}],"readingTime":0.285,"hasTruncateMarker":false,"authors":[{"name":"mheon"}],"frontMatter":{"title":"Why can\'t I use sudo with rootless Podman?","layout":"default","author":"mheon","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","sudo","rootless"]},"prevItem":{"title":"Why can\'t I use sudo with rootless Podman?","permalink":"/blogs/2021/10/16/new"},"nextItem":{"title":"Working with container image manifest lists","permalink":"/blogs/2021/10/11/multiarch"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Why can\'t I use sudo with rootless Podman?\\nSo why can\'t I use sudo with rootless Podman? Matt Heon explains why and how you can safely work around the \\"need\\" if you have it in a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [Why can\'t I use sudo with rootless Podman](https://www.redhat.com/sysadmin/sudo-rootless-podman)."},{"id":"/2021/10/11/multiarch","metadata":{"permalink":"/blogs/2021/10/11/multiarch","source":"@site/blog/2021-10-11-multiarch.md","title":"Working with container image manifest lists","description":"podman logo","date":"2021-10-11T00:00:00.000Z","formattedDate":"October 11, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"skopeo","permalink":"/blogs/tags/skopeo"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"multiarch","permalink":"/blogs/tags/multiarch"}],"readingTime":5.695,"hasTruncateMarker":true,"authors":[{"name":"cevich"}],"frontMatter":{"title":"Working with container image manifest lists","layout":"default","author":"cevich","categories":["blogs"],"tags":["containers","podman","buildah","skopeo","images","multiarch"]},"prevItem":{"title":"Why can\'t I use sudo with rootless Podman?","permalink":"/blogs/2021/10/16/sudo-with-rootless-podman"},"nextItem":{"title":"Working with container image manifest lists","permalink":"/blogs/2021/10/11/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Working with container image manifest lists\\n\\n## By Chris Evich [GitHub](https://github.com/cevich)\\n\\nIn this article, I will be using\\n[Podman](https://github.com/containers/podman),\\n[Buildah](https://github.com/containers/buildah),\\nand\\n[Skopeo](https://github.com/containers/skopeo)\\ncontainer tools to produce an image that supports multiple architectures\\nunder a single \\"name\\".\\n\\n\x3c!--truncate--\x3e\\n\\nSimply put, a _manifest list_ is just a collection of images with some\\nadditional metadata. While in principle any set of images can be in a\\nmanifest list, the intended use is housing multi-platform and/or multi-arch\\nimages. Otherwise, manifest lists mostly look and feel like regular container\\nimages. You can pull, tag, and run them as you\'d expect, with only a few\\nexceptions.\\n\\nTwo and a half things will likely catch you off-guard:\\n\\n- Pushing manifest lists to registries\\n- Removing manifest lists from local storage.\\n- The `podman tag` command is broken for manifest lists in `v3.4`, but\\n works in Buildah `v1.23.1`.\\n\\nDue to the way image-name references are internally processed, you should\\n**not** use the usual `podman push` and `podman rmi` subcommands.\\n**THEY WILL NOT DO WHAT YOU EXPECT!** Instead, you\'ll want to use\\n[`podman manifest push --all `](https://docs.podman.io/en/latest/markdown/podman-manifest-push.1.html) and\\n[`podman manifest rm `](https://docs.podman.io/en/latest/markdown/podman-manifest-rm.1.html)\\n(similarly for `buildah`). These will push/remove the manifest list\\nitself instead of the contents. Similarly for tagging if you\'re on Podman `v3.4`,\\nuse the `buildah tag` command instead.\\n\\nGreat, so manifest lists sound awesome; I can pull, and run them.\\nI can delete them with `podman manifest rm`, push with\\n`podman manifest push --all `, and `tag` with Buildah,\\nbut how can I create them?\\n\\n## Easy Mode\\n\\nThe simplest way to create a multi-arch manifest list is by enabling\\nemulation to support any non-native `RUN` instructions. This is done\\nby installing the `qemu-user-static` package (or equivalent) for your\\ndistribution. Also ensure the related `systemd-binfmt.service` is\\nenabled/started. Not all distributions support these, so skip to the\\nnext sections for details on other methods if required.\\n\\nAssuming emulation is in place, let\u2019s look at this example _Containerfile_:\\n\\n```Dockerfile\\nFROM registry.access.redhat.com/ubi8:latest\\nRUN uname -a\\n```\\n\\nBuilding a multi-arch manifest for this can be done with one build command.\\nThis is thanks to features of recent versions of Buildah (`v1.23` and later)\\nand Podman (`v3.4` and later):\\n\\n```bash\\n$ platarch=linux/amd64,linux/ppc64le,linux/arm64,linux/s390x\\n$ buildah build --jobs=4 --platform=$platarch --manifest shazam .\\n```\\n\\nThe key options used here are:\\n\\n- `--manifest` - Add the resulting image into the named manifest list (`shazam`),\\n creating it if it doesn\'t already exist.\\n- `--platform` - Accepts a comma-separated list of `platform/architecture`\\n tuples (`linux/amd64,linux/ppc64le,linux/arm64,linux/s390x`).\\n- `--jobs` - Optional, causes the builds to execute in parallel using\\n the specified number of threads (`4`). i.e., the build finishes much\\n faster.\\n\\n_Note_: Even this simple `Containerfile` and build command will produce\\nquite a lot of output. Assuming it\'s successful, you may use the following\\ncommand to examine the architectures:\\n\\n```bash\\n$ skopeo inspect --raw containers-storage:localhost/shazam | \\\\\\n jq \'.manifests[].platform.architecture\'\\n```\\n\\nSimilarly,\\n[`skopeo inspect`](https://github.com/containers/skopeo/blob/main/docs/skopeo-inspect.1.md)\\ncan be used to examine manifest lists on registry servers - just swap\\n`containers-storage:` with `docker://`. This is very useful for\\ndetermining if a base image is a manifest list, and if it is, which\\narchitecture the images were built for. Querying metadata in this\\nway doesn\'t require pulling down all the data, so it\'s quite fast.\\n\\nLastly and as mentioned at the beginning, pushing and removing manifest\\nlists is special. You **must** use `manifest push` or `manifest rm` sub-commands.\\nOtherwise, Podman will act on the contents rather than the manifest list\\nitself. Then for push, you must specify both the source and destination.\\nA somewhat contrived example might be:\\n\\n```bash\\n$ buildah tag localhost/shazam quay.io/example/shazam\\n$ podman manifest rm localhost/shazam\\n$ podman manifest push --all quay.io/example/shazam docker://quay.io/example/shazam\\n```\\n\\nIf you don\'t specify both the source and push destination, you\'ll\\nget an error message. In case you\'re wondering, the `--all` argument is\\nrequired. This tells Podman to push the manifest list AND the contents,\\nwhich is nearly always what you want to do. If you don\u2019t use the `--all`\\noption, only the native architecture will be sent without any warning or\\nother indications.\\n\\n## Cheat Mode\\n\\nIn the case of public automation services, where convenience and ease of\\nmaintenance are essential, [there are a set of container images that will\\nenable and configure `qermu-user-static` for\\nyou](https://github.com/orgs/multiarch/repositories).\\nThese images must be run in `--privileged` mode but will make\\n[setting things up in the automation system very easy (docs)](https://github.com/multiarch/qemu-user-static#getting-started).\\nOnce set up, the image-build method is precisely the same as the above section.\\n\\nThat said, this is not an endorsement, and you will need to perform your own due\\ndiligence. I only mention it in this article because if I don\'t, somebody is\\nbound to bring it up. It\'s likely a fine setup for small, non-critical cases.\\nBut this will probably be a \\"no-go\\", where provenance and security are critical.\\nSo, if that applies to you, continue on to the next section.\\n\\n## Safe Mode\\n\\nIn highly secure, locked-down, production environments using commercially\\nsupported distributions, additional safety is often paramount over the\\nconvenience of emulation. Additionally if the build is simply too complex,\\nemulation-slow, or involves multiple incompatible platforms (i.e., Windows\\nand Darwin) then it simply may not be practical.\\n\\nIn these cases, essentially you need to perform the builds separately,\\ncollect the images on one system, then combine them all into a manifest\\nlist as a separate step.\\n\\nFor example, let\'s assume that you\'ve built the `shazam` image on several\\nlinux hosts, tagged each of them with their architecture name, and pushed them\\nup to the `quay.io/example/shazam` repository. Combining them into a\\nmanifest list might look like this:\\n\\n```bash\\n$ REPO=quay.io/example/shazam\\n$ podman manifest create $REPO:latest\\n$ for IMGTAG in amd64 s390x ppc64le arm64; do \\\\\\n podman manifest add $REPO:latest docker://$REPO:IMGTAG; \\\\\\n done\\n$ podman manifest push --all $REPO:latest docker://$REPO:latest\\n```\\n\\n_Note:_ For the\\n[`manifest add`](https://docs.podman.io/en/latest/markdown/podman-manifest-add.1.html)\\nsub-command, the **target manifest list name comes first, then the image to add**.\\nIn the above example, the command inside the loop will pull down the\\nplatform-tagged image (metadata) and add it into the new manifest list. There\\nis no need for a separate\\n[pull](https://docs.podman.io/en/latest/markdown/podman-pull.1.html)\\noperation, and Podman will automatically figure out the constituent architecture\\nand platform information. If not, there are\\n[options to specify them manually](https://docs.podman.io/en/latest/markdown/podman-manifest-add.1.html#arch)\\nduring the `manifest add` operation. Lastly, in case of an accident, you\'ll\\nfind a\\n[`manifest remove`](https://docs.podman.io/en/latest/markdown/podman-manifest-remove.1.html)\\nsub-command (**same argument-order as `manifest add`**).\\n\\n## Conclusion\\n\\nWhile countless additional details are available in the man pages, this basic\\nknowledge should cover `90%` of your needs. With these essential tricks in\\nhand, producing your own multi-arch and/or multi-platform manifest lists\\nis just a matter of practice (or some new bash scripts).\\n\\nPlease also remember to pay attention to the tooling versions, as several\\nbugs and deficiencies are present in earlier editions. On that same note,\\nif you do encounter any strange or unexpected behavior, please reach out\\nto the [upstream community for assistance](https://podman.io/community/#slack-irc-matrix-and-discord)."},{"id":"/2021/10/11/new","metadata":{"permalink":"/blogs/2021/10/11/new","source":"@site/blog/2021-10-11-new.md","title":"Working with container image manifest lists","description":"In this article Chris Evich uses","date":"2021-10-11T00:00:00.000Z","formattedDate":"October 11, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"skopeo","permalink":"/blogs/tags/skopeo"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"multiarch","permalink":"/blogs/tags/multiarch"}],"readingTime":0.145,"hasTruncateMarker":false,"authors":[{"name":"cevich"}],"frontMatter":{"title":"Working with container image manifest lists","layout":"default","author":"cevich","categories":["new"],"tags":["containers","podman","buildah","skopeo","images","multiarch"]},"prevItem":{"title":"Working with container image manifest lists","permalink":"/blogs/2021/10/11/multiarch"},"nextItem":{"title":"Podman remote clients for macOS and Windows","permalink":"/blogs/2021/10/04/m1macs"}},"content":"In this article Chris Evich uses\\n[Podman](https://github.com/containers/podman),\\n[Buildah](https://github.com/containers/buildah),\\nand\\n[Skopeo](https://github.com/containers/skopeo)\\nto produce an image that supports multiple architectures\\nunder a single \\"name\\".\\n[Working with container image manifest lists](https://podman.io/blogs/2021/10/11/multiarch.html) post!"},{"id":"/2021/10/04/m1macs","metadata":{"permalink":"/blogs/2021/10/04/m1macs","source":"@site/blog/2021-10-04-m1macs.md","title":"Podman remote clients for macOS and Windows","description":"podman logo","date":"2021-10-04T00:00:00.000Z","formattedDate":"October 4, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.635,"hasTruncateMarker":true,"authors":[{"name":"baude"}],"frontMatter":{"title":"Podman remote clients for macOS and Windows","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Working with container image manifest lists","permalink":"/blogs/2021/10/11/new"},"nextItem":{"title":"Podman on Apple silicon","permalink":"/blogs/2021/10/04/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman on Apple Silicon\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\nThe Podman development team is happy to announce that Podman machine is now supported\\non Apple silicon hardware like the M1s.\\n\\n\x3c!--truncate--\x3e\\n\\nThe initial versions of Podman machine only supported Intel-based Apple machines. We could not support\\nthe Apple M1s because we needed some changes to occur in upstream projects that we depend on. Now that those\\nthings are fixed, we support Apple silicon hardware with Podman 3.4.\\n\\nIn the last two weeks, we were able to clear the final hurdles to support Podman machine on Apple Silicon. Many\\nthanks to the QEMU maintainers and the maintainers of brew. And last but not least, the Fedora FCOS team\\nwhich officially supports the aarch64 architecture now."},{"id":"/2021/10/04/new","metadata":{"permalink":"/blogs/2021/10/04/new","source":"@site/blog/2021-10-04-new.md","title":"Podman on Apple silicon","description":"Brent Baude Podman machine on Applie silicon is now supported! Read all about it on the Podman on Apple M1s post!","date":"2021-10-04T00:00:00.000Z","formattedDate":"October 4, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"},{"label":"buildah","permalink":"/blogs/tags/buildah"}],"readingTime":0.105,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Podman on Apple silicon","layout":"default","author":"baude","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac","buildah"]},"prevItem":{"title":"Podman remote clients for macOS and Windows","permalink":"/blogs/2021/10/04/m1macs"},"nextItem":{"title":"Podman on Macs Update","permalink":"/blogs/2021/09/06/new"}},"content":"Brent Baude Podman machine on Applie silicon is now supported! Read all about it on the [Podman on Apple M1s](https://podman.io/blogs/2021/10/04/m1macs.html) post!"},{"id":"/2021/09/06/new","metadata":{"permalink":"/blogs/2021/09/06/new","source":"@site/blog/2021-09-06-new.md","title":"Podman on Macs Update","description":"Brent Baude checks in with an update on Podman on macOS and Windows. Read all about it on the Podman on Macs Update post!","date":"2021-09-06T00:00:00.000Z","formattedDate":"September 6, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"},{"label":"buildah","permalink":"/blogs/tags/buildah"}],"readingTime":0.12,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Podman on Macs Update","layout":"default","author":"baude","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac","buildah"]},"prevItem":{"title":"Podman on Apple silicon","permalink":"/blogs/2021/10/04/new"},"nextItem":{"title":"Podman remote clients for macOS and Windows","permalink":"/blogs/2021/09/06/podman-on-macs"}},"content":"Brent Baude checks in with an update on Podman on macOS and Windows. Read all about it on the [Podman on Macs Update](https://podman.io/blogs/2021/09/06/podman-on-macs.html) post!"},{"id":"/2021/09/06/podman-on-macs","metadata":{"permalink":"/blogs/2021/09/06/podman-on-macs","source":"@site/blog/2021-09-06-podman-on-macs.md","title":"Podman remote clients for macOS and Windows","description":"podman logo","date":"2021-09-06T00:00:00.000Z","formattedDate":"September 6, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":2.63,"hasTruncateMarker":true,"authors":[{"name":"baude"}],"frontMatter":{"title":"Podman remote clients for macOS and Windows","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman on Macs Update","permalink":"/blogs/2021/09/06/new"},"nextItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2021/09/03/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman on Macs Update\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\nThe Podman team values the local development experience, and we think containers are a crucial part of that. We\u2019ve been brainstorming, discussing, and testing solutions to bring a great Podman experience to Mac and Windows. We are constantly looking for ways to improve it. In particular, the latest release of Podman has support for ~~Intel~~(as of Podman v3.4) Macs. We have been hearing good feedback for a few weeks now, but up until this point, we haven\u2019t published a lot of documentation.\\n\\n\x3c!--truncate--\x3e\\n\\nRecently, we have been getting an influx of questions about Podman and Podman desktop, specifically around Macs. Coincidentally, we have a really elegant solution which we\u2019d like to introduce. In the recently released Podman-3.3.1, we now have support for Intel-based Macs. It is command-line driven and can be installed through brew (aka [Homebrew](https://brew.sh/)).\\n\\n### User Experience on macOS\\n\\nThe user-experience is quite simple:\\n\\n1. Install brew (as it is described on their [homepage](https://brew.sh/))\\n2. Install podman from brew: `brew install podman`\\n3. Initialize a podman machine: `podman machine init`\\n4. Start the machine: `podman machine start`\\n5. Use podman as you normally would.\\n\\nIt is worth running `podman machine --help` to familiarize yourself with the other commands used to manage machines.\\n\\nPlease note that Podman machine is still under development. While we support port forwarding on Macs and Linux, we have not implemented a solution for file sharing and bind mounts. We are currently researching the various technologies to do so as we want to choose a performant approach.\\n\\n~~Podman machine is currently only supported on Linux and Intel Macs. As for the new Macs that are based on Apple Silicon, we are now waiting for two things. First, we need some patches from upstream qemu to get merged and released. While we wait for the upstream patches, we are working on a possible work-around for qemu. If that is successful, we will re-enable the M1 support in Podman and get brew updated. The second is we need [Fedora CoreOS](https://getfedora.org/en/coreos) aarch64 images to be indexed, which should be occurring very shortly.~~ Podman 3.4, Oct-10-2021\\n\\n### User Experience on Windows\\n\\nWe currently support the Windows platform with a remote client that can be downloaded from our [GitHub releases page](https://github.com/containers/podman/releases). That remote client requires a Linux server with Podman and its service running. We also have user reports that running Podman in WSL is quite tenable. Consider the WSL option if you do not have available Linux servers with Podman installed.\\n\\nWe intend to develop a desktop for the Mac and Windows experience for Podman. Early design work is under consideration. No timeline has been identified yet.\\n\\n### Questions?\\n\\nRemember, our development team can be found in our [Matrix room](https://matrix.to/#/#podman:matrix.org) which has been bridged to the #podman channel on [libera IRC](https://libera.chat/) as well as our [Discord server](https://discord.gg/x5GzFF6QH4). You can also get in touch with us via our [project page](https://github.com/containers/podman) by opening issues, PR\u2019s and discussions. We love to hear from people!\\n\\nPodman is an open-source project. We are always looking for contributors to help us accelerate features into the Podman and container world."},{"id":"/2021/09/03/new","metadata":{"permalink":"/blogs/2021/09/03/new","source":"@site/blog/2021-09-03-new.md","title":"Podman Posts of Interest","description":"I\'ve been lagging a bit in getting posts up on this site that have landed elsewhere, so time for","date":"2021-09-03T00:00:00.000Z","formattedDate":"September 3, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.17,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Posts of Interest","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman remote clients for macOS and Windows","permalink":"/blogs/2021/09/06/podman-on-macs"},"nextItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2021/09/03/podman-posts-of-interests"}},"content":"I\'ve been lagging a bit in getting posts up on this site that have landed elsewhere, so time for\\nanother \\"Podman Posts of Interest\\" post.\\nCheckout the [Podman Posts of Interest](https://podman.io/blogs/2021/09/03/podman-posts-of-interests.html) for the links!"},{"id":"/2021/09/03/podman-posts-of-interests","metadata":{"permalink":"/blogs/2021/09/03/podman-posts-of-interests","source":"@site/blog/2021-09-03-podman-posts-of-interests.md","title":"Podman Posts of Interest","description":"podman logo","date":"2021-09-03T00:00:00.000Z","formattedDate":"September 3, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.81,"hasTruncateMarker":true,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Posts of Interest","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2021/09/03/new"},"nextItem":{"title":"How to use Podman inside of a container","permalink":"/blogs/2021/07/02/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman Posts of Interest\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nA number of blog posts have flung by and I have not had a chance to get individual\\nlink posts to them, so thought I would add a few here that have popped up recently,\\nlinks after the break!.\\n\\n\x3c!--truncate--\x3e\\n\\n- [Tony Kay](https://github.com/tonykay) - [Running Podman Machine on the Mac M1](https://www.cloudassembler.com/post/podman-machine-mac-m1/) - Tony walks you through all the steps that you\'ll need in order to run Podman on a M1 Mac.\\n- [Abhijeet Kasurde](https://medium.com/@AbhijeetKasurde) - [Running Podman machine on macOS](https://medium.com/@AbhijeetKasurde/running-podman-machine-on-macos-1f3fb0dbf73d) - Abhijeet also walks you through the steps of setting up qemu and Podman machine to run Podman on your Mac.\\n- [Sumantro Mukherjee](https://twitter.com/Bytesofbinary) - [Run a Linux virtual machine in Podman](https://opensource.com/article/21/7/linux-podman) - Sumantro shows you how to use Podman machine to run Fedora CoreOS.\\n- https://github.com/bowmanjd - [Install Docker on Windows (WSL) without Docker Desktop](https://dev.to/bowmanjd/install-docker-on-windows-wsl-without-docker-desktop-34m9) Jonathan shows you how to run Docker or Podman on Windows without Docker Desktop."},{"id":"/2021/07/02/new","metadata":{"permalink":"/blogs/2021/07/02/new","source":"@site/blog/2021-07-02-new.md","title":"How to use Podman inside of a container","description":"Do you want to know how to use Podman inside of a container? Dan Walsh and Urvashi Mohnani show you how to in a recent blog post on the Red Hat Enable Sysadmin site, How to use Podman inside of a container.","date":"2021-07-02T00:00:00.000Z","formattedDate":"July 2, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.21,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"How to use Podman inside of a container","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2021/09/03/podman-posts-of-interests"},"nextItem":{"title":"How to use Podman inside of a container","permalink":"/blogs/2021/07/02/podman-inside-container"}},"content":"Do you want to know how to use Podman inside of a container? [Dan Walsh](https://twitter.com/rhatdan) and [Urvashi Mohnani](https://twitter.com/umohnani8) show you how to in a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [How to use Podman inside of a container](https://www.redhat.com/sysadmin/podman-inside-container)."},{"id":"/2021/07/02/podman-inside-container","metadata":{"permalink":"/blogs/2021/07/02/podman-inside-container","source":"@site/blog/2021-07-02-podman-inside-container.md","title":"How to use Podman inside of a container","description":"podman logo","date":"2021-07-02T00:00:00.000Z","formattedDate":"July 2, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.265,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"How to use Podman inside of a container","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"How to use Podman inside of a container","permalink":"/blogs/2021/07/02/new"},"nextItem":{"title":"How to use Podman inside of Kubernetes","permalink":"/blogs/2021/07/01/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# How to use Podman inside of a container\\n\\nDo you want to know how to use Podman inside of a container? [Dan Walsh](https://twitter.com/rhatdan) and [Urvashi Mohnani](https://twitter.com/umohnani8) show you how to in a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [How to use Podman inside of a container](https://www.redhat.com/sysadmin/podman-inside-container)."},{"id":"/2021/07/01/new","metadata":{"permalink":"/blogs/2021/07/01/new","source":"@site/blog/2021-07-01-new.md","title":"How to use Podman inside of Kubernetes","description":"Do you want to know how to use Podman inside of Kubernetes? Urvashi Mohnani and Dan Walsh show you how to in a recent blog post on the Red Hat Enable Sysadmin site, How to use Podman inside of Kubernetes.","date":"2021-07-01T00:00:00.000Z","formattedDate":"July 1, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.2,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"How to use Podman inside of Kubernetes","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"How to use Podman inside of a container","permalink":"/blogs/2021/07/02/podman-inside-container"},"nextItem":{"title":"How to use Podman inside of Kubernetes","permalink":"/blogs/2021/07/01/podman-inside-kubernets"}},"content":"Do you want to know how to use Podman inside of Kubernetes? [Urvashi Mohnani](https://twitter.com/umohnani8) and [Dan Walsh](https://twitter.com/rhatdan) show you how to in a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [How to use Podman inside of Kubernetes](https://www.redhat.com/sysadmin/podman-inside-kubernetes)."},{"id":"/2021/07/01/podman-inside-kubernets","metadata":{"permalink":"/blogs/2021/07/01/podman-inside-kubernets","source":"@site/blog/2021-07-01-podman-inside-kubernets.md","title":"How to use Podman inside of Kubernetes","description":"podman logo","date":"2021-07-01T00:00:00.000Z","formattedDate":"July 1, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.25,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"How to use Podman inside of Kubernetes","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac","kubernetes"]},"prevItem":{"title":"How to use Podman inside of Kubernetes","permalink":"/blogs/2021/07/01/new"},"nextItem":{"title":"How to Install and Use Podman on Ubuntu 20.04","permalink":"/blogs/2021/06/16/install-podman-on-ubuntu"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# How to use Podman inside of Kubernetes\\n\\nDo you want to know how to use Podman inside of Kubernetes? [Urvashi Mohnani](https://twitter.com/umohnani8) and [Dan Walsh](https://twitter.com/rhatdan) show you how to in a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [How to use Podman inside of Kubernetes](https://www.redhat.com/sysadmin/podman-inside-kubernetes)."},{"id":"/2021/06/16/install-podman-on-ubuntu","metadata":{"permalink":"/blogs/2021/06/16/install-podman-on-ubuntu","source":"@site/blog/2021-06-16-install-podman-on-ubuntu.md","title":"How to Install and Use Podman on Ubuntu 20.04","description":"podman logo","date":"2021-06-16T00:00:00.000Z","formattedDate":"June 16, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.27,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"How to Install and Use Podman on Ubuntu 20.04","layout":"default","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"How to use Podman inside of Kubernetes","permalink":"/blogs/2021/07/01/podman-inside-kubernets"},"nextItem":{"title":"How to Install and Use Podman on Ubuntu 20.04","permalink":"/blogs/2021/06/16/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\nHitesh Jethva posted a blog post on the [Atlantic.Net](https://www.atlantic.net/) site talking about [How to Install and Use Podman on Ubuntu 20.04](https://www.atlantic.net/dedicated-server-hosting/how-to-install-and-use-podman-on-ubuntu-20-04/). In the post Hitesh walks through all the steps necessary from \'A\' to \'Z\' to get Podman up and running on Ubuntu 20.04 and how to do some initial Podman commands."},{"id":"/2021/06/16/new","metadata":{"permalink":"/blogs/2021/06/16/new","source":"@site/blog/2021-06-16-new.md","title":"How to Install and Use Podman on Ubuntu 20.04","description":"Hitesh Jethva posted a blog post on the Atlantic.Net site talking about How to Install and Use Podman on Ubuntu 20.04. In the post Hitesh walks through all the steps necessary from \'A\' to \'Z\' to get Podman up and running on Ubuntu 20.04 and how to do some initial Podman commands.","date":"2021-06-16T00:00:00.000Z","formattedDate":"June 16, 2021","tags":[],"readingTime":0.26,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"How to Install and Use Podman on Ubuntu 20.04","layout":"default","categories":["new"]},"prevItem":{"title":"How to Install and Use Podman on Ubuntu 20.04","permalink":"/blogs/2021/06/16/install-podman-on-ubuntu"},"nextItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2021/06/13/new"}},"content":"Hitesh Jethva posted a blog post on the [Atlantic.Net](https://www.atlantic.net/) site talking about [How to Install and Use Podman on Ubuntu 20.04](https://www.atlantic.net/dedicated-server-hosting/how-to-install-and-use-podman-on-ubuntu-20-04/). In the post Hitesh walks through all the steps necessary from \'A\' to \'Z\' to get Podman up and running on Ubuntu 20.04 and how to do some initial Podman commands."},{"id":"/2021/06/13/new","metadata":{"permalink":"/blogs/2021/06/13/new","source":"@site/blog/2021-06-13-new.md","title":"Podman Posts of Interest","description":"I\'ve been lagging a bit in getting posts up on this site that have landed elsewhere, so time for","date":"2021-06-13T00:00:00.000Z","formattedDate":"June 13, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.17,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Posts of Interest","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"How to Install and Use Podman on Ubuntu 20.04","permalink":"/blogs/2021/06/16/new"},"nextItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2021/06/13/podman-posts-of-interests"}},"content":"I\'ve been lagging a bit in getting posts up on this site that have landed elsewhere, so time for\\nanother \\"Podman Posts of Interest\\" post.\\nCheckout the [Podman Posts of Interest](https://podman.io/blogs/2021/06/13/podman-posts-of-interests.html) for the links!"},{"id":"/2021/06/13/podman-posts-of-interests","metadata":{"permalink":"/blogs/2021/06/13/podman-posts-of-interests","source":"@site/blog/2021-06-13-podman-posts-of-interests.md","title":"Podman Posts of Interest","description":"podman logo","date":"2021-06-13T00:00:00.000Z","formattedDate":"June 13, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":1.685,"hasTruncateMarker":true,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Posts of Interest","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2021/06/13/new"},"nextItem":{"title":"Podman 3 and Docker Compose - How Does the Dockerless Compose Work?","permalink":"/blogs/2021/05/26/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman Posts of Interest\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nA number of blog posts have flung by and I have not had a chance to get individual\\nlink posts to them, so thought I would add a few here that have popped up recently,\\nlinks after the break!.\\n\\n\x3c!--truncate--\x3e\\n\\n- [Ashley Cui](https://twitter.com/cuicodes) - [Exploring the new Podman secret command](https://www.redhat.com/sysadmin/new-podman-secrets-command) - Ashely strikes again with another great article. This time she\'s talking all about the new Podman secret command and how you can store sensitive information in your image, yet not have it be exposed without your container.\\n- [cfillekes](https://cfillekes-25575.medium.com) - [Building and Publishing Multi-Arch Images and Image Manifests with Red Hat Buildah and Podman](https://medium.com/qiskit-openshift-multi-arch/building-and-publishing-multi-arch-images-and-image-manifests-with-red-hat-buildah-and-podman-927c717adaf3) - Want to learn how to use the `--platform` flag in Podman and Buildah to build Multi-Arch images? Then this is the post for you!\\n- [Dan Walsh](https://twitter.com/rhatdan) - [New container feature: Volatile overlay mounts](https://www.redhat.com/sysadmin/container-volatile-overlay-mounts) - How to use volatile mounts in a container to increase performance and clean up unnecessary clutter.\\n- [James Walker](https://www.cloudsavvyit.com/author/jameswalker/) - [What Is Podman and How Does It Differ from Docker?](https://www.cloudsavvyit.com/11575/what-is-podman-and-how-does-it-differ-from-docker/) - James walks you through the differences between the two container tools.\\n- [Dan Walsh](https://twitter.com/rhatdan) - [Using files and devices in Podman rootless containers](https://www.redhat.com/sysadmin/files-devices-podman) - Dan talks about the `k--group-add keep-groups` feature and how it allows rootless containers to maintain the groups of its parent process.\\n- [Sarthak Jain](https://www.redhat.com/sysadmin/users/sarthak-jain) - [How to automate Podman installation and deployment using Ansible](https://www.redhat.com/sysadmin/automate-podman-ansible) - Sarthak shows you how to automate Podman with Ansible.\\n- [Eduardo Medeiros](https://twitter.com/xedux) - [How to create container images with ansible-bender](https://blog.emedeiros.me/archives/2021/05/05/how-to-create-container-images-with-ansible-bender.html) - Eduardo shows how to use Ansible Bender along with Podman and Buildah to build container images.\\n- [Daniel Schier](https://twitter.com/daniel_wtd) - [Podman Networking - Part 2](https://blog.while-true-do.io/podman-networking-2/) - Daniel shows how the `podman network` command can be used for external and internal networks.\\n- [Thomas Tuffin](https://www.redhat.com/sysadmin/users/thomas-tuffin) - [Home automation: Running Home Assistant with Podman](https://www.redhat.com/sysadmin/automate-your-home) - An intro to the Home Assistant open source project, what it can do, and a basic setup using a container."},{"id":"/2021/05/26/new","metadata":{"permalink":"/blogs/2021/05/26/new","source":"@site/blog/2021-05-26-new.md","title":"Podman 3 and Docker Compose - How Does the Dockerless Compose Work?","description":"One of the main Podman 3 features is the support of Docker Compose. You can take any of your existing docker-compose.yml and just use it with Podman.","date":"2021-05-26T00:00:00.000Z","formattedDate":"May 26, 2021","tags":[],"readingTime":0.235,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Podman 3 and Docker Compose - How Does the Dockerless Compose Work?","layout":"default","categories":["new"]},"prevItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2021/06/13/podman-posts-of-interests"},"nextItem":{"title":"Podman 3 and Docker Compose - How Does the Dockerless Compose Work?","permalink":"/blogs/2021/05/26/podman-3-compose"}},"content":"One of the main Podman 3 features is the support of Docker Compose. You can take any of your existing docker-compose.yml and just use it with Podman.\\n\\n[In this video](https://www.youtube.com/watch?v=15PFfjuxtvM), Kirill Shirinkin shows how he moved from Docker to Podman in a real docker-composed application.\\n\\n[Watch now](https://www.youtube.com/watch?v=15PFfjuxtvM)."},{"id":"/2021/05/26/podman-3-compose","metadata":{"permalink":"/blogs/2021/05/26/podman-3-compose","source":"@site/blog/2021-05-26-podman-3-compose.md","title":"Podman 3 and Docker Compose - How Does the Dockerless Compose Work?","description":"podman logo","date":"2021-05-26T00:00:00.000Z","formattedDate":"May 26, 2021","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"systemd","permalink":"/blogs/tags/systemd"},{"label":"video","permalink":"/blogs/tags/video"},{"label":"docker","permalink":"/blogs/tags/docker"}],"readingTime":0.335,"hasTruncateMarker":false,"authors":[{"name":"kshirinkin"}],"frontMatter":{"title":"Podman 3 and Docker Compose - How Does the Dockerless Compose Work?","layout":"default","author":"kshirinkin","categories":["blogs"],"tags":["podman","containers","systemd","video","docker"]},"prevItem":{"title":"Podman 3 and Docker Compose - How Does the Dockerless Compose Work?","permalink":"/blogs/2021/05/26/new"},"nextItem":{"title":"May the Fourth be with you via Podman!","permalink":"/blogs/2021/05/04/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n## Podman 3 and Docker Compose - How Does the Dockerless Compose Work?\\n\\n## By Kirill Shirinkin [GitHub](https://github.com/Fodoj)\\n\\nOne of the main Podman 3 features is the support of Docker Compose. You can take any of your existing docker-compose.yml and just use it with Podman.\\n\\n[In this video](https://www.youtube.com/watch?v=15PFfjuxtvM), Kirill Shirinkin shows how he moved from Docker to Podman in a real docker-composed application.\\n\\n[Watch now](https://www.youtube.com/watch?v=15PFfjuxtvM)."},{"id":"/2021/05/04/new","metadata":{"permalink":"/blogs/2021/05/04/new","source":"@site/blog/2021-05-04-new.md","title":"May the Fourth be with you via Podman!","description":"By Tom Sweeney GitHub","date":"2021-05-04T00:00:00.000Z","formattedDate":"May 4, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.265,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"May the Fourth be with you via Podman!","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman 3 and Docker Compose - How Does the Dockerless Compose Work?","permalink":"/blogs/2021/05/26/podman-3-compose"},"nextItem":{"title":"May the Fourth be with you via Podman!","permalink":"/blogs/2021/05/04/star-wars-in-podman"}},"content":"## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nMy latest blog post has just hit [Enable Sysadmin](https://www.redhat.com/sysadmin/). In the\\n[May the Fourth be with you via Podman](https://www.redhat.com/sysadmin/may-fourth-podman) post,\\nI delve into running an Ascii movie featureing the first Star Wars Movie inside of a container\\nrun by Podman.\\n\\nEnjoy and May the Fourth be with you!"},{"id":"/2021/05/04/star-wars-in-podman","metadata":{"permalink":"/blogs/2021/05/04/star-wars-in-podman","source":"@site/blog/2021-05-04-star-wars-in-podman.md","title":"May the Fourth be with you via Podman!","description":"podman logo","date":"2021-05-04T00:00:00.000Z","formattedDate":"May 4, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.275,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"May the Fourth be with you via Podman!","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"May the Fourth be with you via Podman!","permalink":"/blogs/2021/05/04/new"},"nextItem":{"title":"Podman v3.1.0 Released","permalink":"/blogs/2021/04/02/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nMy latest blog post has just hit [Enable Sysadmin](https://www.redhat.com/sysadmin/). In the\\n[May the Fourth be with you via Podman](https://www.redhat.com/sysadmin/may-fourth-podman) post,\\nI delve into running an Ascii movie featureing the first Star Wars Movie inside of a container\\nrun by Podman.\\n\\nEnjoy and May the Fourth be with you!"},{"id":"/2021/04/02/new","metadata":{"permalink":"/blogs/2021/04/02/new","source":"@site/blog/2021-04-02-new.md","title":"Podman v3.1.0 Released","description":"Podman has gone 3.1.0!","date":"2021-04-02T00:00:00.000Z","formattedDate":"April 2, 2021","tags":[],"readingTime":0.025,"hasTruncateMarker":false,"authors":[],"frontMatter":{"layout":"default","title":"Podman v3.1.0 Released","categories":["new"]},"prevItem":{"title":"May the Fourth be with you via Podman!","permalink":"/blogs/2021/05/04/star-wars-in-podman"},"nextItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2021/03/27/new"}},"content":"## [Podman has gone 3.1.0!](https://podman.io/releases/2021/04/02/podman-release-v3.1.0.html)"},{"id":"/2021/03/27/new","metadata":{"permalink":"/blogs/2021/03/27/new","source":"@site/blog/2021-03-27-new.md","title":"Podman Posts of Interest","description":"This past week I ran into three blog posts concerning Podman and thought I\'d do","date":"2021-03-27T00:00:00.000Z","formattedDate":"March 27, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.175,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Posts of Interest","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman v3.1.0 Released","permalink":"/blogs/2021/04/02/new"},"nextItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2021/03/27/podman-posts-of-interests"}},"content":"This past week I ran into three blog posts concerning Podman and thought I\'d do\\nanother \\"Podman Posts of Interest\\" post in case you missed them.\\nCheckout the [Podman Posts of Interest](https://podman.io/blogs/2021/03/27/podman-posts-of-interests.html) for the links!"},{"id":"/2021/03/27/podman-posts-of-interests","metadata":{"permalink":"/blogs/2021/03/27/podman-posts-of-interests","source":"@site/blog/2021-03-27-podman-posts-of-interests.md","title":"Podman Posts of Interest","description":"podman logo","date":"2021-03-27T00:00:00.000Z","formattedDate":"March 27, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.655,"hasTruncateMarker":true,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Posts of Interest","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2021/03/27/new"},"nextItem":{"title":"Announcement: Support for Older Distros on Kubic Project/OBS","permalink":"/blogs/2021/03/02/podman-support-for-older-distros"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman Posts of Interest\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nA number of blog posts have flung by and I have not had a chance to get individual\\nlink posts to them, so thought I would add a few here that have popped up recently,\\nlinks after the break!.\\n\\n\x3c!--truncate--\x3e\\n\\n- [Oracle-Base](https://oracle-base.com/) - [Podman : Install Podman on Oracle Linux 8 (OL8)](https://oracle-base.com/articles/linux/podman-install-on-oracle-linux-ol8#install-podman) - A nice first look at Podman on Oracle Linux 8 from install to basic usage including rootless.\\n- [Dave Meurer](https://twitter.com/davemeurer) - [How to replace Docker with Podman on a Mac](https://www.redhat.com/sysadmin/replace-docker-podman-macos) - Dave shows you what you need to know about Podman on Mac.\\n- [Mohit Goyal](https://mohitgoyal.co/about/) - [Installing and Working with Podman as Container Engine](https://mohitgoyal.co/2021/03/15/installing-and-working-with-podman-as-container-engine/) - Walks you through the installation and basic usage of Podman."},{"id":"/2021/03/02/podman-support-for-older-distros","metadata":{"permalink":"/blogs/2021/03/02/podman-support-for-older-distros","source":"@site/blog/2021-03-02-podman-support-for-older-distros.md","title":"Announcement: Support for Older Distros on Kubic Project/OBS","description":"podman logo","date":"2021-03-02T00:00:00.000Z","formattedDate":"March 2, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"distro","permalink":"/blogs/tags/distro"},{"label":"linux","permalink":"/blogs/tags/linux"},{"label":"centos","permalink":"/blogs/tags/centos"},{"label":"ubuntu","permalink":"/blogs/tags/ubuntu"},{"label":"debian","permalink":"/blogs/tags/debian"}],"readingTime":1.27,"hasTruncateMarker":true,"authors":[{"name":"lsm5"}],"frontMatter":{"title":"Announcement: Support for Older Distros on Kubic Project/OBS","layout":"default","author":"lsm5","categories":["blogs"],"tags":["containers","podman","distro","linux","centos","ubuntu","debian"]},"prevItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2021/03/27/podman-posts-of-interests"},"nextItem":{"title":"Easy Development Dependency Management With Podman and Tent","permalink":"/blogs/2021/02/08/easy-development-dependency-management-with-podman-and-tent"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Announcement: Support for Older Distros on Kubic Project/OBS\\n\\n## By Lokesh Mandvekar [GitHub](https://github.com/lsm5)\\n\\nThe Podman Community [builds and supports packages](https://podman.io/getting-started/installation)\\nfor a wide variety of Linux distributions and operating systems. These builds are\\nprovided in the public Open Build Service hosted by openSUSE.\\n[These pre-built packages](https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/)\\nhave made it easier for new users to test the latest-greatest\\nversions of Podman and allow for using it on distributions that do not yet provide\\nit in their main repositories.\\n\\n\x3c!--truncate--\x3e\\n\\nAs Podman matures, we are constantly looking for ways to focus on improvement to\\nthe project versus just maintenance. One area of focus is around trimming down the\\nmatrix of packages we build for different Linux distros. This is made easier by the\\nfact that Podman is now supported natively in many major Linux distributions.\\nFor instance, Podman is in the main repositories in Ubuntu 20.10 and future versions.\\nAlso, Podman is going to be released with Debian 11.\\n\\nWith the launch of Podman 3.0, we will be trimming support for the latest builds of\\nPodman for a number of older distributions. There are technical reasons that make it\\nbarely possible to support a modern container engine such as Podman on too old\\nsystems, where the kernel and certain core libraries may be too old.\\n\\nPodman 3.0 will be the last major build on CentOS 7, Debian 10 and Ubuntu 18.04.\\nAfter this release, we recommend users who need the latest versions of Podman to move\\nto newer versions of their Linux distribution."},{"id":"/2021/02/08/easy-development-dependency-management-with-podman-and-tent","metadata":{"permalink":"/blogs/2021/02/08/easy-development-dependency-management-with-podman-and-tent","source":"@site/blog/2021-02-08-easy-development-dependency-management-with-podman-and-tent.md","title":"Easy Development Dependency Management With Podman and Tent","description":"podman logo","date":"2021-02-08T00:00:00.000Z","formattedDate":"February 8, 2021","tags":[{"label":"tent","permalink":"/blogs/tags/tent"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"dependency-management","permalink":"/blogs/tags/dependency-management"},{"label":"linux","permalink":"/blogs/tags/linux"}],"readingTime":4.705,"hasTruncateMarker":true,"authors":[{"name":"fhsinchy"}],"frontMatter":{"title":"Easy Development Dependency Management With Podman and Tent","layout":"default","author":"fhsinchy","categories":["blogs"],"tags":["tent","hpc","podman","containers","dependency-management","linux"]},"prevItem":{"title":"Announcement: Support for Older Distros on Kubic Project/OBS","permalink":"/blogs/2021/03/02/podman-support-for-older-distros"},"nextItem":{"title":"Easy Development Dependency Management With Podman and Tent","permalink":"/blogs/2021/02/08/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Easy Development Dependency Management With Podman and Tent\\n\\n## By Farhan Hasin Chowdhury [GitHub](https://github.com/fhsinchy)\\n\\nInstalling and managing development dependencies for various project is a chore and one thing that can improve your everyday workflow is the usage of containers.\\n\\n[Tent](https://github.com/fhsinchy/tent/) is a CLI tool for running development dependencies such as MySQL, Mongo, ElasticSearch etc inside pre-configured containers using simple one-liners.\\n\\n\x3c!--truncate--\x3e\\n\\nRunning containers can be accessed via their exposed ports and can be paired with any other application on your system.\\n\\nStarting a service such as `mysql` is as simple as executing `tent start mysql` and you\'ll never have to look back at it.\\n\\nBut `mysql` is not the only available service. A list of all the available services can be found on: [services.go](https://github.com/fhsinchy/tent/blob/master/store/services.go)\\n\\nTent is heavily inspired from [tighten/takeout](https://github.com/tighten/takeout) and is an experimental project. Hence, care should be taken if you\'re using it in a critical environment.\\n\\n## Dependencies\\n\\n- Linux\\n- [Podman](https://podman.io/getting-started/installation) Installed\\n- Podman System Service Running\\n\\nIf you have Podman installed, you can start the system service as follows:\\n\\n```bash\\n## starts the podman system service\\nsystemctl --user start podman.socket\\n\\n## enables the podman system service, so it doesn\'t close on every reboot\\nsystemctl --user enable podman.socket\\n\\n## stops the podman system service\\nsystemctl --user stop podman.socket\\n\\n## disables the podman system service, so it doesn\'t start on every reboot\\nsystemctl --user disable podman.socket\\n```\\n\\nTent assumes that you\'re running the service in non-root mode, hence the `--user` argument is necessary in the above commands.\\n\\n## Installation\\n\\nVisit the [tent release page](https://github.com/fhsinchy/tent/releases/) and download the `tent` binary to your computer. Open up your terminal where you\'ve donwloaded the file and execute following commands:\\n\\n```bash\\nchmod +x ./tent\\n\\nsudo mv ./tent /usr/local/bin\\n```\\n\\nNow the `tent` command should be available everywhere in your system.\\n\\n## Build From Source\\n\\nIf you\'re on a Fedora system, the following command should install the necessary development dependencies.\\n\\n```bash\\nsudo dnf groupinstall \\"Development Tools\\" -y && sudo dnf install golang btrfs-progs-devel gpgme-devel device-mapper-devel -y\\n```\\n\\nAnd on a Ubuntu system, the following command should install the necessary development dependencies.\\n\\n```bash\\nsudo apt install build-essential golang-go libbtrfs-dev libgpgme-dev libdevmapper-dev -y\\n```\\n\\nIf you\'re on a different system you, may look for equivalent package on the respective package repositories.\\n\\nNow build and install the application as follows:\\n\\n```bash\\ngit clone https://github.com/fhsinchy/tent.git ~/tent\\n\\ncd ~/tent\\n\\nmake install\\n```\\n\\n## Usage\\n\\nThe `tent` binary has following commands:\\n\\n- `tent start ` - starts a container for the given service\\n- `tent stop ` - stops and removes a container for the given service\\n- `tent list` - lists all running containers\\n\\nMost of the services in `tent` utilizes volumes for persisting data, so even if you stop a service, it\'s data will be persisted in a volume for later usage. These volumes can listed by executing `podman volume ls` and can be managed like any other podman volume.\\n\\n### Start a Service\\n\\nThe generic syntax for the `start` command is as follows:\\n\\n```bash\\ntent start \\n\\n## starts mysql and prompts you where necessary\\ntent start mysql\\n\\n## starts redis and mongo and prompts you where necessary\\ntent start redis mongo\\n```\\n\\n### Start Service with Default Configuration\\n\\nThe `--default` flag for the `start` command can be used to skip all the prompts and start a service with default configuration\\n\\n```bash\\ntent start --default\\n\\n## starts mysql with the default configuration\\ntent start mysql --default\\n\\n## starts redis and mongo with default configuration\\ntent start redis mongo --default\\n```\\n\\n### Stop a Service\\n\\nThe generic syntax for the `stop` command is as follows:\\n\\n```bash\\ntent stop \\n\\n## stops mysql and removes the container\\n## prompts you if multiple containers are found\\ntent stop mysql\\n\\n## stops all mysql containers and removes them\\ntent stop mysql --all\\n\\n## stops redis and mongo then removes the containers.\\n## prompts you if multiple containers are found for any of the given services.\\ntent stop redis mongo\\n\\n## stops all redis and mongo conainers and then removes them\\ntent stop redis mongo --all\\n```\\n\\n### Stop all Services\\n\\nThe `--all` flag for the `stop` command can be used to stop and remove all running tent containers at once\\n\\n```bash\\ntent stop --all\\n```\\n\\n## Running Multiple Versions\\n\\nGiven all the services are running inside containers, you can spin up multiple versions of the same service as long as you\'re keeping the port different.\\n\\nRun `tent start mysql` twice; the first time, use the `--default` flag, and the second time, put `5.7` as tag and `3307` as host port.\\n\\nNow, if you run `tent list`, you\'ll see both services running at the same time.\\n\\n```bash\\n+--------------+----------------+---------------+---------------+\\n| CONTAINER | Image | PORTS |\\n+--------------+----------------+---------------+---------------+\\n| tent-mysql-5.7-3307 | docker.io/mysql:5.7 | 3307->3306/tcp |\\n| tent-mysql-latest-3306 | docker.io/mysql:5.7 | 3306->3306/tcp |\\n+--------------+----------------+---------------+---------------+\\n```\\n\\n## Container Management\\n\\nContainers started by `tent` are regular containers with some pre-set configurations. So you can use regular `podman` commands such as `ls`, `inspect`, `logs` etc on them. Although `tent` comes with a `list` command, using the `podman` commands will result in more informative results. The target of `tent` is to provide plug and play containers, not to become a full-fledged `podman` cli.\\n\\n## Contribution\\n\\nTent is an open-source project and contributions are more than welcomed. If you\'re a Go programmer do take some time to go through the source-code, see if you can improve any part of the program, the maintainer will be more than happy to co-operate. And if you like the project, don\'t forget to leave a star and share with other fellow developers to show your appreciation."},{"id":"/2021/02/08/new","metadata":{"permalink":"/blogs/2021/02/08/new","source":"@site/blog/2021-02-08-new.md","title":"Easy Development Dependency Management With Podman and Tent","description":"Tent is an open-source CLI tool for running development dependencies such as MySQL, Mongo, ElasticSearch etc inside pre-configured containers using simple one-liners. Developed using Go and the official golang bindings, tent is fast, reliable and secure. Checkout Easy Development Dependency Management With Podman and Tent to learn about the project.","date":"2021-02-08T00:00:00.000Z","formattedDate":"February 8, 2021","tags":[{"label":"tent","permalink":"/blogs/tags/tent"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"dependency-management","permalink":"/blogs/tags/dependency-management"},{"label":"linux","permalink":"/blogs/tags/linux"}],"readingTime":0.25,"hasTruncateMarker":false,"authors":[{"name":"fhsinchy"}],"frontMatter":{"title":"Easy Development Dependency Management With Podman and Tent","layout":"default","author":"fhsinchy","categories":["new"],"tags":["tent","hpc","podman","containers","dependency-management","linux"]},"prevItem":{"title":"Easy Development Dependency Management With Podman and Tent","permalink":"/blogs/2021/02/08/easy-development-dependency-management-with-podman-and-tent"},"nextItem":{"title":"From Docker Compose to Kubernetes with Podman","permalink":"/blogs/2021/01/26/docker-compose-to-podman"}},"content":"[Tent](https://github.com/fhsinchy/tent/) is an open-source CLI tool for running development dependencies such as MySQL, Mongo, ElasticSearch etc inside pre-configured containers using simple one-liners. Developed using [Go](https://go.dev) and the official [golang bindings](https://pkg.go.dev/github.com/containers/podman/v2@v2.2.1/pkg/bindings), `tent` is fast, reliable and secure. Checkout [Easy Development Dependency Management With Podman and Tent](https://podman.io/blogs/2021/02/08/easy-development-dependency-management-with-podman-and-tent.html) to learn about the project."},{"id":"/2021/01/26/docker-compose-to-podman","metadata":{"permalink":"/blogs/2021/01/26/docker-compose-to-podman","source":"@site/blog/2021-01-26-docker-compose-to-podman.md","title":"From Docker Compose to Kubernetes with Podman","description":"podman logo","date":"2021-01-26T00:00:00.000Z","formattedDate":"January 26, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"},{"label":"docker compose","permalink":"/blogs/tags/docker-compose"},{"label":"compose","permalink":"/blogs/tags/compose"}],"readingTime":0.4,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"From Docker Compose to Kubernetes with Podman","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","podman","networking","pod","oci","api","kubernetes","kube","v2","hpc","windows","mac","docker compose","compose"]},"prevItem":{"title":"Easy Development Dependency Management With Podman and Tent","permalink":"/blogs/2021/02/08/new"},"nextItem":{"title":"From Docker Compose to Kubernetes with Podman","permalink":"/blogs/2021/01/26/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# From Docker Compose to Kubernetes with Podman\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\nIf you want to know how to use Podman v3.0 to convert Docker Compose YAML to a format that Podman recognizes, [Brent Baude](https://twitter.com/bbaude) explains the \\"how to\\" in a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [From Docker Compose to Kubernetes with Podman](https://www.redhat.com/sysadmin/compose-kubernetes-podman). This functionality is now available in the upstream version of Podman if you want to take a sneak peak."},{"id":"/2021/01/26/new","metadata":{"permalink":"/blogs/2021/01/26/new","source":"@site/blog/2021-01-26-new.md","title":"From Docker Compose to Kubernetes with Podman","description":"If you want to know how to use Podman v3.0 to convert Docker Compose YAML to a format that Podman recognizes, Brent Baude explains the \\"how to\\" in a recent blog post on the Red Hat Enable Sysadmin site, From Docker Compose to Kubernetes with Podman. This functionality is now available in the upstream version of Podman if you want to take a sneak peak.","date":"2021-01-26T00:00:00.000Z","formattedDate":"January 26, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"},{"label":"docker compose","permalink":"/blogs/tags/docker-compose"},{"label":"compose","permalink":"/blogs/tags/compose"}],"readingTime":0.325,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"From Docker Compose to Kubernetes with Podman","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","oci","api","kubernetes","kube","v2","hpc","windows","mac","docker compose","compose"]},"prevItem":{"title":"From Docker Compose to Kubernetes with Podman","permalink":"/blogs/2021/01/26/docker-compose-to-podman"},"nextItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2021/01/23/new"}},"content":"If you want to know how to use Podman v3.0 to convert Docker Compose YAML to a format that Podman recognizes, [Brent Baude](https://twitter.com/bbaude) explains the \\"how to\\" in a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [From Docker Compose to Kubernetes with Podman](https://www.redhat.com/sysadmin/compose-kubernetes-podman). This functionality is now available in the upstream version of Podman if you want to take a sneak peak."},{"id":"/2021/01/23/new","metadata":{"permalink":"/blogs/2021/01/23/new","source":"@site/blog/2021-01-23-new.md","title":"Podman Posts of Interest","description":"I\'ve run across a few posts over the past few weeks concerning Podman and have","date":"2021-01-23T00:00:00.000Z","formattedDate":"January 23, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.23,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Posts of Interest","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"From Docker Compose to Kubernetes with Podman","permalink":"/blogs/2021/01/26/new"},"nextItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2021/01/23/podman-posts-of-interests"}},"content":"I\'ve run across a few posts over the past few weeks concerning Podman and have\\nbeen busy getting other work done. So now I have a few moments and thought I\'d add some links\\nto the posts. Checkout the [Podman Posts of Interest](https://podman.io/blogs/2021/01/23/podman-posts-of-interests.html) for the links!"},{"id":"/2021/01/23/podman-posts-of-interests","metadata":{"permalink":"/blogs/2021/01/23/podman-posts-of-interests","source":"@site/blog/2021-01-23-podman-posts-of-interests.md","title":"Podman Posts of Interest","description":"podman logo","date":"2021-01-23T00:00:00.000Z","formattedDate":"January 23, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.855,"hasTruncateMarker":true,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Posts of Interest","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2021/01/23/new"},"nextItem":{"title":"Podman: Managing pods and containers in a local container runtime","permalink":"/blogs/2021/01/15/managing-pods"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman Posts of Interest\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nA number of blog posts have flung by and I have not had a chance to get individual\\nlink posts to them, so thought I would add a few here that have popped up recently,\\nlinks after the break!.\\n\\n\x3c!--truncate--\x3e\\n\\n- [Paul Ferrill](https://www.techtarget.com/contributor/Paul-Ferrill) - [Compare Docker vs. Podman for container management](https://searchservervirtualization.techtarget.com/tip/Compare-Docker-vs-Podman-for-container-management) - Compares Docker and Podman and shows the difference in security between the two.\\n- [Pietro Bertera](https://twitter.com/pbertera) - [Painless services: implementing serverless with rootless Podman and systemd](https://www.redhat.com/en/blog/painless-services-implementing-serverless-rootless-podman-and-systemd) - Talks about creating a service using systemd and Podman.\\n- [Jack Wallen](https://twitter.com/JackOfAllTech1) - [How to install Podman on Ubuntu](https://www.techrepublic.com/article/how-to-install-podman-on-ubuntu/) - As the title suggests, Jack walks you through the Podman installation process on Ubuntu.\\n- [Jack Wallen](https://twitter.com/JackOfAllTech1) - [Tutorial: Host a Local Podman Image Registry](https://thenewstack.io/tutorial-host-a-local-podman-image-registry/) - Jack walks you through setting up a local container image registry using Podman.\\n- [Baeldung](https://twitter.com/baeldung) - [An Introduction to Podman](https://www.baeldung.com/podman-intro) - This is a nice walk through Podman for someone new to the tool."},{"id":"/2021/01/15/managing-pods","metadata":{"permalink":"/blogs/2021/01/15/managing-pods","source":"@site/blog/2021-01-15-managing-pods.md","title":"Podman: Managing pods and containers in a local container runtime","description":"podman logo","date":"2021-01-15T00:00:00.000Z","formattedDate":"January 15, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"},{"label":"docker compose","permalink":"/blogs/tags/docker-compose"},{"label":"compose","permalink":"/blogs/tags/compose"}],"readingTime":0.405,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Podman: Managing pods and containers in a local container runtime","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","podman","networking","pod","oci","api","kubernetes","kube","v2","hpc","windows","mac","docker compose","compose"]},"prevItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2021/01/23/podman-posts-of-interests"},"nextItem":{"title":"Podman: Managing pods and containers in a local container runtime","permalink":"/blogs/2021/01/15/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman: Managing pods and containers in a local container runtime\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\nPodman has the ability to handle pod deployment which is a differentiator from other container runtimes. [Brent Baude](https://twitter.com/bbaude) explains the how to in a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [Podman: Managing pods and containers in a local container runtime](https://developers.redhat.com/blog/2019/01/15/podman-managing-containers-pods/). This functionality is now available in the upstream version of Podman if you want to take a sneak peak."},{"id":"/2021/01/15/new","metadata":{"permalink":"/blogs/2021/01/15/new","source":"@site/blog/2021-01-15-new.md","title":"Podman: Managing pods and containers in a local container runtime","description":"Podman has the ability to handle pod deployment which is a differentiator from other container runtimes. Brent Baude explains the how to in a recent blog post on the Red Hat Enable Sysadmin site, Podman: Managing pods and containers in a local container runtime. This functionality is now available in the upstream version of Podman if you want to take a sneak peak.","date":"2021-01-15T00:00:00.000Z","formattedDate":"January 15, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"},{"label":"docker compose","permalink":"/blogs/tags/docker-compose"},{"label":"compose","permalink":"/blogs/tags/compose"}],"readingTime":0.315,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman: Managing pods and containers in a local container runtime","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","oci","api","kubernetes","kube","v2","hpc","windows","mac","docker compose","compose"]},"prevItem":{"title":"Podman: Managing pods and containers in a local container runtime","permalink":"/blogs/2021/01/15/managing-pods"},"nextItem":{"title":"Using Podman and Docker Compose","permalink":"/blogs/2021/01/11/new"}},"content":"Podman has the ability to handle pod deployment which is a differentiator from other container runtimes. [Brent Baude](https://twitter.com/bbaude) explains the how to in a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [Podman: Managing pods and containers in a local container runtime](https://developers.redhat.com/blog/2019/01/15/podman-managing-containers-pods/). This functionality is now available in the upstream version of Podman if you want to take a sneak peak."},{"id":"/2021/01/11/new","metadata":{"permalink":"/blogs/2021/01/11/new","source":"@site/blog/2021-01-11-new.md","title":"Using Podman and Docker Compose","description":"One of the questions that the Podman development team has been hearing a lot over the past year or so is \\"Does Podman support Docker Compose? Up until recently, the answer was \\"not yet\\". With the soon to be released Podman v3.0, that answer changes to \\"NOW!\\" Brent Baude explains the how to in a recent blog post on the Red Hat Enable Sysadmin site, Using Podman and Docker Compose. This functionality is now available in the upstream version of Podman if you want to take a real sneak peak.","date":"2021-01-11T00:00:00.000Z","formattedDate":"January 11, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"},{"label":"docker compose","permalink":"/blogs/tags/docker-compose"},{"label":"compose","permalink":"/blogs/tags/compose"}],"readingTime":0.45,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Using Podman and Docker Compose","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","oci","api","kubernetes","kube","v2","hpc","windows","mac","docker compose","compose"]},"prevItem":{"title":"Podman: Managing pods and containers in a local container runtime","permalink":"/blogs/2021/01/15/new"},"nextItem":{"title":"Using Podman and Docker Compose","permalink":"/blogs/2021/01/11/podman-compose"}},"content":"One of the questions that the Podman development team has been hearing a lot over the past year or so is \\"Does Podman support Docker Compose? Up until recently, the answer was \\"not yet\\". With the soon to be released Podman v3.0, that answer changes to \\"NOW!\\" [Brent Baude](https://twitter.com/bbaude) explains the how to in a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [Using Podman and Docker Compose](https://www.redhat.com/sysadmin/podman-docker-compose). This functionality is now available in the upstream version of Podman if you want to take a real sneak peak."},{"id":"/2021/01/11/podman-compose","metadata":{"permalink":"/blogs/2021/01/11/podman-compose","source":"@site/blog/2021-01-11-podman-compose.md","title":"Using Podman and Docker Compose","description":"podman logo","date":"2021-01-11T00:00:00.000Z","formattedDate":"January 11, 2021","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"},{"label":"docker compose","permalink":"/blogs/tags/docker-compose"},{"label":"compose","permalink":"/blogs/tags/compose"}],"readingTime":0.515,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Using Podman and Docker Compose","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","podman","networking","pod","oci","api","kubernetes","kube","v2","hpc","windows","mac","docker compose","compose"]},"prevItem":{"title":"Using Podman and Docker Compose","permalink":"/blogs/2021/01/11/new"},"nextItem":{"title":"Containers com Podman","permalink":"/blogs/2020/12/23/containers-com-podman"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Using Podman and Docker Compose\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\nOne of the questions that the Podman development team has been hearing a lot over the past year or so is \\"Does Podman support Docker Compose? Up until recently, the answer was \\"not yet\\". With the soon to be released Podman v3.0, that answer changes to \\"NOW!\\" [Brent Baude](https://twitter.com/bbaude) explains the how to in a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [Using Podman and Docker Compose](https://www.redhat.com/sysadmin/podman-docker-compose). This functionality is now available in the upstream version of Podman if you want to take a real sneak peak."},{"id":"/2020/12/23/containers-com-podman","metadata":{"permalink":"/blogs/2020/12/23/containers-com-podman","source":"@site/blog/2020-12-23-containers-com-podman.md","title":"Containers com Podman","description":"podman logo","date":"2020-12-23T00:00:00.000Z","formattedDate":"December 23, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.29,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Containers com Podman","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Using Podman and Docker Compose","permalink":"/blogs/2021/01/11/podman-compose"},"nextItem":{"title":"Containers com Podman","permalink":"/blogs/2020/12/23/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\nComo est\xe1 o seu portugu\xeas? Well if it\'s better than mine, check out Daniel Lara\'s [video](https://www.youtube.com/watch?v=Jjyrhbc4QkQ&t=1422s) on\\nYouTube. He walks through running Containers using Podman, creating pods, generating YAML for Kubernetes and more! Daniel uses a number of great examples, so it is pretty\\neasy to follow along even if your Portugese is like mine. Apreciar!"},{"id":"/2020/12/23/new","metadata":{"permalink":"/blogs/2020/12/23/new","source":"@site/blog/2020-12-23-new.md","title":"Containers com Podman","description":"Como est\xe1 o seu portugu\xeas? Well if it\'s better than mine, check out Daniel Lara\'s video on","date":"2020-12-23T00:00:00.000Z","formattedDate":"December 23, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.28,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Containers com Podman","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Containers com Podman","permalink":"/blogs/2020/12/23/containers-com-podman"},"nextItem":{"title":"Container images, multi-architecture, manifests, ids, digests \u2013 what\u2019s behind?","permalink":"/blogs/2020/12/22/behind-container-images"}},"content":"Como est\xe1 o seu portugu\xeas? Well if it\'s better than mine, check out Daniel Lara\'s [video](https://www.youtube.com/watch?v=Jjyrhbc4QkQ&t=1422s) on\\nYouTube. He walks through running Containers using Podman, creating pods, generating YAML for Kubernetes and more! Daniel uses a number of great examples, so it is pretty\\neasy to follow along even if your Portugese is like mine. Apreciar!"},{"id":"/2020/12/22/behind-container-images","metadata":{"permalink":"/blogs/2020/12/22/behind-container-images","source":"@site/blog/2020-12-22-behind-container-images.md","title":"Container images, multi-architecture, manifests, ids, digests \u2013 what\u2019s behind?","description":"podman logo","date":"2020-12-22T00:00:00.000Z","formattedDate":"December 22, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.355,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Container images, multi-architecture, manifests, ids, digests \u2013 what\u2019s behind?","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Containers com Podman","permalink":"/blogs/2020/12/23/new"},"nextItem":{"title":"Container images, multi-architecture, manifests, ids, digests \u2013 what\u2019s behind?","permalink":"/blogs/2020/12/22/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n[Robert Bohne](https://twitter.com/RobertBohne) has a nice [post](https://www.opensourcerers.org/2020/11/16/container-images-multi-architecture-manifests-ids-digests-whats-behind/) on\\n[opensourcers.org](https://www.opensourcerers.org) which talks about the basics of containers, how digests and manifests come into play,\\nworking with and creating multi-architecture images and more! It is a really nice discussion of all the pieces and parts of a container image for someone new to the technology right through\\npeople who are a lot more experienced, but might not know every nook and cranny."},{"id":"/2020/12/22/new","metadata":{"permalink":"/blogs/2020/12/22/new","source":"@site/blog/2020-12-22-new.md","title":"Container images, multi-architecture, manifests, ids, digests \u2013 what\u2019s behind?","description":"Robert Bohne has a nice post on","date":"2020-12-22T00:00:00.000Z","formattedDate":"December 22, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.345,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Container images, multi-architecture, manifests, ids, digests \u2013 what\u2019s behind?","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Container images, multi-architecture, manifests, ids, digests \u2013 what\u2019s behind?","permalink":"/blogs/2020/12/22/behind-container-images"},"nextItem":{"title":"Podman v2.2.0 Released","permalink":"/blogs/2020/12/14/new"}},"content":"[Robert Bohne](https://twitter.com/RobertBohne) has a nice [post](https://www.opensourcerers.org/2020/11/16/container-images-multi-architecture-manifests-ids-digests-whats-behind/) on\\n[opensourcers.org](https://www.opensourcerers.org) which talks about the basics of containers, how digests and manifests come into play,\\nworking with and creating multi-architecture images and more! It is a really nice discussion of all the pieces and parts of a container image for someone new to the technology right through\\npeople who are a lot more experienced, but might not know every nook and cranny."},{"id":"/2020/12/14/new","metadata":{"permalink":"/blogs/2020/12/14/new","source":"@site/blog/2020-12-14-new.md","title":"Podman v2.2.0 Released","description":"Podman has gone 2.2.0!","date":"2020-12-14T00:00:00.000Z","formattedDate":"December 14, 2020","tags":[],"readingTime":0.025,"hasTruncateMarker":false,"authors":[],"frontMatter":{"layout":"default","title":"Podman v2.2.0 Released","categories":["new"]},"prevItem":{"title":"Container images, multi-architecture, manifests, ids, digests \u2013 what\u2019s behind?","permalink":"/blogs/2020/12/22/new"},"nextItem":{"title":"Podman API v1.0 and libpod.conf Removal Notice","permalink":"/blogs/2020/12/11/new"}},"content":"## [Podman has gone 2.2.0!](https://podman.io/releases/2020/12/14/podman-release-v2.2.0.html)"},{"id":"/2020/12/11/new","metadata":{"permalink":"/blogs/2020/12/11/new","source":"@site/blog/2020-12-11-new.md","title":"Podman API v1.0 and libpod.conf Removal Notice","description":"A Podman API v1.0 and libpod.conf Removal Notice has just been posted. The Podman v1.0 API based on the varlink library and the libpod.conf file have both been removed from upstream Podman. Please see the notice for more details.","date":"2020-12-11T00:00:00.000Z","formattedDate":"December 11, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"rest","permalink":"/blogs/tags/rest"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"varlink","permalink":"/blogs/tags/varlink"}],"readingTime":0.195,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman API v1.0 and libpod.conf Removal Notice","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","rest","rest-api","v2","hpc","varlink"]},"prevItem":{"title":"Podman v2.2.0 Released","permalink":"/blogs/2020/12/14/new"},"nextItem":{"title":"Podman API v1.0 Deprecation and Removal Notice","permalink":"/blogs/2020/12/11/remove-varlink-libpod-conf-notice"}},"content":"A [Podman API v1.0 and libpod.conf Removal Notice](https://podman.io/blogs/2020/12/11/remove-varlink-libpod-conf-notice.html) has just been posted. The Podman v1.0 API based on the varlink library and the libpod.conf file have both been removed from upstream Podman. Please see the notice for more details."},{"id":"/2020/12/11/remove-varlink-libpod-conf-notice","metadata":{"permalink":"/blogs/2020/12/11/remove-varlink-libpod-conf-notice","source":"@site/blog/2020-12-11-remove-varlink-libpod-conf-notice.md","title":"Podman API v1.0 Deprecation and Removal Notice","description":"podman logo","date":"2020-12-11T00:00:00.000Z","formattedDate":"December 11, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"github","permalink":"/blogs/tags/github"},{"label":"varlink","permalink":"/blogs/tags/varlink"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"}],"readingTime":1.715,"hasTruncateMarker":true,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman API v1.0 Deprecation and Removal Notice","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["podman","containers","v2","github","varlink","rest-api"]},"prevItem":{"title":"Podman API v1.0 and libpod.conf Removal Notice","permalink":"/blogs/2020/12/11/new"},"nextItem":{"title":"Using Podman and systemd to manage container lifecycle","permalink":"/blogs/2020/12/09/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman API v1.0 and libpod.conf Removal Notice\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nOn August 1, 2020, the Podman team posted a [Podman API v1.0 Deprecation and Removal notice](https://podman.io/blogs/2020/08/01/deprecate-and-remove-varlink-notice.html). As noted in that document, the Podman API v1.0 relied on the [varlink library](https://github.com/varlink/libvarlink) to handle the underlying client/server calls from the Podman client to the host where the Podman service was running. The support for the varlink library was greatly reduced in the spring of 2020. This led the Podman team to investigate the use of other client/server technologies and it was decided to develop a RESTful API for Podman using the native Go libraries.\\n\\n\x3c!--truncate--\x3e\\n\\nThis new Podman v2.0 RESTful API was released along with Podman v2.0 in June of 2020 and replaces the Podman API v1.0. As of that time the Podman API v1.0 for Podman was considered to be deprecated. The Podman team noted that the Podman v1.0 (varlink) API would be removed from the Podman project in a future release and that a one month notice would be sent to the community before the version of Podman without the v1.0 API was released. This note represents that notice.\\n\\nThe Podman API v1.0 was just recently [removed](https://github.com/containers/podman/pull/8400) from the upstream repository on [GitHub](https://github.com/containers/podman) as work has started on the next release of Podman, v3.0. Podman v3.0 is expected to be released on Fedora 33 in late January 2021 and then later next year in RHEL 8.4 and other distributions.\\n\\nAt the same time as the removal of the Podman v1.0 API, the `libpod.conf` file has also been removed and it too will no longer be included with Podman starting in Podman v3.0. The functionality of this file has been replaced by [containers.conf](https://github.com/containers/common/blob/main/docs/containers.conf.5.md). If there have been modifications made to the `libpod.conf` file in your environment, you should be able to make the same changes in `containers.conf` and they will be honored.\\n\\nIf you have any questions or concerns about this notification, please send a note to the Podman [mailing list](https://lists.podman.io/admin/lists/podman.lists.podman.io/) or create an issue on Podman\u2019s [GitHub](https://github.com/containers/podman/issues) repository."},{"id":"/2020/12/09/new","metadata":{"permalink":"/blogs/2020/12/09/new","source":"@site/blog/2020-12-09-new.md","title":"Using Podman and systemd to manage container lifecycle","description":"Ed Haynes has put together a demo of using Podman and systemd to manage a container lifecycle that\'s available","date":"2020-12-09T00:00:00.000Z","formattedDate":"December 9, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.205,"hasTruncateMarker":false,"authors":[{"name":"ehaynes"}],"frontMatter":{"title":"Using Podman and systemd to manage container lifecycle","layout":"default","author":"ehaynes","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman API v1.0 Deprecation and Removal Notice","permalink":"/blogs/2020/12/11/remove-varlink-libpod-conf-notice"},"nextItem":{"title":"Using Podman and systemd to manage container lifecycle","permalink":"/blogs/2020/12/09/podman-systemd-demo"}},"content":"Ed Haynes has put together a demo of using Podman and systemd to manage a container lifecycle that\'s available\\non GitHub. He\'s written up a [post](https://podman.io/blogs/2020/12/09/podman-systemd-demo.html) that does a nice\\njob of walking through setting up the demo and running it."},{"id":"/2020/12/09/podman-systemd-demo","metadata":{"permalink":"/blogs/2020/12/09/podman-systemd-demo","source":"@site/blog/2020-12-09-podman-systemd-demo.md","title":"Using Podman and systemd to manage container lifecycle","description":"podman logo","date":"2020-12-09T00:00:00.000Z","formattedDate":"December 9, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"linux","permalink":"/blogs/tags/linux"}],"readingTime":2.98,"hasTruncateMarker":true,"authors":[{"name":"ehaynes"}],"frontMatter":{"title":"Using Podman and systemd to manage container lifecycle","layout":"default","author":"ehaynes","categories":["blogs"],"tags":["containers","podman","api","kubernetes","linux"]},"prevItem":{"title":"Using Podman and systemd to manage container lifecycle","permalink":"/blogs/2020/12/09/new"},"nextItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2020/12/07/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Using Podman and systemd to manage container lifecycle\\n\\n## By Ed Haynes [GitHub](https://github.com/ehaynes)\\n\\nMy background is in industrial automation, and in most cases, the edge devices in the factory are too underpowered to run Kubernetes as a method to manage the lifecycle of containers. The workloads have a very long lifecycle, and generally are \\"tied\\" to the edge device. There is a lot of value in containerizing applications on these edge devices, however, as it decouples the application dependencies from the OS and provides a level of isolation between applications. This demo will show how using Podman in conjunction with systemd provides an elegant solution for this sort of use case. In addition, this will be done as a \\"rootless\\" user - a key benefit of Podman that helps keep the device secure.\\n\\n\x3c!--truncate--\x3e\\n\\nFor my demo, I used a minimal Fedora33 install with Podman installed. To simplify my lifecycle (which in industrial can be 10+ years) I want to keep the base OS as minimal and clean as possible and keep all application dependencies in the containers. I will be creating a redis in-memory keystore database as my containerized application and use the \\"podman generate systemd\\" utility to generate the systemd unit file. This file lets systemd know what your policies are for your application - whether it should start at boot or restart when it fails. In my case I want my application available at boot and also want it to restart in case of failure. I enable and start the systemd service with the --user flag, again I don\'t want root access for security reasons on this device.\\n\\nI provide a test script to test the redis container API. While I could have installed the redis-cli on my base Fedora33 OS to do this testing this would violate my desire to keep the base OS as minimal as possible. I pass values to the redis container\'s port via \\"nc\\" to set a key index of \\"frog\\" to 56. I then show via getting that index that the value is properly set. Now for the interesting part. I use pkill to kill the redis database and then show how systemd restarts the failed container. You can also reboot the OS and find your application running at startup.\\n\\nTo tidy things up I provide a cleanup script which stops the service and cleans up the container so you can start the demo from the top if you like.\\n\\nTo run this demo yourself (I\'ve tested on Fedora33, Red Hat 8.3, and Ubuntu 20.10) ensure Podman and git are installed on your OS\\n\\nAlso remember this is all done as a standard user - no root!\\n\\ngit clone https://github.com/edhaynes/podman_systemd_usermode_demo.git\\n\\n```console\\ncd podman_systemd_usermode_demo\\n\\n./launch_redis_container.sh\\n```\\n\\n\\"launch_redis_container.sh\\" launches redis container, adds usermode systemd entry, enables and starts it. You will need to hit \\"q\\" to get out of the shown status.\\n\\nYou should see something like:\\n\\n```console\\nredis_server.service - Podman container-redis_ Loaded: loaded\\n\\n Active: active (running) since Wed 2020-12-09 09:22:40 EST; 1h 58min ago\\n```\\n\\nNow that redis is running you can run the test script that sets a key value, retrieves it, and then kills the redis container. systemd will then restart the container and you can see all is working again. Do this with:\\n\\n```console\\n./test_redis_container.sh\\n```\\n\\nOnce you are done experimenting with it you can run the cleanup script to stop the systemd service, remove it and stop / remove the container.\\n\\n```console\\n./cleanup.sh\\n```\\n\\nHope you enjoyed this demo and any comments or suggestions please make them in the [GitHub](https://github.com/edhaynes/podman_systemd_usermode_demo.git) repository."},{"id":"/2020/12/07/new","metadata":{"permalink":"/blogs/2020/12/07/new","source":"@site/blog/2020-12-07-new.md","title":"Podman Posts of Interest","description":"I\'ve run across a number of posts over the past few weeks concerning Podman and have","date":"2020-12-07T00:00:00.000Z","formattedDate":"December 7, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.235,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Posts of Interest","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Using Podman and systemd to manage container lifecycle","permalink":"/blogs/2020/12/09/podman-systemd-demo"},"nextItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2020/12/07/podman-posts-of-interests"}},"content":"I\'ve run across a number of posts over the past few weeks concerning Podman and have\\nbeen busy getting other work done. So now I have a few moments and thought I\'d add some links\\nto the posts. Checkout the [Podman Posts of Interest](https://podman.io/blogs/2020/12/07/podman-posts-of-interests.html) for the links!"},{"id":"/2020/12/07/podman-posts-of-interests","metadata":{"permalink":"/blogs/2020/12/07/podman-posts-of-interests","source":"@site/blog/2020-12-07-podman-posts-of-interests.md","title":"Podman Posts of Interest","description":"podman logo","date":"2020-12-07T00:00:00.000Z","formattedDate":"December 7, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":1.265,"hasTruncateMarker":true,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Posts of Interest","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2020/12/07/new"},"nextItem":{"title":"Container image short names in Podman","permalink":"/blogs/2020/12/01/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman Posts of Interest\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nA number of blog posts have flung by and I have not had a chance to get individual\\nlink posts to them, so thought I would add a few here that have popped up recently,\\nlinks after the break!.\\n\\n\x3c!--truncate--\x3e\\n\\n- mkdev - (Video) [Buildah, Dive, Skopeo: 3 Container Tools for building images on Kubernetes Cluster, with Gitlab CI](https://www.youtube.com/watch?v=aViKsSEGwOc&feature=emb_logo) - A video showing how these tools can be lightweight replacements for Docker.\\n- Scott McCarty - [Updates to Container Tools in Red Hat Enterprise Linux 8.3](https://www.redhat.com/en/blog/updates-container-tools-red-hat-enterprise-linux-83) - Our own [Scott McCarty](https://twitter.com/fatherlinux) previews the new container capabilities in Red Hat Enterprise Linux 8.3.\\n- Anais Urlichs - [Docker Images Without Docker \u2014 A Practical Guide](https://codefresh.io/devops/docker-images-without-docker-practical-guide/) - [Anais](https://codefresh.io/author/anais-codefresh/) Talks about how the Docker Daemon runs as root, why that\'s a problem, and how Buildah and Podman avoids that.\\n- hostnextra.com site - [Easy to Install Podman on Ubuntu 20.04](https://www.hostnextra.com/kb/easy-to-install-podman-on-ubuntu-20-04/) - Like the title says, how to easily install Podman on Ubuntu 20.04.\\n- Prakhar Sethi - [Rootless containers with Podman: The basics](https://developers.redhat.com/blog/2020/09/25/rootless-containers-with-podman-the-basics/) - Prakhar introduces rootless containers with Podman.\\n- Damian Velazquez Cafaro - [A Spotlight on Podman](https://caylent.com/spotlight-on-podman) - Damian provides a nice overview on Podman.\\n- Cedric Clyburn - [Transitioning from Docker to Podman](https://developers.redhat.com/blog/2020/11/19/transitioning-from-docker-to-podman/?utm_campaign=VSHNtimer&utm_content=147487702&utm_medium=social&utm_source=twitter&hss_channel=tw-2851142013) - [Cedric](https://developers.redhat.com/blog/author/cclyburn/) gives a nice overview of Podman and how you can transition to it from Docker.\\n- Herv\xe9 Beraud - [Using Podman to run OpenStack OSLO.Messaging\'s Simulator](https://herve.beraud.io/openstack/oslo.messaging/podman/rabbitmq/2020/12/04/using-podman-to-run-openstack-oslo-messaging-simulator.html)- [Herv\xe9](https://herve.beraud.io/) shows you how to run the simulator using Podman!"},{"id":"/2020/12/01/new","metadata":{"permalink":"/blogs/2020/12/01/new","source":"@site/blog/2020-12-01-new.md","title":"Container image short names in Podman","description":"Do you like you container names to be short, sweet and yet secure? Valentin Rothberg shows you how in a recent blog post on the Red Hat Enable Sysadmin site, Container image short names in Podman. This functionality is now available in the upstream version of Podman and is targeted for Podman v3.0.","date":"2020-12-01T00:00:00.000Z","formattedDate":"December 1, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.265,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Container image short names in Podman","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2020/12/07/podman-posts-of-interests"},"nextItem":{"title":"Container image short names in Podman","permalink":"/blogs/2020/12/01/short-container-names"}},"content":"Do you like you container names to be short, sweet and yet secure? [Valentin Rothberg](https://twitter.com/vlntnrthbrg) shows you how in a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [Container image short names in Podman](https://www.redhat.com/sysadmin/container-image-short-names). This functionality is now available in the upstream version of Podman and is targeted for Podman v3.0."},{"id":"/2020/12/01/short-container-names","metadata":{"permalink":"/blogs/2020/12/01/short-container-names","source":"@site/blog/2020-12-01-short-container-names.md","title":"Container image short names in Podman","description":"podman logo","date":"2020-12-01T00:00:00.000Z","formattedDate":"December 1, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.335,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Container image short names in Podman","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Container image short names in Podman","permalink":"/blogs/2020/12/01/new"},"nextItem":{"title":"The history of an API: GitLab Runner and Podman","permalink":"/blogs/2020/11/13/gitlab-runner-and-podman"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Container image short names in Podman\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nDo you like you container names to be short, sweet and yet secure? [Valentin Rothberg](https://twitter.com/vlntnrthbrg) shows you how in a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [Container image short names in Podman](https://www.redhat.com/sysadmin/container-image-short-names). This functionality is now available in the upstream version of Podman and is targeted for Podman v3.0."},{"id":"/2020/11/13/gitlab-runner-and-podman","metadata":{"permalink":"/blogs/2020/11/13/gitlab-runner-and-podman","source":"@site/blog/2020-11-13-gitlab-runner-and-podman.md","title":"The history of an API: GitLab Runner and Podman","description":"podman logo","date":"2020-11-13T00:00:00.000Z","formattedDate":"November 13, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"},{"label":"GitLab","permalink":"/blogs/tags/git-lab"},{"label":"Runner","permalink":"/blogs/tags/runner"}],"readingTime":0.44,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"The history of an API: GitLab Runner and Podman","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac","GitLab","Runner"]},"prevItem":{"title":"Container image short names in Podman","permalink":"/blogs/2020/12/01/short-container-names"},"nextItem":{"title":"The history of an API: GitLab Runner and Podman","permalink":"/blogs/2020/11/13/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# The history of an API: GitLab Runner and Podman\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nIn a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [The history of an API: GitLab Runner and Podman](https://www.redhat.com/sysadmin/history-api), Pablo Greco from the CentOS QA team in Buenos Aires, Argentia documented his journey through a Podman and GitLab Runner integration. When Podman v2.2 arrives, GitLab Runner will be able to run with Podman right out of the box. Give the article a read to see how he got there."},{"id":"/2020/11/13/new","metadata":{"permalink":"/blogs/2020/11/13/new","source":"@site/blog/2020-11-13-new.md","title":"The history of an API: GitLab Runner and Podman","description":"In a recent blog post on the Red Hat Enable Sysadmin site, The history of an API: GitLab Runner and Podman, Pablo Greco from the CentOS QA team in Buenos Aires, Argentia documented his journey through a Podman and GitLab Runner integration. When Podman v2.2 arrives, GitLab Runner will be able to run with Podman right out of the box. Give the article a read to see how he got there.","date":"2020-11-13T00:00:00.000Z","formattedDate":"November 13, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"},{"label":"GitLab","permalink":"/blogs/tags/git-lab"},{"label":"Runner","permalink":"/blogs/tags/runner"}],"readingTime":0.355,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"The history of an API: GitLab Runner and Podman","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac","GitLab","Runner"]},"prevItem":{"title":"The history of an API: GitLab Runner and Podman","permalink":"/blogs/2020/11/13/gitlab-runner-and-podman"},"nextItem":{"title":"Exploring Podman RESTful API using Python and Bash","permalink":"/blogs/2020/10/17/expoloring-restful-api"}},"content":"In a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [The history of an API: GitLab Runner and Podman](https://www.redhat.com/sysadmin/history-api), Pablo Greco from the CentOS QA team in Buenos Aires, Argentia documented his journey through a Podman and GitLab Runner integration. When Podman v2.2 arrives, GitLab Runner will be able to run with Podman right out of the box. Give the article a read to see how he got there."},{"id":"/2020/10/17/expoloring-restful-api","metadata":{"permalink":"/blogs/2020/10/17/expoloring-restful-api","source":"@site/blog/2020-10-17-expoloring-restful-api.md","title":"Exploring Podman RESTful API using Python and Bash","description":"podman logo","date":"2020-10-17T00:00:00.000Z","formattedDate":"October 17, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"},{"label":"restful","permalink":"/blogs/tags/restful"},{"label":"REST","permalink":"/blogs/tags/rest"}],"readingTime":0.36,"hasTruncateMarker":false,"authors":[{"name":"jwhonce"}],"frontMatter":{"title":"Exploring Podman RESTful API using Python and Bash","layout":"default","author":"jwhonce","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac","restful","REST"]},"prevItem":{"title":"The history of an API: GitLab Runner and Podman","permalink":"/blogs/2020/11/13/new"},"nextItem":{"title":"Exploring Podman RESTful API using Python and Bash","permalink":"/blogs/2020/10/17/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Exploring Podman RESTful API using Python and Bash\\n\\n## By Jhon Honce [GitHub](https://github.com/jwhonce)\\n\\nIn a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [Exploring Podman RESTful API using Python and Bash](https://www.redhat.com/sysadmin/podman-python-bash), Jhon Honce nicely demonstrates the new Podman REST API using code examples in Python and shell commands. Additional notes are included in the code comments. The provided code was written to be clear vs. production quality."},{"id":"/2020/10/17/new","metadata":{"permalink":"/blogs/2020/10/17/new","source":"@site/blog/2020-10-17-new.md","title":"Exploring Podman RESTful API using Python and Bash","description":"In a recent blog post on the Red Hat Enable Sysadmin site, Exploring Podman RESTful API using Python and Bash, Jhon Honce nicely demonstrates the new Podman REST API using code examples in Python and shell commands. Additional notes are included in the code comments. The provided code was written to be clear vs. production quality.","date":"2020-10-17T00:00:00.000Z","formattedDate":"October 17, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"},{"label":"restful","permalink":"/blogs/tags/restful"},{"label":"REST","permalink":"/blogs/tags/rest"}],"readingTime":0.28,"hasTruncateMarker":false,"authors":[{"name":"jwhonce"}],"frontMatter":{"title":"Exploring Podman RESTful API using Python and Bash","layout":"default","author":"jwhonce","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac","restful","REST"]},"prevItem":{"title":"Exploring Podman RESTful API using Python and Bash","permalink":"/blogs/2020/10/17/expoloring-restful-api"},"nextItem":{"title":"Podman v2.1.0 Released","permalink":"/blogs/2020/10/05/new"}},"content":"In a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [Exploring Podman RESTful API using Python and Bash](https://www.redhat.com/sysadmin/podman-python-bash), Jhon Honce nicely demonstrates the new Podman REST API using code examples in Python and shell commands. Additional notes are included in the code comments. The provided code was written to be clear vs. production quality."},{"id":"/2020/10/05/new","metadata":{"permalink":"/blogs/2020/10/05/new","source":"@site/blog/2020-10-05-new.md","title":"Podman v2.1.0 Released","description":"Podman has gone 2.1.0!","date":"2020-10-05T00:00:00.000Z","formattedDate":"October 5, 2020","tags":[],"readingTime":0.025,"hasTruncateMarker":false,"authors":[],"frontMatter":{"layout":"default","title":"Podman v2.1.0 Released","categories":["new"]},"prevItem":{"title":"Exploring Podman RESTful API using Python and Bash","permalink":"/blogs/2020/10/17/new"},"nextItem":{"title":"Podman Community Meeting - October 6, 2020","permalink":"/blogs/2020/09/30/Oct-6-Agenda"}},"content":"## [Podman has gone 2.1.0!](https://podman.io/releases/2020/10/05/podman-release-v2.1.0.html)"},{"id":"/2020/09/30/Oct-6-Agenda","metadata":{"permalink":"/blogs/2020/09/30/Oct-6-Agenda","source":"@site/blog/2020-09-30-Oct-6-Agenda.md","title":"Podman Community Meeting - October 6, 2020","description":"podman logo","date":"2020-09-30T00:00:00.000Z","formattedDate":"September 30, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"bindings","permalink":"/blogs/tags/bindings"},{"label":"go","permalink":"/blogs/tags/go"}],"readingTime":0.895,"hasTruncateMarker":true,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Community Meeting - October 6, 2020","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["podman","containers","v2","bindings","go"]},"prevItem":{"title":"Podman v2.1.0 Released","permalink":"/blogs/2020/10/05/new"},"nextItem":{"title":"Podman Community Meeting - October 6, 2020","permalink":"/blogs/2020/09/30/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman Community Meeting - October 6, 2020\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nThe first Podman Community Meeting is coming up at 11:00 a.m. Eastern on\\nOctober 6th, 2020. We plan to hold the meeting on Bluejeans and will be\\nholding them going forward on the first Tuesday of every month.\\nAll are welcome and it\'s free of charge! The agenda after the break and\\nhope to see a lot of you there.\\n\\n\x3c!--truncate--\x3e\\n\\nPodman Community Meeting Agenda\\nTuesday October 6, 2020\\n11:00 a.m. to 12:p.m. Eastern (UTC\u221204:00)\\nBluejeans: https://bluejeans.com/796412039\\n(If you have trouble connecting, please reach out in IRC libera.chat #podman)\\n\\n| Agenda: | |\\n| -------------- | --------------------------------------------------------- |\\n| 11:00 to 11:05 | Welcoming Remarks |\\n| 11:10 to 11:20 | Introductions - All Attendees |\\n| 11:20 to 11:30 | Upcoming Podman Release Features and Schedule - Matt Heon |\\n| 11:30 to 11:40 | Podman 3.0 Planning - Dan Walsh |\\n| 11:40 to 12:00 | Open Forum/Questions and Answers Session |\\n\\nNext Meeting: Tuesday November 3, 2020 11:00 a.m. Eastern (UTC-04:00)"},{"id":"/2020/09/30/new","metadata":{"permalink":"/blogs/2020/09/30/new","source":"@site/blog/2020-09-30-new.md","title":"Podman Community Meeting - October 6, 2020","description":"The first Podman Community meeting will be on Tuesday","date":"2020-09-30T00:00:00.000Z","formattedDate":"September 30, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"go","permalink":"/blogs/tags/go"},{"label":"images","permalink":"/blogs/tags/images"}],"readingTime":0.16,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Community Meeting - October 6, 2020","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","api","v2","go","images"]},"prevItem":{"title":"Podman Community Meeting - October 6, 2020","permalink":"/blogs/2020/09/30/Oct-6-Agenda"},"nextItem":{"title":"DevConf US 2020 Containers Technologies Talk","permalink":"/blogs/2020/09/28/devconf-ctr-tech"}},"content":"The first Podman Community meeting will be on Tuesday\\nOctober 6 at 11:00 a.m. Eastern. It will be a video conference\\nusing BlueJeans and all of the details are on this\\n[post](https://podman.io/blogs/2020/09/30/Oct-6-Agenda.html)."},{"id":"/2020/09/28/devconf-ctr-tech","metadata":{"permalink":"/blogs/2020/09/28/devconf-ctr-tech","source":"@site/blog/2020-09-28-devconf-ctr-tech.md","title":"DevConf US 2020 Containers Technologies Talk","description":"podman logo","date":"2020-09-28T00:00:00.000Z","formattedDate":"September 28, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.35,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"DevConf US 2020 Containers Technologies Talk","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman Community Meeting - October 6, 2020","permalink":"/blogs/2020/09/30/new"},"nextItem":{"title":"DevConf US 2020 Containers Technologies Talk","permalink":"/blogs/2020/09/28/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# DevConf US 2020 Containers Technologies Talk\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nIn case you missed [Kedar Kulkarni\'s](https://github.com/kedark3) excellent talk at [DevConf.US 2020](https://www.devconf.info/us/), \\"Docker, Podman, Buildah, Skopeo, and what else?\\", check out the [video](https://www.youtube.com/watch?v=5g2F0vSWY3U&feature=youtu.be) on YouTube. There were also a number of other interesting talks at DevConf.US 2020 that you might be interested in, you\'ll be able to find links to the talks at the DevConf.US site above."},{"id":"/2020/09/28/new","metadata":{"permalink":"/blogs/2020/09/28/new","source":"@site/blog/2020-09-28-new.md","title":"DevConf US 2020 Containers Technologies Talk","description":"By Tom Sweeney GitHub","date":"2020-09-28T00:00:00.000Z","formattedDate":"September 28, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.305,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"DevConf US 2020 Containers Technologies Talk","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"DevConf US 2020 Containers Technologies Talk","permalink":"/blogs/2020/09/28/devconf-ctr-tech"},"nextItem":{"title":"Podman Security Announcement","permalink":"/blogs/2020/09/22/security"}},"content":"## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nIn case you missed [Kedar Kulkarni\'s](https://github.com/kedark3) excellent talk at [DevConf.US 2020](https://www.devconf.info/us/), \\"Docker, Podman, Buildah, Skopeo, and what else?\\", check out the [video](https://www.youtube.com/watch?v=5g2F0vSWY3U&feature=youtu.be) on YouTube. There were also a number of other interesting talks at DevConf.US 2020 that you might be interested in, you\'ll be able to find links to the talks at the DevConf.US site above."},{"id":"/2020/09/22/security","metadata":{"permalink":"/blogs/2020/09/22/security","source":"@site/blog/2020-09-22-security.md","title":"Podman Security Announcement","description":"podman logo","date":"2020-09-22T00:00:00.000Z","formattedDate":"September 22, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"security","permalink":"/blogs/tags/security"}],"readingTime":0.665,"hasTruncateMarker":false,"authors":[{"name":"mheon"}],"frontMatter":{"title":"Podman Security Announcement","layout":"default","author":"mheon","categories":["blogs"],"tags":["podman","containers","security"]},"prevItem":{"title":"DevConf US 2020 Containers Technologies Talk","permalink":"/blogs/2020/09/28/new"},"nextItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2020/09/18/multi-blog-posts"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman Security Issue\\n\\nToday, we\'re releasing updates to fix [CVE-2020-14370](https://access.redhat.com/security/cve/cve-2020-14370), a security issue in Podman. This is a medium-severity information disclosure vulnerability that affects containers created using Podman\u2019s Varlink API or the Docker-compatible version of its REST API. If two or more containers are created using these APIs, and the first container had environment variables added to it when it was created, all subsequent containers created using the Varlink or Docker-compatible REST APIs will also have these environment variables added. This effect does not persist after restarting the Podman API service.\\n\\nPodman v2.0.5 and higher contain a fix for the CVE. If you use either of these APIs, please update to Podman v2.0.5 or later. We will also be patching the long-term support v1.6.4 release used in RHEL and CentOS."},{"id":"/2020/09/18/multi-blog-posts","metadata":{"permalink":"/blogs/2020/09/18/multi-blog-posts","source":"@site/blog/2020-09-18-multi-blog-posts.md","title":"Podman Posts of Interest","description":"podman logo","date":"2020-09-18T00:00:00.000Z","formattedDate":"September 18, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.685,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Podman Posts of Interest","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman Security Announcement","permalink":"/blogs/2020/09/22/security"},"nextItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2020/09/18/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman Posts of Interest\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\n- Brian Smith - [Rootless containers using Podman](https://www.redhat.com/sysadmin/rootless-containers-podman) - Watch this two-part video series on understanding root inside and outside of containers and how user namespaces work.\\n- Jack Wallen - [How to install Podman support in Cockpit](https://www.techrepublic.com/article/how-to-install-podman-support-in-cockpit/) - Learn how to add Cockpit support to manage images and containers.\\n- Dan Walsh - [SELinux changes for KVM-separated (Kata) containers](https://www.redhat.com/sysadmin/selinux-kata-containers?sc_cid=701f2000000txokAAA&utm_source=bambu&utm_medium=social&utm_campaign=abm) - Understanding SELinux types that improve security in container engines such as Podman and CRI-O.\\n- Brian Smith - [Scanning containers for vulnerabilities with OpenSCAP and Podman](https://www.redhat.com/sysadmin/container-vulnerabilities-openscap) - Containers are no more secure than physical machines. Find out how to scan yours for vulnerabilities.\\n- Brian Smith - (Video)[Managing Containers in Podman with systemd Unit Files](https://www.youtube.com/watch?v=AGkM2jGT61Y)\\n- Mrivik - (asciinema)[GIMP working on rootless Podman container](https://asciinema.org/a/FKU4CaX96MgnlZQ8aTBBMPIv2)"},{"id":"/2020/09/18/new","metadata":{"permalink":"/blogs/2020/09/18/new","source":"@site/blog/2020-09-18-new.md","title":"Podman Posts of Interest","description":"I\'ve run across a number of posts over the past few weeks concerning Podman and have","date":"2020-09-18T00:00:00.000Z","formattedDate":"September 18, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.82,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Posts of Interest","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2020/09/18/multi-blog-posts"},"nextItem":{"title":"Podman remote clients for macOS and Windows","permalink":"/blogs/2020/09/02/new"}},"content":"I\'ve run across a number of posts over the past few weeks concerning Podman and have\\nbeen busy getting other work done. So now I have a few moments and thought I\'d add some links\\nto the posts. Enjoy!\\n\\n- Brian Smith - [Rootless containers using Podman](https://www.redhat.com/sysadmin/rootless-containers-podman) - Watch this two-part video series on understanding root inside and outside of containers and how user namespaces work.\\n- Jack Wallen - [How to install Podman support in Cockpit](https://www.techrepublic.com/article/how-to-install-podman-support-in-cockpit/) - Learn how to add Cockpit support to manage images and containers.\\n- Dan Walsh - [SELinux changes for KVM-separated (Kata) containers](https://www.redhat.com/sysadmin/selinux-kata-containers?sc_cid=701f2000000txokAAA&utm_source=bambu&utm_medium=social&utm_campaign=abm) - Understanding SELinux types that improve security in container engines such as Podman and CRI-O.\\n- Brian Smith - [Scanning containers for vulnerabilities with OpenSCAP and Podman](https://www.redhat.com/sysadmin/container-vulnerabilities-openscap) - Containers are no more secure than physical machines. Find out how to scan yours for vulnerabilities.\\n- Brian Smith - (Video)[Managing Containers in Podman with systemd Unit Files](https://www.youtube.com/watch?v=AGkM2jGT61Y)\\n- Mrivik - (asciinema)[GIMP working on rootless Podman container](https://asciinema.org/a/FKU4CaX96MgnlZQ8aTBBMPIv2)"},{"id":"/2020/09/02/new","metadata":{"permalink":"/blogs/2020/09/02/new","source":"@site/blog/2020-09-02-new.md","title":"Podman remote clients for macOS and Windows","description":"In a recent blog post on the Red Hat Enable Sysadmin site, Podman remote clients for macOS and Windows, Brent Baude and Ashley Cui walk you through setting up a remote client on either Windows or macOS to let you manage your containers and images on your Linux backend. The post covers installation, ssh setup, creating the initial connection and finally how to use the client. Give it a quick look!","date":"2020-09-02T00:00:00.000Z","formattedDate":"September 2, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.355,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Podman remote clients for macOS and Windows","layout":"default","author":"baude","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman Posts of Interest","permalink":"/blogs/2020/09/18/new"},"nextItem":{"title":"Podman remote clients for macOS and Windows","permalink":"/blogs/2020/09/02/running_windows_or_mac"}},"content":"In a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [Podman remote clients for macOS and Windows](https://www.redhat.com/sysadmin/podman-clients-macos-windows), Brent Baude and [Ashley Cui](https://twitter.com/cuicodes) walk you through setting up a remote client on either Windows or macOS to let you manage your containers and images on your Linux backend. The post covers installation, ssh setup, creating the initial connection and finally how to use the client. Give it a quick look!"},{"id":"/2020/09/02/running_windows_or_mac","metadata":{"permalink":"/blogs/2020/09/02/running_windows_or_mac","source":"@site/blog/2020-09-02-running_windows_or_mac.md","title":"Podman remote clients for macOS and Windows","description":"podman logo","date":"2020-09-02T00:00:00.000Z","formattedDate":"September 2, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"mac","permalink":"/blogs/tags/mac"}],"readingTime":0.43,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Podman remote clients for macOS and Windows","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc","windows","mac"]},"prevItem":{"title":"Podman remote clients for macOS and Windows","permalink":"/blogs/2020/09/02/new"},"nextItem":{"title":"The podman play kube command now supports deployments","permalink":"/blogs/2020/08/31/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman remote clients for macOS and Windows\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\nIn a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [Podman remote clients for macOS and Windows](https://www.redhat.com/sysadmin/podman-clients-macos-windows), Brent Baude and [Ashley Cui](https://twitter.com/cuicodes) walk you through setting up a remote client on either Windows or macOS to let you manage your containers and images on your Linux backend. The post covers installation, ssh setup, creating the initial connection and finally how to use the client. Give it a quick look!"},{"id":"/2020/08/31/new","metadata":{"permalink":"/blogs/2020/08/31/new","source":"@site/blog/2020-08-31-new.md","title":"The podman play kube command now supports deployments","description":"In a recent blog post on the Red Hat Enable Sysadmin site, The podman play kube command now supports deployments, you can now learn all about the recent features added to Podman to interact with Kubernetes objects. The podman generate kube command allows you to export your existing containers into Kubernetes Pod YAML. This YAML can then be imported into OpenShift or a Kubernetes cluster. The podman play kube does the opposite, it allows you to take a Kubernetes YAML and run it in Podman. Learn all of the details and more in the blog post!","date":"2020-08-31T00:00:00.000Z","formattedDate":"August 31, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"}],"readingTime":0.48,"hasTruncateMarker":false,"authors":[{"name":"mheon"}],"frontMatter":{"title":"The podman play kube command now supports deployments","layout":"default","author":"mheon","categories":["new"],"tags":["containers","podman","networking","pod","api","kubernetes","kube","v2","hpc"]},"prevItem":{"title":"Podman remote clients for macOS and Windows","permalink":"/blogs/2020/09/02/running_windows_or_mac"},"nextItem":{"title":"The podman play kube command now supports deployments","permalink":"/blogs/2020/08/31/podman-and-kubernetes"}},"content":"In a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [The podman play kube command now supports deployments](https://www.redhat.com/sysadmin/podman-play-kube), you can now learn all about the recent features added to Podman to interact with Kubernetes objects. The `podman generate kube` command allows you to export your existing containers into Kubernetes Pod YAML. This YAML can then be imported into OpenShift or a Kubernetes cluster. The `podman play kube` does the opposite, it allows you to take a Kubernetes YAML and run it in Podman. Learn all of the details and more in the blog post!"},{"id":"/2020/08/31/podman-and-kubernetes","metadata":{"permalink":"/blogs/2020/08/31/podman-and-kubernetes","source":"@site/blog/2020-08-31-podman-and-kubernetes.md","title":"The podman play kube command now supports deployments","description":"podman logo","date":"2020-08-31T00:00:00.000Z","formattedDate":"August 31, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"github","permalink":"/blogs/tags/github"},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes"},{"label":"kube","permalink":"/blogs/tags/kube"}],"readingTime":0.56,"hasTruncateMarker":false,"authors":[{"name":"mheon"}],"frontMatter":{"title":"The podman play kube command now supports deployments","layout":"default","author":"mheon","categories":["blogs"],"tags":["podman","containers","v2","github","kubernetes","kube"]},"prevItem":{"title":"The podman play kube command now supports deployments","permalink":"/blogs/2020/08/31/new"},"nextItem":{"title":"Tick-tock. Does your container know what time it is?","permalink":"/blogs/2020/08/24/container-time"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# The podman play kube command now supports deployments\\n\\n## By Matthew Heon [GitHub](https://github.com/mheon)\\n\\nIn a recent blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [The podman play kube command now supports deployments](https://www.redhat.com/sysadmin/podman-play-kube), you can now learn all about the recent features added to Podman to interact with Kubernetes objects. The `podman generate kube` command allows you to export your existing containers into Kubernetes Pod YAML. This YAML can then be imported into OpenShift or a Kubernetes cluster. The `podman play kube` does the opposite, it allows you to take a Kubernetes YAML and run it in Podman. Learn all of the details and more in the blog post!"},{"id":"/2020/08/24/container-time","metadata":{"permalink":"/blogs/2020/08/24/container-time","source":"@site/blog/2020-08-24-container-time.md","title":"Tick-tock. Does your container know what time it is?","description":"podman logo","date":"2020-08-24T00:00:00.000Z","formattedDate":"August 24, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"github","permalink":"/blogs/tags/github"},{"label":"rename","permalink":"/blogs/tags/rename"}],"readingTime":0.51,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Tick-tock. Does your container know what time it is?","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["podman","containers","v2","github","rename"]},"prevItem":{"title":"The podman play kube command now supports deployments","permalink":"/blogs/2020/08/31/podman-and-kubernetes"},"nextItem":{"title":"Tick-tock. Does your container know what time it is?","permalink":"/blogs/2020/08/24/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Tick-tock. Does your container know what time it is?\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\n[Ashley Cui](https://twitter.com/cuicodes) recently joined our team at Red Hat and just wrote her first ever blog post that is now on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site [Tick-tock. Does your container know what time it is?](https://www.redhat.com/sysadmin/tick-tock-container-time). In this timely post, Ashley walks you through setting the timezone within a container using the `--tz` option. Just prior to this posting, I had answered a very similar question for someone. This is a really good and quick blog, and I\'m sure the first of many for Ashley."},{"id":"/2020/08/24/new","metadata":{"permalink":"/blogs/2020/08/24/new","source":"@site/blog/2020-08-24-new.md","title":"Tick-tock. Does your container know what time it is?","description":"Ashley Cui recently joined our team at Red Hat and just wrote her first ever blog post that is now on the Red Hat Enable Sysadmin site Tick-tock. Does your container know what time it is?. In this timely post, Ashley walks you through setting the timezone within a container using the --tz option. Just prior to this posting, I had answered a very similar question for someone. This is a really good and quick blog, and I\'m sure the first of many for Ashley.","date":"2020-08-24T00:00:00.000Z","formattedDate":"August 24, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"rest","permalink":"/blogs/tags/rest"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"}],"readingTime":0.425,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Tick-tock. Does your container know what time it is?","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","rest","rest-api","v2","hpc"]},"prevItem":{"title":"Tick-tock. Does your container know what time it is?","permalink":"/blogs/2020/08/24/container-time"},"nextItem":{"title":"Container video series: Rootless containers, process separation, and OpenSCAP","permalink":"/blogs/2020/08/21/new"}},"content":"[Ashley Cui](https://twitter.com/cuicodes) recently joined our team at Red Hat and just wrote her first ever blog post that is now on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site [Tick-tock. Does your container know what time it is?](https://www.redhat.com/sysadmin/tick-tock-container-time). In this timely post, Ashley walks you through setting the timezone within a container using the `--tz` option. Just prior to this posting, I had answered a very similar question for someone. This is a really good and quick blog, and I\'m sure the first of many for Ashley."},{"id":"/2020/08/21/new","metadata":{"permalink":"/blogs/2020/08/21/new","source":"@site/blog/2020-08-21-new.md","title":"Container video series: Rootless containers, process separation, and OpenSCAP","description":"Do you want to know more about Rootless containers, process separation, and OpenSCAP? If you\'re like many, a video is a better learning device than a blog post. Well you\'re in luck, Brian Smith just landed a blog post on the Red Hat Enable Sysadmin site Container video series: Rootless containers, process separation, and OpenSCAP with a number of blog posts on the subject, many featuring Podman.","date":"2020-08-21T00:00:00.000Z","formattedDate":"August 21, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"rest","permalink":"/blogs/tags/rest"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"}],"readingTime":0.335,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Container video series: Rootless containers, process separation, and OpenSCAP","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","rest","rest-api","v2","hpc"]},"prevItem":{"title":"Tick-tock. Does your container know what time it is?","permalink":"/blogs/2020/08/24/new"},"nextItem":{"title":"Container video series: Rootless containers, process separation, and OpenSCAP","permalink":"/blogs/2020/08/21/rootless-separation-openscap"}},"content":"Do you want to know more about Rootless containers, process separation, and OpenSCAP? If you\'re like many, a video is a better learning device than a blog post. Well you\'re in luck, [Brian Smith](https://www.redhat.com/sysadmin/users/briasmit) just landed a blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site [Container video series: Rootless containers, process separation, and OpenSCAP](https://www.redhat.com/sysadmin/container-video-series) with a number of blog posts on the subject, many featuring Podman."},{"id":"/2020/08/21/rootless-separation-openscap","metadata":{"permalink":"/blogs/2020/08/21/rootless-separation-openscap","source":"@site/blog/2020-08-21-rootless-separation-openscap.md","title":"Container video series: Rootless containers, process separation, and OpenSCAP","description":"podman logo","date":"2020-08-21T00:00:00.000Z","formattedDate":"August 21, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"github","permalink":"/blogs/tags/github"},{"label":"rename","permalink":"/blogs/tags/rename"}],"readingTime":0.42,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Container video series: Rootless containers, process separation, and OpenSCAP","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["podman","containers","v2","github","rename"]},"prevItem":{"title":"Container video series: Rootless containers, process separation, and OpenSCAP","permalink":"/blogs/2020/08/21/new"},"nextItem":{"title":"Podman Troubleshooting Guide","permalink":"/blogs/2020/08/17/work-the-problems"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Container video series: Rootless containers, process separation, and OpenSCAP\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nDo you want to know more about Rootless containers, process separation, and OpenSCAP? If you\'re like many, a video is a better learning device than a blog post. Well you\'re in luck, [Brian Smith](https://www.redhat.com/sysadmin/users/briasmit) just landed a blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site [Container video series: Rootless containers, process separation, and OpenSCAP](https://www.redhat.com/sysadmin/container-video-series) with a number of blog posts on the subject, many featuring Podman."},{"id":"/2020/08/17/work-the-problems","metadata":{"permalink":"/blogs/2020/08/17/work-the-problems","source":"@site/blog/2020-08-17-work-the-problems.md","title":"Podman Troubleshooting Guide","description":"podman logo","date":"2020-08-17T00:00:00.000Z","formattedDate":"August 17, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"github","permalink":"/blogs/tags/github"},{"label":"varlink","permalink":"/blogs/tags/varlink"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"}],"readingTime":2.14,"hasTruncateMarker":true,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Troubleshooting Guide","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["podman","containers","v2","github","varlink","rest-api"]},"prevItem":{"title":"Container video series: Rootless containers, process separation, and OpenSCAP","permalink":"/blogs/2020/08/21/rootless-separation-openscap"},"nextItem":{"title":"Learning Red Hat\'s Podman (docker), Buildah, Skopeo and Quay.io","permalink":"/blogs/2020/08/13/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman Troubleshooting Guide\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nAs a kid, I was fascinated by space flight. If I couldn\'t be a fireman like my father, I wanted to be an astronaut. Of course I had to have a [Major Matt Mason](https://www.youtube.com/watch?v=4sNoiDT0BMw&list=LLTdXWmg018se8aJN4cUq6Ag&index=2934) figure so I could fly him around the house and then land him softly in a jury-rigged parachute in my wading pool. Then of course the whole Apollo 13 drama had me riveted, and when the movie came out years later, I fell in love with this line in the movie, \\"Let\'s work the problem people. Let\'s not make things worse by guessing.\\" by Ed Harris who played Gene Kranz the \\"vested\\" flight director.\\n\\n\x3c!--truncate--\x3e\\n\\nThat\'s been a helpful creed for me and it\'s also helpful for the Podman world too. Many times the community spends a fair amount of effort answering issues and questions either in GitHub\'s [issues](https://github.com/containers/podman/issues) or in the [Podman Mailing List](https://lists.podman.io/admin/lists/podman.lists.podman.io/). That\'s really great, but sometimes the discussion finds that the problem is concerning an issue that is on the [Podman Troubleshooting Guide](https://github.com/containers/podman/blob/main/troubleshooting.md). This page might be one of the least visited pages on the site, yet the most helpful, especially for people who are new to the Podman project.\\n\\nThe page contains a number of common issues and solutions for Podman. It can help people who are running into issues find out if the issue has been encountered before. Some of the more common ones are issues with mounts and selinux, rootless containers not being able to ping the host, rootless containers exiting with the user, and more. A lot of the items of the page are not really issues with the Podman software, but rather that required configuration steps for use cases were not completed. Along with the problem and typical error responses on this page, each one has a solution section that will walk you through the steps needed to correct the problem. As common problems are encountered along the way, the community is encouraged to add them to the troubleshooting page, keeping it a fresh source of information.\\n\\nHopefully this post will help users of Podman find and discover solutions to their problems more easily in the Podman Troubleshooting Guide. Just as importantly, it will act as a reminder for those in the community who are familiar with the page to consider adding problems and solutions that they may encounter. As we move forward, effective use of this page will help us prove Gene Kranz right in the Podman universe, \\"Failure is not an option\\"."},{"id":"/2020/08/13/new","metadata":{"permalink":"/blogs/2020/08/13/new","source":"@site/blog/2020-08-13-new.md","title":"Learning Red Hat\'s Podman (docker), Buildah, Skopeo and Quay.io","description":"Four engineers at IBM and Red Hat, JJ Asghar, Brian Tannous, Jason Dobies and Cedric Clyburn spent some time in a stream learning about Podman, Buildah, Skopeo from the ground up in this video blog post. Check out the video to get a great introduction to the tools.","date":"2020-08-13T00:00:00.000Z","formattedDate":"August 13, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"rest","permalink":"/blogs/tags/rest"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"}],"readingTime":0.24,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Learning Red Hat\'s Podman (docker), Buildah, Skopeo and Quay.io","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","rest","rest-api","v2","hpc"]},"prevItem":{"title":"Podman Troubleshooting Guide","permalink":"/blogs/2020/08/17/work-the-problems"},"nextItem":{"title":"Learning Red Hat\'s Podman (docker), Buildah, Skopeo and Quay.io","permalink":"/blogs/2020/08/13/walk-through"}},"content":"Four engineers at IBM and Red Hat, [JJ Asghar](https://twitter.com/jjasghar), [Brian Tannous](https://twitter.com/briantannous), [Jason Dobies](https://twitter.com/jdob) and Cedric Clyburn spent some time in a stream learning about Podman, Buildah, Skopeo from the ground up in this video blog [post](https://www.youtube.com/watch?time_continue=246&v=IKGcxxjieFo&feature=emb_logo). Check out the video to get a great introduction to the tools."},{"id":"/2020/08/13/walk-through","metadata":{"permalink":"/blogs/2020/08/13/walk-through","source":"@site/blog/2020-08-13-walk-through.md","title":"Learning Red Hat\'s Podman (docker), Buildah, Skopeo and Quay.io","description":"podman logo","date":"2020-08-13T00:00:00.000Z","formattedDate":"August 13, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"github","permalink":"/blogs/tags/github"},{"label":"rename","permalink":"/blogs/tags/rename"}],"readingTime":0.325,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Learning Red Hat\'s Podman (docker), Buildah, Skopeo and Quay.io","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["podman","containers","v2","github","rename"]},"prevItem":{"title":"Learning Red Hat\'s Podman (docker), Buildah, Skopeo and Quay.io","permalink":"/blogs/2020/08/13/new"},"nextItem":{"title":"Moving from docker-compose to Podman pods","permalink":"/blogs/2020/08/11/migrate-from-docker-compose"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Learning Red Hat\'s Podman (docker), Buildah, Skopeo and Quay.io\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nFour engineers at IBM and Red Hat, [JJ Asghar](https://twitter.com/jjasghar), [Brian Tannous](https://twitter.com/briantannous), [Jason Dobies](https://twitter.com/jdob) and Cedric Clyburn spent some time in a stream learning about Podman, Buildah, Skopeo from the ground up in this video blog [post](https://www.youtube.com/watch?time_continue=246&v=IKGcxxjieFo&feature=emb_logo). Check out the video to get a great introduction to the tools."},{"id":"/2020/08/11/migrate-from-docker-compose","metadata":{"permalink":"/blogs/2020/08/11/migrate-from-docker-compose","source":"@site/blog/2020-08-11-migrate-from-docker-compose.md","title":"Moving from docker-compose to Podman pods","description":"podman logo","date":"2020-08-11T00:00:00.000Z","formattedDate":"August 11, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"github","permalink":"/blogs/tags/github"},{"label":"rename","permalink":"/blogs/tags/rename"}],"readingTime":0.235,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Moving from docker-compose to Podman pods","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["podman","containers","v2","github","rename"]},"prevItem":{"title":"Learning Red Hat\'s Podman (docker), Buildah, Skopeo and Quay.io","permalink":"/blogs/2020/08/13/walk-through"},"nextItem":{"title":"Moving from docker-compose to Podman pods","permalink":"/blogs/2020/08/11/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Moving from docker-compose to Podman pods\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\n[Nathan Lager](https://twitter.com/gangrif) just landed a blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site [Moving from docker-compose to Podman pods](https://www.redhat.com/sysadmin/compose-podman-pods). In the post, Nathan talks about ins and outs of the migration process."},{"id":"/2020/08/11/new","metadata":{"permalink":"/blogs/2020/08/11/new","source":"@site/blog/2020-08-11-new.md","title":"Moving from docker-compose to Podman pods","description":"Nathan Lager just landed a blog post on the Red Hat Enable Sysadmin site Moving from docker-compose to Podman pods. In the post, Nathan talks about ins and outs of the migration process.","date":"2020-08-11T00:00:00.000Z","formattedDate":"August 11, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"rest","permalink":"/blogs/tags/rest"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"}],"readingTime":0.165,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Moving from docker-compose to Podman pods","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","rest","rest-api","v2","hpc"]},"prevItem":{"title":"Moving from docker-compose to Podman pods","permalink":"/blogs/2020/08/11/migrate-from-docker-compose"},"nextItem":{"title":"Podman Go bindings","permalink":"/blogs/2020/08/10/new"}},"content":"[Nathan Lager](https://twitter.com/gangrif) just landed a blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site [Moving from docker-compose to Podman pods](https://www.redhat.com/sysadmin/compose-podman-pods). In the post, Nathan talks about ins and outs of the migration process."},{"id":"/2020/08/10/new","metadata":{"permalink":"/blogs/2020/08/10/new","source":"@site/blog/2020-08-10-new.md","title":"Podman Go bindings","description":"In the release of Podman 2.0, we removed the experimental tag from its recently","date":"2020-08-10T00:00:00.000Z","formattedDate":"August 10, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"go","permalink":"/blogs/tags/go"},{"label":"images","permalink":"/blogs/tags/images"}],"readingTime":0.3,"hasTruncateMarker":false,"authors":[{"name":"lsm5"}],"frontMatter":{"title":"Podman Go bindings","layout":"default","author":"lsm5","categories":["new"],"tags":["containers","podman","api","v2","go","images"]},"prevItem":{"title":"Moving from docker-compose to Podman pods","permalink":"/blogs/2020/08/11/new"},"nextItem":{"title":"Podman Go bindings","permalink":"/blogs/2020/08/10/podman-go-bindings"}},"content":"In the release of Podman 2.0, we removed the experimental tag from its recently\\nintroduced RESTful service. While it might be interesting to interact with a\\nRESTful server using curl, using a set of Go based bindings is probably a more\\ndirect route to a production ready application. More details from Lokesh\\nMandvekar and Parker Van Roy in this\\n[post](https://podman.io/blogs/2020/08/10/podman-go-bindings.html)."},{"id":"/2020/08/10/podman-go-bindings","metadata":{"permalink":"/blogs/2020/08/10/podman-go-bindings","source":"@site/blog/2020-08-10-podman-go-bindings.md","title":"Podman Go bindings","description":"podman logo","date":"2020-08-10T00:00:00.000Z","formattedDate":"August 10, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"bindings","permalink":"/blogs/tags/bindings"},{"label":"go","permalink":"/blogs/tags/go"}],"readingTime":12.21,"hasTruncateMarker":true,"authors":[{"name":"lsm5"}],"frontMatter":{"title":"Podman Go bindings","layout":"default","author":"lsm5","categories":["blogs"],"tags":["podman","containers","v2","bindings","go"]},"prevItem":{"title":"Podman Go bindings","permalink":"/blogs/2020/08/10/new"},"nextItem":{"title":"Improved systemd integration with Podman 2.0","permalink":"/blogs/2020/08/02/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman Go bindings\\n\\n## By Lokesh Mandvekar [GitHub](https://github.com/lsm5) and Parker VanRoy\\n\\n## Introduction\\n\\nIn the release of Podman 2.0, we removed the experimental tag\\nfrom its recently introduced RESTful service. While it might\\nbe interesting to interact with a RESTFul server using curl,\\nusing a set of Go based bindings is probably a more direct\\nroute to a production ready application. Let\u2019s take a look\\nat how easily that can be accomplished.\\n\\n\x3c!--truncate--\x3e\\n\\nIf you haven\'t yet, [install Go](https://golang.org/doc/install).\\n\\nBe careful to double-check that the version of golang is new\\nenough (i.e. `go version`), version 1.13.x or higher is\\nsupported. If needed, Go sources and binaries can be fetched\\nfrom the [official Go website](https://golang.org/dl/).\\n\\nThe Podman Go bindings are a set of functions to allow\\ndevelopers to execute Podman operations from within their Go\\nbased application. The Go bindings connect to a Podman service\\nwhich can run locally or on a remote machine. You can perform\\nmany operations including pulling and listing images, starting,\\nstopping or inspecting containers. Currently, the Podman\\nrepository has bindings available for operations on images,\\ncontainers, pods, networks and manifests among others. The\\nbindings are available on the [v2.0 branch in the\\nupstream Podman repository](https://github.com/containers/podman/tree/v2.0).\\nYou can fetch the bindings for your application using Go modules:\\n\\n```bash\\n$ cd $HOME\\n$ mkdir example && cd example\\n$ go mod init example.com\\ngo: creating new go.mod: module example.com\\n$ go get github.com/containers/podman/v2@v2.0.4\\ngo: downloading github.com/containers/podman/v2 v2.0.4\\ngo get: github.com/containers/podman/v2@v2.0.4: parsing go.mod:\\n module declares its path as: github.com/containers/libpod/v2\\n but was required as: github.com/containers/podman/v2\\n```\\n\\nThis creates a new `go.mod` file in the current directory that looks as follows:\\n\\n```bash\\nmodule example.com\\n\\ngo 1.14\\n\\nrequire github.com/containers/libpod/v2 v2.0.4 // indirect\\n```\\n\\nYou can also try a demo application with the Go modules created already:\\n\\n```bash\\n$ git clone https://github.com/containers/Demos\\n$ cd Demos/podman_go_bindings\\n$ ls\\nREADME.md go.mod go.sum main.go\\n```\\n\\n## How do I use them\\n\\nIn this tutorial, you will learn through basic examples how to:\\n\\n0. [Start the Podman system service](#start-service)\\n1. [Connect to the Podman system service](#connect-service)\\n2. [Pull images](#pull-images)\\n3. [List images](#list-images)\\n4. [Create and start a container from an image](#create-start-container)\\n5. [List containers](#list-containers)\\n6. [Inspect the container](#inspect-container)\\n7. [Stop the container](#stop-container)\\n8. [Debugging tips](#debugging-tips)\\n\\n### Start the Podman system service \\n\\nThe recommended way to start Podman system service in production mode\\nis via systemd socket-activation:\\n\\n```bash\\n$ systemctl --user start podman.socket\\n```\\n\\nThere\u2019s no timeout specified when starting the system service via socket-activation.\\n\\nFor purposes of this demo, we will start the service using the Podman\\ncommand itself. If you prefer the system service to timeout after, say,\\n5000 seconds, you can run it like so:\\n\\n```bash\\n$ podman system service -t 5000\\n```\\n\\nNote that the 5000 seconds uptime is refreshed after every command is received.\\nIf you want the service to stay up until the machine is shutdown or the process\\nis terminated, use `0` (zero) instead of 5000. For this demo, we will use no timeout:\\n\\n```bash\\n# -t 0 implies no timeout, default timeout 5 seconds\\n$ podman system service -t 0\\n```\\n\\nOpen another terminal window and check if the Podman socket exists:\\n\\n```bash\\n$ ls /run/user/${UID}/podman\\npodman.sock\\n```\\n\\nIf you\u2019re running the system service as root, podman.sock will be found in /run/podman:\\n\\n```bash\\n$ ls /run/podman\\npodman.sock\\n```\\n\\n### Connect to the Podman system service \\n\\nFirst, you need to create a connection that connects to the system service.\\nThe critical piece of information for setting up a new connection is the endpoint.\\nThe endpoint comes in the form of an URI (method:/path/to/socket). For example,\\nto connect to the local rootful socket the URI would be `unix:/run/podman/podman.sock`\\nand for a rootless user it would be `unix:$(XDG_RUNTIME_DIR)/podman/podman.sock`,\\ntypically: `unix:/run/user/${UID}/podman/podman.sock`.\\n\\nThe following Go example snippet shows how to set up a connection for a rootless user.\\n\\n```Go\\npackage main\\n\\nimport (\\n \\"context\\"\\n \\"fmt\\"\\n \\"os\\"\\n\\n \\"github.com/containers/libpod/v2/libpod/define\\"\\n \\"github.com/containers/libpod/v2/pkg/bindings\\"\\n \\"github.com/containers/libpod/v2/pkg/bindings/containers\\"\\n \\"github.com/containers/libpod/v2/pkg/bindings/images\\"\\n \\"github.com/containers/libpod/v2/pkg/domain/entities\\"\\n \\"github.com/containers/libpod/v2/pkg/specgen\\"\\n)\\n\\nfunc main() {\\n fmt.Println(\\"Welcome to the Podman Go bindings tutorial\\")\\n\\n // Get Podman socket location\\n sock_dir := os.Getenv(\\"XDG_RUNTIME_DIR\\")\\n socket := \\"unix:\\" + sock_dir + \\"/podman/podman.sock\\"\\n\\n // Connect to Podman socket\\n connText, err := bindings.NewConnection(context.Background(), socket)\\n if err != nil {\\n fmt.Println(err)\\n os.Exit(1)\\n }\\n}\\n```\\n\\nThe `connText` variable received from the NewConnection function is of type\\ncontext.Context(). In subsequent uses of the bindings, you will use this context\\nto direct the bindings to your connection. This can be seen in the examples below.\\n\\n### Pull an image \\n\\nNext, we will pull a couple of images using the images.Pull() binding.\\nThis binding takes three arguments: - The context variable created by the bindings.NewConnection() call in the first example - The image name - Options for image pull\\n\\n**Append the following lines to your function:**\\n\\n```Go\\n // Pull Busybox image (Sample 1)\\n fmt.Println(\\"Pulling Busybox image...\\")\\n _, err = images.Pull(connText, \\"docker.io/busybox\\", entities.ImagePullOptions{})\\n if err != nil {\\n fmt.Println(err)\\n os.Exit(1)\\n }\\n\\n // Pull Fedora image (Sample 2)\\n rawImage := \\"registry.fedoraproject.org/fedora:latest\\"\\n fmt.Println(\\"Pulling Fedora image...\\")\\n _, err = images.Pull(connText, rawImage, entities.ImagePullOptions{})\\n if err != nil {\\n fmt.Println(err)\\n os.Exit(1)\\n }\\n```\\n\\n**Run it:**\\n\\n```bash\\n$ go run main.go\\nWelcome to the Podman Go bindings tutorial\\nPulling Busybox image...\\nPulling Fedora image...\\n$\\n```\\n\\nThe system service side should echo messages like so:\\n\\n```bash\\nTrying to pull docker.io/busybox...\\nGetting image source signatures\\nCopying blob 61c5ed1cbdf8 [--------------------------------------] 0.0b / 0.0b\\nCopying config 018c9d7b79 done\\nWriting manifest to image destination\\nStoring signatures\\nTrying to pull registry.fedoraproject.org/fedora:latest...\\nGetting image source signatures\\nCopying blob dd9f43919ba0 [--------------------------------------] 0.0b / 0.0b\\nCopying config 00ff39a8bf done\\nWriting manifest to image destination\\nStoring signatures\\n```\\n\\n### List images \\n\\nNext, we will pull an image using the images.List() binding.\\nThis binding takes three arguments:\\n\\n- The context variable created earlier\\n- An optional bool \'all\'\\n- An optional map of filters\\n\\n**Append the following lines to your function:**\\n\\n```Go\\n // List images\\n imageSummary, err := images.List(connText, nil, nil)\\n if err != nil {\\n fmt.Println(err)\\n os.Exit(1)\\n }\\n var names []string\\n for _, i := range imageSummary {\\n names = append(names, i.RepoTags...)\\n }\\n fmt.Println(\\"Listing images...\\")\\n fmt.Println(names)\\n```\\n\\n**Run it:**\\n\\n```bash\\n$ go run main.go\\nWelcome to the Podman Go bindings tutorial\\nPulling Busybox image...\\nPulling Fedora image...\\nListing images...\\n[docker.io/library/busybox:latest registry.fedoraproject.org/fedora:latest]\\n$\\n```\\n\\n### Create and Start a Container from an Image \\n\\nTo create the container spec, we use specgen.NewSpecGenerator() followed by\\ncalling containers.CreateWithSpec() to actually create a new container.\\nspecgen.NewSpecGenerator() takes 2 arguments: - name of the image - whether it\'s a rootfs\\n\\ncontainers.CreateWithSpec() takes 2 arguments: - the context created earlier - the spec created by NewSpecGenerator\\n\\nNext, the container is actually started using the containers.Start() binding.\\ncontainers.Start() takes three arguments: - the context - the name or ID of the container created - an optional parameter for detach keys\\n\\nAfter the container is started, it\'s a good idea to ensure the container is\\nin a running state before you proceed with further operations.\\nThe containers.Wait() takes care of that.\\ncontainers.Wait() takes three arguments: - the context - the name or ID of the container created - container state (running/paused/stopped)\\n\\n**Append the following lines to your function:**\\n\\n```Go\\n // Container create\\n s := specgen.NewSpecGenerator(rawImage, false)\\n s.Terminal = true\\n r, err := containers.CreateWithSpec(connText, s)\\n if err != nil {\\n fmt.Println(err)\\n os.Exit(1)\\n }\\n\\n // Container start\\n fmt.Println(\\"Starting Fedora container...\\")\\n err = containers.Start(connText, r.ID, nil)\\n if err != nil {\\n fmt.Println(err)\\n os.Exit(1)\\n }\\n\\n running := define.ContainerStateRunning\\n _, err = containers.Wait(connText, r.ID, &running)\\n if err != nil {\\n fmt.Println(err)\\n os.Exit(1)\\n }\\n```\\n\\n**Run it:**\\n\\n```bash\\n$ go run main.go\\nWelcome to the Podman Go bindings tutorial\\nPulling image...\\nStarting Fedora container...\\n$\\n```\\n\\nCheck if the container is running:\\n\\n```bash\\n$ podman ps\\nCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES\\n665831d31e90 registry.fedoraproject.org/fedora:latest /bin/bash Less than a second ago Up Less than a second ago dazzling_mclean\\n$\\n```\\n\\n### List Containers \\n\\nContainers can be listed using the containers.List() binding.\\ncontainers.List() takes seven arguments: - the context - output filters - boolean to show all containers, by default only running containers are listed - number of latest created containers, all states (running/paused/stopped) - boolean to print pod information - boolean to print rootfs size - boolean to print oci runtime and container state\\n\\n**Append the following lines to your function:**\\n\\n```Go\\n // Container list\\n var latestContainers = 1\\n containerLatestList, err := containers.List(connText, nil, nil, &latestContainers, nil, nil, nil)\\n if err != nil {\\n fmt.Println(err)\\n os.Exit(1)\\n }\\n fmt.Printf(\\"Latest container is %s\\\\n\\", containerLatestList[0].Names[0])\\n```\\n\\n**Run it:**\\n\\n```bash\\n$ go run main.go\\nWelcome to the Podman Go bindings tutorial\\nPulling Busybox image...\\nPulling Fedora image...\\nListing images...\\n[docker.io/library/busybox:latest registry.fedoraproject.org/fedora:latest]\\nStarting Fedora container...\\nLatest container is dazzling_mclean\\n$\\n```\\n\\n### Inspect Container \\n\\nContainers can be inspected using the containers.Inspect() binding.\\ncontainers.Inspect() takes 3 arguments: - context - image name or ID - optional boolean to check for container size\\n\\n**Append the following lines to your function:**\\n\\n```Go\\n // Container inspect\\n ctrData, err := containers.Inspect(connText, r.ID, nil)\\n if err != nil {\\n fmt.Println(err)\\n os.Exit(1)\\n }\\n fmt.Printf(\\"Container uses image %s\\\\n\\", ctrData.ImageName)\\n fmt.Printf(\\"Container running status is %s\\\\n\\", ctrData.State.Status)\\n```\\n\\n**Run it:**\\n\\n```bash\\n$ go run main.go\\nWelcome to the Podman Go bindings tutorial\\nPulling Busybox image...\\nPulling Fedora image...\\nListing images...\\n[docker.io/library/busybox:latest registry.fedoraproject.org/fedora:latest]\\nStarting Fedora container...\\nLatest container is peaceful_noether\\nFedora Container uses image registry.fedoraproject.org/fedora:latest\\nFedora Container running status is running\\n$\\n```\\n\\n### Stop Container \\n\\nA container can be stopped by the containers.Stop() binding.\\ncontainers.Stop() takes 3 arguments: - context - image name or ID - optional timeout\\n\\n**Append the following lines to your function:**\\n\\n```Go\\n // Container stop\\n fmt.Println(\\"Stopping the container...\\")\\n err = containers.Stop(connText, r.ID, nil)\\n if err != nil {\\n fmt.Println(err)\\n os.Exit(1)\\n }\\n ctrData, err = containers.Inspect(connText, r.ID, nil)\\n if err != nil {\\n fmt.Println(err)\\n os.Exit(1)\\n }\\n fmt.Printf(\\"Container running status is now %s\\\\n\\", ctrData.State.Status)\\n```\\n\\n**Run it:**\\n\\n```bash\\n$ go run main.go\\nWelcome to the Podman Go bindings tutorial\\nPulling Busybox image...\\nPulling Fedora image...\\nListing images...\\n[docker.io/library/busybox:latest registry.fedoraproject.org/fedora:latest]\\nStarting Fedora container...\\nLatest container is peaceful_noether\\nFedora Container uses image registry.fedoraproject.org/fedora:latest\\nFedora Container running status is running\\nStopping Fedora container...\\nContainer running status is now exited\\n```\\n\\n### Debugging tips \\n\\nTo debug in a development setup, you can start the Podman system service\\nin debug mode like so:\\n\\n```bash\\n$ podman --log-level=debug system service -t 0\\n```\\n\\nThe `--log-level=debug` echoes all the logged requests and is useful to\\ntrace the execution path at a finer granularity. A snippet of a sample run looks like:\\n\\n```bash\\nINFO[0000] podman filtering at log level debug\\nDEBU[0000] Called service.PersistentPreRunE(podman --log-level=debug system service -t0)\\nDEBU[0000] Ignoring libpod.conf EventsLogger setting \\"/home/lsm5/.config/containers/containers.conf\\". Use \\"journald\\" if you want to change this setting and remove libpod.conf files.\\nDEBU[0000] Reading configuration file \\"/usr/share/containers/containers.conf\\"\\nDEBU[0000] Merged system config \\"/usr/share/containers/containers.conf\\": {Editors note: the remainder of this line was removed due to Jekyll formatting errors.}\\nDEBU[0000] Using conmon: \\"/usr/bin/conmon\\"\\nDEBU[0000] Initializing boltdb state at /home/lsm5/.local/share/containers/storage/libpod/bolt_state.db\\nDEBU[0000] Overriding run root \\"/run/user/1000/containers\\" with \\"/run/user/1000\\" from database\\nDEBU[0000] Using graph driver overlay\\nDEBU[0000] Using graph root /home/lsm5/.local/share/containers/storage\\nDEBU[0000] Using run root /run/user/1000\\nDEBU[0000] Using static dir /home/lsm5/.local/share/containers/storage/libpod\\nDEBU[0000] Using tmp dir /run/user/1000/libpod/tmp\\nDEBU[0000] Using volume path /home/lsm5/.local/share/containers/storage/volumes\\nDEBU[0000] Set libpod namespace to \\"\\"\\nDEBU[0000] Not configuring container store\\nDEBU[0000] Initializing event backend file\\nDEBU[0000] using runtime \\"/usr/bin/runc\\"\\nDEBU[0000] using runtime \\"/usr/bin/crun\\"\\nWARN[0000] Error initializing configured OCI runtime kata: no valid executable found for OCI runtime kata: invalid argument\\nDEBU[0000] using runtime \\"/usr/bin/crun\\"\\nINFO[0000] Setting parallel job count to 25\\nINFO[0000] podman filtering at log level debug\\nDEBU[0000] Called service.PersistentPreRunE(podman --log-level=debug system service -t0)\\nDEBU[0000] Ignoring libpod.conf EventsLogger setting \\"/home/lsm5/.config/containers/containers.conf\\". Use \\"journald\\" if you want to change this setting and remove libpod.conf files.\\nDEBU[0000] Reading configuration file \\"/usr/share/containers/containers.conf\\"\\n```\\n\\nIf the Podman system service has been started via systemd socket activation,\\nyou can view the logs using journalctl. The logs after a sample run look like so:\\n\\n```bash\\n$ journalctl --user --no-pager -u podman.socket\\n-- Reboot --\\nJul 22 13:50:40 nagato.nanadai.me systemd[1048]: Listening on Podman API Socket.\\n$\\n```\\n\\n```bash\\n$ journalctl --user --no-pager -u podman.service\\nJul 22 13:50:53 nagato.nanadai.me systemd[1048]: Starting Podman API Service...\\nJul 22 13:50:54 nagato.nanadai.me podman[1527]: time=\\"2020-07-22T13:50:54-04:00\\" level=error msg=\\"Error refreshing volume 38480630a8bdaa3e1a0ebd34c94038591b0d7ad994b37be5b4f2072bb6ef0879: error acquiring lock 0 for volume 38480630a8bdaa3e1a0ebd34c94038591b0d7ad994b37be5b4f2072bb6ef0879: file exists\\"\\nJul 22 13:50:54 nagato.nanadai.me podman[1527]: time=\\"2020-07-22T13:50:54-04:00\\" level=error msg=\\"Error refreshing volume 47d410af4d762a0cc456a89e58f759937146fa3be32b5e95a698a1d4069f4024: error acquiring lock 0 for volume 47d410af4d762a0cc456a89e58f759937146fa3be32b5e95a698a1d4069f4024: file exists\\"\\nJul 22 13:50:54 nagato.nanadai.me podman[1527]: time=\\"2020-07-22T13:50:54-04:00\\" level=error msg=\\"Error refreshing volume 86e73f082e344dad38c8792fb86b2017c4f133f2a8db87f239d1d28a78cf0868: error acquiring lock 0 for volume 86e73f082e344dad38c8792fb86b2017c4f133f2a8db87f239d1d28a78cf0868: file exists\\"\\nJul 22 13:50:54 nagato.nanadai.me podman[1527]: time=\\"2020-07-22T13:50:54-04:00\\" level=error msg=\\"Error refreshing volume 9a16ea764be490a5563e384d9074ab0495e4d9119be380c664037d6cf1215631: error acquiring lock 0 for volume 9a16ea764be490a5563e384d9074ab0495e4d9119be380c664037d6cf1215631: file exists\\"\\nJul 22 13:50:54 nagato.nanadai.me podman[1527]: time=\\"2020-07-22T13:50:54-04:00\\" level=error msg=\\"Error refreshing volume bfd6b2a97217f8655add13e0ad3f6b8e1c79bc1519b7a1e15361a107ccf57fc0: error acquiring lock 0 for volume bfd6b2a97217f8655add13e0ad3f6b8e1c79bc1519b7a1e15361a107ccf57fc0: file exists\\"\\nJul 22 13:50:54 nagato.nanadai.me podman[1527]: time=\\"2020-07-22T13:50:54-04:00\\" level=error msg=\\"Error refreshing volume f9b9f630982452ebcbed24bd229b142fbeecd5d4c85791fca440b21d56fef563: error acquiring lock 0 for volume f9b9f630982452ebcbed24bd229b142fbeecd5d4c85791fca440b21d56fef563: file exists\\"\\nJul 22 13:50:54 nagato.nanadai.me podman[1527]: Trying to pull registry.fedoraproject.org/fedora:latest...\\nJul 22 13:50:55 nagato.nanadai.me podman[1527]: Getting image source signatures\\nJul 22 13:50:55 nagato.nanadai.me podman[1527]: Copying blob sha256:dd9f43919ba05f05d4f783c31e83e5e776c4f5d29dd72b9ec5056b9576c10053\\nJul 22 13:50:55 nagato.nanadai.me podman[1527]: Copying config sha256:00ff39a8bf19f810a7e641f7eb3ddc47635913a19c4996debd91fafb6b379069\\nJul 22 13:50:55 nagato.nanadai.me podman[1527]: Writing manifest to image destination\\nJul 22 13:50:55 nagato.nanadai.me podman[1527]: Storing signatures\\nJul 22 13:50:55 nagato.nanadai.me systemd[1048]: podman.service: unit configures an IP firewall, but not running as root.\\nJul 22 13:50:55 nagato.nanadai.me systemd[1048]: (This warning is only shown for the first unit using IP firewalling.)\\nJul 22 13:51:15 nagato.nanadai.me systemd[1048]: podman.service: Succeeded.\\nJul 22 13:51:15 nagato.nanadai.me systemd[1048]: Finished Podman API Service.\\nJul 22 13:51:15 nagato.nanadai.me systemd[1048]: podman.service: Consumed 1.339s CPU time.\\n$\\n```\\n\\n## Wrap Up\\n\\nPodman v2 provides a set of Go bindings to allow developers to integrate Podman\\nfunctionality conveniently in their Go application. These Go bindings require\\nthe Podman system service to be running in the background and this can easily\\nbe achieved using systemd socket activation. Once set up, you are able to use a\\nset of Go based bindings to create, maintain and monitor your container images,\\ncontainers and pods in a way which fits very nicely in many production environments.\\n\\n## References\\n\\n- Podman v2 is available for most major distributions along with MacOS and Windows.\\n Installation details are available on the [Podman official website](https://podman.io/getting-started/).\\n\\n- Documentation can be found at the [Podman Docs page](https://docs.podman.io).\\n It also includes a section on the [RESTful API](https://docs.podman.io/en/latest/Reference.html).\\n\\n## Contribute\\n\\n- Any issues with the bindings can be [reported upstream](https://github.com/containers/podman/issues/new/choose).\\n- Check out the [Podman community page](https://podman.io/community/) for more ways to get in touch with the community.\\n\\n## Acknowledgments\\n\\n- This blog post was co-authored by Parker Van Roy, currently interning at Red\\n Hat for summer 2020.\\n\\n- Thanks to Brent Baude for the initial blog post suggestion and reviews.\\n\\n- Thanks to Tom Sweeney, Valentin Rothberg, Dan Walsh and the entire Podman team for\\n their reviews and insightful comments."},{"id":"/2020/08/02/new","metadata":{"permalink":"/blogs/2020/08/02/new","source":"@site/blog/2020-08-02-new.md","title":"Improved systemd integration with Podman 2.0","description":"Valentin Rothberg just landed a blog post on the Red Hat Enable Sysadmin site Improved systemd integration with Podman 2.0. In the post, Valentin talks about how systemd in Podman v2.0 is even more tightly integrated than it was in prior versions.","date":"2020-08-02T00:00:00.000Z","formattedDate":"August 2, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"rest","permalink":"/blogs/tags/rest"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"}],"readingTime":0.21,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Improved systemd integration with Podman 2.0","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","rest","rest-api","v2","hpc"]},"prevItem":{"title":"Podman Go bindings","permalink":"/blogs/2020/08/10/podman-go-bindings"},"nextItem":{"title":"Improved systemd integration with Podman 2.0","permalink":"/blogs/2020/08/02/systemd-integration-v2"}},"content":"[Valentin Rothberg](https://twitter.com/vlntnrthbrg) just landed a blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site [Improved systemd integration with Podman 2.0](https://www.redhat.com/sysadmin/improved-systemd-podman). In the post, Valentin talks about how systemd in Podman v2.0 is even more tightly integrated than it was in prior versions."},{"id":"/2020/08/02/systemd-integration-v2","metadata":{"permalink":"/blogs/2020/08/02/systemd-integration-v2","source":"@site/blog/2020-08-02-systemd-integration-v2.md","title":"Improved systemd integration with Podman 2.0","description":"podman logo","date":"2020-08-02T00:00:00.000Z","formattedDate":"August 2, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"github","permalink":"/blogs/tags/github"},{"label":"rename","permalink":"/blogs/tags/rename"}],"readingTime":0.28,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Improved systemd integration with Podman 2.0","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["podman","containers","v2","github","rename"]},"prevItem":{"title":"Improved systemd integration with Podman 2.0","permalink":"/blogs/2020/08/02/new"},"nextItem":{"title":"Podman API v1.0 Deprecation and Removal Notice","permalink":"/blogs/2020/08/01/deprecate-and-remove-varlink-notice"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Improved systemd integration with Podman 2.0\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\n[Valentin Rothberg](https://twitter.com/vlntnrthbrg) just landed a blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site [Improved systemd integration with Podman 2.0](https://www.redhat.com/sysadmin/improved-systemd-podman). In the post, Valentin talks about how systemd in Podman v2.0 is even more tightly integrated than it was in prior versions."},{"id":"/2020/08/01/deprecate-and-remove-varlink-notice","metadata":{"permalink":"/blogs/2020/08/01/deprecate-and-remove-varlink-notice","source":"@site/blog/2020-08-01-deprecate-and-remove-varlink-notice.md","title":"Podman API v1.0 Deprecation and Removal Notice","description":"podman logo","date":"2020-08-01T00:00:00.000Z","formattedDate":"August 1, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"github","permalink":"/blogs/tags/github"},{"label":"varlink","permalink":"/blogs/tags/varlink"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"}],"readingTime":2.705,"hasTruncateMarker":true,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman API v1.0 Deprecation and Removal Notice","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["podman","containers","v2","github","varlink","rest-api"]},"prevItem":{"title":"Improved systemd integration with Podman 2.0","permalink":"/blogs/2020/08/02/systemd-integration-v2"},"nextItem":{"title":"Podman API v1.0 Deprecation and Removal Notice","permalink":"/blogs/2020/08/01/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman API v1.0 Deprecation and Removal Notice\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nThe Podman API v1.0 relied on the [varlink library](https://github.com/varlink/libvarlink) to handle the underlying client/server calls from the Podman client to the host where the Podman service was running. About one year ago, the Podman team was notified that the focus on the varlink library was being greatly reduced and there would be no further development and little support for it from the varlink library team. This led the Podman team to investigate the use of other client/server technologies and it was decided to develop a RESTful API for Podman using the native Go libraries.\\n\\n\x3c!--truncate--\x3e\\n\\nThis new Podman v2.0 RESTful API was released along with Podman v2.0 in June of 2020 and replaces the Podman API v1.0. As of that time the Podman API v1.0 for Podman is considered to be deprecated. If there are issues with the Podman API v1.0 in versions of Podman prior to v2.0 and those versions are still under support on Red Hat Enterprise Linux (RHEL), the Podman team will make a best effort to address those issues. However, no new feature requests for the API v1.0 will be considered and any problems found with the API v1.0 in Podman v2.0 will not be addressed.\\n\\nThe new Podman v2.0 RESTful API is split into two halves: one providing a Docker-compatible API, and a Libpod API providing support for Podman\u2019s unique features such as pods. The new API works in both a rootful and a rootless environment. It is a much more flexible solution and Podman will not have a dependency on another project in order to supply an API. For more information on the Podman v2.0 RESTful API please see articles on the [podman.io](https://podman.io/) site and also the documentation for the Podman v2.0 RESTful API [here](https://docs.podman.io/en/latest/Reference.html).\\n\\nDistributions have to support services for the length of their support agreements. The Podman development team wants to be free to update the version of Podman during this support cycle. Therefore, we are planning to drop support for Podman API v1.0 from distributions Red Hat is the packagers for. The version of Podman, 2.\\\\*, which is contained in Fedora 33, scheduled to be released around Oct 31, 2020, will ship with no varlink support. We also plan to drop support from the RHEL8.4 release, spring 2021. Other distributions like OpenSUSE have already disabled varlink support and we have heard that other distributions will follow suit.\\n\\nThis also serves as a notification that the Podman v1.0 (varlink) API will be removed from the main GitHub branch of Podman in the near future. With the release of Podman v2.0 the Podman developers deprecated the Podman API v1.0 in favor of the new Podman v2.0 RESTful API. The plan is to remove varlink completely from the Podman v3.0 development branch which will be created some time after September 2020. A 30 day notification of the final removal date will be posted on the [podman.io](https://podman.io) site and also on the [Podman mailing list](https://lists.podman.io/admin/lists/podman.lists.podman.io/), along with social media once it is definitively determined.\\n\\nIf you have any questions or concerns about this notification, please send a note to the Podman mailing list or create an issue on Podman\u2019s [GitHub](https://github.com/containers/podman/issues) repository."},{"id":"/2020/08/01/new","metadata":{"permalink":"/blogs/2020/08/01/new","source":"@site/blog/2020-08-01-new.md","title":"Podman API v1.0 Deprecation and Removal Notice","description":"A Podman API v1.0 Deprecation and Removal Notice has just been posted. The Podman v1.0 API based on the varlink library has been deprecated and will soon be removed from Podman in favor of the new Podmand v2.0 RESTful API. Please see the notice for more details.","date":"2020-08-01T00:00:00.000Z","formattedDate":"August 1, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"rest","permalink":"/blogs/tags/rest"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"varlink","permalink":"/blogs/tags/varlink"}],"readingTime":0.235,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman API v1.0 Deprecation and Removal Notice","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","rest","rest-api","v2","hpc","varlink"]},"prevItem":{"title":"Podman API v1.0 Deprecation and Removal Notice","permalink":"/blogs/2020/08/01/deprecate-and-remove-varlink-notice"},"nextItem":{"title":"Speed up container builds with overlay mounts","permalink":"/blogs/2020/07/18/new"}},"content":"A [Podman API v1.0 Deprecation and Removal Notice](https://podman.io/blogs/2020/08/01/deprecate-and-remove-varlink-notice.html) has just been posted. The Podman v1.0 API based on the varlink library has been deprecated and will soon be removed from Podman in favor of the new Podmand v2.0 RESTful API. Please see the notice for more details."},{"id":"/2020/07/18/new","metadata":{"permalink":"/blogs/2020/07/18/new","source":"@site/blog/2020-07-18-new.md","title":"Speed up container builds with overlay mounts","description":"Dan Walsh has another blog post on the Red Hat Enable Sysadmin site this time he\'s writing on how to Speed up container builds with overlay mounts. In the article Dan walks you through speeding up builds for multiple distributions by sharing the host\'s metadata.","date":"2020-07-18T00:00:00.000Z","formattedDate":"July 18, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"rest","permalink":"/blogs/tags/rest"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"}],"readingTime":0.225,"hasTruncateMarker":false,"authors":[{"name":"dwalsh"}],"frontMatter":{"title":"Speed up container builds with overlay mounts","layout":"default","author":"dwalsh","categories":["new"],"tags":["containers","podman","networking","pod","api","rest","rest-api","v2","hpc"]},"prevItem":{"title":"Podman API v1.0 Deprecation and Removal Notice","permalink":"/blogs/2020/08/01/new"},"nextItem":{"title":"Speed up container builds with overlay mounts","permalink":"/blogs/2020/07/18/speed-up-build-with-overlayfs"}},"content":"Dan Walsh has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time he\'s writing on how to [Speed up container builds with overlay mounts](https://www.redhat.com/sysadmin/overlay-mounts). In the article Dan walks you through speeding up builds for multiple distributions by sharing the host\'s metadata."},{"id":"/2020/07/18/speed-up-build-with-overlayfs","metadata":{"permalink":"/blogs/2020/07/18/speed-up-build-with-overlayfs","source":"@site/blog/2020-07-18-speed-up-build-with-overlayfs.md","title":"Speed up container builds with overlay mounts","description":"podman logo","date":"2020-07-18T00:00:00.000Z","formattedDate":"July 18, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"github","permalink":"/blogs/tags/github"},{"label":"rename","permalink":"/blogs/tags/rename"}],"readingTime":0.3,"hasTruncateMarker":false,"authors":[{"name":"dwalsh"}],"frontMatter":{"title":"Speed up container builds with overlay mounts","layout":"default","author":"dwalsh","categories":["blogs"],"tags":["podman","containers","v2","github","rename"]},"prevItem":{"title":"Speed up container builds with overlay mounts","permalink":"/blogs/2020/07/18/new"},"nextItem":{"title":"Exploring additional image stores in Podman","permalink":"/blogs/2020/07/17/additional-image-stores"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Speed up container builds with overlay mounts\\n\\n## By Dan Walsh [GitHub](https://github.com/rhatdan)\\n\\nDan Walsh has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time he\'s writing on how to [Speed up container builds with overlay mounts](https://www.redhat.com/sysadmin/overlay-mounts). In the article Dan walks you through speeding up builds for multiple distributions by sharing the host\'s metadata."},{"id":"/2020/07/17/additional-image-stores","metadata":{"permalink":"/blogs/2020/07/17/additional-image-stores","source":"@site/blog/2020-07-17-additional-image-stores.md","title":"Exploring additional image stores in Podman","description":"podman logo","date":"2020-07-17T00:00:00.000Z","formattedDate":"July 17, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"github","permalink":"/blogs/tags/github"},{"label":"rename","permalink":"/blogs/tags/rename"}],"readingTime":0.3,"hasTruncateMarker":false,"authors":[{"name":"dwalsh"}],"frontMatter":{"title":"Exploring additional image stores in Podman","layout":"default","author":"dwalsh","categories":["blogs"],"tags":["podman","containers","v2","github","rename"]},"prevItem":{"title":"Speed up container builds with overlay mounts","permalink":"/blogs/2020/07/18/speed-up-build-with-overlayfs"},"nextItem":{"title":"Exploring additional image stores in Podman","permalink":"/blogs/2020/07/17/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Exploring additional image stores in Podman\\n\\n## By Dan Walsh [GitHub](https://github.com/rhatdan)\\n\\nDan Walsh has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time he\'s writing about [Exploring additional image stores in Podman](https://www.redhat.com/sysadmin/image-stores-podman). In the article Dan shows you how to store container images on shares, permitting the images to be accessed over the network."},{"id":"/2020/07/17/new","metadata":{"permalink":"/blogs/2020/07/17/new","source":"@site/blog/2020-07-17-new.md","title":"Exploring additional image stores in Podman","description":"Dan Walsh has another blog post on the Red Hat Enable Sysadmin site this time he\'s writing about Exploring additional image stores in Podman. In the article Dan shows you how to store container images on shares, permitting the images to be accessed over the network.","date":"2020-07-17T00:00:00.000Z","formattedDate":"July 17, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"rest","permalink":"/blogs/tags/rest"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"}],"readingTime":0.23,"hasTruncateMarker":false,"authors":[{"name":"dwalsh"}],"frontMatter":{"title":"Exploring additional image stores in Podman","layout":"default","author":"dwalsh","categories":["new"],"tags":["containers","podman","networking","pod","api","rest","rest-api","v2","hpc"]},"prevItem":{"title":"Exploring additional image stores in Podman","permalink":"/blogs/2020/07/17/additional-image-stores"},"nextItem":{"title":"Building images using Podman and cron","permalink":"/blogs/2020/07/16/new"}},"content":"Dan Walsh has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time he\'s writing about [Exploring additional image stores in Podman](https://www.redhat.com/sysadmin/image-stores-podman). In the article Dan shows you how to store container images on shares, permitting the images to be accessed over the network."},{"id":"/2020/07/16/new","metadata":{"permalink":"/blogs/2020/07/16/new","source":"@site/blog/2020-07-16-new.md","title":"Building images using Podman and cron","description":"Tom Sweeney has another blog post on the Red Hat Enable Sysadmin site this time he\'s writing about Building images using Podman and cron. In the article Tom talks about how necessity became the mother of invention and cron was put into use to build container images on a regular schedule.","date":"2020-07-16T00:00:00.000Z","formattedDate":"July 16, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"rest","permalink":"/blogs/tags/rest"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"}],"readingTime":0.255,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Building images using Podman and cron","layout":"default","author":"tsweeney","categories":["new"],"tags":["containers","podman","networking","pod","api","rest","rest-api","v2","hpc"]},"prevItem":{"title":"Exploring additional image stores in Podman","permalink":"/blogs/2020/07/17/new"},"nextItem":{"title":"Building images using Podman and cron","permalink":"/blogs/2020/07/16/podman-and-cron"}},"content":"Tom Sweeney has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time he\'s writing about [Building images using Podman and cron](https://www.redhat.com/sysadmin/building-images-podman-cron). In the article Tom talks about how necessity became the mother of invention and cron was put into use to build container images on a regular schedule."},{"id":"/2020/07/16/podman-and-cron","metadata":{"permalink":"/blogs/2020/07/16/podman-and-cron","source":"@site/blog/2020-07-16-podman-and-cron.md","title":"Building images using Podman and cron","description":"podman logo","date":"2020-07-16T00:00:00.000Z","formattedDate":"July 16, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"github","permalink":"/blogs/tags/github"},{"label":"rename","permalink":"/blogs/tags/rename"}],"readingTime":0.325,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Building images using Podman and cron","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["podman","containers","v2","github","rename"]},"prevItem":{"title":"Building images using Podman and cron","permalink":"/blogs/2020/07/16/new"},"nextItem":{"title":"The Podman repository has been renamed","permalink":"/blogs/2020/07/07/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Building images using Podman and cron\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nTom Sweeney has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time he\'s writing about [Building images using Podman and cron](https://www.redhat.com/sysadmin/building-images-podman-cron). In the article Tom talks about how necessity became the mother of invention and cron was put into use to build container images on a regular schedule."},{"id":"/2020/07/07/new","metadata":{"permalink":"/blogs/2020/07/07/new","source":"@site/blog/2020-07-07-new.md","title":"The Podman repository has been renamed","description":"The GitHub repository for the Podman project has been moved from github.com/containers/libpod to github.com/containers/podman. More details from Matt Heon in this blog post.","date":"2020-07-07T00:00:00.000Z","formattedDate":"July 7, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"rest","permalink":"/blogs/tags/rest"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"}],"readingTime":0.115,"hasTruncateMarker":false,"authors":[{"name":"mheon"}],"frontMatter":{"title":"The Podman repository has been renamed","layout":"default","author":"mheon","categories":["new"],"tags":["containers","podman","networking","pod","api","rest","rest-api","v2","hpc"]},"prevItem":{"title":"Building images using Podman and cron","permalink":"/blogs/2020/07/16/podman-and-cron"},"nextItem":{"title":"The Podman repository has been renamed","permalink":"/blogs/2020/07/07/repo-rename"}},"content":"The GitHub repository for the Podman project has been moved from [github.com/containers/libpod](https://github.com/containers/libpod) to [github.com/containers/podman](https://github.com/containers/podman). More details from Matt Heon in this blog [post](https://podman.io/blogs/2020/07/07/repo-rename.html)."},{"id":"/2020/07/07/repo-rename","metadata":{"permalink":"/blogs/2020/07/07/repo-rename","source":"@site/blog/2020-07-07-repo-rename.md","title":"The Podman repository has been renamed","description":"podman logo","date":"2020-07-07T00:00:00.000Z","formattedDate":"July 7, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"github","permalink":"/blogs/tags/github"},{"label":"rename","permalink":"/blogs/tags/rename"}],"readingTime":1.745,"hasTruncateMarker":true,"authors":[{"name":"mheon"}],"frontMatter":{"title":"The Podman repository has been renamed","layout":"default","author":"mheon","categories":["blogs"],"tags":["podman","containers","v2","github","rename"]},"prevItem":{"title":"The Podman repository has been renamed","permalink":"/blogs/2020/07/07/new"},"nextItem":{"title":"Podman REST API and Docker compatibility","permalink":"/blogs/2020/07/01/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# The Podman repository has been renamed\\n\\n## By Matthew Heon [GitHub](https://github.com/mheon)\\n\\nThe [Podman](https://podman.io/) repository on Github is moving from [github.com/containers/libpod](https://github.com/containers/libpod) to [github.com/containers/podman](https://github.com/containers/podman)! Read on to find out why, and how it will affect you.\\n\\n\x3c!--truncate--\x3e\\n\\nThree years ago, we created a new Git repository to hold our new container-management tool and the library it was based on. At the time, Podman was not named Podman, but `kpod` - a name no one on the team liked, and one we\u2019d hoped to replace quickly. Given this, we decided to name the repository after the library we\u2019d written to manage containers - `libpod`. Four months after that, we made the first public release of the tool, and with it came a new name - Podman (POD MANager). The rest is, as they say, history. The Podman team is incredibly grateful for the success we\u2019ve seen since then, and the way that the community has grown.\\n\\nWith the release of Podman 2.0, we decided it was a good time to for the rename our repository to better match how it\u2019s used today. We\u2019ve decided to rename our Github repository from `containers/libpod` to `containers/podman`. The `libpod` name made sense when we first made the repository, but it hasn\u2019t been the focus of development for some time. We\u2019ve actually been considering moving the `libpod` library into a separate repository, to make it easier to include in our other tools (and it would be very confusing for `containers/libpod` to not include `libpod`!). Given this, and the fact that there are far more users of Podman the tool than `libpod` the library, renaming the repository makes a great deal of sense.\\n\\nFinally, this rename helps make the repository more discoverable - it\u2019s hard for a new Podman user to know that issues should be filed against `containers/libpod` since they probably don\u2019t know what `libpod` is.\\n\\nWe don\u2019t expect this move will break anyone\u2019s workflow. Github will ensure that the old URLs redirect to the new location, so access to the repo itself, as well as our issues and pull requests, should be unaffected."},{"id":"/2020/07/01/new","metadata":{"permalink":"/blogs/2020/07/01/new","source":"@site/blog/2020-07-01-new.md","title":"Podman REST API and Docker compatibility","description":"Matt Heon talks about the compatibility of the new Podman REST API and Docker\'s API is this blog post.","date":"2020-07-01T00:00:00.000Z","formattedDate":"July 1, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"rest","permalink":"/blogs/tags/rest"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"}],"readingTime":0.095,"hasTruncateMarker":false,"authors":[{"name":"mheon"}],"frontMatter":{"title":"Podman REST API and Docker compatibility","layout":"default","author":"mheon","categories":["new"],"tags":["containers","podman","networking","pod","api","rest","rest-api","v2","hpc"]},"prevItem":{"title":"The Podman repository has been renamed","permalink":"/blogs/2020/07/07/repo-rename"},"nextItem":{"title":"Podman REST API and Docker compatibility","permalink":"/blogs/2020/07/01/rest-versioning"}},"content":"Matt Heon talks about the compatibility of the new Podman REST API and Docker\'s API is this blog [post](https://podman.io/blogs/2020/07/01/rest-versioning.html)."},{"id":"/2020/07/01/rest-versioning","metadata":{"permalink":"/blogs/2020/07/01/rest-versioning","source":"@site/blog/2020-07-01-rest-versioning.md","title":"Podman REST API and Docker compatibility","description":"podman logo","date":"2020-07-01T00:00:00.000Z","formattedDate":"July 1, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"rest","permalink":"/blogs/tags/rest"},{"label":"v2","permalink":"/blogs/tags/v-2"}],"readingTime":1.835,"hasTruncateMarker":true,"authors":[{"name":"mheon"}],"frontMatter":{"title":"Podman REST API and Docker compatibility","layout":"default","author":"mheon","categories":["blogs"],"tags":["podman","containers","api","rest-api","hpc","rest","v2"]},"prevItem":{"title":"Podman REST API and Docker compatibility","permalink":"/blogs/2020/07/01/new"},"nextItem":{"title":"Announcing Podman v2.0","permalink":"/blogs/2020/06/29/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman REST API and Docker compatibility\\n\\n## By Matthew Heon [GitHub](https://github.com/mheon)\\n\\n## Versioning the REST API\\n\\nPodman v2.0.0 launched recently, and with it the REST API. We\u2019ve seen a great deal of excitement with this new API because of what it will enable - enabling applications and automation to use Podman when the could previously only use Docker. As you may know, Podman\u2019s REST API is split into two halves: one providing a Docker-compatible API, and a Libpod API providing support for Podman\u2019s unique features such as pods. We would love for all projects to eventually grow to support for our native Libpod API, but this will take time (and may be impossible for older, no longer maintained projects). As such, we need to talk about the Compatibility API and how it can be used.\\n\\n\x3c!--truncate--\x3e\\n\\nWhen we developed the compatibility API layer, we targeted the latest released version of the Docker API, v1.40. Within this version, we aimed to implement all endpoints, with the exception of those used for Swarm([^1]). Podman is not a tool for managing clusters, and does not intend to become one. We recognize that many existing tools do not target this specific Docker API version, and these are occasionally breaking changes in the Docker API that may make using the newest API impossible. The core Podman team cannot commit to being bug-for-bug compatible with every version of the Docker API. The Podman team commits to fixing bugs related to the latest version of Docker API. We may fix bugs with older versions that affect many users. As a community project, we gladly accept help here - if you find bugs that prevent Podman from working with a specific API version you use and are willing to fix them, we\u2019re always happy to accept patches!\\n\\nWe\u2019re very excited by the possibilities the new Podman API offers, and encourage everyone to try it out. Question and bug reports are always welcome at our [Github page](https://github.com/containers/podman) or our [email list](https://lists.podman.io/admin/lists/podman.lists.podman.io/).\\n\\n[^1]: The Podman team believes the best tool for container orchestration is [Kubernetes](https://kubernetes.io/). The `podman generate kube` and `podman play kube` ease developer transitioning from single node containers/pods to full Kubernetes workloads."},{"id":"/2020/06/29/new","metadata":{"permalink":"/blogs/2020/06/29/new","source":"@site/blog/2020-06-29-new.md","title":"Announcing Podman v2.0","description":"Announcing Podman v2.0!","date":"2020-06-29T00:00:00.000Z","formattedDate":"June 29, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"docker-compose","permalink":"/blogs/tags/docker-compose"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"rest","permalink":"/blogs/tags/rest"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"},{"label":"v2","permalink":"/blogs/tags/v-2"}],"readingTime":0.19,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Announcing Podman v2.0","layout":"default","author":"baude","categories":["new"],"tags":["containers","docker-compose","podman","networking","pod","api","rest","rest-api","v2"]},"prevItem":{"title":"Podman REST API and Docker compatibility","permalink":"/blogs/2020/07/01/rest-versioning"},"nextItem":{"title":"Announcing Podman v2.0","permalink":"/blogs/2020/06/29/podman-v2-announce"}},"content":"**Announcing Podman v2.0!**\\n\\nPodman v2.0 is here! Brent Baude talks about the major highlights of the new release, including the new RESTful API, remote client improvements, Auto-update functionality and systemd integration improvements.\\nMore details in the announcement [post](https://podman.io/blogs/2020/06/29/podman-v2-announce.html)."},{"id":"/2020/06/29/podman-v2-announce","metadata":{"permalink":"/blogs/2020/06/29/podman-v2-announce","source":"@site/blog/2020-06-29-podman-v2-announce.md","title":"Announcing Podman v2.0","description":"podman logo","date":"2020-06-29T00:00:00.000Z","formattedDate":"June 29, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"docker-compose","permalink":"/blogs/tags/docker-compose"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"rest","permalink":"/blogs/tags/rest"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"},{"label":"v2","permalink":"/blogs/tags/v-2"},{"label":"hpc","permalink":"/blogs/tags/hpc"}],"readingTime":3.985,"hasTruncateMarker":true,"authors":[{"name":"baude"}],"frontMatter":{"title":"Announcing Podman v2.0","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","docker-compose","podman","networking","pod","api","rest","rest-api","v2","hpc"]},"prevItem":{"title":"Announcing Podman v2.0","permalink":"/blogs/2020/06/29/new"},"nextItem":{"title":"Update on Podman v2","permalink":"/blogs/2020/05/13/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Announcing Podman v2\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\nIf you have been following the upstream development of Podman, you have undoubtedly seen us refer to \u201c2.0\u201d or \u201cPodman 2\u201d. Today, we have made the first release of Podman 2 upstream. The release notes highlight many of the newest features but we wanted to call out some specific things in this blog and expand on them.\\n\\n\x3c!--truncate--\x3e\\n\\n## \u201cPay no attention to the man behind the curtain\u201d\\n\\nMost of the changes to the new Podman should be transparent to end users. We did a significant amount of replumbing in our internals to allow for future enhancements and more closely align many of the code paths. There are some subtle changes to the outputs of some commands and fields within JSON formatted responses. They were largely done to create more consistency amongst our commands as well as driven by user feedback.\\n\\n## RESTful API\\n\\nThe biggest change in Podman 2 is our introduction of a RESTful API to interact with our libraries. In actuality, the RESTful service was present in earlier versions but was tagged experimental. We have also deprecated the previous API implementation based on varlink. We will publish more specific blogs and tutorials on how to use the API but consider this a little introduction.\\n\\nThe API was designed to have two layers: libpod and compatibility. The libpod layer allows you to interact directly with the libpod libraries. The compatibility layer is designed to emulate the Docker RESTful API to assist in migration of tools, applications, and services long-term to libpod. This can be made clearer with an example. Consider inspecting a container called \u2018foobar\u2019 with each layer. The endpoint paths would differ depending on the layers.\\n\\n```\\n/v1.24/containers/foobar \u2190 compatibility call\\n/v1.0/libpod/containers/foobar \u2190 libpod call\\n```\\n\\nFurthermore, the results of each call will differ. The compatibility result will closely emulate the response from Docker.\\n\\nOur preference is that people writing new code to interact with Podman should use the libpod layer only. This is a more sound long term strategy. But for people that need to migrate to Podman, the compatibility layer allows for a quick on-boarding. There are of course Docker endpoints we cannot or choose not to emulate due to incompatibities between Docker and Podman. Nevertheless, we have already seen some field success in migration of applications.\\n\\nIn keeping with Podman\u2019s history the restful API will work in both rootless and rootful mode. If you run in rootful mode, the podman service will listen on `/run/podman/podman.sock` and rootless is `$XDG_RUNTIME_DIR/podman/podman.sock` (for example: `/run/user/1000/podman/podman.sock`). If you install the podman-docker package, the package will set up a link between `run/docker/docker.sock` and `/run/podman/podman.sock`.\\n\\n## Remote clients\\n\\nOne of the consequences of our re-plumbing work is that our remote clients for Windows, Mac, and Linux are significantly smaller in size. The interface for the remote client connection has also changed to more of a URI format. As a matter of process, we attach a binary version of the remote clients to each release.\\n\\nIt is also worth noting that a \u2018--remote\u2019 flag has been added to the Podman binary to allow it to act as a remote client.\\n\\n## Auto-update\\n\\nThe `podman auto-update` command allows for updating systemd-managed running containers when their images have been updated on the container registry. While it is still a tech preview in Podman v2.0, we added a number of improvements to better support authentication and to select the correct images on ARM. If you\u2019re interested in auto updates, please check them out and let us know what you think.\\n\\n## systemd Integration Improvements\\n\\nA major improvement for Podman\u2019s systemd support is that `podman generate systemd` now supports using the `--new` flag on pods. This allows for creating shareable systemd units not only for containers but also for pods. Additionally, we added a number of changes to make the systemd units more robust and reliable, such as cleanly starting after a system crash and clean shutdowns even when conmon has been killed. The names of generated files can further be altered with the new `--container-prefix` and `--pod-prefix` flags.\\n\\n## Conclusion\\n\\nThis is a major new version of Podman with the goal to support all of your local container engine needs. We sincerely hope that the new features meet your needs. We continue to develop new content based on the API including new bits to the API itself. Before making too many more changes, we will let Podman \u201cbake\u201d for a while before the next radical functions are added.\\n\\nWe would love to hear your feedback and look forward to working with the community on giving Podman users and developers the best container experience. Remember upstream Podman development usually hangs out on **#podman** on **Freenode** and on the Podman [mailing list](https://lists.podman.io/admin/lists/podman.lists.podman.io/)."},{"id":"/2020/05/13/new","metadata":{"permalink":"/blogs/2020/05/13/new","source":"@site/blog/2020-05-13-new.md","title":"Update on Podman v2","description":"The local Podman v2 client is complete. It is passing all of its rootful and rootless system and integration tests.","date":"2020-05-13T00:00:00.000Z","formattedDate":"May 13, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"docker-compose","permalink":"/blogs/tags/docker-compose"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"rest","permalink":"/blogs/tags/rest"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"},{"label":"v2","permalink":"/blogs/tags/v-2"}],"readingTime":0.38,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Update on Podman v2","layout":"default","author":"baude","categories":["new"],"tags":["containers","docker-compose","podman","networking","pod","api","rest","rest-api","v2"]},"prevItem":{"title":"Announcing Podman v2.0","permalink":"/blogs/2020/06/29/podman-v2-announce"},"nextItem":{"title":"Update on Podman v2","permalink":"/blogs/2020/05/13/podman-v2-update"}},"content":"**The local Podman v2 client is complete. It is passing all of its rootful and rootless system and integration tests.**\\n\\nThe CI/CID tests have been re-enabled upstream and are run with each pull request submission. We are now hard at work finishing up some of the core podman-remote functions. Once those functions are complete, we can then begin to run our podman-remote system and integration tests to catch any regressions.\\n\\nMore details in the announcement [post](https://podman.io/blogs/2020/05/13/podman-v2-update.html)."},{"id":"/2020/05/13/podman-v2-update","metadata":{"permalink":"/blogs/2020/05/13/podman-v2-update","source":"@site/blog/2020-05-13-podman-v2-update.md","title":"Update on Podman v2","description":"podman logo","date":"2020-05-13T00:00:00.000Z","formattedDate":"May 13, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"docker-compose","permalink":"/blogs/tags/docker-compose"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"rest","permalink":"/blogs/tags/rest"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"},{"label":"v2","permalink":"/blogs/tags/v-2"}],"readingTime":2,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Update on Podman v2","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","docker-compose","podman","networking","pod","api","rest","rest-api","v2"]},"prevItem":{"title":"Update on Podman v2","permalink":"/blogs/2020/05/13/new"},"nextItem":{"title":"Podman installation documentation in French","permalink":"/blogs/2020/05/06/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Update on Podman v2\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\nA few weeks ago, we made an announcement about the development of Podman V2. In the announcement, we mentioned that the state of upstream code would be jumbled for a while and that we would be temporarily disabling many of our CI/CD tests. The upstream development team has been hard at work, and we are starting to see that work pay off.\\n\\nToday, we are very excited to announce:\\n\\n**The local Podman v2 client is complete. It is passing all of its rootful and rootless system and integration tests.**\\n\\nThe CI/CID tests have been re-enabled upstream and are run with each pull request submission. We are now hard at work finishing up some of the core podman-remote functions. Once those functions are complete, we can then begin to run our podman-remote system and integration tests to catch any regressions.\\n\\nWe have re-enabled the autobuilds for Podman v2 in Fedora rawhide. As mentioned earlier, the Podman remote client is not complete, so that binary is temporarily being removed from the RPM. It will be re-added when the remote client is complete. As a corollary, the Windows and OS/X clients are also not being compiled or tested. This will occur once the remote client for Linux is complete.\\n\\nWe encourage you to pull the latest upstream Podman code and exercise it with your use cases to help us protect against regressions from Podman v1. We hope to make a full Podman v2.0 release in several weeks, once we are confident it is stable. We look forward to hearing what you think, and please do not hesitate to raise issues and comments on this in our [GitHub repository](https://github.com/containers/podman/issues), our Freenode IRC channel `#podman`, or to the Podman mailing list.\\n\\nWe\u2019re very excited to bring Podman v2.0 to you as it offers a lot more flexibility through it\u2019s new REST API interface and adds several enhancements to the existing commands. If your project builds on top of Podman, we would especially love to have you test this new version out so we can ensure complete compatibility with Podman v1.0 and address any issues found ASAP.\\n\\n**Note:** This announcement was first released to the Podman mailing list. If you are not yet a member of that community, please join us by sending an email to [podman-join@lists.podman.io](mailto:podman-join@lists.podman.io?subject=subscribe) with the word \u201csubscribe\u201d as the title."},{"id":"/2020/05/06/new","metadata":{"permalink":"/blogs/2020/05/06/new","source":"@site/blog/2020-05-06-new.md","title":"Podman installation documentation in French","description":"Est-ce que tu parles fran\xe7ais? Le mien est horrible. But if your abilities to read and speak French is better than mine, check out this website that I was just pointed to. Installation podman sur CentOS 8 by Bilal Kalem shows you how to install Podman on Centos 8. If nothing else, check out the graphic at the top of the page!","date":"2020-05-06T00:00:00.000Z","formattedDate":"May 6, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"systemd","permalink":"/blogs/tags/systemd"},{"label":"video","permalink":"/blogs/tags/video"},{"label":"docker","permalink":"/blogs/tags/docker"}],"readingTime":0.31,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman installation documentation in French","layout":"default","categories":["new"],"author":"tsweeney","tags":["podman","containers","systemd","video","docker"]},"prevItem":{"title":"Update on Podman v2","permalink":"/blogs/2020/05/13/podman-v2-update"},"nextItem":{"title":"Podman installation documentation in French","permalink":"/blogs/2020/05/06/podman-in-french"}},"content":"Est-ce que tu parles fran\xe7ais? Le mien est horrible. But if your abilities to read and speak French is better than mine, check out this website that I was just pointed to. [Installation podman sur CentOS 8](https://ios.dz/installation-podman-centos-8/) by [Bilal Kalem](https://twitter.com/kalembilal?lang=en) shows you how to install Podman on Centos 8. If nothing else, check out the graphic at the top of the page!"},{"id":"/2020/05/06/podman-in-french","metadata":{"permalink":"/blogs/2020/05/06/podman-in-french","source":"@site/blog/2020-05-06-podman-in-french.md","title":"Podman installation documentation in French","description":"podman logo","date":"2020-05-06T00:00:00.000Z","formattedDate":"May 6, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"systemd","permalink":"/blogs/tags/systemd"},{"label":"video","permalink":"/blogs/tags/video"},{"label":"docker","permalink":"/blogs/tags/docker"}],"readingTime":0.35,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman installation documentation in French","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["podman","containers","systemd","video","docker"]},"prevItem":{"title":"Podman installation documentation in French","permalink":"/blogs/2020/05/06/new"},"nextItem":{"title":"Podman v1.9.0 Released","permalink":"/blogs/2020/04/17/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n## Podman installation documentation in French\\n\\nEst-ce que tu parles fran\xe7ais? Le mien est horrible. But if your abilities to read and speak French is better than mine, check out this website that I was just pointed to. [Installation podman sur CentOS 8](https://ios.dz/installation-podman-centos-8/) by [Bilal Kalem](https://twitter.com/kalembilal?lang=en) shows you how to install Podman on Centos 8. If nothing else, check out the graphic at the top of the page!"},{"id":"/2020/04/17/new","metadata":{"permalink":"/blogs/2020/04/17/new","source":"@site/blog/2020-04-17-new.md","title":"Podman v1.9.0 Released","description":"Podman has gone 1.9.0!","date":"2020-04-17T00:00:00.000Z","formattedDate":"April 17, 2020","tags":[],"readingTime":0.025,"hasTruncateMarker":false,"authors":[],"frontMatter":{"layout":"default","title":"Podman v1.9.0 Released","categories":["new"]},"prevItem":{"title":"Podman installation documentation in French","permalink":"/blogs/2020/05/06/podman-in-french"},"nextItem":{"title":"Podman v2 development update","permalink":"/blogs/2020/04/16/new"}},"content":"## [Podman has gone 1.9.0!](https://podman.io/releases/2020/04/17/podman-release-v1.9.0.html)"},{"id":"/2020/04/16/new","metadata":{"permalink":"/blogs/2020/04/16/new","source":"@site/blog/2020-04-16-new.md","title":"Podman v2 development update","description":"Podman v2.x is under development and due to the development, some of","date":"2020-04-16T00:00:00.000Z","formattedDate":"April 16, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"docker-compose","permalink":"/blogs/tags/docker-compose"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"rest","permalink":"/blogs/tags/rest"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"},{"label":"v2","permalink":"/blogs/tags/v-2"}],"readingTime":0.175,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Podman v2 development update","layout":"default","author":"baude","categories":["new"],"tags":["containers","docker-compose","podman","networking","pod","api","rest","rest-api","v2"]},"prevItem":{"title":"Podman v1.9.0 Released","permalink":"/blogs/2020/04/17/new"},"nextItem":{"title":"Podman v2 development update","permalink":"/blogs/2020/04/16/podman-v2-announce"}},"content":"Podman v2.x is under development and due to the development, some of\\nthe upstream commands may become unstable for a period of time until\\nthe final release is completed. More details in the announcement\\n[post](https://podman.io/blogs/2020/04/16/podman-v2-announce.html)."},{"id":"/2020/04/16/podman-v2-announce","metadata":{"permalink":"/blogs/2020/04/16/podman-v2-announce","source":"@site/blog/2020-04-16-podman-v2-announce.md","title":"Podman v2 development update","description":"podman logo","date":"2020-04-16T00:00:00.000Z","formattedDate":"April 16, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"docker-compose","permalink":"/blogs/tags/docker-compose"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"rest","permalink":"/blogs/tags/rest"},{"label":"rest-api","permalink":"/blogs/tags/rest-api"},{"label":"v2","permalink":"/blogs/tags/v-2"}],"readingTime":1.35,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Podman v2 development update","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","docker-compose","podman","networking","pod","api","rest","rest-api","v2"]},"prevItem":{"title":"Podman v2 development update","permalink":"/blogs/2020/04/16/new"},"nextItem":{"title":"Dockerless: Build and Run Containers with Podman and systemd","permalink":"/blogs/2020/04/14/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman v2 development update\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\nIn the last few days, the Podman development team has been working to\\nrelease Podman-1.9.0. This is likely to be the last Podman-1.X release\\nbefore we transition to Podman v2.x. We have been working since\\nNovember 2019 to make a significant overhaul of Podman\u2019s architecture.\\nAnd if we did our job correctly, most casual Podman users will not\\nnotice a difference. We will continue to investigate and fix issues in\\nPodman-1.x versions but severity of the bug and priority will dictate\\nour response.\\n\\nWhat some users who follow upstream development may notice is that\\nwhile we make the final push to a 2.x release, our GitHub repository\\nwill look drastically different. For some period of time, certain\\nPodman commands, if built based on upstream, may not function exactly\\nas expected nor even exist. We already know we will need to disable\\nsome of our CI testing framework as part of this final push until we\\nhave a more complete Podman v2.x. We will not release Podman 2.0 until\\nwe are satisfied that it is ready. While upstream development will be\\nimpacted by the announced migration to Podman v2.x, you can still open\\nissues and contribute pull requests to the project.\\n\\nAs has been the standard with our project, we will remain transparent\\nin our development activities and try to keep our community appraised\\nof our progress. We are excited for some of the technical\\nadvancements that Podman v2.x will give our users. Subsequent blog\\nposts will be written on those advancements and why they matter to our\\nusers."},{"id":"/2020/04/14/new","metadata":{"permalink":"/blogs/2020/04/14/new","source":"@site/blog/2020-04-14-new.md","title":"Dockerless: Build and Run Containers with Podman and systemd","description":"In this video, Kirill Shirinkin will show how to use Podman to build container images and run Java applications in containers with systemd. We are going to learn why we should at least try alternatives to Docker, how container runtime landscape changed and how Podman is different and in certain ways better than Docker. Watch now.","date":"2020-04-14T00:00:00.000Z","formattedDate":"April 14, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"systemd","permalink":"/blogs/tags/systemd"},{"label":"video","permalink":"/blogs/tags/video"},{"label":"docker","permalink":"/blogs/tags/docker"}],"readingTime":0.28,"hasTruncateMarker":false,"authors":[{"name":"kshirinkin"}],"frontMatter":{"title":"Dockerless: Build and Run Containers with Podman and systemd","layout":"default","categories":["new"],"author":"kshirinkin","tags":["podman","containers","systemd","video","docker"]},"prevItem":{"title":"Podman v2 development update","permalink":"/blogs/2020/04/16/podman-v2-announce"},"nextItem":{"title":"Dockerless: Build and Run Containers with Podman and systemd","permalink":"/blogs/2020/04/14/podman-systemd"}},"content":"[In this video](https://www.youtube.com/watch?v=RfL_CjXfQds), Kirill Shirinkin will show how to use Podman to build container images and run Java applications in containers with systemd. We are going to learn why we should at least try alternatives to Docker, how container runtime landscape changed and how Podman is different and in certain ways better than Docker. [Watch now](https://www.youtube.com/watch?v=RfL_CjXfQds)."},{"id":"/2020/04/14/podman-systemd","metadata":{"permalink":"/blogs/2020/04/14/podman-systemd","source":"@site/blog/2020-04-14-podman-systemd.md","title":"Dockerless: Build and Run Containers with Podman and systemd","description":"podman logo","date":"2020-04-14T00:00:00.000Z","formattedDate":"April 14, 2020","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"systemd","permalink":"/blogs/tags/systemd"},{"label":"video","permalink":"/blogs/tags/video"},{"label":"docker","permalink":"/blogs/tags/docker"}],"readingTime":0.365,"hasTruncateMarker":false,"authors":[{"name":"kshirinkin"}],"frontMatter":{"title":"Dockerless: Build and Run Containers with Podman and systemd","layout":"default","author":"kshirinkin","categories":["blogs"],"tags":["podman","containers","systemd","video","docker"]},"prevItem":{"title":"Dockerless: Build and Run Containers with Podman and systemd","permalink":"/blogs/2020/04/14/new"},"nextItem":{"title":"Managing Podman pods with pods-compose","permalink":"/blogs/2020/04/05/managing-podman-pods-with-pods-compose"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n## Dockerless: Build and Run Containers with Podman and systemd\\n\\n## By Kirill Shirinkin [GitHub](https://github.com/Fodoj)\\n\\n[In this video](https://www.youtube.com/watch?v=RfL_CjXfQds), Kirill Shirinkin will show how to use Podman to build container images and run Java applications in containers with systemd.\\n\\nWe are going to learn why we should at least try alternatives to Docker, how container runtime landscape changed and how Podman is different and in certain ways better than Docker.\\n\\n[Watch now](https://www.youtube.com/watch?v=RfL_CjXfQds)."},{"id":"/2020/04/05/managing-podman-pods-with-pods-compose","metadata":{"permalink":"/blogs/2020/04/05/managing-podman-pods-with-pods-compose","source":"@site/blog/2020-04-05-managing-podman-pods-with-pods-compose.md","title":"Managing Podman pods with pods-compose","description":"podman logo","date":"2020-04-05T00:00:00.000Z","formattedDate":"April 5, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"docker-compose","permalink":"/blogs/tags/docker-compose"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"}],"readingTime":0.23,"hasTruncateMarker":false,"authors":[{"name":"balage"}],"frontMatter":{"title":"Managing Podman pods with pods-compose","layout":"default","author":"balage","categories":["blogs"],"tags":["containers","docker-compose","podman","networking","pod"]},"prevItem":{"title":"Dockerless: Build and Run Containers with Podman and systemd","permalink":"/blogs/2020/04/14/podman-systemd"},"nextItem":{"title":"Managing Podman pods with pods-compose","permalink":"/blogs/2020/04/05/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Managing Podman pods with pods-compose\\n\\n## By Bal\xe1zs N\xe9meth [GitHub](https://github.com/abalage)\\n\\n[Managing Podman pods with pods-compose](https://balagetech.com/managing-podman-pods-with-pods-compose/) makes your move to Podman easier. Bal\xe1zs N\xe9meth already converted his docker-compose services to pods with Podman, however some features were missing, up until now. Let\u2019s meet [pods-compose](https://github.com/abalage/pods-compose)."},{"id":"/2020/04/05/new","metadata":{"permalink":"/blogs/2020/04/05/new","source":"@site/blog/2020-04-05-new.md","title":"Managing Podman pods with pods-compose","description":"Managing Podman pods with pods-compose makes your move to Podman easier. Bal\xe1zs N\xe9meth already converted his docker-compose services to pods with Podman, however some features were missing, up until now. Let\u2019s meet pods-compose.","date":"2020-04-05T00:00:00.000Z","formattedDate":"April 5, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"docker-compose","permalink":"/blogs/tags/docker-compose"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"}],"readingTime":0.165,"hasTruncateMarker":false,"authors":[{"name":"balage"}],"frontMatter":{"title":"Managing Podman pods with pods-compose","layout":"default","author":"balage","categories":["new"],"tags":["containers","docker-compose","podman","networking","pod"]},"prevItem":{"title":"Managing Podman pods with pods-compose","permalink":"/blogs/2020/04/05/managing-podman-pods-with-pods-compose"},"nextItem":{"title":"Convert docker-compose services to pods with Podman","permalink":"/blogs/2020/04/04/convert-docker-compose-to-pods"}},"content":"[Managing Podman pods with pods-compose](https://balagetech.com/managing-podman-pods-with-pods-compose/) makes your move to Podman easier. Bal\xe1zs N\xe9meth already converted his docker-compose services to pods with Podman, however some features were missing, up until now. Let\u2019s meet [pods-compose](https://github.com/abalage/pods-compose)."},{"id":"/2020/04/04/convert-docker-compose-to-pods","metadata":{"permalink":"/blogs/2020/04/04/convert-docker-compose-to-pods","source":"@site/blog/2020-04-04-convert-docker-compose-to-pods.md","title":"Convert docker-compose services to pods with Podman","description":"podman logo","date":"2020-04-04T00:00:00.000Z","formattedDate":"April 4, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"docker-compose","permalink":"/blogs/tags/docker-compose"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"}],"readingTime":0.275,"hasTruncateMarker":false,"authors":[{"name":"balage"}],"frontMatter":{"title":"Convert docker-compose services to pods with Podman","layout":"default","author":"balage","categories":["blogs"],"tags":["containers","docker-compose","podman","networking","pod"]},"prevItem":{"title":"Managing Podman pods with pods-compose","permalink":"/blogs/2020/04/05/new"},"nextItem":{"title":"Convert docker-compose services to pods with Podman","permalink":"/blogs/2020/04/04/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Convert docker-compose services to pods with Podman\\n\\n## By Bal\xe1zs N\xe9meth [GitHub](https://github.com/abalage)\\n\\nHow to deploy pods with Podman when you only need a single-host system and not a complete Kubernetes. Check the blog post [Convert your docker-compose services to pods with Podman](https://balagetech.com/convert-docker-compose-services-to-pods/) by Bal\xe1zs N\xe9meth to see how it can be done."},{"id":"/2020/04/04/new","metadata":{"permalink":"/blogs/2020/04/04/new","source":"@site/blog/2020-04-04-new.md","title":"Convert docker-compose services to pods with Podman","description":"How to deploy pods with Podman when you only need a single-host system and not a complete Kubernetes. Check the blog post Convert your docker-compose services to pods with Podman by Bal\xe1zs N\xe9meth to see how it can be done.","date":"2020-04-04T00:00:00.000Z","formattedDate":"April 4, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"docker-compose","permalink":"/blogs/tags/docker-compose"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"pod","permalink":"/blogs/tags/pod"}],"readingTime":0.2,"hasTruncateMarker":false,"authors":[{"name":"balage"}],"frontMatter":{"title":"Convert docker-compose services to pods with Podman","layout":"default","author":"balage","categories":["new"],"tags":["containers","docker-compose","podman","networking","pod"]},"prevItem":{"title":"Convert docker-compose services to pods with Podman","permalink":"/blogs/2020/04/04/convert-docker-compose-to-pods"},"nextItem":{"title":"Pulling podman images from a container repository","permalink":"/blogs/2020/03/31/build-pull-options"}},"content":"How to deploy pods with Podman when you only need a single-host system and not a complete Kubernetes. Check the blog post [Convert your docker-compose services to pods with Podman](https://balagetech.com/convert-docker-compose-services-to-pods/) by Bal\xe1zs N\xe9meth to see how it can be done."},{"id":"/2020/03/31/build-pull-options","metadata":{"permalink":"/blogs/2020/03/31/build-pull-options","source":"@site/blog/2020-03-31-build-pull-options.md","title":"Pulling podman images from a container repository","description":"podman logo","date":"2020-03-31T00:00:00.000Z","formattedDate":"March 31, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"runtime","permalink":"/blogs/tags/runtime"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"microsoft","permalink":"/blogs/tags/microsoft"}],"readingTime":0.32,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Pulling podman images from a container repository","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","hpc","oci","networking","runtime","windows","microsoft"]},"prevItem":{"title":"Convert docker-compose services to pods with Podman","permalink":"/blogs/2020/04/04/new"},"nextItem":{"title":"Pulling podman images from a container repository","permalink":"/blogs/2020/03/31/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Pulling podman images from a container repository\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nTom Sweeney has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time he\'s writing about [Pulling podman images from a container repository](https://www.redhat.com/sysadmin/podman-image-pulling). Learn the different varieties of pull that the `podman build` command can use to speed up or further secure your environment in this post."},{"id":"/2020/03/31/new","metadata":{"permalink":"/blogs/2020/03/31/new","source":"@site/blog/2020-03-31-new.md","title":"Pulling podman images from a container repository","description":"Tom Sweeney has another blog post on the Red Hat Enable Sysadmin site this time he\'s writing about Pulling podman images from a container repository. Learn the different varieties of pull that the podman build command can use to speed up or further secure your environment in this post.","date":"2020-03-31T00:00:00.000Z","formattedDate":"March 31, 2020","tags":[],"readingTime":0.245,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Pulling podman images from a container repository","author":"tsweeney","layout":"default","categories":["new"]},"prevItem":{"title":"Pulling podman images from a container repository","permalink":"/blogs/2020/03/31/build-pull-options"},"nextItem":{"title":"How to sign and distribute container images using Podman","permalink":"/blogs/2020/03/13/image-signing"}},"content":"Tom Sweeney has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time he\'s writing about [Pulling podman images from a container repository](https://www.redhat.com/sysadmin/podman-image-pulling). Learn the different varieties of pull that the `podman build` command can use to speed up or further secure your environment in this post."},{"id":"/2020/03/13/image-signing","metadata":{"permalink":"/blogs/2020/03/13/image-signing","source":"@site/blog/2020-03-13-image-signing.md","title":"How to sign and distribute container images using Podman","description":"Sascha Grunert has written a tutorial explaining how to use Gnu Privacy Guard","date":"2020-03-13T00:00:00.000Z","formattedDate":"March 13, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"signing","permalink":"/blogs/tags/signing"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"cri-o","permalink":"/blogs/tags/cri-o"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"gpg","permalink":"/blogs/tags/gpg"}],"readingTime":0.25,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"How to sign and distribute container images using Podman","layout":"default","categories":["blogs"],"tags":["containers","images","signing","podman","cri-o","oci","gpg"]},"prevItem":{"title":"Pulling podman images from a container repository","permalink":"/blogs/2020/03/31/new"},"nextItem":{"title":"What happens behind the scenes of a rootless Podman container?","permalink":"/blogs/2020/03/03/behind-the-covers"}},"content":"[Sascha Grunert][0] has written a tutorial explaining how to use Gnu Privacy Guard\\n(GPG) keys to secure your container images stored in a container repository.\\nSigning container images is nothing magical and can drastically enhance\\nsecurity to mitigate man-in-the-middle (MITM) attacks. Read all about it\\n[here][1].\\n\\n[0]: https://github.com/saschagrunert\\n[1]: https://github.com/containers/podman/blob/main/docs/tutorials/image_signing.md"},{"id":"/2020/03/03/behind-the-covers","metadata":{"permalink":"/blogs/2020/03/03/behind-the-covers","source":"@site/blog/2020-03-03-behind-the-covers.md","title":"What happens behind the scenes of a rootless Podman container?","description":"podman logo","date":"2020-03-03T00:00:00.000Z","formattedDate":"March 3, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"runtime","permalink":"/blogs/tags/runtime"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"microsoft","permalink":"/blogs/tags/microsoft"}],"readingTime":0.33,"hasTruncateMarker":false,"authors":[{"name":"dwalsh"}],"frontMatter":{"title":"What happens behind the scenes of a rootless Podman container?","layout":"default","author":"dwalsh","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","hpc","oci","networking","runtime","windows","microsoft"]},"prevItem":{"title":"How to sign and distribute container images using Podman","permalink":"/blogs/2020/03/13/image-signing"},"nextItem":{"title":"What happens behind the scenes of a rootless Podman container?","permalink":"/blogs/2020/03/03/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# What happens behind the scenes of a rootless Podman container?\\n\\n## By Dan Walsh [GitHub](https://github.com/rhatdan)\\n\\nDan Walsh along with Matt Heon have a blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [What happens behind the scenes of a rootless Podman container?](https://www.redhat.com/sysadmin/behind-scenes-podman). If you ever wanted to know what happens under the covers of a rootless container, this is the article for you!"},{"id":"/2020/03/03/new","metadata":{"permalink":"/blogs/2020/03/03/new","source":"@site/blog/2020-03-03-new.md","title":"What happens behind the scenes of a rootless Podman container?","description":"Dan Walsh along with Matt Heon have a blog post on the Red Hat Enable Sysadmin site, What happens behind the scenes of a rootless Podman container?. If you ever wanted to know what happens under the covers of a rootless container, this is the article for you!","date":"2020-03-03T00:00:00.000Z","formattedDate":"March 3, 2020","tags":[],"readingTime":0.24,"hasTruncateMarker":false,"authors":[{"name":"dwalsh"}],"frontMatter":{"title":"What happens behind the scenes of a rootless Podman container?","author":"dwalsh","layout":"default","categories":["new"]},"prevItem":{"title":"What happens behind the scenes of a rootless Podman container?","permalink":"/blogs/2020/03/03/behind-the-covers"},"nextItem":{"title":"Building Container Images with Podman and Buildah","permalink":"/blogs/2020/03/02/building-with-podman-and-buildah"}},"content":"Dan Walsh along with Matt Heon have a blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site, [What happens behind the scenes of a rootless Podman container?](https://www.redhat.com/sysadmin/behind-scenes-podman). If you ever wanted to know what happens under the covers of a rootless container, this is the article for you!"},{"id":"/2020/03/02/building-with-podman-and-buildah","metadata":{"permalink":"/blogs/2020/03/02/building-with-podman-and-buildah","source":"@site/blog/2020-03-02-building-with-podman-and-buildah.md","title":"Building Container Images with Podman and Buildah","description":"podman logo","date":"2020-03-02T00:00:00.000Z","formattedDate":"March 2, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"runtime","permalink":"/blogs/tags/runtime"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"microsoft","permalink":"/blogs/tags/microsoft"}],"readingTime":0.29,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Building Container Images with Podman and Buildah","layout":"default","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","hpc","oci","networking","runtime","windows","microsoft"]},"prevItem":{"title":"What happens behind the scenes of a rootless Podman container?","permalink":"/blogs/2020/03/03/new"},"nextItem":{"title":"Building Container Images with Podman and Buildah","permalink":"/blogs/2020/03/02/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Building Container Images with Podman and Buildah\\n\\nWe were just pointed to this post [Building Container Images with Podman and Buildah](https://blog.giantswarm.io/building-container-images-with-podman-and-buildah/) by Puja Abbassi on the [Giant Swarm](https://blog.giantswarm.io/) site. In the article Puja goes over how Podman and Buildah handle daemonless and rootless building processes. A tardy link on this site, but worth a read!"},{"id":"/2020/03/02/new","metadata":{"permalink":"/blogs/2020/03/02/new","source":"@site/blog/2020-03-02-new.md","title":"Building Container Images with Podman and Buildah","description":"We were just pointed to this post Building Container Images with Podman and Buildah by Puja Abbassi on the Giant Swarm site. In the article Puja goes over how Podman and Buildah handle daemonless and rootless building processes. A tardy link on this site, but worth a read!","date":"2020-03-02T00:00:00.000Z","formattedDate":"March 2, 2020","tags":[],"readingTime":0.24,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Building Container Images with Podman and Buildah","layout":"default","categories":["new"]},"prevItem":{"title":"Building Container Images with Podman and Buildah","permalink":"/blogs/2020/03/02/building-with-podman-and-buildah"},"nextItem":{"title":"6 guides on making containers secure","permalink":"/blogs/2020/02/07/new"}},"content":"We were just pointed to this post [Building Container Images with Podman and Buildah](https://blog.giantswarm.io/building-container-images-with-podman-and-buildah/) by Puja Abbassi on the [Giant Swarm](https://blog.giantswarm.io/) site. In the article Puja goes over how Podman and Buildah handle daemonless and rootless building processes. A tardy link on this site, but worth a read!"},{"id":"/2020/02/07/new","metadata":{"permalink":"/blogs/2020/02/07/new","source":"@site/blog/2020-02-07-new.md","title":"6 guides on making containers secure","description":"Dan Walsh has another blog post on the Red Hat Enable Sysadmin site this time he\'s writing about 6 guides on making containers secure. It\'s a quick article with pointers to other blog posts showing how to secure your containers.","date":"2020-02-07T00:00:00.000Z","formattedDate":"February 7, 2020","tags":[],"readingTime":0.2,"hasTruncateMarker":false,"authors":[{"name":"dwalsh"}],"frontMatter":{"title":"6 guides on making containers secure","author":"dwalsh","layout":"default","categories":["new"]},"prevItem":{"title":"Building Container Images with Podman and Buildah","permalink":"/blogs/2020/03/02/new"},"nextItem":{"title":"6 guides on making containers secure","permalink":"/blogs/2020/02/07/secure-containers"}},"content":"Dan Walsh has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time he\'s writing about [6 guides on making containers secure](https://www.redhat.com/sysadmin/making-containers-secure). It\'s a quick article with pointers to other blog posts showing how to secure your containers."},{"id":"/2020/02/07/secure-containers","metadata":{"permalink":"/blogs/2020/02/07/secure-containers","source":"@site/blog/2020-02-07-secure-containers.md","title":"6 guides on making containers secure","description":"podman logo","date":"2020-02-07T00:00:00.000Z","formattedDate":"February 7, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"runtime","permalink":"/blogs/tags/runtime"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"microsoft","permalink":"/blogs/tags/microsoft"}],"readingTime":0.27,"hasTruncateMarker":false,"authors":[{"name":"dwalsh"}],"frontMatter":{"title":"6 guides on making containers secure","layout":"default","author":"dwalsh","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","hpc","oci","networking","runtime","windows","microsoft"]},"prevItem":{"title":"6 guides on making containers secure","permalink":"/blogs/2020/02/07/new"},"nextItem":{"title":"Deploy a Pod on CentOS with Podman","permalink":"/blogs/2020/02/06/deploy-pod-on-centos"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# 6 guides on making containers secure\\n\\n## By Dan Walsh [GitHub](https://github.com/rhatdan)\\n\\nDan Walsh has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time he\'s writing about [6 guides on making containers secure](https://www.redhat.com/sysadmin/making-containers-secure). It\'s a quick article with pointers to other blog posts showing how to secure your containers."},{"id":"/2020/02/06/deploy-pod-on-centos","metadata":{"permalink":"/blogs/2020/02/06/deploy-pod-on-centos","source":"@site/blog/2020-02-06-deploy-pod-on-centos.md","title":"Deploy a Pod on CentOS with Podman","description":"podman logo","date":"2020-02-06T00:00:00.000Z","formattedDate":"February 6, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"runtime","permalink":"/blogs/tags/runtime"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"microsoft","permalink":"/blogs/tags/microsoft"}],"readingTime":0.315,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Deploy a Pod on CentOS with Podman","layout":"default","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","hpc","oci","networking","runtime","windows","microsoft"]},"prevItem":{"title":"6 guides on making containers secure","permalink":"/blogs/2020/02/07/secure-containers"},"nextItem":{"title":"Deploy a Pod on CentOS with Podman","permalink":"/blogs/2020/02/06/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Deploy a Pod on CentOS with Podman\\n\\n[Jack Wallen](https://thenewstack.io/author/jack-wallen/) has a blog post on the [THENEWSTACK](https://thenewstack.io/) site with a great introduction on how to [Deploy a Pod on CentOS with Podman](https://thenewstack.io/deploy-a-pod-on-centos-with-podman/). In the post, Jack talks about how Podman fits in the Red Hat ecosystem and then walks you through the fundamentals of creating and running a pod using Podman."},{"id":"/2020/02/06/new","metadata":{"permalink":"/blogs/2020/02/06/new","source":"@site/blog/2020-02-06-new.md","title":"Deploy a Pod on CentOS with Podman","description":"Jack Wallen has a blog post on the THENEWSTACK site with a great introduction on how to Deploy a Pod on CentOS with Podman. In the post, Jack talks about how Podman fits in the Red Hat ecosystem and then walks you through the fundamentals of creating and running a pod using Podman.","date":"2020-02-06T00:00:00.000Z","formattedDate":"February 6, 2020","tags":[],"readingTime":0.265,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Deploy a Pod on CentOS with Podman","layout":"default","categories":["new"]},"prevItem":{"title":"Deploy a Pod on CentOS with Podman","permalink":"/blogs/2020/02/06/deploy-pod-on-centos"},"nextItem":{"title":"How to run Podman on Windows with WSL2","permalink":"/blogs/2020/01/30/new"}},"content":"[Jack Wallen](https://thenewstack.io/author/jack-wallen/) has a blog post on the [THENEWSTACK](https://thenewstack.io/) site with a great introduction on how to [Deploy a Pod on CentOS with Podman](https://thenewstack.io/deploy-a-pod-on-centos-with-podman/). In the post, Jack talks about how Podman fits in the Red Hat ecosystem and then walks you through the fundamentals of creating and running a pod using Podman."},{"id":"/2020/01/30/new","metadata":{"permalink":"/blogs/2020/01/30/new","source":"@site/blog/2020-01-30-new.md","title":"How to run Podman on Windows with WSL2","description":"Brent Baude has another blog post on the Red Hat Enable Sysadmin site this time it\'s all about How to run Podman on Windows with WSL2. If you want to know how to run Podman on Windows 10, this article will show you how.","date":"2020-01-30T00:00:00.000Z","formattedDate":"January 30, 2020","tags":[],"readingTime":0.22,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"How to run Podman on Windows with WSL2","author":"baude","layout":"default","categories":["new"]},"prevItem":{"title":"Deploy a Pod on CentOS with Podman","permalink":"/blogs/2020/02/06/new"},"nextItem":{"title":"How to run Podman on Windows with WSL2","permalink":"/blogs/2020/01/30/podman-wsl"}},"content":"Brent Baude has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time it\'s all about [How to run Podman on Windows with WSL2](https://www.redhat.com/sysadmin/podman-windows-wsl2). If you want to know how to run Podman on Windows 10, this article will show you how."},{"id":"/2020/01/30/podman-wsl","metadata":{"permalink":"/blogs/2020/01/30/podman-wsl","source":"@site/blog/2020-01-30-podman-wsl.md","title":"How to run Podman on Windows with WSL2","description":"podman logo","date":"2020-01-30T00:00:00.000Z","formattedDate":"January 30, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"runtime","permalink":"/blogs/tags/runtime"},{"label":"windows","permalink":"/blogs/tags/windows"},{"label":"microsoft","permalink":"/blogs/tags/microsoft"}],"readingTime":0.3,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"How to run Podman on Windows with WSL2","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","hpc","oci","networking","runtime","windows","microsoft"]},"prevItem":{"title":"How to run Podman on Windows with WSL2","permalink":"/blogs/2020/01/30/new"},"nextItem":{"title":"Blog posts from the Web","permalink":"/blogs/2020/01/22/blog-posts"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# How to run Podman on Windows with WSL2\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\nBrent Baude has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time it\'s all about [How to run Podman on Windows with WSL2](https://www.redhat.com/sysadmin/podman-windows-wsl2). If you want to know how to run Podman on Windows 10, this article will show you how."},{"id":"/2020/01/22/blog-posts","metadata":{"permalink":"/blogs/2020/01/22/blog-posts","source":"@site/blog/2020-01-22-blog-posts.md","title":"Blog posts from the Web","description":"podman logo","date":"2020-01-22T00:00:00.000Z","formattedDate":"January 22, 2020","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.84,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Blog posts from the Web","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"How to run Podman on Windows with WSL2","permalink":"/blogs/2020/01/30/podman-wsl"},"nextItem":{"title":"Blog posts from the Web","permalink":"/blogs/2020/01/22/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Blog posts from the Web\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nOver the holiday break, a number of great posts were added to a number of sites that filled up my Twitter feed, so I thought I\'d throw together a quick block with links to the highlights from the past month:\\n\\n- [Deploy PhotoPrism in CentOS 8(using Podman)](https://lukas.zapletalovi.com/2020/01/deploy-photoprism-in-centos-80.html) - [Lukas Zapletal](https://lukas.zapletalovi.com/about_me.html)\\n- [Replacing Docker with Podman - first steps](https://blog.martdj.nl/2020/01/13/replacing-docker-with-podman-first-steps/) - [Martijn de Jong](https://twitter.com/martdj)\\n- [Podman lands on Debian (Twitter Posting)](https://twitter.com/fatherlinux/status/1216807772458815493) - [Scott McCarty](https://twitter.com/fatherlinux)\\n- Video: [How to install Podman container engine on CentOS 8](https://www.techrepublic.com/videos/how-to-install-the-podman-container-engine-on-centos-8/#ftag=RSS56d97e7) - [Tech Republic](https://www.techrepublic.com/)\\n- [Building Container Images with Buildah and Ansible](https://blog.tomecek.net/post/building-containers-with-buildah-and-ansible/) - [Tomas Tomecek](https://twitter.com/tomastomec?lang=en)\\n- Video: [How to deploy a pod with Podman](https://www.techrepublic.com/article/how-to-deploy-a-pod-with-podman/#ftag=RSS56d97e7) - [Jack Wallen](https://twitter.com/jlwallen)\\n- [Podman and Skopeo on macOS](https://itnext.io/podman-and-skopeo-on-macos-1b3b9cf21e60) - Balazs Szeti\\n- [How To Install Podman on Debian on 10 / 9](https://www.osradar.com/how-to-install-podman-on-debian-on-10-9/) - [Sabi](https://www.osradar.com/author/sabi/)\\n- [How to run Docker Containers using Podman and Libpod](https://www.osradar.com/how-to-run-docker-containers-using-podman-and-libpod/) - [Sabi](https://www.osradar.com/author/sabi/)\\n- [How to Install Podman on Arch Linux / Manjaro](https://www.osradar.com/how-to-install-podman-on-arch-linux-manjaro/) - [Sabi](https://www.osradar.com/author/sabi/)"},{"id":"/2020/01/22/new","metadata":{"permalink":"/blogs/2020/01/22/new","source":"@site/blog/2020-01-22-new.md","title":"Blog posts from the Web","description":"A number of blog posts were posted over the past month and given the holiday crunch, we didn\'t get them listed on the site. So as a catch up, checkout the Blog posts on the Web blog which has a number of links on it to those great articles and videos.","date":"2020-01-22T00:00:00.000Z","formattedDate":"January 22, 2020","tags":[],"readingTime":0.255,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Blog posts from the Web","layout":"default","categories":["new"]},"prevItem":{"title":"Blog posts from the Web","permalink":"/blogs/2020/01/22/blog-posts"},"nextItem":{"title":"New API coming for Podman","permalink":"/blogs/2020/01/17/new"}},"content":"A number of blog posts were posted over the past month and given the holiday crunch, we didn\'t get them listed on the site. So as a catch up, checkout the [Blog posts on the Web](https://podman.io/blogs/2020/01/22/blog-posts.html) blog which has a number of links on it to those great articles and videos."},{"id":"/2020/01/17/new","metadata":{"permalink":"/blogs/2020/01/17/new","source":"@site/blog/2020-01-17-new.md","title":"New API coming for Podman","description":"The new API for Podman, referred to as apiv2, has been merged into the libpod repository. It\'s a simpler REST API that\'s more compatible with Docker implementations than the varlink protocol that\'s currently in use. For more details, see this release announcement by Brent Baude.","date":"2020-01-17T00:00:00.000Z","formattedDate":"January 17, 2020","tags":[],"readingTime":0.225,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"New API coming for Podman","author":"baude","layout":"default","categories":["new"]},"prevItem":{"title":"Blog posts from the Web","permalink":"/blogs/2020/01/22/new"},"nextItem":{"title":"New API coming for Podman","permalink":"/blogs/2020/01/17/podman-new-api"}},"content":"The new API for Podman, referred to as _apiv2_, has been merged into the [libpod](https://github.com/containers/podman/) repository. It\'s a simpler REST API that\'s more compatible with Docker implementations than the [varlink](https://varlink.org/) protocol that\'s currently in use. For more details, see this [release announcement](https://podman.io/blogs/2020/01/17/podman-new-api.html) by Brent Baude."},{"id":"/2020/01/17/podman-new-api","metadata":{"permalink":"/blogs/2020/01/17/podman-new-api","source":"@site/blog/2020-01-17-podman-new-api.md","title":"New API coming for Podman","description":"podman logo","date":"2020-01-17T00:00:00.000Z","formattedDate":"January 17, 2020","tags":[{"label":"community","permalink":"/blogs/tags/community"},{"label":"open source","permalink":"/blogs/tags/open-source"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"api","permalink":"/blogs/tags/api"},{"label":"REST","permalink":"/blogs/tags/rest"}],"readingTime":2.38,"hasTruncateMarker":true,"authors":[{"name":"baude"}],"frontMatter":{"title":"New API coming for Podman","layout":"default","author":"baude","categories":["blogs"],"tags":["community","open source","podman","hpc","api","REST","API"]},"prevItem":{"title":"New API coming for Podman","permalink":"/blogs/2020/01/17/new"},"nextItem":{"title":"Bioinformatics with rootless Podman","permalink":"/blogs/2020/01/15/bioinformatics-with-rootless-podman"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\nIf you follow the traffic on IRC (#podman on libera.chat) or GitHub from the developers of [libpod](https://github.com/containers/podman/), you might have seen us referencing a new API. We often referred to it as _apiv2_ and for about a month, there has been an \'apiv2\' branch for libpod on GitHub. This week, we have begun to merge that branch but have yet to \u201cwire it up.\u201d\\n\\nFirst and foremost, the Golang libpod API remains largely unchanged. What is changing is the API we expose for automation and remote usage. Our previous API was based on the [varlink](https://varlink.org/) protocol. But we heard from users that varlink was a hurdle for libpod adoption especially for those who were using the Docker API and its bindings. They simply could not or did not want to rewrite their custom applications for libpod\u2019s new, varlink-based API.\\n\\n\x3c!--truncate--\x3e\\n\\nThe new API is a simpler implementation based on HTTP/REST. We provide two basic groups of endpoints. The first one is for libpod; the second is for Docker compatibility, to ease adoption. The two endpoints are namespaced to keep them separate. Our goal with implementing a portion of the Docker API, is to be as compatible as possible; while similar calls in the libpod API might bring back additional libpod specific information.\\n\\nWhile these two endpoints work similarly, there are important and somewhat nuanced differences. The Docker API endpoint is useful for existing automation tied to that API and potentially tools like docker-compose.\\n\\n#### Example\\n\\nIf you wanted a list of images with the libpod endpoint, you would use the following endpoint:\\n\\n`/libpod/images/json`\\n\\nAnd if you wanted a list of images but in docker-compatibility, you would use:\\n\\n`/images/json`\\n\\nIn our proof of concepts, we have tested our endpoint with the [docker-py](https://docker-py.readthedocs.io/en/stable/) project. There are of course subtle differences which we are still working on. And there are compatibility endpoints that we can not support like `swarm` which Podman does not support.\\n\\nWe are working on a set of Golang bindings for the libpod endpoints. Eventually these bindings will be used to rewire our remote client. The rewire begins after all the libpod endpoints are working and have tests. We plan on working with the upstream community on podman-python support for the new libpod API, enabling python developers fully support for using podman containers.\\n\\nAs for the existing varlink code, it has been in maintenance mode already. We will continue to address bugs but no new functionality will be developed. Once the new API is fully implemented, we plan to make a deprecation announcement.\\n\\nWe are hopeful these changes help our users and larger community. We hope that the new API helps encourage contributors to help us complete the API as well as write bindings. Look for more information in the near future including status updates as well as how-tos."},{"id":"/2020/01/15/bioinformatics-with-rootless-podman","metadata":{"permalink":"/blogs/2020/01/15/bioinformatics-with-rootless-podman","source":"@site/blog/2020-01-15-bioinformatics-with-rootless-podman.md","title":"Bioinformatics with rootless Podman","description":"podman logo","date":"2020-01-15T00:00:00.000Z","formattedDate":"January 15, 2020","tags":[{"label":"bioinformatics","permalink":"/blogs/tags/bioinformatics"},{"label":"rootless","permalink":"/blogs/tags/rootless"},{"label":"podman","permalink":"/blogs/tags/podman"}],"readingTime":9.82,"hasTruncateMarker":true,"authors":[{"name":"bhepworth"}],"frontMatter":{"title":"Bioinformatics with rootless Podman","layout":"default","author":"bhepworth","categories":["blogs"],"tags":["bioinformatics","rootless","podman"]},"prevItem":{"title":"New API coming for Podman","permalink":"/blogs/2020/01/17/podman-new-api"},"nextItem":{"title":"Bioinformatics and rootless containers with Podman","permalink":"/blogs/2020/01/15/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Bioinformatics with rootless podman\\n\\n## By Valentin Rothberg [GitHub](https://github.com/BryanHepworth)\\n\\nOver the last 10 years I\'ve seen machines and workflows evolve where I work. From the initial dedicated server, to hpc environments\\nand now the latest instance, containers.\\n\\nFrom an admin point of view this is great - The initial servers had to be carefully built and maintained so that everything would work nicely together. Incompatible programs at that time were run through a VM until such time as they could be folded in to the mix.\\n\\nThe HPC\'s had versioned software and environment modules and were built to load the relevant dependencies at run time.\\n\\nNow we are into a new era, containers - and not just any old containers, but containers that end users can build and run up fairly\\nquickly to perform what-if\'s, and move on quickly through iterations until they perform the required functions.\\n\\nPodman has developed very rapidly and is incredibly easy to use. You can use it in conjunction with quay.io or run it on a local machine.\\n\\nI should add that Adrian Reber gave a [talk](https://youtu.be/TtHSNsbU24E) and has also created a Podman [article](https://podman.io/blogs/2019/09/26/podman-in-hpc.html) using openhpc; well worth a watch and a read.\\n\\nIf you don\'t have a RedHat Developer Subscription now is an ideal time to get one:\\n\\nhttps://developers.redhat.com/articles/getting-red-hat-developer-subscription-what-rhel-users-need-know/\\n\\n..and download RedHat Enterprise 8.1\\n\\n\x3c!--truncate--\x3e\\n\\nDo a Standard RedHat GUI Server default install\\n\\n```\\nyum update\\nyum module install container-tools\\n```\\n\\nRedHat 8.1 does rootless containers right out of the box. If you created a user during the setup, it\'ll have the details in /etc/subuid and /etc/subgid already.\\n\\nLog in with your userID and you can start creating a container\\n\\n```\\npodman pull ubi8/ubi\\npodman run --interactive --tty ubi8/ubi bash\\n```\\n\\nThe first command pulls down the ubi8 Universal Base Image, which is a great building block. The second command starts an interactive ubi8 image at a bash prompt. You can run any commands you like in this:\\n\\n```\\n[nbh23@colombo ~]$ podman run --interactive --tty ubi8/ubi bash\\n[root@f471459c7619 /]# cat /etc/redhat-release\\nRed Hat Enterprise Linux release 8.1 (Ootpa)\\n[root@f471459c7619 /]#\\n\\n```\\n\\nNotice how the prompt changed from nbh23@colombo to root@f471459c7619 - the f471459c7619 is the part to remember, we\'ll interact with that later on in this post. It\'s a random allocation, so your instance will be different.\\n\\nThe Podman help menu\'s are excellent, podman -h gives you a list of subcommands, which you can then also query:\\n\\n```\\n[nbh23@colombo ~]$ podman -h\\nmanage pods and images\\n\\nUsage:\\n podman [flags]\\n podman [command]\\n\\nAvailable Commands:\\n attach Attach to a running container\\n build Build an image using instructions from Dockerfiles\\n commit Create new image based on the changed container\\n container Manage Containers\\n cp Copy files/folders between a container and the local filesystem\\n create Create but do not start a container\\n diff Inspect changes on container\'s file systems\\n events Show podman events\\n exec Run a process in a running container\\n export Export container\'s filesystem contents as a tar archive\\n generate Generated structured data\\n healthcheck Manage Healthcheck\\n help Help about any command\\n history Show history of a specified image\\n image Manage images\\n images List images in local storage\\n import Import a tarball to create a filesystem image\\n info Display podman system information\\n init Initialize one or more containers\\n inspect Display the configuration of a container or image\\n kill Kill one or more running containers with a specific signal\\n load Load an image from container archive\\n login Login to a container registry\\n logout Logout of a container registry\\n logs Fetch the logs of a container\\n mount Mount a working container\'s root filesystem\\n pause Pause all the processes in one or more containers\\n play Play a pod\\n pod Manage pods\\n port List port mappings or a specific mapping for the container\\n ps List containers\\n pull Pull an image from a registry\\n push Push an image to a specified destination\\n restart Restart one or more containers\\n rm Remove one or more containers\\n rmi Removes one or more images from local storage\\n run Run a command in a new container\\n save Save image to an archive\\n search Search registry for image\\n start Start one or more containers\\n stats Display a live stream of container resource usage statistics\\n stop Stop one or more containers\\n system Manage podman\\n tag Add an additional name to a local image\\n top Display the running processes of a container\\n umount Unmounts working container\'s root filesystem\\n unpause Unpause the processes in one or more containers\\n unshare Run a command in a modified user namespace\\n varlink Run varlink interface\\n version Display the Podman Version Information\\n volume Manage volumes\\n wait Block on one or more containers\\n\\nFlags:\\n --cgroup-manager string Cgroup manager to use (cgroupfs or systemd, default systemd)\\n --cni-config-dir string Path of the configuration directory for CNI networks\\n --config string Path of a libpod config file detailing container server configuration options\\n --conmon string Path of the conmon binary\\n --cpu-profile string Path for the cpu profiling results\\n --default-mounts-file string Path to default mounts file\\n --events-backend string Events backend to use\\n --help Help for podman\\n --hooks-dir strings Set the OCI hooks directory path (may be set multiple times)\\n --log-level string Log messages above specified level: debug, info, warn, error, fatal or panic (default \\"error\\")\\n --namespace string Set the libpod namespace, used to create separate views of the containers and pods on the system\\n --network-cmd-path string Path to the command for configuring the network\\n --root string Path to the root directory in which data, including images, is stored\\n --runroot string Path to the \'run directory\' where all state information is stored\\n --runtime string Path to the OCI-compatible binary used to run containers, default is /usr/bin/runc\\n --storage-driver string Select which storage driver is used to manage storage of images and containers (default is overlay)\\n --storage-opt stringArray Used to pass an option to the storage driver\\n --syslog Output logging information to syslog as well as the console\\n --tmpdir string Path to the tmp directory\\n --trace Enable opentracing output\\n --version Version for podman\\n\\nUse \\"podman [command] --help\\" for more information about a command.\\n[nbh23@colombo ~]$ podman image -h\\nManage images\\n\\nUsage:\\n podman image [command]\\n\\nAvailable Commands:\\n build Build an image using instructions from Dockerfiles\\n exists Check if an image exists in local storage\\n history Show history of a specified image\\n import Import a tarball to create a filesystem image\\n inspect Display the configuration of an image\\n list List images in local storage\\n load Load an image from container archive\\n prune Remove unused images\\n pull Pull an image from a registry\\n push Push an image to a specified destination\\n rm Removes one or more images from local storage\\n save Save image to an archive\\n sign Sign an image\\n tag Add an additional name to a local image\\n tree Prints layer hierarchy of an image in a tree format\\n trust Manage container image trust policy\\n\\n[nbh23@colombo ~]$\\n```\\n\\nWe can list out the images and containers as follows, which is handy if you lose track of where you are at.\\n\\n```\\n[nbh23@colombo ~]$ podman image list\\nREPOSITORY TAG IMAGE ID CREATED SIZE\\nregistry.access.redhat.com/ubi8/ubi latest 096cae65a207 5 weeks ago 239 MB\\n[nbh23@colombo ~]$ podman container list\\nCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES\\na1fc64bd8e47 registry.access.redhat.com/ubi8/ubi:latest bash 2 hours ago Up 2 hours ago zen_albattani\\n[nbh23@colombo ~]$\\n```\\n\\nSo we created a container to interact with, but how about creating a new image?\\nI found that Podman is very easy to interact with and created a Dockerfile. This is a list of commands in a text file that controls what gets installed.\\nCreate a new directory - in this case whatshap, to put the Dockerfile in:\\n\\n```\\n[nbh23@colombo whatshap]$ cat Dockerfile\\nFROM registry.access.redhat.com/ubi8/ubi\\nRUN yum -y update \\\\\\n&& yum -y install python3 \\\\\\n&& yum -y install make \\\\\\n&& yum -y install gcc \\\\\\n&& yum -y install redhat-rpm-config \\\\\\n&& yum -y install zlib-devel \\\\\\n&& yum -y install bzip2-devel \\\\\\n&& yum -y install xz-devel \\\\\\n&& yum -y install python3-devel \\\\\\n&& yum clean all\\nRUN pip3 install pysam && pip3 install whatshap\\n```\\n\\nThen we build the container image - from within the whatshap directory run:\\n\\n```\\npodman build -t whatshap .\\n```\\n\\nNotice the \'.\' at the end, that\'s important!\\n\\nYou\'ll see the container image start to build, with notifications of where it\'s at. If all goes to plan you will then finally see notification that it\'s completed:\\n\\n```\\nSTEP 4: COMMIT whatshap\\nd523727fc6c297086e84e7ec99f62e8f5e6d093d9decb1b58ee8a4205d46b3dd\\n```\\n\\nWe can then check it works:\\n\\n```\\n[nbh23@colombo whatshap]$ podman run -it whatshap\\n[root@ac05564bd51b /]# whatshap -h\\nusage: whatshap [-h] [--version] [--debug]\\n {phase,stats,compare,hapcut2vcf,unphase,haplotag,genotype} ...\\n\\npositional arguments:\\n {phase,stats,compare,hapcut2vcf,unphase,haplotag,genotype}\\n phase Phase variants in a VCF with the WhatsHap algorithm\\n stats Print phasing statistics of a single VCF file\\n compare Compare two or more phasings\\n hapcut2vcf Convert hapCUT output format to VCF\\n unphase Remove phasing information from a VCF file\\n haplotag Tag reads by haplotype\\n genotype Genotype variants\\n\\noptional arguments:\\n -h, --help show this help message and exit\\n --version show program\'s version number and exit\\n --debug Print debug messages\\n[root@ac05564bd51b /]#\\n```\\n\\nWhich all looks good - we now have our container image and can re-run that to do our whatshap analysis.\\n\\nAll well and good, but what happens about storage of that analysis?\\n\\nWe can add that to our Podman command, if we have a directory called data in /home we can map that as follows:\\n\\n```\\npodman run -v /home/nbh23/data:/home/nbh23:z -it whatshap\\n```\\n\\nThe nice thing is that the UID and GID for files created this way all match up. The trailing :z makes selinux happy :-)\\n\\n```\\n[nbh23@colombo whatshap]$ podman run -v /home/nbh23/data:/home/nbh23:z -it whatshap\\n[root@fef561d523b8 /]# ls\\nbin boot dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var\\n[root@fef561d523b8 /]# cd /home\\n[root@fef561d523b8 home]# ls\\nnbh23\\n[root@fef561d523b8 home]# cd nbh23\\n[root@fef561d523b8 nbh23]# touch testfile\\n[root@fef561d523b8 nbh23]# ls -la\\ntotal 0\\ndrwxrwxr-x. 2 root root 22 Jan 21 09:09 .\\ndrwxr-xr-x. 3 root root 19 Jan 21 09:09 ..\\n-rw-r--r--. 1 root root 0 Jan 21 09:09 testfile\\n[root@fef561d523b8 nbh23]# exit\\n[nbh23@colombo ~]$ ls\\nContainers data Desktop Documents Downloads Music Pictures Public Templates Videos\\n[nbh23@colombo ~]$ cd data\\n[nbh23@colombo data]$ ls -la\\ntotal 4\\ndrwxrwxr-x. 2 nbh23 nbh23 22 Jan 21 09:09 .\\ndrwx------. 17 nbh23 nbh23 4096 Jan 21 09:07 ..\\n-rw-r--r--. 1 nbh23 nbh23 0 Jan 21 09:09 testfile\\n[nbh23@colombo data]$\\n```\\n\\nOne of the things I discovered whilst creating a more complex container image was that you can start the existing image into a bash session, doing the manipulation that you require, and then use the Podman commit command to write those changes.\\nFor example using our whatshap container image we can run it as follows:\\n\\n```\\n[nbh23@colombo data]$ podman run -it whatshap bash\\n[root@73c4742e4724 /]#\\n```\\n\\nWe can then make our alterations, and from another session commit those changes:\\n\\n```\\n[nbh23@colombo ~]$ podman commit 73c4742e4724 whatshap-altered\\nGetting image source signatures\\nCopying blob c630f5c3e169 skipped: already exists\\nCopying blob 4bd7408cc1c8 skipped: already exists\\nCopying blob 1383f0e3c813 skipped: already exists\\nCopying blob a2ff5e229058 skipped: already exists\\nCopying blob b75bf3e68dab done\\nCopying config 931b7f5302 done\\nWriting manifest to image destination\\nStoring signatures\\n931b7f5302af9965bff14e460c19ff9e756d74095940c6d85e63f929006c35f0\\n[nbh23@colombo ~]$\\n```\\n\\nThen do podman image list to see what we have:\\n\\n```\\n[nbh23@colombo ~]$ podman image list\\nREPOSITORY TAG IMAGE ID CREATED SIZE\\nlocalhost/whatshap-altered latest 931b7f5302af About a minute ago 545 MB\\nlocalhost/whatshap latest d523727fc6c2 3 days ago 545 MB\\nregistry.access.redhat.com/ubi8/ubi latest 096cae65a207 5 weeks ago 239\\n[nbh23@colombo ~]$\\n```\\n\\nYou can make multiple changes to your original container image until you are satisfied that it\'s working as you\'d like.\\n\\nThis has covered command line container image creation and usage, I\'ll be creating another blog post detailing graphical interactive containers as i\'m aware that there are various interactive visual programs to cover too.\\n\\nFeel free to contact me with any ideas or suggestions / questions."},{"id":"/2020/01/15/new","metadata":{"permalink":"/blogs/2020/01/15/new","source":"@site/blog/2020-01-15-new.md","title":"Bioinformatics and rootless containers with Podman","description":"Bryan Hepworth demonstrating how to create a rootless container image for a Bioinformatics program here.","date":"2020-01-15T00:00:00.000Z","formattedDate":"January 15, 2020","tags":[],"readingTime":0.075,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Bioinformatics and rootless containers with Podman","layout":"default","categories":["new"]},"prevItem":{"title":"Bioinformatics with rootless Podman","permalink":"/blogs/2020/01/15/bioinformatics-with-rootless-podman"},"nextItem":{"title":"Running containers with Podman and shareable systemd services","permalink":"/blogs/2019/12/17/new"}},"content":"Bryan Hepworth demonstrating how to create a rootless container image for a Bioinformatics program [here](https://podman.io/blogs/2020/01/15/bioinformatics-with-rootless-podman.html)."},{"id":"/2019/12/17/new","metadata":{"permalink":"/blogs/2019/12/17/new","source":"@site/blog/2019-12-17-new.md","title":"Running containers with Podman and shareable systemd services","description":"Podman version 1.7 is coming out soon and will include new features that will make management of containers with systemd services even easier. Valentin Rothberg has a blog post on the Red Hat Enable Sysadmin site that previews the features: Running containers with Podman and shareable systemd services. In the post Valentin goes over the highlights and then gives a great working example.","date":"2019-12-17T00:00:00.000Z","formattedDate":"December 17, 2019","tags":[],"readingTime":0.315,"hasTruncateMarker":false,"authors":[{"name":"vrothberg"}],"frontMatter":{"title":"Running containers with Podman and shareable systemd services","author":"vrothberg","layout":"default","categories":["new"]},"prevItem":{"title":"Bioinformatics and rootless containers with Podman","permalink":"/blogs/2020/01/15/new"},"nextItem":{"title":"Running containers with Podman and shareable systemd services","permalink":"/blogs/2019/12/17/podman-systemd-1-7"}},"content":"Podman version 1.7 is coming out soon and will include new features that will make management of containers with systemd services even easier. Valentin Rothberg has a blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site that previews the features: [Running containers with Podman and shareable systemd services](https://www.redhat.com/sysadmin/podman-shareable-systemd-services). In the post Valentin goes over the highlights and then gives a great working example."},{"id":"/2019/12/17/podman-systemd-1-7","metadata":{"permalink":"/blogs/2019/12/17/podman-systemd-1-7","source":"@site/blog/2019-12-17-podman-systemd-1-7.md","title":"Running containers with Podman and shareable systemd services","description":"podman logo","date":"2019-12-17T00:00:00.000Z","formattedDate":"December 17, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"runtime","permalink":"/blogs/tags/runtime"},{"label":"systemd","permalink":"/blogs/tags/systemd"}],"readingTime":0.395,"hasTruncateMarker":false,"authors":[{"name":"vrothberg"}],"frontMatter":{"title":"Running containers with Podman and shareable systemd services","layout":"default","author":"vrothberg","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","hpc","oci","networking","runtime","systemd"]},"prevItem":{"title":"Running containers with Podman and shareable systemd services","permalink":"/blogs/2019/12/17/new"},"nextItem":{"title":"Working with Linux containers on RHEL 8 with Podman, image builder and web console","permalink":"/blogs/2019/12/14/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Running containers with Podman and shareable systemd services\\n\\n## By Bryan Hepworth [GitHub](https://github.com/vrothberg)\\n\\nPodman version 1.7 is coming out soon and will include new features that will make management of containers with systemd services even easier. Valentin Rothberg has a blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site that previews the features: [Running containers with Podman and shareable systemd services](https://www.redhat.com/sysadmin/podman-shareable-systemd-services). In the post Valentin goes over the highlights and then gives a great working example."},{"id":"/2019/12/14/new","metadata":{"permalink":"/blogs/2019/12/14/new","source":"@site/blog/2019-12-14-new.md","title":"Working with Linux containers on RHEL 8 with Podman, image builder and web console","description":"Do you want to know how to setup RHEL 8 to run containers using Podman? Xuegang Jin has a blog post on the Red Hat Blog about this very subject, Working with Linux containers on RHEL 8 with Podman, image builder and web console. In the post Xuegang shows you how you can use Image Builder to create an OS image, how to run containers with Podman, and how to check the host and containers performance using Web Console.","date":"2019-12-14T00:00:00.000Z","formattedDate":"December 14, 2019","tags":[],"readingTime":0.395,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Working with Linux containers on RHEL 8 with Podman, image builder and web console","layout":"default","categories":["new"]},"prevItem":{"title":"Running containers with Podman and shareable systemd services","permalink":"/blogs/2019/12/17/podman-systemd-1-7"},"nextItem":{"title":"Working with Linux containers on RHEL 8 with Podman, image builder and web console","permalink":"/blogs/2019/12/14/rhel8-podman"}},"content":"Do you want to know how to setup RHEL 8 to run containers using Podman? Xuegang Jin has a blog post on the [Red Hat Blog](https://www.redhat.com/en/blog) about this very subject, [Working with Linux containers on RHEL 8 with Podman, image builder and web console](https://www.redhat.com/en/blog/working-linux-containers-rhel-8-podman-image-builder-and-web-console). In the post Xuegang shows you how you can use Image Builder to create an OS image, how to run containers with Podman, and how to check the host and containers performance using Web Console."},{"id":"/2019/12/14/rhel8-podman","metadata":{"permalink":"/blogs/2019/12/14/rhel8-podman","source":"@site/blog/2019-12-14-rhel8-podman.md","title":"Working with Linux containers on RHEL 8 with Podman, image builder and web console","description":"podman logo","date":"2019-12-14T00:00:00.000Z","formattedDate":"December 14, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.5,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Working with Linux containers on RHEL 8 with Podman, image builder and web console","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Working with Linux containers on RHEL 8 with Podman, image builder and web console","permalink":"/blogs/2019/12/14/new"},"nextItem":{"title":"Understanding root inside and outside a container","permalink":"/blogs/2019/12/11/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Working with Linux containers on RHEL 8 with Podman, image builder and web console\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nDo you want to know how to setup RHEL 8 to run containers using Podman? Xuegang Jin has a blog post on the [Red Hat Blog](https://www.redhat.com/en/blog) about this very subject, [Working with Linux containers on RHEL 8 with Podman, image builder and web console](https://www.redhat.com/en/blog/working-linux-containers-rhel-8-podman-image-builder-and-web-console). In the post Xuegang explains how you can use Image Builder to create an OS image, how to run containers with Podman, and how to check the host and containers performance using Web Console."},{"id":"/2019/12/11/new","metadata":{"permalink":"/blogs/2019/12/11/new","source":"@site/blog/2019-12-11-new.md","title":"Understanding root inside and outside a container","description":"Do you run containers as root, or as a regular user? Scott McCarty has a blog post on the Red Hat Blog about this very subject, Understanding root inside and outside a container. In the post Scott walks you through what a rootless container does and how it can be a safer alternative to a container run by root.","date":"2019-12-11T00:00:00.000Z","formattedDate":"December 11, 2019","tags":[],"readingTime":0.295,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Understanding root inside and outside a container","layout":"default","categories":["new"]},"prevItem":{"title":"Working with Linux containers on RHEL 8 with Podman, image builder and web console","permalink":"/blogs/2019/12/14/rhel8-podman"},"nextItem":{"title":"Understanding root inside and outside a container","permalink":"/blogs/2019/12/11/understanding-root"}},"content":"Do you run containers as root, or as a regular user? Scott McCarty has a blog post on the [Red Hat Blog](https://www.redhat.com/en/blog) about this very subject, [Understanding root inside and outside a container](https://www.redhat.com/en/blog/understanding-root-inside-and-outside-container). In the post Scott walks you through what a rootless container does and how it can be a safer alternative to a container run by root."},{"id":"/2019/12/11/understanding-root","metadata":{"permalink":"/blogs/2019/12/11/understanding-root","source":"@site/blog/2019-12-11-understanding-root.md","title":"Understanding root inside and outside a container","description":"podman logo","date":"2019-12-11T00:00:00.000Z","formattedDate":"December 11, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.37,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Understanding root inside and outside a container","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Understanding root inside and outside a container","permalink":"/blogs/2019/12/11/new"},"nextItem":{"title":"Rootless Podman and NFS","permalink":"/blogs/2019/11/26/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Understanding root inside and outside a container\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nDo you run containers as root, or as a regular user? Scott McCarty has a blog post on the [Red Hat Blog](https://www.redhat.com/en/blog) about this very subject, [Understanding root inside and outside a container](https://www.redhat.com/en/blog/understanding-root-inside-and-outside-container). In the post Scott walks you through what a rootless container does and how it can be a safer alternative to a container run by root."},{"id":"/2019/11/26/new","metadata":{"permalink":"/blogs/2019/11/26/new","source":"@site/blog/2019-11-26-new.md","title":"Rootless Podman and NFS","description":"Dan Walsh has another blog post on the Red Hat Enable Sysadmin site this time about Rootless Podman and NFS. In the post Dan talks about how you can make some minor configuration changes to allow Podman to use a user\'s home directory on an NFS share. Give it a read!","date":"2019-11-26T00:00:00.000Z","formattedDate":"November 26, 2019","tags":[],"readingTime":0.255,"hasTruncateMarker":false,"authors":[{"name":"dwalsh"}],"frontMatter":{"title":"Rootless Podman and NFS","author":"dwalsh","layout":"default","categories":["new"]},"prevItem":{"title":"Understanding root inside and outside a container","permalink":"/blogs/2019/12/11/understanding-root"},"nextItem":{"title":"Rootless Podman and NFS","permalink":"/blogs/2019/11/26/rootless-podman-and-nfs"}},"content":"Dan Walsh has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time about [Rootless Podman and NFS](https://www.redhat.com/sysadmin/rootless-podman-nfs). In the post Dan talks about how you can make some minor configuration changes to allow Podman to use a user\'s home directory on an NFS share. Give it a read!"},{"id":"/2019/11/26/rootless-podman-and-nfs","metadata":{"permalink":"/blogs/2019/11/26/rootless-podman-and-nfs","source":"@site/blog/2019-11-26-rootless-podman-and-nfs.md","title":"Rootless Podman and NFS","description":"podman logo","date":"2019-11-26T00:00:00.000Z","formattedDate":"November 26, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"nfs","permalink":"/blogs/tags/nfs"},{"label":"network","permalink":"/blogs/tags/network"},{"label":"runtime","permalink":"/blogs/tags/runtime"}],"readingTime":0.315,"hasTruncateMarker":false,"authors":[{"name":"dwalsh"}],"frontMatter":{"title":"Rootless Podman and NFS","layout":"default","author":"dwalsh","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","hpc","oci","nfs","network","runtime"]},"prevItem":{"title":"Rootless Podman and NFS","permalink":"/blogs/2019/11/26/new"},"nextItem":{"title":"How To Install Podman on Debian","permalink":"/blogs/2019/11/20/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Rootless Podman and NFS\\n\\n## By Dan Walsh [GitHub](https://github.com/rhatdan)\\n\\nDan Walsh has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time about [Rootless Podman and NFS](https://www.redhat.com/sysadmin/rootless-podman-nfs). In the post Dan talks about how you can make some minor configuration changes to allow Podman to use a user\'s home directory on an NFS share. Give it a read!"},{"id":"/2019/11/20/new","metadata":{"permalink":"/blogs/2019/11/20/new","source":"@site/blog/2019-11-20-new.md","title":"How To Install Podman on Debian","description":"Josphat Mutai posted a blog post on the Computing for Geeks site talking about How To Install Podman on Debian. In the post Josphat walks through all the steps necessary from \'A\' to \'Z\' to get Podman up and running on Debian and how to do some initial Podman commands.","date":"2019-11-20T00:00:00.000Z","formattedDate":"November 20, 2019","tags":[],"readingTime":0.25,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"How To Install Podman on Debian","layout":"default","categories":["new"]},"prevItem":{"title":"Rootless Podman and NFS","permalink":"/blogs/2019/11/26/rootless-podman-and-nfs"},"nextItem":{"title":"How To Install Podman on Debian","permalink":"/blogs/2019/11/20/run-podman-on-debian"}},"content":"Josphat Mutai posted a blog post on the [Computing for Geeks](https://computingforgeeks.com/) site talking about [How To Install Podman on Debian](https://computingforgeeks.com/how-to-install-podman-on-debian/). In the post Josphat walks through all the steps necessary from \'A\' to \'Z\' to get Podman up and running on Debian and how to do some initial Podman commands."},{"id":"/2019/11/20/run-podman-on-debian","metadata":{"permalink":"/blogs/2019/11/20/run-podman-on-debian","source":"@site/blog/2019-11-20-run-podman-on-debian.md","title":"How To Install Podman on Debian","description":"podman logo","date":"2019-11-20T00:00:00.000Z","formattedDate":"November 20, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"runtime","permalink":"/blogs/tags/runtime"}],"readingTime":0.32,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"How To Install Podman on Debian","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","hpc","oci","networking","runtime"]},"prevItem":{"title":"How To Install Podman on Debian","permalink":"/blogs/2019/11/20/new"},"nextItem":{"title":"Leasing routable IP addresses with Podman containers","permalink":"/blogs/2019/11/13/lease-routable-ip-addrs"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# How To Install Podman on Debian\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nJosphat Mutai posted a blog post on the [Computing for Geeks](https://computingforgeeks.com/) site talking about [How To Install Podman on Debian](https://computingforgeeks.com/how-to-install-podman-on-debian/). In the post Josphat walks through all the steps necessary from \'A\' to \'Z\' to get Podman up and running on Debian and how to do some initial Podman commands."},{"id":"/2019/11/13/lease-routable-ip-addrs","metadata":{"permalink":"/blogs/2019/11/13/lease-routable-ip-addrs","source":"@site/blog/2019-11-13-lease-routable-ip-addrs.md","title":"Leasing routable IP addresses with Podman containers","description":"podman logo","date":"2019-11-13T00:00:00.000Z","formattedDate":"November 13, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"networking","permalink":"/blogs/tags/networking"},{"label":"runtime","permalink":"/blogs/tags/runtime"}],"readingTime":0.33,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Leasing routable IP addresses with Podman containers","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","hpc","oci","networking","runtime"]},"prevItem":{"title":"How To Install Podman on Debian","permalink":"/blogs/2019/11/20/run-podman-on-debian"},"nextItem":{"title":"Leasing routable IP addresses with Podman containers","permalink":"/blogs/2019/11/13/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Leasing routable IP addresses with Podman containers\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\nBrent Baude has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time about [Leasing routable IP addresses with Podman containers](https://www.redhat.com/sysadmin/leasing-ips-podman). In the post Brent talks about using the macvlan and the dhcp plugins that ship with the container-networking project in order to lease ip addresses for your containers."},{"id":"/2019/11/13/new","metadata":{"permalink":"/blogs/2019/11/13/new","source":"@site/blog/2019-11-13-new.md","title":"Leasing routable IP addresses with Podman containers","description":"Brent Baude has another blog post on the Red Hat Enable Sysadmin site this time about Leasing routable IP addresses with Podman containers. In the post Brent talks about using the macvlan and the dhcp plugins that ship with the container-networking project in order to lease ip addresses for your containers.","date":"2019-11-13T00:00:00.000Z","formattedDate":"November 13, 2019","tags":[],"readingTime":0.255,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Leasing routable IP addresses with Podman containers","author":"baude","layout":"default","categories":["new"]},"prevItem":{"title":"Leasing routable IP addresses with Podman containers","permalink":"/blogs/2019/11/13/lease-routable-ip-addrs"},"nextItem":{"title":"Fedora 31 and Control Group v2","permalink":"/blogs/2019/11/12/F31-Control-Group-v2"}},"content":"Brent Baude has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time about [Leasing routable IP addresses with Podman containers](https://www.redhat.com/sysadmin/leasing-ips-podman). In the post Brent talks about using the macvlan and the dhcp plugins that ship with the container-networking project in order to lease ip addresses for your containers."},{"id":"/2019/11/12/F31-Control-Group-v2","metadata":{"permalink":"/blogs/2019/11/12/F31-Control-Group-v2","source":"@site/blog/2019-11-12-F31-Control-Group-v2.md","title":"Fedora 31 and Control Group v2","description":"podman logo","date":"2019-11-12T00:00:00.000Z","formattedDate":"November 12, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"security","permalink":"/blogs/tags/security"},{"label":"runtime","permalink":"/blogs/tags/runtime"}],"readingTime":0.32,"hasTruncateMarker":false,"authors":[{"name":"dwalsh"}],"frontMatter":{"title":"Fedora 31 and Control Group v2","layout":"default","author":"dwalsh","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","hpc","oci","security","runtime"]},"prevItem":{"title":"Leasing routable IP addresses with Podman containers","permalink":"/blogs/2019/11/13/new"},"nextItem":{"title":"Fedora 31 and Control Group v2","permalink":"/blogs/2019/11/12/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Fedora 31 and Control Group v2\\n\\n## By Dan Walsh [GitHub](https://github.com/rhatdan)\\n\\nDan Walsh has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time about [Fedora 31 and Control Group v2](https://www.redhat.com/sysadmin/fedora-31-control-group-v2). In the post Dan talks about the new version of control groups that is part of the Fedora 31 release and how it makes containers even more secure."},{"id":"/2019/11/12/new","metadata":{"permalink":"/blogs/2019/11/12/new","source":"@site/blog/2019-11-12-new.md","title":"Fedora 31 and Control Group v2","description":"Dan Walsh has another blog post on the Red Hat Enable Sysadmin site this time about Fedora 31 and Control Group v2. In the post Dan talks about the new version of control groups that is part of the Fedora 31 release and how it makes containers even more secure.","date":"2019-11-12T00:00:00.000Z","formattedDate":"November 12, 2019","tags":[],"readingTime":0.25,"hasTruncateMarker":false,"authors":[{"name":"dwalsh"}],"frontMatter":{"title":"Fedora 31 and Control Group v2","author":"dwalsh","layout":"default","categories":["new"]},"prevItem":{"title":"Fedora 31 and Control Group v2","permalink":"/blogs/2019/11/12/F31-Control-Group-v2"},"nextItem":{"title":"Building freely distributed containers with open tools","permalink":"/blogs/2019/11/08/build-ctrs-with-open-tools"}},"content":"Dan Walsh has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time about [Fedora 31 and Control Group v2](https://www.redhat.com/sysadmin/fedora-31-control-group-v2). In the post Dan talks about the new version of control groups that is part of the Fedora 31 release and how it makes containers even more secure."},{"id":"/2019/11/08/build-ctrs-with-open-tools","metadata":{"permalink":"/blogs/2019/11/08/build-ctrs-with-open-tools","source":"@site/blog/2019-11-08-build-ctrs-with-open-tools.md","title":"Building freely distributed containers with open tools","description":"podman logo","date":"2019-11-08T00:00:00.000Z","formattedDate":"November 8, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"security","permalink":"/blogs/tags/security"},{"label":"runtime","permalink":"/blogs/tags/runtime"}],"readingTime":0.7,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Building freely distributed containers with open tools","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","hpc","oci","security","runtime"]},"prevItem":{"title":"Fedora 31 and Control Group v2","permalink":"/blogs/2019/11/12/new"},"nextItem":{"title":"Building freely distributed containers with open tools","permalink":"/blogs/2019/11/08/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Building freely distributed containers with open tools\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nScott McCarty (@fatherlinux) has an amazing video on YouTube about [Building freely distributed containers with open tools](https://www.youtube.com/watch?v=Qcys7fKSzB0&t=84). As only Scott could say \\"Although explaining how to ride a Tron-style light cycle is beyond the scope of this tutorial, we will discuss something almost as exhilarating\u2014building containers with #Podman and #RedHat Universal Base Image (UBI). We will cover how to build and run #containers based on #UBI using just your regular user account\u2014no daemon, no root (rootless), no fuss. Finally, we will order the deresolution of all of our containers with a really cool command. You probably won\u2019t be promoted to CEO of ENCOM after this talk, but you will have new tools in your toolbelt for how to find, run, build, and share container images.\\""},{"id":"/2019/11/08/new","metadata":{"permalink":"/blogs/2019/11/08/new","source":"@site/blog/2019-11-08-new.md","title":"Building freely distributed containers with open tools","description":"Scott McCarty (@fatherlinux) has an amazing video on YouTube about Building freely distributed containers with open tools. As only Scott could say \\"Although explaining how to ride a Tron-style light cycle is beyond the scope of this tutorial, we will discuss something almost as exhilarating\u2014building containers with #Podman and #RedHat Universal Base Image (UBI). We will cover how to build and run #containers based on #UBI using just your regular user account\u2014no daemon, no root (rootless), no fuss. Finally, we will order the deresolution of all of our containers with a really cool command. You probably won\u2019t be promoted to CEO of ENCOM after this talk, but you will have new tools in your toolbelt for how to find, run, build, and share container images.\\"","date":"2019-11-08T00:00:00.000Z","formattedDate":"November 8, 2019","tags":[],"readingTime":0.625,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Building freely distributed containers with open tools","layout":"default","categories":["new"]},"prevItem":{"title":"Building freely distributed containers with open tools","permalink":"/blogs/2019/11/08/build-ctrs-with-open-tools"},"nextItem":{"title":"Basic security principles for containers and container runtimes","permalink":"/blogs/2019/11/07/basic-security-principles"}},"content":"Scott McCarty (@fatherlinux) has an amazing video on YouTube about [Building freely distributed containers with open tools](https://www.youtube.com/watch?v=Qcys7fKSzB0&t=84). As only Scott could say \\"Although explaining how to ride a Tron-style light cycle is beyond the scope of this tutorial, we will discuss something almost as exhilarating\u2014building containers with #Podman and #RedHat Universal Base Image (UBI). We will cover how to build and run #containers based on #UBI using just your regular user account\u2014no daemon, no root (rootless), no fuss. Finally, we will order the deresolution of all of our containers with a really cool command. You probably won\u2019t be promoted to CEO of ENCOM after this talk, but you will have new tools in your toolbelt for how to find, run, build, and share container images.\\""},{"id":"/2019/11/07/basic-security-principles","metadata":{"permalink":"/blogs/2019/11/07/basic-security-principles","source":"@site/blog/2019-11-07-basic-security-principles.md","title":"Basic security principles for containers and container runtimes","description":"podman logo","date":"2019-11-07T00:00:00.000Z","formattedDate":"November 7, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"security","permalink":"/blogs/tags/security"},{"label":"runtime","permalink":"/blogs/tags/runtime"}],"readingTime":0.305,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Basic security principles for containers and container runtimes","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","hpc","oci","security","runtime"]},"prevItem":{"title":"Building freely distributed containers with open tools","permalink":"/blogs/2019/11/08/new"},"nextItem":{"title":"Basic security principles for containers and container runtimes","permalink":"/blogs/2019/11/07/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Basic security principles for containers and container runtimes\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\nBrent Baude has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time about [Basic security principles for containers and container runtimes](https://www.redhat.com/sysadmin/basic-security-principles-containers). In the post Brent talks about the three core security themes concerning containers and why user privileges matter in the space."},{"id":"/2019/11/07/new","metadata":{"permalink":"/blogs/2019/11/07/new","source":"@site/blog/2019-11-07-new.md","title":"Basic security principles for containers and container runtimes","description":"Brent Baude has another blog post on the Red Hat Enable Sysadmin site this time about Basic security principles for containers and container runtimes. In the post Brent talks about the three core security themes concerning containers and why user privileges matter in the space.","date":"2019-11-07T00:00:00.000Z","formattedDate":"November 7, 2019","tags":[],"readingTime":0.225,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Basic security principles for containers and container runtimes","author":"baude","layout":"default","categories":["new"]},"prevItem":{"title":"Basic security principles for containers and container runtimes","permalink":"/blogs/2019/11/07/basic-security-principles"},"nextItem":{"title":"Migrating from Docker to Podman","permalink":"/blogs/2019/11/05/docker2podman"}},"content":"Brent Baude has another blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site this time about [Basic security principles for containers and container runtimes](https://www.redhat.com/sysadmin/basic-security-principles-containers). In the post Brent talks about the three core security themes concerning containers and why user privileges matter in the space."},{"id":"/2019/11/05/docker2podman","metadata":{"permalink":"/blogs/2019/11/05/docker2podman","source":"@site/blog/2019-11-05-docker2podman.md","title":"Migrating from Docker to Podman","description":"podman logo","date":"2019-11-05T00:00:00.000Z","formattedDate":"November 5, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.25,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Migrating from Docker to Podman","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Basic security principles for containers and container runtimes","permalink":"/blogs/2019/11/07/new"},"nextItem":{"title":"Migrating from Docker to Podman","permalink":"/blogs/2019/11/05/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Migrating from Docker to Podman\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nElliott Sales de Andrade\'s post on [Quantum Logic](https://qulogic.gitlab.io/), [Migrating from Docker to Podman](https://qulogic.gitlab.io/posts/2019-10-20-migrating-to-podman/) takes a look at his migration from Docker to Podman and a good assessment of where the Podman tool stands in comparison to Docker."},{"id":"/2019/11/05/new","metadata":{"permalink":"/blogs/2019/11/05/new","source":"@site/blog/2019-11-05-new.md","title":"Migrating from Docker to Podman","description":"Elliott Sales de Andrade\'s post on Quantum Logic, Migrating from Docker to Podman takes a look at his migration from Docker to Podman and a good assessment of where the Podman tool stands in comparison to Docker.","date":"2019-11-05T00:00:00.000Z","formattedDate":"November 5, 2019","tags":[],"readingTime":0.185,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Migrating from Docker to Podman","layout":"default","categories":["new"]},"prevItem":{"title":"Migrating from Docker to Podman","permalink":"/blogs/2019/11/05/docker2podman"},"nextItem":{"title":"The current adoption status of cgroup v2 in containers","permalink":"/blogs/2019/10/31/cgroupv2"}},"content":"Elliott Sales de Andrade\'s post on [Quantum Logic](https://qulogic.gitlab.io/), [Migrating from Docker to Podman](https://qulogic.gitlab.io/posts/2019-10-20-migrating-to-podman/) takes a look at his migration from Docker to Podman and a good assessment of where the Podman tool stands in comparison to Docker."},{"id":"/2019/10/31/cgroupv2","metadata":{"permalink":"/blogs/2019/10/31/cgroupv2","source":"@site/blog/2019-10-31-cgroupv2.md","title":"The current adoption status of cgroup v2 in containers","description":"podman logo","date":"2019-10-31T00:00:00.000Z","formattedDate":"October 31, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.355,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"The current adoption status of cgroup v2 in containers","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Migrating from Docker to Podman","permalink":"/blogs/2019/11/05/new"},"nextItem":{"title":"The current adoption status of cgroup v2 in containers","permalink":"/blogs/2019/10/31/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# The current adoption status of cgroup v2 in containers\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nIn case you missed Akihiro Suda\'s post on [Medium.com](https://medium.com/), [The current adoption status of cgroup v2 in containers](https://medium.com/nttlabs/cgroup-v2-596d035be4d7), here\'s a quick link to it. In the article Akihiro talks all things cgroup v2 and what changes it promises to bring to the world of containers, and Podman is at the forefront of that change."},{"id":"/2019/10/31/new","metadata":{"permalink":"/blogs/2019/10/31/new","source":"@site/blog/2019-10-31-new.md","title":"The current adoption status of cgroup v2 in containers","description":"In case you missed Akihiro Suda\'s post on Medium.com, The current adoption status of cgroup v2 in containers, here\'s a quick link to it. In the article Akihiro talks all things cgroup v2 and what changes it promises to bring to the world of containers, and Podman is at the forefront of that change.","date":"2019-10-31T00:00:00.000Z","formattedDate":"October 31, 2019","tags":[],"readingTime":0.27,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"The current adoption status of cgroup v2 in containers","layout":"default","categories":["new"]},"prevItem":{"title":"The current adoption status of cgroup v2 in containers","permalink":"/blogs/2019/10/31/cgroupv2"},"nextItem":{"title":"First Look: Rootless Containers and cgroup v2 on Fedora 31","permalink":"/blogs/2019/10/29/new"}},"content":"In case you missed Akihiro Suda\'s post on [Medium.com](https://medium.com/), [The current adoption status of cgroup v2 in containers](https://medium.com/nttlabs/cgroup-v2-596d035be4d7), here\'s a quick link to it. In the article Akihiro talks all things cgroup v2 and what changes it promises to bring to the world of containers, and Podman is at the forefront of that change."},{"id":"/2019/10/29/new","metadata":{"permalink":"/blogs/2019/10/29/new","source":"@site/blog/2019-10-29-new.md","title":"First Look: Rootless Containers and cgroup v2 on Fedora 31","description":"Want to allow your users without privileges to run a container securerly on your host? Then this post Rootless Containers and cgroup v2 on Fedora 31 will show you how. It\'s quick, it\'s easy, it\'s secure and it won\'t even cost $19.99!","date":"2019-10-29T00:00:00.000Z","formattedDate":"October 29, 2019","tags":[],"readingTime":0.22,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"First Look: Rootless Containers and cgroup v2 on Fedora 31","layout":"default","categories":["new"]},"prevItem":{"title":"The current adoption status of cgroup v2 in containers","permalink":"/blogs/2019/10/31/new"},"nextItem":{"title":"First Look: Rootless Containers and cgroup v2 on Fedora 31","permalink":"/blogs/2019/10/29/podman-crun-f31"}},"content":"Want to allow your users without privileges to run a container securerly on your host? Then this post: [First Look: Rootless Containers and cgroup v2 on Fedora 31](https://podman.io/blogs/2019/10/29/podman-crun-f31.html) will show you how. It\'s quick, it\'s easy, it\'s secure and it won\'t even cost $19.99!"},{"id":"/2019/10/29/podman-crun-f31","metadata":{"permalink":"/blogs/2019/10/29/podman-crun-f31","source":"@site/blog/2019-10-29-podman-crun-f31.md","title":"First Look: Rootless Containers and cgroup v2 on Fedora 31","description":"podman logo","date":"2019-10-29T00:00:00.000Z","formattedDate":"October 29, 2019","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"rootless","permalink":"/blogs/tags/rootless"},{"label":"crun","permalink":"/blogs/tags/crun"}],"readingTime":7.41,"hasTruncateMarker":true,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"First Look: Rootless Containers and cgroup v2 on Fedora 31","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["podman","containers","hpc","rootless","crun"]},"prevItem":{"title":"First Look: Rootless Containers and cgroup v2 on Fedora 31","permalink":"/blogs/2019/10/29/new"},"nextItem":{"title":"Podman and NFS","permalink":"/blogs/2019/10/28/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# First Look: Rootless Containers and cgroup v2 on Fedora 31\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nI often times stay up too late at night watching late night television and run into these crazy commercials that tell you how easy their product is to use. If you\u2019ve stayed up too, you know them as well. Just put your chicken and veggies in our oven, press 3 buttons and 45 minutes later a perfectly cooked meal! Easy! Got a leak? Slap on this tape and no more leak! Easy! Got a messy floor, just use this sweeper and you\u2019ve the cleanest floor in the neighborhood! Easy!\\n\\nPodman runs secure rootless containers and it really is easy! Trust me, I\u2019m not like those other folks! As we\u2019ve had a number of people asking us about what\u2019s needed to set Podman rootless containers up, I decided to run through the process myself and to blog about the steps I took.\\n\\n\x3c!--truncate--\x3e\\n\\nThe first bit of the work has to be done as either the root user or someone with root privileges. For this walkthrough I used the root user on the console and the first thing I did was to upgrade my Fedora 30 Virtual Machine (VM) to Fedora 31. If you want to install Fedora 31 directly, the beta version just became available at the time of this writing, you could do that instead. The steps to do the upgrade are:\\n\\n```\\n# dnf -y upgrade --refresh\\n# dnf -y install dnf-plugin-system-upgrade\\n# dnf -y system-upgrade download --releasever=31\\n# dnf system-upgrade reboot\\n```\\n\\nAfter the machine finished rebooting, my VM was running Fedora 31 so now I needed to install Podman with `dnf -y install podman`. After that completes, verify that you have Podman Version 1.6.2 or higher.\\n\\n```\\n# podman version\\nVersion: 1.6.2\\nRemoteAPI Version: 1\\nGo Version: go1.13.1\\nOS/Arch: linux/amd64\\n```\\n\\nNow I\u2019m going to follow the steps in the [Basic Setup and Use of Podman in a Rootless environments](https://github.com/containers/podman/blob/main/docs/tutorials/rootless_tutorial.md) tutorial to do the configuration necessary to run rootless containers.\\n\\nPodman running rootless containers does have a few software dependencies. Most if not all of these should be installed for you on Fedora 31 by default, but just to verify I did:\\n\\n```\\n# dnf -y install slirp4netns fuse-overlayfs\\nLast metadata expiration check: 0:02:26 ago on Sat 14 Sep 2019 07:56:03 PM EDT.\\nPackage slirp4netns-0.4.0-20.1.dev.gitbbd6f25.fc31.x86_64 is already installed.\\nPackage fuse-overlayfs-0.6.2-2.git67a4afe.fc31.x86_64 is already installed.\\nDependencies resolved.\\nNothing to do.\\nComplete!\\n```\\n\\nNow the user namespaces need to be setup. Rootless Podman requires the user running it to have a range of UIDs and GIDs listed in the /etc/subuid and /etc/subgid files. These files control which UIDs and GIDs the user is allocated to use on the system. Depending upon how your user was first created, these files may already have entries in them for your user. If so, you don\u2019t need to do anything else. If not, then you can edit either file directly, or you can use `useradd` to create the user and allocate entries in both files, or you can use the `usermod` command to allocate them for a preexisting user. In this example usermod has allocated the values from 10000 to 55537 for the local \u201ctom\u201d account to use in our system.\\n\\n```\\n# usermod -v 10000-65536 -w 10000-65536 tom\\n\\n# cat /etc/subuid\\ntom:10000:55537\\n\\n# cat /etc/subgid\\ntom:10000:55537\\n```\\n\\nIf you have multiple users, you\u2019ll need to be sure that the ranges that are assigned to them in either `/etc/subuid` or `/etc/subgid` don\u2019t overlap or they could gain control of the other persons containers in that overlap.\\n\\nNow we\u2019re done running with a privileged account. From here on out we can run as a non-privileged user, so I next opened up a new terminal and ssh\u2019d into the host using the non-privileged \u2018tom\u2019 account:\\n\\n```\\n$ ssh tom@192.168.122.228\\ntom@192.168.122.228\'s password:\\n```\\n\\nThe first thing to do is to check for the `crun` command.\\n\\n```\\n# whereis crun\\ncrun: /usr/bin/crun /usr/share/man/man1/crun.1.gz\\n```\\n\\nThe `crun` command is the runtime the allows for cgroup V2 support and is supplied starting with Fedora 31. Other container systems use the `runc` runtime. However, runc only supports cgroup V1. The cgroup kernel feature allows you to allocate resources such as CPU time, network bandwidth and system memory to a container. Version 1 of cgroup only supports containers that are run by root, while version 2 supports containers that are run by root or a non-privileged user.\\n\\nA few tweaks to the \u2018tom\u2019 account config files may be needed, in most cases these files will not need tweaking, but let\u2019s verify them. The first up is libpod.conf and to get a default variant of that file, just run `podman info` first.\\n\\n```\\n$ podman info\\n$ vi .config/containers/libpod.conf\\n```\\n\\nAnd if it\u2019s not already set, set the `runtime` option in libpod.conf to \u201ccrun\u201d.\\n\\n```\\nruntime = \\"crun\\"\\n```\\n\\nThen in `.config/containers/storage.conf` make sure the `mount_program = \u201c/usr/bin/fuse-overlayfs\u201d` line is uncommented.\\n\\nJust that easy, you\u2019re ready to run Rootless Podman. See I told you I\u2019m not like those other guys! Let\u2019s try setting up a rootless container running httpd. Let\u2019s create this Dockerfile in the local directory:\\n\\n```\\n$ cat Dockerfile\\nFROM registry.access.redhat.com/ubi8/ubi:8.0\\n\\nMAINTAINER Podman Mailing List \\nENV DOCROOT=/var/www/html\\n\\nRUN yum --disableplugin=subscription-manager --nodocs -y install httpd \\\\\\n && yum --disableplugin=subscription-manager clean all \\\\\\n && echo \\"Hello from the httpd-parent container!\\" > ${DOCROOT}/index.html\\n\\nEXPOSE 80\\n\\nCMD httpd -D FOREGROUND\\n```\\n\\nAnd now build using it:\\n\\n```\\n$ podman build -t myhttp .\\nSTEP 1: FROM registry.access.redhat.com/ubi8/ubi:8.0\\nGetting image source signatures\\nCopying blob 641d7cc5cbc4 done\\nCopying blob c65691897a4d done\\nCopying config 11f9dba4d1 done\\nWriting manifest to image destination\\nStoring signatures\\nSTEP 2: MAINTAINER Podman Mailing List \\nbed974e664909b511f14e2cc21a59642c81fd1d958db12d7ef8fdc1e74f3d364\\nSTEP 3: ENV DOCROOT=/var/www/html\\n5eee83e1e640a4aa2c5f39caa11c3a24ec22e37f99633c2ee9912e8f65a5ff81\\nSTEP 4: RUN yum --disableplugin=subscription-manager --nodocs -y install httpd && yum --disableplugin=subscription-manager clean all && echo \\"Hello from the httpd-parent container!\\" > ${DOCROOT}/index.html\\nRed Hat Universal Base Image 8 (RPMs) - AppStre 1.0 MB/s | 2.3 MB 00:02\\nRed Hat Universal Base Image 8 (RPMs) - BaseOS 769 kB/s | 754 kB 00:00\\nDependencies resolved.\\n{A number of normal yum output lines removed for brevity}\\nInstalled:\\n httpd-2.4.37-12.module+el8.0.0+4096+eb40e6da.x86_64\\n apr-util-openssl-1.6.1-6.el8.x86_64\\n apr-util-bdb-1.6.1-6.el8.x86_64\\n apr-1.6.3-9.el8.x86_64\\n apr-util-1.6.1-6.el8.x86_64\\n httpd-tools-2.4.37-12.module+el8.0.0+4096+eb40e6da.x86_64\\n mod_http2-1.11.3-3.module+el8.0.0+4096+eb40e6da.x86_64\\n httpd-filesystem-2.4.37-12.module+el8.0.0+4096+eb40e6da.noarch\\n mailcap-2.1.48-3.el8.noarch\\n redhat-logos-httpd-80.7-1.el8.noarch\\n\\nComplete!\\n16 files removed\\n45fcaaf719615e97190bf38aa9d8d06e5437f0e10741343fd318777647584d6f\\nSTEP 5: EXPOSE 80\\n865abb5a809cb0ffbc63fef2def892595fe54cfeffc67013a0096a5f0fff4b27\\nSTEP 6: CMD httpd -D FOREGROUND\\nSTEP 7: COMMIT myhttp\\nf8d0bf10faa0460a111283a51d95e94421d1a46a21bca7f6f43a762469504593\\n```\\n\\nNow to verify the myhttp image has been created:\\n\\n```\\n$ podman images\\nREPOSITORY TAG IMAGE ID CREATED SIZE\\nlocalhost/myhttp latest a76baf5989a3 2 minutes ago 236 MB\\nregistry.access.redhat.com/ubi8/ubi 8.0 11f9dba4d1bc 5 weeks ago 216 MB\\n```\\n\\nLet\u2019s now run our container and check that the http server is responding:\\n\\n```\\n$ podman run --detach --name myhttp_ctr localhost/myhttp 30d8b54f63c5d2a8ecbe30b56546082e32e701a87c98df81ee0d2565ed33db72\\n$ curl localhost\\ncurl: (7) Failed to connect to localhost port 80: Connection refused\\n```\\n\\nBut wait! Why did the curl command fail rather than return our index.html output from our webserver? That\u2019s because we\u2019re running a rootless container and the user running this container doesn\u2019t have the privilege to connect to the container host\u2019s port 80 for the webserver. So how can we be certain that the webserver is up and running? First let\u2019s see if the container is up:\\n\\n```\\n$ podman ps\\nCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES\\n30d8b54f63c5 localhost/myhttp:latest /bin/sh -c httpd ... 3 minutes ago Up 3 minutes ago myhttp_ctr\\n```\\n\\nThe container appears to be up and running. Let\u2019s exec into it and see if we can resolve the web server from inside of the container:\\n\\n```\\n$ podman exec -it myhttp_ctr /bin/bash\\nbash-4.4# curl localhost\\nHello from the httpd-parent container!\\n```\\n\\nWe\u2019ve made contact with our web server from within the container. Granted this is not the most useful example from a real world side of things. However, it does show how a rootless container is able to run while the administrator of the host can build a good secure separation from the rootless container. Rootless containers keep unprivileged users from running or controlling things they should not on the host.\\n\\nSetting up a host to run rootless containers using Podman is a relatively painless process. Out of the box the only thing that may need to be done is to add entries in the /etc/subuid and /etc/subgid files for users that will be running containers. That\u2019s it! We did a little more checking on the files above, but that wasn\u2019t required. Once the user has those entries created for them, they can run containers in their own space without controlling things on the host that they should not. It really is just that easy, and best yet, you didn\u2019t even have to stay up late at night so you could call now \u201cFor just $19.99 we\u2019ll give you rootless containers and if you sign up now, you can run them safely too!\u201d. Instead, rootless containers are there and ready for your use starting in Podman v1.6.2 right now."},{"id":"/2019/10/28/new","metadata":{"permalink":"/blogs/2019/10/28/new","source":"@site/blog/2019-10-28-new.md","title":"Podman and NFS","description":"Adrian Reber wrote up a quick post on \\"Podman and NFS\\" here. In the article Adrian shows how he extended his HPC environment to us a shared NFS home directory.","date":"2019-10-28T00:00:00.000Z","formattedDate":"October 28, 2019","tags":[],"readingTime":0.15,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Podman and NFS","layout":"default","categories":["new"]},"prevItem":{"title":"First Look: Rootless Containers and cgroup v2 on Fedora 31","permalink":"/blogs/2019/10/29/podman-crun-f31"},"nextItem":{"title":"Podman and NFS","permalink":"/blogs/2019/10/28/podman-with-nfs"}},"content":"Adrian Reber wrote up a quick post on \\"Podman and NFS\\" [here](https://podman.io/blogs/2019/10/28/podman-with-nfs.html). In the article Adrian shows how he extended his HPC environment to us a shared NFS home directory."},{"id":"/2019/10/28/podman-with-nfs","metadata":{"permalink":"/blogs/2019/10/28/podman-with-nfs","source":"@site/blog/2019-10-28-podman-with-nfs.md","title":"Podman and NFS","description":"podman logo","date":"2019-10-28T00:00:00.000Z","formattedDate":"October 28, 2019","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"hpc","permalink":"/blogs/tags/hpc"},{"label":"nfs","permalink":"/blogs/tags/nfs"}],"readingTime":2.49,"hasTruncateMarker":true,"authors":[{"name":"adrianr"}],"frontMatter":{"title":"Podman and NFS","layout":"default","author":"adrianr","categories":["blogs"],"tags":["podman","containers","hpc","nfs"]},"prevItem":{"title":"Podman and NFS","permalink":"/blogs/2019/10/28/new"},"nextItem":{"title":"PMM Server + podman: Running a Container Without root Privileges","permalink":"/blogs/2019/10/23/Perona-PMM"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman and NFS\\n\\n## By Adrian Reber [GitHub](https://github.com/adrianreber)\\n\\nIn my previous [Podman in HPC\\nenvironments](https://podman.io/blogs/2019/09/26/podman-in-hpc.html) article I\\nintroduced how Podman can be used to run containers under the control of Open\\nMPI. In this article I want to extend my HPC environment to use a shared NFS\\nhome directory.\\n\\n\x3c!--truncate--\x3e\\n\\nThe following examples are running on CentOS 7.7 and are\\nconfiguring Podman for rootless usage based on [the official\\ndocumentation](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux_atomic_host/7/html-single/managing_containers/index#running_containers_as_root_or_rootless).\\n\\nThe user in my examples is named _centos_.\\n\\n```shell\\n$ sudo sh -c \\"echo \'user.max_user_namespaces=28633\' > /etc/sysctl.d/userns.conf\\"\\n$ sudo sysctl -p /etc/sysctl.d/userns.conf\\n$ sudo sh -c \\"echo \'centos:200000:65536\' >> /etc/subuid\\"\\n$ sudo sh -c \\"echo \'centos:200000:65536\' >> /etc/subgid\\"\\n```\\n\\nWith this the system should be ready to run rootless containers. As I am focussing\\non containers running under Open MPI\'s control I am using Podman with _--net=host_,\\nas mentioned in my [previous article](https://podman.io/blogs/2019/09/26/podman-in-hpc.html).\\n\\nDuring system setup I am also configuring Podman to be ready to run on a NFS\\nbased home directory because, as far as I know, it is not possible for Podman\\nto correctly setup the necessary [user\\nnamespaces](https://man7.org/linux/man-pages/man7/user_namespaces.7.html) when\\nthe storage backend is running on NFS.\\n\\nThe following commands are necessary on my system to tell Podman to use\\n_/tmp/centos/containers_ as the storage backend:\\n\\n```shell\\n$ podman info\\n$ sed -e \\"s,graphroot.*$,graphroot = \\\\\\"/tmp/centos/containers\\\\\\",g\\" -i .config/containers/storage.conf\\n$ rm -f ./.local/share/containers/storage/libpod/bolt_state.db ./.local/share/containers/cache/blob-info-cache-v1.boltdb\\n```\\n\\nThe first command lets Podman create an initial configuration for the current\\nsystem. As the home directory is on a NFS mounted directory it is necessary to\\ntell Podman to use a non NFS directory for backend storage\\n(_/tmp/centos/containers_ in this example). As this happens during initial\\nsystem (or user) configuration and no container has yet been run by Podman I\\ncan easily delete Podman\'s local database which contains reference to the home\\ndirectory as the storage backend. With these 3 steps Podman is ready to be used\\non a NFS based home directory once the user logs in for the first time.\\n\\nI am now running the same Open MPI based container example as in my\\n[previous article](https://podman.io/blogs/2019/09/26/podman-in-hpc.html).\\n\\n```shell\\n$ mpirun --hostfile hostfile \\\\\\n --mca orte_tmpdir_base /tmp/podman-mpirun \\\\\\n podman run --env-host \\\\\\n -v /tmp/podman-mpirun:/tmp/podman-mpirun \\\\\\n --userns=keep-id \\\\\\n --net=host --pid=host --ipc=host \\\\\\n quay.io/adrianreber/mpi-test:30 /home/ring\\nRank 2 has cleared MPI_Init\\nRank 2 has completed ring\\nRank 2 has completed MPI_Barrier\\nRank 3 has cleared MPI_Init\\nRank 3 has completed ring\\nRank 3 has completed MPI_Barrier\\nRank 1 has cleared MPI_Init\\nRank 1 has completed ring\\nRank 1 has completed MPI_Barrier\\nRank 0 has cleared MPI_Init\\nRank 0 has completed ring\\nRank 0 has completed MPI_Barrier\\n```\\n\\nThe difference to the previous article is that my home directory is now NFS\\nbased. Podman will now go to the specified registry (_quay.io_) to download for\\neach host involved in the MPI job the specified container to\\n_/tmp/centos/containers_.\\n\\nThis enables me to use Podman in a even more HPC like environment where shared\\nhome directories are very common to share input and output data."},{"id":"/2019/10/23/Perona-PMM","metadata":{"permalink":"/blogs/2019/10/23/Perona-PMM","source":"@site/blog/2019-10-23-Perona-PMM.md","title":"PMM Server + podman: Running a Container Without root Privileges","description":"podman logo","date":"2019-10-23T00:00:00.000Z","formattedDate":"October 23, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.345,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"PMM Server + podman: Running a Container Without root Privileges","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Podman and NFS","permalink":"/blogs/2019/10/28/podman-with-nfs"},"nextItem":{"title":"PMM Server + podman: Running a Container Without root Privileges","permalink":"/blogs/2019/10/23/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# PMM Server + podman: Running a Container Without root Privileges\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nCeri Williams talks about how the Percona Monitoring and Management (PMM) can be run in a container using Podman without root privileges [here](https://www.percona.com/blog/2019/10/22/pmm-server-podman-running-a-container-without-root-privileges/?utm_campaign=2019%20Blog%20Q4&utm_content=103803368&utm_medium=social&utm_source=twitter&hss_channel=tw-35373186). In the post Ceri talks about how Percona was able to replace Docker with Podman and Buildah and are able to run containers more securely by doing so."},{"id":"/2019/10/23/new","metadata":{"permalink":"/blogs/2019/10/23/new","source":"@site/blog/2019-10-23-new.md","title":"PMM Server + podman: Running a Container Without root Privileges","description":"Ceri Williams talks about how the Percona Monitoring and Management (PMM) can be run in a container using Podman without root privileges here. In the post Ceri talks about how Percona was able to replace Docker with Podman and Buildah and are able to run containers more securely by doing so.","date":"2019-10-23T00:00:00.000Z","formattedDate":"October 23, 2019","tags":[],"readingTime":0.255,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"PMM Server + podman: Running a Container Without root Privileges","layout":"default","categories":["new"]},"prevItem":{"title":"PMM Server + podman: Running a Container Without root Privileges","permalink":"/blogs/2019/10/23/Perona-PMM"},"nextItem":{"title":"Generate SECCOMP Profiles for Containers Using Podman and eBPF","permalink":"/blogs/2019/10/15/generate-seccomp-profiles"}},"content":"Ceri Williams talks about how the Percona Monitoring and Management (PMM) can be run in a container using Podman without root privileges [here](https://www.percona.com/blog/2019/10/22/pmm-server-podman-running-a-container-without-root-privileges/?utm_campaign=2019%20Blog%20Q4&utm_content=103803368&utm_medium=social&utm_source=twitter&hss_channel=tw-35373186). In the post Ceri talks about how Percona was able to replace Docker with Podman and Buildah and are able to run containers more securely by doing so."},{"id":"/2019/10/15/generate-seccomp-profiles","metadata":{"permalink":"/blogs/2019/10/15/generate-seccomp-profiles","source":"@site/blog/2019-10-15-generate-seccomp-profiles.md","title":"Generate SECCOMP Profiles for Containers Using Podman and eBPF","description":"podman logo","date":"2019-10-15T00:00:00.000Z","formattedDate":"October 15, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"security","permalink":"/blogs/tags/security"},{"label":"seccomp","permalink":"/blogs/tags/seccomp"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"bpf","permalink":"/blogs/tags/bpf"},{"label":"ebpf","permalink":"/blogs/tags/ebpf"},{"label":"tracing","permalink":"/blogs/tags/tracing"},{"label":"syscall","permalink":"/blogs/tags/syscall"}],"readingTime":10.535,"hasTruncateMarker":true,"authors":[{"name":"vrothberg"}],"frontMatter":{"title":"Generate SECCOMP Profiles for Containers Using Podman and eBPF","layout":"default","author":"vrothberg","categories":["blogs"],"tags":["containers","security","seccomp","oci","bpf","ebpf","tracing","syscall"]},"prevItem":{"title":"PMM Server + podman: Running a Container Without root Privileges","permalink":"/blogs/2019/10/23/new"},"nextItem":{"title":"Generate SECCOMP Profiles for Containers Using Podman and eBPF","permalink":"/blogs/2019/10/15/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Generate SECCOMP Profiles for Containers Using Podman and eBPF\\n\\n## By Valentin Rothberg [GitHub](https://github.com/vrothberg)\\n\\nContainers run everywhere. They run in the cloud, they run on IoT devices, they run in small and in big companies and wherever they run, we want them to run as securely as possible. In this article, I describe the [Google Summer of Code](https://summerofcode.withgoogle.com/) project that [Divyansh Kamboj](https://twitter.com/weirdwiz_), [Dan Walsh](https://twitter.com/rhatdan) and [I](https://twitter.com/vlntnrthbrg) have been working on and how we improved the state of the art in securing containers, and how you can try it out.\\n\\n\x3c!--truncate--\x3e\\n\\n# Background\\n\\nAt [DevConf.cz](https://www.devconf.info/cz/) in early 2019, Dan Walsh and I were talking about container security and how we could improve the status quo in a user-friendly fashion. Among other things, we talked about [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html), a widely used security feature of Linux. At its very core, seccomp allows for filtering the syscalls invoked by a process and can thereby be used to restrict which syscalls a given process is allowed to execute. Many software projects such as Android, Flatpak, Chrome and Firefox use seccomp to further tighten the security. One threat model seccomp protects against is the damage a malicious process can do. The fewer syscalls are available, the smaller is the attack surface. Hence, an attacker might gain control over some process of a web browser but seccomp will restrict the set of available syscalls to only those it needs. For instance, the syscalls needed for a rendering a website. The reduced attack surface can prevent the attacker from gaining control over the system. This makes seccomp a powerful security tool but while talking about it Dan and I quickly realized there is room for improvement.\\n\\nThe tricky part of security is making it user friendly. A security mechanism should not turn into an annoyance or an obstacle. Otherwise some users will turn it off. Most container tools use a default seccomp filter which was initially written by [Jesse Frazelle](https://twitter.com/jessfraz?lang=de) for Docker. This default filter found a balance between tightening the security while remaining portable to allow most workloads to run without receiving permission errors. The fact that this default filter is used by Docker, Podman, CRI-O, containerd and other tools on millions of deployments around the globe, shows its importance and impact. However, the default filter is pretty loose and it still allows more than 300 of the 435 syscalls on Linux 5.3 x86_64. The high number of available syscalls is essential to support as many containers as possible but according to Aqua Sec, most containers require only [40 to 70 syscalls](https://blog.aquasec.com/aqua-3.2-preventing-container-breakouts-with-dynamic-system-call-profiling). This means that the syscall attack surface of an average container could further be reduced by around 80 percent. But if we want to restrict more syscalls than the default filter, we face the problem of finding out which syscalls a container actually needs. That\u2019s the problem we decided to work on and to ultimately come up with an open-source solution that users can easily use and integrate into their workflows.\\n\\nDan and I started to philosophize about how we wanted to tackle the problem of finding out which syscalls a given container needs. Statically analyzing the code is theoretically optimal as we can determine the exact set of syscalls the program needs. But we quickly run into practical issues where corner cases cannot be covered and where users need a deep understanding of the code and certainly of the limitations of the individual analyzers. Such approaches are also programming-language specific and hence not generally applicable. All in all, static analysis does not provide the level of user friendliness and automation we wanted. Hence, we decided upon runtime analysis and proposed a project for Google Summer of Code under the umbrella of the [Fedora project](https://getfedora.org/). The project proposal was to trace the processes running inside a container and to create a seccomp filter based on the set of recorded syscalls. The proposal was eventually accepted and we are thrilled how far we came thanks to Divyansh Kamboj who worked with us during this summer and who has turned into an active contributor to our [github.com/containers](https://github.com/containers) projects.\\n\\n# Tracing the syscalls of a container\\n\\nAfter some initial experiments with [ptrace](https://en.wikipedia.org/wiki/Ptrace), we were looking for an alternative tracing mechanism. Ptrace has some considerable performance impacts that we were not willing to take, so Divyansh explored the idea of using audit logging of seccomp actions. Since Linux v4.14, the actions of seccomp filters can be recorded in the audit log. Using seccomp to create a new seccomp filter was tempting and the initial experiments have shown promising results until we started to run multiple containers in parallel. We could see and track which syscalls have been used but we could not figure out which process and hence which syscall belongs to which container. The Linux kernel community is currently debating to add an [audit container ID](https://lwn.net/Articles/750313/) which identifies a container in the logs but there is no consensus yet and we do not expect a solution in the near future. We had to find another solution.\\n\\nEventually, we decided to use the [extended Berkeley Packet Filter (eBPF)](https://lwn.net/Articles/740157/) for tracing. eBPF allows for writing custom programs that can hook into various code paths in the kernel. These programs can be injected from user space into the kernel who interprets them in a special virtual machine. BPF was originally written to inspect networking packets directly in the kernel to achieve the lowest possible latency and best performance. Nowadays, with eBPF we can inspect many more aspects of the kernel. For our purpose, we hook into the sysenter tracepoint when entering the kernel from user space. This allows us to quickly inspect which syscalls are called by a given process. Although eBPF is fast, we still faced the aforementioned absence of a container concept in the kernel, so we had to find a way to know if a given process is part of the container we want to trace or not. We decided to identify a container by its PID namespace. If the PID namespace of the process we hit in our eBPF program corresponds to the container we are currently tracing, then we record the syscall. Ultimately, if a container creates a new PID namespace, we will not trace processes inside the new namespace and generate an inaccurate filter. But that is pretty much the only limitation.\\n\\n# The OCI seccomp bpf hook\\n\\nWe implemented the syscall tracer as an Open Container Initiative (OCI) [runtime hook](https://github.com/opencontainers/runtime-spec/blob/master/config.md#posix-platform-hooks). OCI runtime hooks are called at different stages of the lifecycle of a container and are executed by OCI-compliant container runtimes, such as runc. Runc is used to spawn and run containers, and is the default runtime of Podman, containerd, Docker and many other tools. Our syscall-tracing hook runs at the prestart stage, where the init process of the container is created but not yet started. At this point, we can extract the PID namespace of the container, compile the eBPF program and start it. All this happens before the container is started, so we do not run into a race condition and avoid losing any early syscalls of the container. Once the eBPF program is running, we detach it from the hook and the container runtime can start the container. All source code is open source and can be downloaded from [github.com/containers/oci-seccomp-bpf-hook](https://github.com/containers/oci-seccomp-bpf-hook). We are currently creating packages for Fedora and CentOS and hope to provide packages for more distributions in the near future. In the following, we go through a step-by-step example how the hook can be used in practice.\\n\\nLet\u2019s first install [Podman](https://podman.io/). Podman is a daemonless container engine for running containers and Pods and supports running [rootless containers](https://opensource.com/article/19/2/how-does-rootless-podman-work).\\n\\n```\\n$ sudo dnf install -y podman\\n```\\n\\nNext, we clone the git repository of the OCI seccomp bpf hook to compile and install it. Note that we need to install a few more packages in order to compile the hook.\\n\\n```\\n$ sudo dnf install -y bcc-devel bcc-tools git golang libseccomp-devel golang-github-cpuguy83-md2man make\\n$ git clone https://github.com/containers/oci-seccomp-bpf-hook.git\\n$ cd oci-seccomp-bpf-hook\\n$ make binary\\n$ PREFIX=/usr sudo make install\\n```\\n\\nNow, with the hook being installed we can use Podman to run a container and use the hook for tracing syscalls. eBPF requires root privileges so we cannot make use of Podman\u2019s rootless support while tracing. However, we can use the generated seccomp profiles for running the workloads in a rootless container.\\n\\n```\\n$ sudo podman run --annotation io.containers.trace-syscall=of:/tmp/ls.json fedora:30 ls / > /dev/null\\n```\\n\\nIn the upper example, we are running ls in a fedora:30 container. The annotation io.containers.trace-syscall is used to start our hook while its value expects a mandatory output file (short \u201cof:\u201d) that points to a path where we want the new seccomp filter to be written. In fact, the output file is a json file which is often referred to as a seccomp profile that container engines such as Podman and Docker will eventually parse and compile into a seccomp filter for the kernel. When inspecting the generated profile we will notice that there are more syscalls than ls executes. Those syscalls are the ones that runc invokes after having applied the seccomp profile and before starting the container, so they are essential to prevent us from getting permission errors when reusing the profile. However, we do not need to worry about that as the hook is clever enough to add these syscalls. Let\u2019s run a few containers using the generated profile.\\n\\n```\\n$ sudo podman run --security-opt seccomp=/tmp/ls.json fedora:30 ls / > /dev/null\\n$ sudo podman run --security-opt seccomp=/tmp/ls.json fedora:30 ls -l / > /dev/null\\nls: cannot access \'/\': Operation not permitted\\n```\\n\\nMaybe you are as surprised as we were when first running this very example. It seems that ls uses additional syscalls with the -l flag which instructs ls to use a more verbose listing format. This example shows a limitation of our approach since the quality and completeness of the generated seccomp profile depends on the exhaustiveness when tracing, and that\u2019s clearly something to keep in mind when using the hook. To avoid rerunning everything from scratch, the hook allows for the specification of an additional input file. This input file serves as a baseline to which all traced syscalls are added. This way, we do not need to redundantly run all, potentially time-costly, previous workloads but can add new data on top. Let\u2019s try this out and rerun ls -l.\\n\\n```\\n$ sudo podman run --annotation io.containers.trace-syscall=\u201dif:/tmp/ls.json;of:/tmp/lsl.json\u201d fedora:30 ls -l / > /dev/null\\n```\\n\\nAs mentioned above, we need root privileges for running the eBPF hook. But now, as we have generated the new seccomp profile, we can use it for running the same workload in a rootless container.\\n\\n```\\n$ id -u\\n1000\\n$ podman run --security-opt seccomp=/tmp/lsl.json fedora:30 ls -l / > /dev/null\\n```\\n\\n# When can I lock down my container?\\n\\nOne of the issues with attempting to generate seccomp profiles this way is that we cannot always be sure of having crossed all code paths that the container can potentially run. But if we have fairly extensive tests we should be able to gather a substantial amount of the syscalls for running the container within our CI/CD system. Now when we put our container into production, we can continue tracing the syscalls in the new environment. For example, if you use Kubernetes you could send the annotation down to [CRI-O](https://github.com/cri-o/cri-o) and it would run the hook. Now, we can periodically check if the generated profile has changed over time. If we do not see new syscalls added for a given amount of time, we can feel confident to start using the profile. If a container using the profile gets blocked from using a syscall, the kernel will continue to report these in the audit.log which allows us to manually look for missing syscalls.\\n\\n# Try it out!\\n\\nIt was essential for us to base our work on open standards, which is why we decided to use the hooks specified in the OCI runtime specification. This way, our approach works with OCI compliant container runtimes such as runc or crun. Furthermore, we did not want to tie the tracing feature to a specific container engine. We wanted different tools such as Podman, Docker, CRI-O or containerd to be able to use the hook to encourage collaboration across different communities. Hence, we chose to use an OCI runtime annotation (i.e., io.containers.trace-syscall) to trigger the hook which is a generally supported feature.\\n\\nAs a next step, feel free to generate your own seccomp profiles with the oci-seccomp-bpf-hook. We would love to have feedback and always welcome contributions."},{"id":"/2019/10/15/new","metadata":{"permalink":"/blogs/2019/10/15/new","source":"@site/blog/2019-10-15-new.md","title":"Generate SECCOMP Profiles for Containers Using Podman and eBPF","description":"Valentin Rothberg checks in with the \\"Generate SECCOMP Profiles for Containers Using Podman and eBPF\\" blog here. In the article Valentin introduces the OCI seccomp hook which allows you to trace the syscalls of a container and then runs through a working example.","date":"2019-10-15T00:00:00.000Z","formattedDate":"October 15, 2019","tags":[],"readingTime":0.215,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Generate SECCOMP Profiles for Containers Using Podman and eBPF","layout":"default","categories":["new"]},"prevItem":{"title":"Generate SECCOMP Profiles for Containers Using Podman and eBPF","permalink":"/blogs/2019/10/15/generate-seccomp-profiles"},"nextItem":{"title":"Say \u201cHello\u201d to Buildah, Podman, and Skopeo","permalink":"/blogs/2019/10/14/1-new"}},"content":"Valentin Rothberg checks in with the \\"Generate SECCOMP Profiles for Containers Using Podman and eBPF\\" blog [here](https://podman.io/blogs/2019/10/15/generate-seccomp-profiles.html). In the article Valentin introduces the OCI seccomp hook which allows you to trace the syscalls of a container and then runs through a working example."},{"id":"/2019/10/14/1-new","metadata":{"permalink":"/blogs/2019/10/14/1-new","source":"@site/blog/2019-10-14-1-new.md","title":"Say \u201cHello\u201d to Buildah, Podman, and Skopeo","description":"Saharsh Singh talks about how he\'s moved on from his Docker daemon and moved on to Podman, Buildah and Skopeo here on the Red Hat Service Blog site. Saharsh walks you through a history of container tools and then talks about Podman, Buildah and Skopeo with a lot of great examples.","date":"2019-10-14T00:00:00.000Z","formattedDate":"October 14, 2019","tags":[],"readingTime":0.255,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Say \u201cHello\u201d to Buildah, Podman, and Skopeo","layout":"default","categories":["new"]},"prevItem":{"title":"Generate SECCOMP Profiles for Containers Using Podman and eBPF","permalink":"/blogs/2019/10/15/new"},"nextItem":{"title":"Here\u2019s why podman is more secured than Docker \u2013 DevSecOps","permalink":"/blogs/2019/10/14/2-new"}},"content":"Saharsh Singh talks about how he\'s moved on from his Docker daemon and moved on to Podman, Buildah and Skopeo [here](https://servicesblog.redhat.com/2019/10/09/say-hello-to-buildah-podman-and-skopeo/?sc_cid=701f2000000txokAAA&utm_source=bambu&utm_medium=social&utm_campaign=abm) on the Red Hat Service Blog site. Saharsh walks you through a history of container tools and then talks about Podman, Buildah and Skopeo with a lot of great examples."},{"id":"/2019/10/14/2-new","metadata":{"permalink":"/blogs/2019/10/14/2-new","source":"@site/blog/2019-10-14-2-new.md","title":"Here\u2019s why podman is more secured than Docker \u2013 DevSecOps","description":"Ganesh Mani discusses why Podman is more secure than Docker here on the CLOUDNWEB site. Ganesh talks about why Podman\'s fork and execute model is more secure than Docker\'s client server model.","date":"2019-10-14T00:00:00.000Z","formattedDate":"October 14, 2019","tags":[],"readingTime":0.16,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Here\u2019s why podman is more secured than Docker \u2013 DevSecOps","layout":"default","categories":["new"]},"prevItem":{"title":"Say \u201cHello\u201d to Buildah, Podman, and Skopeo","permalink":"/blogs/2019/10/14/1-new"},"nextItem":{"title":"Say \u201cHello\u201d to Buildah, Podman, and Skopeo","permalink":"/blogs/2019/10/14/SayHello"}},"content":"Ganesh Mani discusses why Podman is more secure than Docker [here](https://cloudnweb.dev/2019/10/heres-why-podman-is-more-secured-than-docker-devsecops/) on the [CLOUDNWEB](https://cloudnweb.dev/) site. Ganesh talks about why Podman\'s fork and execute model is more secure than Docker\'s client server model."},{"id":"/2019/10/14/SayHello","metadata":{"permalink":"/blogs/2019/10/14/SayHello","source":"@site/blog/2019-10-14-SayHello.md","title":"Say \u201cHello\u201d to Buildah, Podman, and Skopeo","description":"podman logo","date":"2019-10-14T00:00:00.000Z","formattedDate":"October 14, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.33,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Say \u201cHello\u201d to Buildah, Podman, and Skopeo","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Here\u2019s why podman is more secured than Docker \u2013 DevSecOps","permalink":"/blogs/2019/10/14/2-new"},"nextItem":{"title":"Here\u2019s why podman is more secured than Docker \u2013 DevSecOps","permalink":"/blogs/2019/10/14/docker-vs-podman-security"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Say \u201cHello\u201d to Buildah, Podman, and Skopeo\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nSaharsh Singh talks about how he\'s moved on from his Docker daemon and moved on to Podman, Buildah and Skopeo [here](https://servicesblog.redhat.com/2019/10/09/say-hello-to-buildah-podman-and-skopeo/?sc_cid=701f2000000txokAAA&utm_source=bambu&utm_medium=social&utm_campaign=abm) on the Red Hat Service Blog site. Saharsh walks you through a history of container tools and then talks about Podman, Buildah and Skopeo with a lot of great examples."},{"id":"/2019/10/14/docker-vs-podman-security","metadata":{"permalink":"/blogs/2019/10/14/docker-vs-podman-security","source":"@site/blog/2019-10-14-docker-vs-podman-security.md","title":"Here\u2019s why podman is more secured than Docker \u2013 DevSecOps","description":"podman logo","date":"2019-10-14T00:00:00.000Z","formattedDate":"October 14, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.25,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Here\u2019s why podman is more secured than Docker \u2013 DevSecOps","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Say \u201cHello\u201d to Buildah, Podman, and Skopeo","permalink":"/blogs/2019/10/14/SayHello"},"nextItem":{"title":"Configuring container networking with Podman","permalink":"/blogs/2019/10/02/container-networking"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Here\u2019s why podman is more secured than Docker \u2013 DevSecOps\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nGanesh Mani discusses why Podman is more secure than Docker [here](https://cloudnweb.dev/2019/10/heres-why-podman-is-more-secured-than-docker-devsecops/) on the [CLOUDNWEB](https://cloudnweb.dev/) site. Ganesh talks about why Podman\'s fork and execute model is more secure than Docker\'s client server model."},{"id":"/2019/10/02/container-networking","metadata":{"permalink":"/blogs/2019/10/02/container-networking","source":"@site/blog/2019-10-02-container-networking.md","title":"Configuring container networking with Podman","description":"podman logo","date":"2019-10-02T00:00:00.000Z","formattedDate":"October 2, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"},{"label":"networking","permalink":"/blogs/tags/networking"}],"readingTime":0.33,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Configuring container networking with Podman","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci","networking"]},"prevItem":{"title":"Here\u2019s why podman is more secured than Docker \u2013 DevSecOps","permalink":"/blogs/2019/10/14/docker-vs-podman-security"},"nextItem":{"title":"Configuring container networking with Podman","permalink":"/blogs/2019/10/02/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Configuring container networking with Podman\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\nBrent Baude has a blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site about [Configuring container networking with Podman](https://www.redhat.com/sysadmin/container-networking-podman). In the post Brent goes over how you can communicate between a container and the host, between containers in and out of a pod, while running as a root and as a non-root user."},{"id":"/2019/10/02/new","metadata":{"permalink":"/blogs/2019/10/02/new","source":"@site/blog/2019-10-02-new.md","title":"Configuring container networking with Podman","description":"Brent Baude has a blog post on the Red Hat Enable Sysadmin site about Configuring container networking with Podman. In the post Brent goes over how you can communicate between a container and the host, between containers in and out of a pod, while running as a root and as a non-root user.","date":"2019-10-02T00:00:00.000Z","formattedDate":"October 2, 2019","tags":[],"readingTime":0.265,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Configuring container networking with Podman","author":"baude","layout":"default","categories":["new"]},"prevItem":{"title":"Configuring container networking with Podman","permalink":"/blogs/2019/10/02/container-networking"},"nextItem":{"title":"Podman in HPC environments","permalink":"/blogs/2019/09/26/podman-in-hpc"}},"content":"Brent Baude has a blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site about [Configuring container networking with Podman](https://www.redhat.com/sysadmin/container-networking-podman). In the post Brent goes over how you can communicate between a container and the host, between containers in and out of a pod, while running as a root and as a non-root user."},{"id":"/2019/09/26/podman-in-hpc","metadata":{"permalink":"/blogs/2019/09/26/podman-in-hpc","source":"@site/blog/2019-09-26-podman-in-hpc.md","title":"Podman in HPC environments","description":"podman logo","date":"2019-09-26T00:00:00.000Z","formattedDate":"September 26, 2019","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"hpc","permalink":"/blogs/tags/hpc"}],"readingTime":4.51,"hasTruncateMarker":true,"authors":[{"name":"adrianr"}],"frontMatter":{"title":"Podman in HPC environments","layout":"default","author":"adrianr","categories":["blogs"],"tags":["podman","containers","hpc"]},"prevItem":{"title":"Configuring container networking with Podman","permalink":"/blogs/2019/10/02/new"},"nextItem":{"title":"Podman in HPC environments","permalink":"/blogs/2019/09/25/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman in HPC environments\\n\\n## By Adrian Reber [GitHub](https://github.com/adrianreber)\\n\\nA _High-Performance Computing_ (**HPC**) environment can mean a lot of things,\\nbut in this article I want to focus on running _Message Passing Interface_\\n(**MPI**) parallelized programs with the help of Podman.\\n\\n\x3c!--truncate--\x3e\\n\\nThe following is a simple MPI based example taken from Open MPI: [ring.c](https://raw.githubusercontent.com/open-mpi/ompi/master/orte/test/mpi/ring.c)\\n\\nTo use it on a Fedora 30 system I first installed Open MPI and then I compiled\\nthe example:\\n\\n```shell\\n$ sudo dnf install openmpi-devel\\n$ module load mpi/openmpi-x86_64\\n$ echo \\"module load mpi/openmpi-x86_64\\" >> .bashrc\\n$ mpicc -o ring ring.c\\n```\\n\\nRunning this on my test system (Fedora 30) with 4 CPUs gives me this:\\n\\n```shell\\n$ mpirun ./ring\\nRank 3 has cleared MPI_Init\\nRank 1 has cleared MPI_Init\\nRank 2 has cleared MPI_Init\\nRank 0 has cleared MPI_Init\\nRank 1 has completed ring\\nRank 2 has completed ring\\nRank 3 has completed ring\\nRank 0 has completed ring\\nRank 3 has completed MPI_Barrier\\nRank 1 has completed MPI_Barrier\\nRank 0 has completed MPI_Barrier\\nRank 2 has completed MPI_Barrier\\n```\\n\\nTo be able to use Podman in combination with mpirun I created a container with\\nthe following definition:\\n\\n```shell\\n$ cat Dockerfile\\nFROM registry.fedoraproject.org/fedora:30\\n\\nRUN dnf -y install openmpi && \\\\\\n dnf clean all\\n\\nCOPY ring /home/ring\\n```\\n\\nAfter building the container (`podman build --tag=mpi-test:31 .`) I pushed the\\ncontainer to the [quay.io](https://quay.io) container registry (`podman push\\nmpi-test:31 quay.io/adrianreber/mpi-test:31`) and can now pull it like this:\\n\\n```shell\\n$ podman pull quay.io/adrianreber/mpi-test:30\\n```\\n\\nAnd then I can run mpirun to start multiple containers. In my case 4 containers\\nare started as each of the two involved systems has 2 CPUs:\\n\\n```shell\\n$ mpirun --hostfile hostfile \\\\\\n --mca orte_tmpdir_base /tmp/podman-mpirun \\\\\\n podman run --env-host \\\\\\n -v /tmp/podman-mpirun:/tmp/podman-mpirun \\\\\\n --userns=keep-id \\\\\\n --net=host --pid=host --ipc=host \\\\\\n quay.io/adrianreber/mpi-test:30 /home/ring\\nRank 2 has cleared MPI_Init\\nRank 2 has completed ring\\nRank 2 has completed MPI_Barrier\\nRank 3 has cleared MPI_Init\\nRank 3 has completed ring\\nRank 3 has completed MPI_Barrier\\nRank 1 has cleared MPI_Init\\nRank 1 has completed ring\\nRank 1 has completed MPI_Barrier\\nRank 0 has cleared MPI_Init\\nRank 0 has completed ring\\nRank 0 has completed MPI_Barrier\\n```\\n\\nNow mpirun starts up 4 Podman containers and each container is running one\\ninstance of `ring`. All 4 processes are communicating over MPI with each other.\\n\\nThe following mpirun options are used:\\n\\n- `--hostfile hostfile`\\n\\n The `hostfile` tells Open MPI on which systems to run how many processes.\\n In the case of this example it contained:\\n\\n `host1 slots=2` \\n `host2 slots=2`\\n\\n This means to run two processes on `host1` and two processes on `host2`.\\n\\n- `--mca orte_tmpdir_base /tmp/podman-mpirun`\\n\\n This tells Open MPI to create all its temporary files in `/tmp/podman-mpirun`\\n and not in `/tmp`. If this is not specified Open MPI will create its temporary\\n files in a directory with a host name in it in `/tmp` and if using more than one\\n node this directory will be named differently on other nodes. This requires\\n mounting the complete `/tmp` directory into the container which is a bit more\\n complicated due to not being able to change SELinux labels of `/tmp`.\\n\\nThis is it for all the necessary parameters for `mpirun`, now the command is\\nspecified that `mpirun` should start; `podman` in this case.\\n\\n- `run`\\n\\n This just tells Podman to run a container.\\n\\n- `--env-host`\\n\\n This copies all environment variables from the host into the container. This\\n is necessary to make Open MPI work at all. When `mpirun` is started it creates a\\n daemon with which all other processes in this MPI job are communicating, it\\n also tells all the MPI processes how to communicate with each other. All this\\n is passed from `mpirun` to the actual MPI processes using environment variables.\\n\\n Options passed from the user to `mpirun` are also communicated through\\n environment variables. Now that the MPI process in the container has all the\\n environment variables it can communicate with the main process (_Head Node\\n Process_ (**HNP**)) and all the other involved processes.\\n\\n- `-v /tmp/podman-mpirun:/tmp/podman-mpirun`\\n\\n This tells Podman to mount the directory where Open MPI creates its temporary\\n directories and files to be available in the container. Through the environment\\n variables from above the MPI process knows where to look for this directory.\\n\\n- `--userns=keep-id`\\n\\n The user ID in the container should be mapped to the same ID on the outside of\\n the container. This is necessary as all processes are communicating with each\\n other over shared memory and this fails if the processes have different user\\n IDs. Also the access of the temporary files in `/tmp/podman-mpirun` breaks\\n without this.\\n\\n- `--net=host --pid=host --ipc=host`\\n\\n Do not use separate namespace for _network_, _PID_ and _IPC_. Without this nothing\\n works, as all processes are also communicating via TCP on `127.0.0.1` which fails\\n with separate network namespaces. Shared memory communication will also not work\\n if the processes are not in the same _PID_ and _IPC_ namespace.\\n\\n- `quay.io/adrianreber/mpi-testmpi-test:30`\\n\\n This is the name of the container as downloaded previously with `podman pull`.\\n If `mpirun` will spawn processes on a host which has not yet downloaded\\n this container image, Podman will do it before launching this container.\\n\\n- `/home/ring`\\n\\n The MPI program in the container which should be started.\\n\\nThanks to Podman\'s fork-exec model it is really simple to use it in combination\\nwith Open MPI as Open MPI will start Podman just as it would start the actual\\nMPI application."},{"id":"/2019/09/25/new","metadata":{"permalink":"/blogs/2019/09/25/new","source":"@site/blog/2019-09-25-new.md","title":"Podman in HPC environments","description":"Adrian Reber talks all about the Message Passing Interface (MPI) in a High-Performance Computing (HPC) environment with the help of Podman here. Adrian provides a nice walk through of how he accomplished this and then explains each of his steps in great detail.","date":"2019-09-25T00:00:00.000Z","formattedDate":"September 25, 2019","tags":[],"readingTime":0.215,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Podman in HPC environments","layout":"default","categories":["new"]},"prevItem":{"title":"Podman in HPC environments","permalink":"/blogs/2019/09/26/podman-in-hpc"},"nextItem":{"title":"Why can\u2019t rootless Podman pull my image?","permalink":"/blogs/2019/09/11/new"}},"content":"Adrian Reber talks all about the Message Passing Interface (MPI) in a High-Performance Computing (HPC) environment with the help of Podman [here](https://podman.io/blogs/2019/09/26/podman-in-hpc.html). Adrian provides a nice walk through of how he accomplished this and then explains each of his steps in great detail."},{"id":"/2019/09/11/new","metadata":{"permalink":"/blogs/2019/09/11/new","source":"@site/blog/2019-09-11-new.md","title":"Why can\u2019t rootless Podman pull my image?","description":"Matt Heon has a blog post on the Red Hat Enable Sysadmin site about Why can\u2019t rootless Podman pull my image?. In the blog Matt discusses why restrictions on rootless containers can be inconvenient, but why they\'re necessary. In the blog Matt covers the use of user namespace and the allocations of uid and gid\'s that are required to make rootless containers work securely in your environment.","date":"2019-09-11T00:00:00.000Z","formattedDate":"September 11, 2019","tags":[],"readingTime":0.335,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Why can\u2019t rootless Podman pull my image?","layout":"default","categories":["new"]},"prevItem":{"title":"Podman in HPC environments","permalink":"/blogs/2019/09/25/new"},"nextItem":{"title":"Why can\u2019t rootless Podman pull my image?","permalink":"/blogs/2019/09/11/rootless-pulling"}},"content":"Matt Heon has a blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site about [Why can\u2019t rootless Podman pull my image?](https://www.redhat.com/sysadmin/rootless-podman). In the blog Matt discusses why restrictions on rootless containers can be inconvenient, but why they\'re necessary. In the blog Matt covers the use of user namespace and the allocations of uid and gid\'s that are required to make rootless containers work securely in your environment."},{"id":"/2019/09/11/rootless-pulling","metadata":{"permalink":"/blogs/2019/09/11/rootless-pulling","source":"@site/blog/2019-09-11-rootless-pulling.md","title":"Why can\u2019t rootless Podman pull my image?","description":"podman logo","date":"2019-09-11T00:00:00.000Z","formattedDate":"September 11, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.41,"hasTruncateMarker":false,"authors":[{"name":"mheon"}],"frontMatter":{"title":"Why can\u2019t rootless Podman pull my image?","layout":"default","author":"mheon","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Why can\u2019t rootless Podman pull my image?","permalink":"/blogs/2019/09/11/new"},"nextItem":{"title":"Best practices for running Buildah in a container","permalink":"/blogs/2019/08/28/buildah-in-containers"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Why can\u2019t rootless Podman pull my image?\\n\\n## By Matthew Heon [GitHub](https://github.com/mheon)\\n\\nMatthew Heon has a blog post on the [Red Hat Enable Sysadmin](https://www.redhat.com/sysadmin/) site about [Why can\u2019t rootless Podman pull my image?](https://www.redhat.com/sysadmin/rootless-podman). In the blog Matt discusses why restrictions on rootless containers can be inconvenient, but why they\'re necessary. In the blog Matt covers the use of user namespace and the allocations of uid and gid\'s that are required to make rootless containers work securely in your environment."},{"id":"/2019/08/28/buildah-in-containers","metadata":{"permalink":"/blogs/2019/08/28/buildah-in-containers","source":"@site/blog/2019-08-28-buildah-in-containers.md","title":"Best practices for running Buildah in a container","description":"podman logo","date":"2019-08-28T00:00:00.000Z","formattedDate":"August 28, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.48,"hasTruncateMarker":false,"authors":[{"name":"dwalsh"}],"frontMatter":{"title":"Best practices for running Buildah in a container","layout":"default","author":"dwalsh","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Why can\u2019t rootless Podman pull my image?","permalink":"/blogs/2019/09/11/rootless-pulling"},"nextItem":{"title":"Best practices for running Buildah in a container","permalink":"/blogs/2019/08/28/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Best practices for running Buildah in a container\\n\\n## By Dan Walsh [GitHub](https://github.com/rhatdan)\\n\\nDan Walsh has recently posted a blog on the Red Hat Developer Blog, [Best practices for running Buildah in a container](https://developers.redhat.com/blog/2019/08/14/best-practices-for-running-buildah-in-a-container/). The post walks you through the balancing act of running a container securely using while keeping an eye on performance. A big boost to the performance side of things is the concept of \\"Additional Stores\\". Dan walks you through the use of those in this blog and then wraps it all up with an on-line video at the end."},{"id":"/2019/08/28/new","metadata":{"permalink":"/blogs/2019/08/28/new","source":"@site/blog/2019-08-28-new.md","title":"Best practices for running Buildah in a container","description":"Dan Walsh has recently posted a blog on the Red Hat Developer Blog, Best practices for running Buildah in a container. The post walks you through the balancing act of running a container securely using Podman while keeping an eye on performance. A big boost to the performance side of things is the concept of \\"Additional Stores\\". Dan walks you through the use of those in this blog and then wraps it all up with an on-line video at the end.","date":"2019-08-28T00:00:00.000Z","formattedDate":"August 28, 2019","tags":[],"readingTime":0.405,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Best practices for running Buildah in a container","layout":"default","categories":["new"]},"prevItem":{"title":"Best practices for running Buildah in a container","permalink":"/blogs/2019/08/28/buildah-in-containers"},"nextItem":{"title":"Podman, contenedores sin Docker","permalink":"/blogs/2019/08/23/new"}},"content":"Dan Walsh has recently posted a blog on the Red Hat Developer Blog, [Best practices for running Buildah in a container](https://developers.redhat.com/blog/2019/08/14/best-practices-for-running-buildah-in-a-container/). The post walks you through the balancing act of running a container securely using Podman while keeping an eye on performance. A big boost to the performance side of things is the concept of \\"Additional Stores\\". Dan walks you through the use of those in this blog and then wraps it all up with an on-line video at the end."},{"id":"/2019/08/23/new","metadata":{"permalink":"/blogs/2019/08/23/new","source":"@site/blog/2019-08-23-new.md","title":"Podman, contenedores sin Docker","description":"How\'s your espanol? If it\'s good, checkout this video blog on YouTube Podman, contenedores sin Docker! In it I\xf1igo Serrano shows how to run Wildfly in a Podman container without Docker.","date":"2019-08-23T00:00:00.000Z","formattedDate":"August 23, 2019","tags":[],"readingTime":0.155,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Podman, contenedores sin Docker","layout":"default","categories":["new"]},"prevItem":{"title":"Best practices for running Buildah in a container","permalink":"/blogs/2019/08/28/new"},"nextItem":{"title":"Podman, contenedores sin Docker","permalink":"/blogs/2019/08/23/podman-en-espanol"}},"content":"How\'s your espanol? If it\'s good, checkout this video blog on YouTube [Podman, contenedores sin Docker](https://www.youtube.com/watch?v=pzRf0G43DYw&feature=youtu.be)! In it I\xf1igo Serrano shows how to run Wildfly in a Podman container without Docker."},{"id":"/2019/08/23/podman-en-espanol","metadata":{"permalink":"/blogs/2019/08/23/podman-en-espanol","source":"@site/blog/2019-08-23-podman-en-espanol.md","title":"Podman, contenedores sin Docker","description":"podman logo","date":"2019-08-23T00:00:00.000Z","formattedDate":"August 23, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.265,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman, contenedores sin Docker","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Podman, contenedores sin Docker","permalink":"/blogs/2019/08/23/new"},"nextItem":{"title":"Using the rootless containers Tech Preview in RHEL 8.0","permalink":"/blogs/2019/08/22/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman, contendores sin Docker\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nHow\'s your espanol? If it\'s good or you want to work on it, checkout this video blog on YouTube from I\xf1igo Serrano [Podman, contenedores sin Docker](https://www.youtube.com/watch?v=pzRf0G43DYw&feature=youtu.be). In it I\xf1igo Serrano shows how to run Wildfly in a Podman container without Docker."},{"id":"/2019/08/22/new","metadata":{"permalink":"/blogs/2019/08/22/new","source":"@site/blog/2019-08-22-new.md","title":"Using the rootless containers Tech Preview in RHEL 8.0","description":"Scott McCarty has a blog post on the Red Hat Blog about Using the rootless containers Tech Preview in RHEL 8.0. Podman rootless containers has hit Tech Preview for RHEL 8.0 and Scott walks you through the setup necessary for rootless containers. Small hint, it\'s a short post because it\'s just that easy.","date":"2019-08-22T00:00:00.000Z","formattedDate":"August 22, 2019","tags":[],"readingTime":0.265,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Using the rootless containers Tech Preview in RHEL 8.0","layout":"default","categories":["new"]},"prevItem":{"title":"Podman, contenedores sin Docker","permalink":"/blogs/2019/08/23/podman-en-espanol"},"nextItem":{"title":"Using the rootless containers Tech Preview in RHEL 8.0","permalink":"/blogs/2019/08/22/podman-tech-preview"}},"content":"Scott McCarty has a blog post on the [Red Hat Blog](https://www.redhat.com/en/blog) about [Using the rootless containers Tech Preview in RHEL 8.0](https://www.redhat.com/en/blog/using-rootless-containers-tech-preview-rhel-80). Podman rootless containers has hit Tech Preview for RHEL 8.0 and Scott walks you through the setup necessary for rootless containers. Small hint, it\'s a short post because it\'s just that easy."},{"id":"/2019/08/22/podman-tech-preview","metadata":{"permalink":"/blogs/2019/08/22/podman-tech-preview","source":"@site/blog/2019-08-22-podman-tech-preview.md","title":"Using the rootless containers Tech Preview in RHEL 8.0","description":"podman logo","date":"2019-08-22T00:00:00.000Z","formattedDate":"August 22, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.35,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Using the rootless containers Tech Preview in RHEL 8.0","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Using the rootless containers Tech Preview in RHEL 8.0","permalink":"/blogs/2019/08/22/new"},"nextItem":{"title":"Podman v1.5.0 Released","permalink":"/blogs/2019/08/14/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Using the rootless containers Tech Preview in RHEL 8.0\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nScott McCarty has a blog post on the [Red Hat Blog](https://www.redhat.com/en/blog) about [Using the rootless containers Tech Preview in RHEL 8.0](https://www.redhat.com/en/blog/using-rootless-containers-tech-preview-rhel-80). Podman rootless containers has hit Tech Preview for RHEL 8.0 and Scott walks you through the setup necessary for rootless containers. Small hint, it\'s a short post because it\'s just that easy."},{"id":"/2019/08/14/new","metadata":{"permalink":"/blogs/2019/08/14/new","source":"@site/blog/2019-08-14-new.md","title":"Podman v1.5.0 Released","description":"Podman has gone 1.5.0!","date":"2019-08-14T00:00:00.000Z","formattedDate":"August 14, 2019","tags":[],"readingTime":0.025,"hasTruncateMarker":false,"authors":[],"frontMatter":{"layout":"default","title":"Podman v1.5.0 Released","categories":["new"]},"prevItem":{"title":"Using the rootless containers Tech Preview in RHEL 8.0","permalink":"/blogs/2019/08/22/podman-tech-preview"},"nextItem":{"title":"How templating works with Podman, Kubernetes, and Red Hat OpenShift","permalink":"/blogs/2019/08/10/new"}},"content":"## [Podman has gone 1.5.0!](https://podman.io/releases/2019/08/14/podman-release-v1.5.0.html)"},{"id":"/2019/08/10/new","metadata":{"permalink":"/blogs/2019/08/10/new","source":"@site/blog/2019-08-10-new.md","title":"How templating works with Podman, Kubernetes, and Red Hat OpenShift","description":"Olaph Wagner has put together a nice introduction on How templating works with Podman, Kubernetes, and Red Hat OpenShift on the IBM Developer blog site. If you want to find out how to use Podman to create images that helps Red Hat OpenShift to make templates on the IBM Cloud(TM), then this is the article for you!","date":"2019-08-10T00:00:00.000Z","formattedDate":"August 10, 2019","tags":[],"readingTime":0.285,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"How templating works with Podman, Kubernetes, and Red Hat OpenShift","layout":"default","categories":["new"]},"prevItem":{"title":"Podman v1.5.0 Released","permalink":"/blogs/2019/08/14/new"},"nextItem":{"title":"How templating works with Podman, Kubernetes, and Red Hat OpenShift","permalink":"/blogs/2019/08/10/podman-ibm-developer"}},"content":"Olaph Wagner has put together a nice introduction on [How templating works with Podman, Kubernetes, and Red Hat OpenShift](https://developer.ibm.com/articles/templating-and-podman-openshift/?cm_mmc=OSocial_Twitter-_-Developer_IBM+Developer-_-WW_WW-_-ibmdev-&cm_mmca1=000037FD&cm_mmca2=10010797&linkId=71651828&es_p=9869602) on the [IBM Developer](https://developer.ibm.com/) blog site. If you want to find out how to use Podman to create images that helps Red Hat OpenShift to make templates on the IBM Cloud(TM), then this is the article for you!"},{"id":"/2019/08/10/podman-ibm-developer","metadata":{"permalink":"/blogs/2019/08/10/podman-ibm-developer","source":"@site/blog/2019-08-10-podman-ibm-developer.md","title":"How templating works with Podman, Kubernetes, and Red Hat OpenShift","description":"podman logo","date":"2019-08-10T00:00:00.000Z","formattedDate":"August 10, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.375,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"How templating works with Podman, Kubernetes, and Red Hat OpenShift","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"How templating works with Podman, Kubernetes, and Red Hat OpenShift","permalink":"/blogs/2019/08/10/new"},"nextItem":{"title":"Command Highlight: podman images","permalink":"/blogs/2019/08/08/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# How templating works with Podman, Kubernetes, and Red Hat OpenShift\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nOlaph Wagner has put together a nice introduction on [How templating works with Podman, Kubernetes, and Red Hat OpenShift](https://developer.ibm.com/articles/templating-and-podman-openshift/?cm_mmc=OSocial_Twitter-_-Developer_IBM+Developer-_-WW_WW-_-ibmdev-&cm_mmca1=000037FD&cm_mmca2=10010797&linkId=71651828&es_p=9869602) on the [IBM Developer](https://developer.ibm.com/) blog site. If you want to find out how to\\nuse Podman to create images that helps Red Hat OpenShift to make templates on the IBM Cloud(TM), then this is the article for you!"},{"id":"/2019/08/08/new","metadata":{"permalink":"/blogs/2019/08/08/new","source":"@site/blog/2019-08-08-new.md","title":"Command Highlight: podman images","description":"A quick asciinema demo highlighting what the podman images command can do. A great way to get quickly immersed with this command in just a few minutes time. Checkout the demo here and if you want to run the script yourself, it can be found here.","date":"2019-08-08T00:00:00.000Z","formattedDate":"August 8, 2019","tags":[],"readingTime":0.23,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Command Highlight: podman images","layout":"default","categories":["new"]},"prevItem":{"title":"How templating works with Podman, Kubernetes, and Red Hat OpenShift","permalink":"/blogs/2019/08/10/podman-ibm-developer"},"nextItem":{"title":"Command Highlight: podman images","permalink":"/blogs/2019/08/08/podman-images"}},"content":"A quick [asciinema](https://asciinema.org/) demo highlighting what the `podman images` command can do. A great way to get quickly immersed with this command in just a few minutes time. Checkout the demo [here](https://podman.io/asciinema/podman/images/) and if you want to run the script yourself, it can be found [here](https://github.com/containers/Demos/blob/main/podman_cli/podman_images.sh)."},{"id":"/2019/08/08/podman-images","metadata":{"permalink":"/blogs/2019/08/08/podman-images","source":"@site/blog/2019-08-08-podman-images.md","title":"Command Highlight: podman images","description":"podman logo","date":"2019-08-08T00:00:00.000Z","formattedDate":"August 8, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.29,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Command Highlight: podman images","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Command Highlight: podman images","permalink":"/blogs/2019/08/08/new"},"nextItem":{"title":"Podman: Linux containers made easy, part 3","permalink":"/blogs/2019/07/29/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Command Highlight: podman images\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nA quick [asciinema](https://asciinema.org/) demo highlighting what the `podman images` command can do. A great way to get quickly immersed with this command in just a few minutes time. Checkout the demo [here](https://podman.io/asciinema/podman/images/) and if you want to run the script yourself, it can be found [here](https://github.com/containers/Demos/blob/main/podman_cli/podman_images.sh)."},{"id":"/2019/07/29/new","metadata":{"permalink":"/blogs/2019/07/29/new","source":"@site/blog/2019-07-29-new.md","title":"Podman: Linux containers made easy, part 3","description":"It\'s in German again, but a worthy read Podman: Linux containers made easy, part 3. Valentin Rothberg (@vrothberg) introduces Podman to the reader and talks about how it fits in the container eco-system. If your German is a little rusty, you may need to lean on Google Translate.","date":"2019-07-29T00:00:00.000Z","formattedDate":"July 29, 2019","tags":[],"readingTime":0.24,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Podman: Linux containers made easy, part 3","layout":"default","categories":["new"]},"prevItem":{"title":"Command Highlight: podman images","permalink":"/blogs/2019/08/08/podman-images"},"nextItem":{"title":"Podman: Linux containers made easy, part 3","permalink":"/blogs/2019/07/29/podman-made-easy3"}},"content":"It\'s in German again, but a worthy read [Podman: Linux containers made easy, part 3](https://www.heise.de/developer/artikel/Podman-Linux-Container-einfach-gemacht-Teil-3-4476343.html). Valentin Rothberg (@vrothberg) introduces Podman to the reader and talks about how it fits in the container eco-system. If your German is a little rusty, you may need to lean on [Google Translate](https://translate.google.com/?hl=en&tab=TT&authuser=0)."},{"id":"/2019/07/29/podman-made-easy3","metadata":{"permalink":"/blogs/2019/07/29/podman-made-easy3","source":"@site/blog/2019-07-29-podman-made-easy3.md","title":"Podman: Linux containers made easy, part 3","description":"podman logo","date":"2019-07-29T00:00:00.000Z","formattedDate":"July 29, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.315,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman: Linux containers made easy, part 3","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Podman: Linux containers made easy, part 3","permalink":"/blogs/2019/07/29/new"},"nextItem":{"title":"How Podman replaces Docker and Docker Compose for local development","permalink":"/blogs/2019/07/06/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman: Linux containers made easy, part 3\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nIt\'s in German again, but a worthy read [Podman: Linux containers made easy, part 3](https://www.heise.de/developer/artikel/Podman-Linux-Container-einfach-gemacht-Teil-3-4476343.html) Valentin Rothberg (@vrothberg) introduces Podman to the reader and talks about how it fits in the container eco-system. If your German is a little rusty, you may need to lean on [Google Translate](https://translate.google.com/?hl=en&tab=TT&authuser=0)."},{"id":"/2019/07/06/new","metadata":{"permalink":"/blogs/2019/07/06/new","source":"@site/blog/2019-07-06-new.md","title":"How Podman replaces Docker and Docker Compose for local development","description":"Is it possible to completely replace Docker with Podman without any loss","date":"2019-07-06T00:00:00.000Z","formattedDate":"July 6, 2019","tags":[],"readingTime":0.18,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"How Podman replaces Docker and Docker Compose for local development","layout":"default","categories":["new"]},"prevItem":{"title":"Podman: Linux containers made easy, part 3","permalink":"/blogs/2019/07/29/podman-made-easy3"},"nextItem":{"title":"How Podman replaces Docker and Docker Compose for local development","permalink":"/blogs/2019/07/06/ruby"}},"content":"Is it possible to completely replace Docker with Podman without any loss\\nof developer\'s productivity? Read about real use case in new article on\\nmkdev.me blog: [Dockerless, part 3: Moving development environment to containers with Podman](https://mkdev.me/en/posts/dockerless-part-3-moving-development-environment-to-containers-with-podman)."},{"id":"/2019/07/06/ruby","metadata":{"permalink":"/blogs/2019/07/06/ruby","source":"@site/blog/2019-07-06-ruby.md","title":"How Podman replaces Docker and Docker Compose for local development","description":"podman logo","date":"2019-07-06T00:00:00.000Z","formattedDate":"July 6, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"ruby","permalink":"/blogs/tags/ruby"},{"label":"rails","permalink":"/blogs/tags/rails"}],"readingTime":0.305,"hasTruncateMarker":false,"authors":[{"name":"kshirinkin"}],"frontMatter":{"title":"How Podman replaces Docker and Docker Compose for local development","layout":"default","author":"kshirinkin","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","ruby","rails"]},"prevItem":{"title":"How Podman replaces Docker and Docker Compose for local development","permalink":"/blogs/2019/07/06/new"},"nextItem":{"title":"Replacing Docker with Podman","permalink":"/blogs/2019/06/26/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# How Podman replaces Docker and Docker Compose for local development\\n\\n## By Kirill Shirinkin [GitHub](https://github.com/Fodoj)\\n\\nIs it possible to completely replace Docker with Podman without any loss\\nof developer\'s productivity? Read about how one company did it for\\nRuby on Rails application in new article on\\nmkdev.me blog: [Dockerless, part 3: Moving development environment to containers with Podman](https://mkdev.me/en/posts/dockerless-part-3-moving-development-environment-to-containers-with-podman)."},{"id":"/2019/06/26/new","metadata":{"permalink":"/blogs/2019/06/26/new","source":"@site/blog/2019-06-26-new.md","title":"Replacing Docker with Podman","description":"Ganesh Mani recently wrote the blog Replacing Docker with Podman\u200a\u2014\u200aPower of Podman\u200a\u2014\u200aCloudnweb. The article gives a nice overview of Docker, Podman, their differences, and how you can use Podman to replace Docker. A nice read and really, who doesn\'t love a blog that wraps up with a meme featuring The Rock?","date":"2019-06-26T00:00:00.000Z","formattedDate":"June 26, 2019","tags":[],"readingTime":0.255,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Replacing Docker with Podman","layout":"default","categories":["new"]},"prevItem":{"title":"How Podman replaces Docker and Docker Compose for local development","permalink":"/blogs/2019/07/06/ruby"},"nextItem":{"title":"Replacing Docker with Podman","permalink":"/blogs/2019/06/26/replace-docker-with-podman"}},"content":"Ganesh Mani recently wrote the blog [Replacing Docker with Podman\u200a\u2014\u200aPower of Podman\u200a\u2014\u200aCloudnweb](https://medium.com/@ganeshmani009/replacing-docker-with-podman-power-of-podman-cloudnweb-23cfb7541538). The article gives a nice overview of Docker, Podman, their differences, and how you can use Podman to replace Docker. A nice read and really, who doesn\'t love a blog that wraps up with a meme featuring The Rock?"},{"id":"/2019/06/26/replace-docker-with-podman","metadata":{"permalink":"/blogs/2019/06/26/replace-docker-with-podman","source":"@site/blog/2019-06-26-replace-docker-with-podman.md","title":"Replacing Docker with Podman","description":"podman logo","date":"2019-06-26T00:00:00.000Z","formattedDate":"June 26, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.315,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Replacing Docker with Podman","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Replacing Docker with Podman","permalink":"/blogs/2019/06/26/new"},"nextItem":{"title":"OnDemand Course: Container pipelines for sys admins\u2014and anyone, really\u2014with Buildah and Podman","permalink":"/blogs/2019/06/19/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Replacing Docker with Podman\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nGanesh Mani recently wrote the blog [Replacing Docker with Podman\u200a\u2014\u200aPower of Podman\u200a\u2014\u200aCloudnweb](https://medium.com/@ganeshmani009/replacing-docker-with-podman-power-of-podman-cloudnweb-23cfb7541538). The article gives a nice overview of Docker, Podman, their differences, and how you can use Podman to replace Docker. A nice read and\\nreally, who doesn\'t love a blog that wraps up with a meme featuring The Rock?"},{"id":"/2019/06/19/new","metadata":{"permalink":"/blogs/2019/06/19/new","source":"@site/blog/2019-06-19-new.md","title":"OnDemand Course: Container pipelines for sys admins\u2014and anyone, really\u2014with Buildah and Podman","description":"Red Hat has recently posted an OnDemand course: Container pipelines for sys admins\u2014and anyone, really\u2014with Buildah and Podman. The session teaches you how to integrate both Podman and Buildah into your continuous delivery (CI/CD) solutions and also serves as a good introduction to both tools. The cost can\'t be beat (free!), so if you\'re looking for a quick introduction into the tools, this is a good way to go.","date":"2019-06-19T00:00:00.000Z","formattedDate":"June 19, 2019","tags":[],"readingTime":0.345,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"OnDemand Course: Container pipelines for sys admins\u2014and anyone, really\u2014with Buildah and Podman","layout":"default","categories":["new"]},"prevItem":{"title":"Replacing Docker with Podman","permalink":"/blogs/2019/06/26/replace-docker-with-podman"},"nextItem":{"title":"OnDemand Course: Container pipelines for sys admins\u2014and anyone, really\u2014with Buildah and Podman","permalink":"/blogs/2019/06/19/ondemand-course"}},"content":"Red Hat has recently posted an OnDemand course: [Container pipelines for sys admins\u2014and anyone, really\u2014with Buildah and Podman](https://www.redhat.com/en/events/webinar/container-pipelines-sys-admins-and-anyone-really-buildah-and-podman?sc_cid=701f2000000txokAAA&utm_source=bambu&utm_medium=social&utm_campaign=abm). The session teaches you how to integrate both Podman and Buildah into your continuous delivery (CI/CD) solutions and also serves as a good introduction to both tools. The cost can\'t be beat (free!), so if you\'re looking for a quick introduction into the tools, this is a good way to go."},{"id":"/2019/06/19/ondemand-course","metadata":{"permalink":"/blogs/2019/06/19/ondemand-course","source":"@site/blog/2019-06-19-ondemand-course.md","title":"OnDemand Course: Container pipelines for sys admins\u2014and anyone, really\u2014with Buildah and Podman","description":"podman logo","date":"2019-06-19T00:00:00.000Z","formattedDate":"June 19, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.445,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"OnDemand Course: Container pipelines for sys admins\u2014and anyone, really\u2014with Buildah and Podman","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"OnDemand Course: Container pipelines for sys admins\u2014and anyone, really\u2014with Buildah and Podman","permalink":"/blogs/2019/06/19/new"},"nextItem":{"title":"Podman Mailing list","permalink":"/blogs/2019/06/17/mailinglist"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# OnDemand Course: Container pipelines for sys admins\u2014and anyone, really\u2014with Buildah and Podman\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nRed Hat has recently posted an OnDemand course: [Container pipelines for sys admins\u2014and anyone, really\u2014with Buildah and Podman](https://www.redhat.com/en/events/webinar/container-pipelines-sys-admins-and-anyone-really-buildah-and-podman?sc_cid=701f2000000txokAAA&utm_source=bambu&utm_medium=social&utm_campaign=abm). The session teaches you how to integrate both Podman and Buildah into your continuous delivery (CI/CD) solutions and also serves as a good introduction to both tools. The cost can\'t be beat (free!), so if you\'re looking for a quick introduction into the tools, this is a good way to go."},{"id":"/2019/06/17/mailinglist","metadata":{"permalink":"/blogs/2019/06/17/mailinglist","source":"@site/blog/2019-06-17-mailinglist.md","title":"Podman Mailing list","description":"podman logo","date":"2019-06-17T00:00:00.000Z","formattedDate":"June 17, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":1.395,"hasTruncateMarker":true,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Mailing list","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"OnDemand Course: Container pipelines for sys admins\u2014and anyone, really\u2014with Buildah and Podman","permalink":"/blogs/2019/06/19/ondemand-course"},"nextItem":{"title":"Announcing the Podman Mailing List!","permalink":"/blogs/2019/06/17/new"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman Mailing List\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nWe\'ve received a number of requests for a mailing list for Podman and we\'re happy to announce that one has just been created! We\'ve built a friendly community on IRC and GitHub and plan to continue that growth in this new mailing list. The maintainers of the project are all members of the list and we\'re happy to take any and all questions there about Podman. You can also just use the list as a way to track what\'s going on with Podman as release announcements and other important news will be posted there.\\n\\n\x3c!--truncate--\x3e\\n\\nTo sign up for the mailing list use email or the web interface:\\n\\n- Send an email to [podman-join@lists.podman.io](mailto:podman-join@lists.podman.io?subject=subscribe) with the word \\"Subscribe\\" in the subject.\\n- Go to this [page](https://lists.podman.io/admin/lists/podman.lists.podman.io/) on the [https://lists.podman.io](https://lists.podman.io) site, scroll down to the bottom of the page and enter your email and optionally name, then click on the \\"Subscribe\\" button.\\n\\nRegardless of which method you use, a confirmation email will be sent to you. After you reply back to that confirmation email, you\'ll then be able to send mail directly to [podman@lists.podman.io](mailto:podman@lists.podman.io). You can then also go to the list\'s web page at [lists.podman.io](https://lists.podman.io), click on the [Podman](https://lists.podman.io/archives/list/podman@lists.podman.io/) link and from there you can see all of the past conversations on the list or manage your subscription.\\n\\nPlease note, if you have a bug that you\'d like to report, it\'s best to report them [here](https://github.com/containers/podman/issues) by creating a \\"New issue\\" rather than sending an email to the list.\\n\\nWe hope over time this mailing list will be a friendly and useful tool for the entire Podman community."},{"id":"/2019/06/17/new","metadata":{"permalink":"/blogs/2019/06/17/new","source":"@site/blog/2019-06-17-new.md","title":"Announcing the Podman Mailing List!","description":"We\'ve received a number of requests for a mailing list for Podman and we\'re happy to announce that one has just been created! We\'ve built a friendly community on IRC and GitHub and plan to continue that growth in this new mailing list. The maintainers of the project are all members of the list and we\'re happy to take any and all questions there about Podman. You can also just use the list as a way to track what\'s going on with Podman as release announcements and other important news will be posted there.","date":"2019-06-17T00:00:00.000Z","formattedDate":"June 17, 2019","tags":[],"readingTime":0.51,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Announcing the Podman Mailing List!","layout":"default","categories":["new"]},"prevItem":{"title":"Podman Mailing list","permalink":"/blogs/2019/06/17/mailinglist"},"nextItem":{"title":"Podman Cheat Sheet","permalink":"/blogs/2019/06/13/new"}},"content":"We\'ve received a number of requests for a mailing list for Podman and we\'re happy to announce that one has just been created! We\'ve built a friendly community on IRC and GitHub and plan to continue that growth in this new mailing list. The maintainers of the project are all members of the list and we\'re happy to take any and all questions there about Podman. You can also just use the list as a way to track what\'s going on with Podman as release announcements and other important news will be posted there.\\n\\nGet all the details on this [blog](https://podman.io/blogs/2019/06/17/mailinglist.html) post!"},{"id":"/2019/06/13/new","metadata":{"permalink":"/blogs/2019/06/13/new","source":"@site/blog/2019-06-13-new.md","title":"Podman Cheat Sheet","description":"Red Hat Developer recently posted a new Podman Cheat Sheet on their blog. It\'s a handy guide that cover the commands that focus on images, containers and container resources. Check it out!","date":"2019-06-13T00:00:00.000Z","formattedDate":"June 13, 2019","tags":[],"readingTime":0.16,"hasTruncateMarker":false,"authors":[],"frontMatter":{"title":"Podman Cheat Sheet","layout":"default","categories":["new"]},"prevItem":{"title":"Announcing the Podman Mailing List!","permalink":"/blogs/2019/06/17/new"},"nextItem":{"title":"Podman Cheat Sheet","permalink":"/blogs/2019/06/13/podman-cheatsheet"}},"content":"Red Hat Developer recently posted a new [Podman Cheat Sheet](https://developers.redhat.com/cheat-sheets/podman-basics/) on their blog. It\'s a handy guide that cover the commands that focus on images, containers and container resources. Check it out!"},{"id":"/2019/06/13/podman-cheatsheet","metadata":{"permalink":"/blogs/2019/06/13/podman-cheatsheet","source":"@site/blog/2019-06-13-podman-cheatsheet.md","title":"Podman Cheat Sheet","description":"podman logo","date":"2019-06-13T00:00:00.000Z","formattedDate":"June 13, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.215,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Cheat Sheet","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Podman Cheat Sheet","permalink":"/blogs/2019/06/13/new"},"nextItem":{"title":"Podman: Linux containers made easy, part 2","permalink":"/blogs/2019/05/24/podman-made-easy2"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman Cheat Sheet\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nRed Hat Developer recently posted a new [Podman Cheat Sheet](https://developers.redhat.com/cheat-sheets/podman-basics/) on their blog. It\'s a handy guide that cover the commands that focus on images, containers and container resources. Check it out!"},{"id":"/2019/05/24/podman-made-easy2","metadata":{"permalink":"/blogs/2019/05/24/podman-made-easy2","source":"@site/blog/2019-05-24-podman-made-easy2.md","title":"Podman: Linux containers made easy, part 2","description":"podman logo","date":"2019-05-24T00:00:00.000Z","formattedDate":"May 24, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.315,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman: Linux containers made easy, part 2","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Podman Cheat Sheet","permalink":"/blogs/2019/06/13/podman-cheatsheet"},"nextItem":{"title":"Building Smaller Container Images","permalink":"/blogs/2019/05/18/micro-dnf"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman: Linux containers made easy, part 2\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nIt\'s in German again, but a worthy read [Podman: Linux containers made easy, part 2](https://www.heise.de/developer/artikel/Podman-Linux-Container-einfach-gemacht-Teil-2-4429630.html) Valentin Rothberg (@vrothberg) introduces Podman to the reader and talks about how it fits in the container eco-system. If your German is a little rusty, you may need to lean on [Google Translate](https://translate.google.com/?hl=en&tab=TT&authuser=0)."},{"id":"/2019/05/18/micro-dnf","metadata":{"permalink":"/blogs/2019/05/18/micro-dnf","source":"@site/blog/2019-05-18-micro-dnf.md","title":"Building Smaller Container Images","description":"podman logo","date":"2019-05-18T00:00:00.000Z","formattedDate":"May 18, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.21,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Building Smaller Container Images","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Podman: Linux containers made easy, part 2","permalink":"/blogs/2019/05/24/podman-made-easy2"},"nextItem":{"title":"Monitoring container vitality and availability with Podman","permalink":"/blogs/2019/04/22/health"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Building Smaller Container Images\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nMuayyad Alsadi\'s article in Fedora Magazine talks about [Building Smaller Container Images](https://fedoramagazine.org/building-smaller-container-images/) by leveraging microdnf within fedora-minimal. It\'s a really nice way to save space and build more compact containers."},{"id":"/2019/04/22/health","metadata":{"permalink":"/blogs/2019/04/22/health","source":"@site/blog/2019-04-22-health.md","title":"Monitoring container vitality and availability with Podman","description":"podman logo","date":"2019-04-22T00:00:00.000Z","formattedDate":"April 22, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.35,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"title":"Monitoring container vitality and availability with Podman","layout":"default","author":"baude","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Building Smaller Container Images","permalink":"/blogs/2019/05/18/micro-dnf"},"nextItem":{"title":"Build and run Buildah inside a Podman container","permalink":"/blogs/2019/04/16/cinc"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Monitoring container vitality and availability with Podman\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\nWho doesn\'t want a healthy container in their environment? Now with Podman you can setup healthchecks so you can check if your container and it\'s application is up and running as you\'d expect. [Brent Baude](https://developers.redhat.com/blog/author/bbaude/) introduces the new functionality in this article on the Red Hat Developer Blog: [Monitoring container vitality and availability with Podman](https://developers.redhat.com/blog/2019/04/18/monitoring-container-vitality-and-availability-with-podman)."},{"id":"/2019/04/16/cinc","metadata":{"permalink":"/blogs/2019/04/16/cinc","source":"@site/blog/2019-04-16-cinc.md","title":"Build and run Buildah inside a Podman container","description":"podman logo","date":"2019-04-16T00:00:00.000Z","formattedDate":"April 16, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.275,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Build and run Buildah inside a Podman container","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Monitoring container vitality and availability with Podman","permalink":"/blogs/2019/04/22/health"},"nextItem":{"title":"Podman Saves My Crossword Habit","permalink":"/blogs/2019/04/01/podman-crosswords"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Build and run Buildah inside a Podman container\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nWhat happens when you combine [Matryoshka Dolls](https://en.wikipedia.org/wiki/Matryoshka_doll) with containers? Why you get containers in containers in containers! Read all about it with this new article on the Red Hat Developer Blog: [Build and run Buildah inside a Podman container](https://developers.redhat.com/blog/2019/04/04/build-and-run-buildah-inside-a-podman-container/)."},{"id":"/2019/04/01/podman-crosswords","metadata":{"permalink":"/blogs/2019/04/01/podman-crosswords","source":"@site/blog/2019-04-01-podman-crosswords.md","title":"Podman Saves My Crossword Habit","description":"podman logo","date":"2019-04-01T00:00:00.000Z","formattedDate":"April 1, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.29,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman Saves My Crossword Habit","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Build and run Buildah inside a Podman container","permalink":"/blogs/2019/04/16/cinc"},"nextItem":{"title":"Podman: Linux containers made easy, part 1","permalink":"/blogs/2019/03/22/podman-made-easy"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman Saves My Crossword Habit\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nEd Santiago (@edsantiago) needed help with his New York Times crossword puzzle. So naturally he turned to Podman to save the day. Read about it in his blog post: [Podman Saves My Crossword Habit](http://blog.edsantiago.com/2019/03/podman-saves-my-crossword/). Many thanks to Ed for sharing this\\ninnovative use of Podman."},{"id":"/2019/03/22/podman-made-easy","metadata":{"permalink":"/blogs/2019/03/22/podman-made-easy","source":"@site/blog/2019-03-22-podman-made-easy.md","title":"Podman: Linux containers made easy, part 1","description":"podman logo","date":"2019-03-22T00:00:00.000Z","formattedDate":"March 22, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.31,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman: Linux containers made easy, part 1","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"Podman Saves My Crossword Habit","permalink":"/blogs/2019/04/01/podman-crosswords"},"nextItem":{"title":"CI, and CI, and CI, oh my! (then more CI)","permalink":"/blogs/2019/03/18/CI3"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman: Linux containers made easy, part 1\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nIt\'s in German, but a worthy read [Podman: Linux containers made easy, part 1](https://www.heise.de/developer/artikel/Podman-Linux-Container-einfach-gemacht-Teil-1-4329067.html). Valentin Rothberg (@vrothberg) introduces Podman to the reader and talks about how it fits in the container eco-system. If your German is a little rusty, you may need to lean on [Google Translate](https://translate.google.com/?hl=en&tab=TT&authuser=0)."},{"id":"/2019/03/18/CI3","metadata":{"permalink":"/blogs/2019/03/18/CI3","source":"@site/blog/2019-03-18-CI3.md","title":"CI, and CI, and CI, oh my! (then more CI)","description":"podman logo","date":"2019-03-18T00:00:00.000Z","formattedDate":"March 18, 2019","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"ci","permalink":"/blogs/tags/ci"},{"label":"automation","permalink":"/blogs/tags/automation"},{"label":"test","permalink":"/blogs/tags/test"},{"label":"cloud","permalink":"/blogs/tags/cloud"}],"readingTime":8.455,"hasTruncateMarker":true,"authors":[{"name":"cevich"}],"frontMatter":{"title":"CI, and CI, and CI, oh my! (then more CI)","layout":"default","author":"cevich","categories":["blogs"],"tags":["podman","ci","automation","test","cloud"]},"prevItem":{"title":"Podman: Linux containers made easy, part 1","permalink":"/blogs/2019/03/22/podman-made-easy"},"nextItem":{"title":"podman-install","permalink":"/blogs/2019/03/16/podman-install"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# CI, and CI, and CI, oh my! (then more CI)\\n\\n## By Chris Evich [GitHub](https://github.com/cevich)\\n\\nI wanted to write a detailed post about the CI setup we use for exercising proposed\\nchanges to [libpod (podman repo)](https://github.com/containers/podman). \xa0Unfortunately\\nthis topic (and automation in general)\\nis so big, most readers would end up on the floor, sound asleep, in a puddle of their\\nown drool. \xa0Instead, I will keep your fidget-spinner twirling, by jumping around\\nseveral topics.\\n\\n\x3c!--truncate--\x3e\\n\\nStarting with an overview on why we chose to use [Cirrus CI](https://cirrus-ci.org/), I\'ll\\nprovide a short 3-step\\nwalk-through of how it works, along with lots of links. \xa0Then, we\'ll go into more detail\\nregarding VM Image orchestration, before connecting that back to our Cirrus-CI\\nconfiguration.\\n\\n### Why Cirrus-CI\\n\\nI once said \\"testing code is at least 10x harder than writing it\\". This is especially true when a\\nsoftware-engineer believes their code is \\"perfectly good\\" (meaning, tons of bugs). At the same\\ntime, test automation is generally as reliable, as the inverse of its simplicity (especially when\\nit\'s never simple). Which brings me back to around July/August of \'18:\\n\\nThe libpod project was considered by many to be \\"perfectly good\\", but its automation was definitely\\nnot simple. At least one part or another constantly [jacked-up](https://en.wiktionary.org/wiki/jacked_up#English).\\nAt the time, automation was split\\nacross two totally different services, operating with incompatible yet duplicate configurations.\\nThe third service is a downstream consumer of libpod, but at the time was also under consideration\\nto take over pull-request automation from the first two:\\n\\n- Travis\\n\\n - With [Ubuntu Trusty only a few years old](https://lists.ubuntu.com/archives/ubuntu-announce/2014-April/000182.html),\\n we ran tests on a platform version nobody was using,\\n with bleeding edge-code jammed on top. \xa0Some OS-X tests ran, and we think at least one person\\n looked at the results, some of the time, every once in a while.\\n - Required a contrived containerized-environment to workaround host-side limitations. \xa0Fixes for\\n fake environments almost never improve reality. e.g. impossible to test or fix AppArmor or\\n SELinux problems from inside a container.\\n - The tests did not represent reality. \xa0Most people would never run container tools within a\\n container, and certain security tools like SELinux and AppArmor would not be tested running\\n inside this environment.\\n\\n- PAPR\\n\\n - An internal \\"maintenance mode\\" service, meaning only bug-fixes, no new features. Supported by a\\n single, talented engineer, from another group, perfectly happy to be working on something else.\\n - Fortunately it does have great support for running things on Atomic Host, which we still use to\\n maintain our insanity...I mean, double-check some things.\\n - The underlying infrastructure is unpredictably reliable. Mainly due to frequent\\n [dog-food poisoning](https://en.wikipedia.org/wiki/Eating_your_own_dog_food).\\n\\n- OpenShift\\n - An elegant, impressive piece of machinery, with tests so numerous that most other projects would\\n have trouble calling up enough drool.\\n - Fantastic at testing containers and at-scale orchestration. \xa0However way too complex for our\\n low-level, host-side poking of runtimes, and userspace.\\n - Downstream from libpod by weeks or months depending on the platform, like RHEL for example.\\n - Both Travis and PAPR already demonstrated the pain of testing host-side libraries/tools\\n within a container, no further lessons or reruns required.\\n\\nAs if this vegetarian sausage wasn\'t already dripping with liquid goodness. \xa0The smallest little\\nnetwork blip, and you have to re-run the entire suite again. \xa0The importance of network speed and\\nrobustness can never be overstated. So I set out on a mission against complexity, toward being\\nable to reliably and frequently ruin engineer\'s \\"perfectly good\\" code before it merges.\\n\\n### GET OFF MY LAWWWWWN!\\n\\nThe Cirrus CI killer feature. \xa0You can selfishly\\n[bring\xa0your own cloud](https://cirrus-ci.org/guide/supported-computing-services/)\\nand everything else to make\\nit work, and not have to share with Billy Bob\'s Used tire and doughnut shop. \xa0You\'re the master of\\nthe entire host and runtime environment, OS, kernel, packages, updates, everything! \xa0Then, with\\n[the Cirrus CI app](https://github.com/marketplace/cirrus-ci)\\non your code repository, testing follows this simple automated sequence:\\n\\n1. Create VMs (or containers) in your cloud, using your encrypted credentials.\\n2. Follow [instructions you\'ve spelled out like B-A-S-H](https://cirrus-ci.org/guide/writing-tasks/#script-instruction).\\n3. Show green on exit(0) - the \\"pretty\\" engineer\'s code is properly spoiled (i.e. functional).\\n\\nSo\\n[Cirrus CI gives all the power](https://cirrus-ci.org/#comparison-with-popular-ciaas)\\nfor success, and/or blasting giant, perfectly round, holes in your own two feet!\\nOur CI experience can be as simple or complex as we like, and reliability will match that of major\\ncloud providers and the inverse of our cleverness. What could possibly go wrong? :D\\n\\n### VM Image Orchestration\\n\\nImplementing the bowels of any CI/Automation stack usually begins with orchestrate the initial\\noperating system state. \xa0Therefore, for efficiency-sake, it\'s handy to cache this work before,\\nexercising project-code changes. Otherwise, it\'s a complete waste of (expensive) engineer-time\\nto constantly install, update, and configure all aspects of the system during every test run.\\n\\nAs\\n[recommended by Cirrus CI](https://cirrus-ci.org/guide/supported-computing-services/#custom-vm-images)\\n, we utilize a tool by the inventors of Vagrant: [Packer](https://www.packer.io/). \xa0I was able to\\nmake it do things in a matter of minutes, as packer is fairly brain-dead-simple. \xa0It accepts a JSON\\nfile, which I have simplified as YAML for readability. A simple (non-functional) example will\\ndemonstrate the basic ideas:\\n{% raw %}\\n\\n````yaml\\n---\\n\\nvariables: \xa0# all up-front, no guessing allowed!\\n \xa0\xa0\xa0foo: \\"bar\\" # simple\\n \xa0\xa0\xa0build_image_suffix: \\"-libpod-{{env `COMMIT_SHA`}}\\"# from env. var\\n\\nbuilders: \xa0# Where to do stuff\\n\\n \xa0\xa0\xa0- type: \\"googlecompute\\" \xa0\xa0# TONS of others supported too\\n \xa0\xa0\xa0\xa0\xa0image_name: \'{{build_name}}{{user `build_image_suffix`}}\'\\n \xa0\xa0\xa0\xa0\xa0# ... more details ...\\n\\n \xa0\xa0\xa0- type \\"googlecompute\\"\\n \xa0\xa0\xa0\xa0\xa0# ...other OSes...\\n\\nprovisioners: \xa0# How to do stuff\\n\\n - type: \\"shell\\"\\n script: \\"/path/to/{{build_name}}_setup.sh\\" \xa0# macro looks up OS\\n\\npost-processors: \xa0# Where to stick stuff\\n - - type: \'googlecompute-export\'\\n paths: ... # name of storage bucket where VM Image will rest.\\n```{% endraw %}\\n\\nIn English, the above translates to:\\n\\n1. Using some provided variables like `foo`, but fill the variable `build_image_suffix`\\n using the env. vars `$COMMIT_SHA`\\n2. Spin up some VMs in GCE.\\n3. Upload and execute a shell script on each VM (in parallel).\\n4. Assuming success, store the resulting VM image into a storage bucket for\\n later use as needed, or will expire and get automatically deleted after a time.\\n\\nPerhaps that\'s over-simplifying things a little, but\\npacker provides mostly [just the bear-necessities](https://www.packer.io/docs/provisioners/index.html)\\n(sorry, [song is stuck in my head](https://www.youtube.com/watch?v=08NlhjpVFsU)). Roughly ten\\nminutes after running a simple packer build command, the VMs are automatically torn down, and their disks\\nsaved. \xa0At a time of our choosing, an image can be imported from the storage bucket,\\nthen a small PR tossed up to activate the images for Cirrus.\\n\\n### Packer → Cirrus-CI Connection\\n\\nNext up the stack, we\'ll dig into some basic details of the Cirrus CI system. \xa0If you\'ve used\\nservices like Travis before, this example .cirrus.yml file won\'t be too surprising (simplified\\nsomewhat for example purposes):\\n\\n```yaml\\n---\\n\\n# Safely stored details about accessing our cloud\\ngcp_credentials: ENCRYPTED[blahblah]\\n\\nenv: \xa0# environment and behavioral values for all tasks and scripts\\n \xa0\xa0\xa0# Where to clone the source code into\\n \xa0\xa0\xa0CIRRUS_WORKING_DIR: \\"/var/tmp/go/src/github.com/containers/libpod\\"\\n \xa0\xa0\xa0SCRIPT_BASE: ./contrib/cirrus \xa0# saves some typing (below)\\n\\ntesting_task: \xa0# One particular set of things to do\\n\\n \xa0\xa0\xa0gce_instance: \xa0# What kind of VM to use\\n \xa0\xa0\xa0\xa0\xa0\xa0\xa0image_name: \xa0# Same as image_name produced by packer (above)\\n\\n \xa0\xa0\xa0script: \xa0# Step by step\\n \xa0\xa0\xa0\xa0\xa0\xa0\xa0- $SCRIPT_BASE/setup_environment.sh \xa0\xa0# does what it says\\n \xa0\xa0\xa0\xa0\xa0\xa0\xa0- $SCRIPT_BASE/unit_test.sh \xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0# this too\\n \xa0\xa0\xa0\xa0\xa0\xa0\xa0- $SCRIPT_BASE/integration_test.sh \xa0\xa0\xa0# and this\\n````\\n\\nWith [Cirrus CI \\"installed\\"](https://cirrus-ci.org/guide/quick-start/)\\non a GitHub repository, upon any pull\\nrequest change, Cirrus CI will step\\nin to kick things within GCE, then report back results in your pull request.\\n\\nHowever, we also need to test more than one OS. \xa0This is easily accomplished in Cirrus CI, by\\nusing what they call a\\n[matrix modification](https://cirrus-ci.org/guide/writing-tasks/#matrix-modification).\\nRoughly translated into simple country-folk speak as: \\"_we done messed up our YAML parser\\nto do more fancier things, and stuff_\\". Illustrated in part by looking at an\\nexcerpt from our\\n[actual .cirrus.yml file](https://github.com/containers/podman/blob/main/.cirrus.yml)\\nin the libpod repository:\\n\\n```yaml\\n...cut...\\n\\ntesting_task:\\n\\n \xa0\xa0gce_instance:\\n \xa0\xa0\xa0\xa0\xa0\xa0\xa0image_project: \\"libpod-123456\\"\\n \xa0\xa0\xa0\xa0\xa0\xa0\xa0zone: \\"us-central1-a\\"\\n \xa0\xa0\xa0\xa0\xa0\xa0\xa0cpu: 2\\n \xa0\xa0\xa0\xa0\xa0\xa0\xa0memory: \\"4Gb\\"\\n \xa0\xa0\xa0\xa0\xa0\xa0\xa0disk: 200\\n \xa0\xa0\xa0\xa0\xa0\xa0\xa0matrix:\\n \xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0image_name: \\"ubuntu-18-libpod-a250386d\\" # <-- name from packer\\n \xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0image_name: \\"fedora-28-libpod-a250386d\\"\\n \xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0image_name: \\"fedora-29-libpod-a250386d\\"\\n...cut...\\n```\\n\\nThe above will automatically duplicate the `testing_task` three times, running a different VM image\\nfor each. You can run a matrix across other items as well, like environment variables. There are\\nalso options for filtering your matrix, and adding dependencies between tasks. I\'d spell those\\nour for you, but it\'s liable to suck the lubrication from your fidget-spinner.\\n\\n### Good looks and clean presentation\\n\\nAnother Cirrus CI feature we utilize, has to do with the way\\n[the scripting](https://cirrus-ci.org/guide/writing-tasks/#script-instruction) output is\\npresented. This\\nincludes what you don\'t see, like extraneous buttons and widgets. The way details are presented\\ncan be critical for debugging. Here\'s how we leverage that simplicity:\\n\\n```yaml\\ntesting_task:\\n\\n \xa0\xa0\xa0...cut...\\n\\n \xa0\xa0\xa0setup_environment_script: $SCRIPT_BASE/setup_environment.sh\\n\\n \xa0\xa0\xa0unit_test_script: $SCRIPT_BASE/unit_test.sh\\n \xa0\xa0\xa0integration_test_script: $SCRIPT_BASE/integration_test.sh\\n\\n \xa0\xa0\xa0...cut...\\n```\\n\\nIt\'s possible to have multiple scripts or commands per \\\\_script section. \xa0Because we dedicate one\\nper, the output is presented in bite-size pieces:\\n\\nThis makes it super easy to find what you\'re looking for. If the unit-tests fail with a complaint about\\nsome invalid environment variable. It\'s easier to drop down that box than to go scrolling through\\na giant\\n[wall of text](https://en.wikipedia.org/wiki/Wikipedia:Wall_of_text)\\n(though that\'s sometimes necessary also). On the other hand, if the output\\nwas all jammed into a single \\\\_script block, tracking down problems might get too challenging\\nfor my old-fogy sensibilities. Mind I\'ve only celebrated my 38th birthday four times so far...and\\nremember exactly zero of what happened those nights.\\n\\n### Conclusion\\n\\nThere are many other details I could get into, but sadly, my coffee mug is empty and I can see that I\\nforgot to wash it (again). \xa0Nevertheless, if you need some simple nuts-and-bolts automation, I\\nhighly recommend [Cirrus-CI](https://cirrus-ci.org). It\'s (beer) free to use for open-source\\nprojects. The\\n[Google Cloud Engine](https://cloud.google.com)\\nis also pseudo-free for quite a while, since they give you a\\nvery generous, and substantial startup credit.\\n\\nOther than finding a new mug or my soap, if there are any burning questions here,\\nor snide remarks there, please feel free to find me in #podman on Freenode (IRC).\\nUnless the question is too-smart, I might even be able to answer it. Until then,\\nmay your pretty code keep its bugs well hidden _and_ out of sight."},{"id":"/2019/03/16/podman-install","metadata":{"permalink":"/blogs/2019/03/16/podman-install","source":"@site/blog/2019-03-16-podman-install.md","title":"podman-install","description":"x---","date":"2019-03-16T00:00:00.000Z","formattedDate":"March 16, 2019","tags":[],"readingTime":0.36,"hasTruncateMarker":false,"authors":[],"frontMatter":{},"prevItem":{"title":"CI, and CI, and CI, oh my! (then more CI)","permalink":"/blogs/2019/03/18/CI3"},"nextItem":{"title":"Podman and Buildah for Docker Users!","permalink":"/blogs/2019/02/21/pandb-4-users"}},"content":"x---\\ntitle: Installation of Podman to Run Docker Container - Part 1 \\nlayout: default\\nauthor: tsweeney\\ncategories: [blogs]\\ntags: [containers, images, docker, buildah, podman, oci]\\n\\n---\\n\\n![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Installation of Podman to Run Docker Container - Part 1\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nA new article about how Opvizor installed [Podman to run Docker containers](https://www.opvizor.com/installation-of-podman-to-run-docker-container-part-1?sp_url=6k5w). This blog entry at Opvizor looks into their installation process and their early takeaways on Podman."},{"id":"/2019/02/21/pandb-4-users","metadata":{"permalink":"/blogs/2019/02/21/pandb-4-users","source":"@site/blog/2019-02-21-pandb-4-users.md","title":"Podman and Buildah for Docker Users!","description":"podman logo","date":"2019-02-21T00:00:00.000Z","formattedDate":"February 21, 2019","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":0.295,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman and Buildah for Docker Users!","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"podman-install","permalink":"/blogs/2019/03/16/podman-install"},"nextItem":{"title":"Container Tools on RHEL 8 & How to Hack Podman","permalink":"/blogs/2019/02/07/hack-and-tools"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman and Buildah for Docker Users\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nA new article about how Docker users can use Podman and Buildah on the [Red Hat Developer Site](https://developers.redhat.com/blog/2019/02/21/podman-and-buildah-for-docker-users/). William Henry (@ipbabble) introduces the two tools to Docker users and explains how they can be used to replace Docker and how the two tools are related."},{"id":"/2019/02/07/hack-and-tools","metadata":{"permalink":"/blogs/2019/02/07/hack-and-tools","source":"@site/blog/2019-02-07-hack-and-tools.md","title":"Container Tools on RHEL 8 & How to Hack Podman","description":"podman logo","date":"2019-02-07T00:00:00.000Z","formattedDate":"February 7, 2019","tags":[],"readingTime":0.355,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"layout":"default","title":"Container Tools on RHEL 8 & How to Hack Podman","author":"tsweeney","categories":["blogs"]},"prevItem":{"title":"Podman and Buildah for Docker Users!","permalink":"/blogs/2019/02/21/pandb-4-users"},"nextItem":{"title":"Podman v1.0.0 Released","permalink":"/blogs/2019/01/16/podman-release-v1.0.0"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\nScott McCarty wrote \\"[Red Hat Enterprise Linux 8 Beta: A new set of container tools](https://www.redhat.com/en/blog/red-hat-enterprise-linux-8-beta-new-set-container-tools)\\". In the blog Scott introduces the new container tools in RHEL 8 Beta. Spoiler Alert! No Big Fat Daemons were harmed in the examples Scott provides!\\n\\nHerv\xe9 Beraud wrote \\"[How to Hack on Podman](https://herve.beraud.io/containers/linux/podman/isolate/environment/2019/02/06/how-to-hack-on-podman.html), which walks you through contributing to the Podman project.\\n\\nBoth are great reads to help build your container tools knowledge."},{"id":"/2019/01/16/podman-release-v1.0.0","metadata":{"permalink":"/blogs/2019/01/16/podman-release-v1.0.0","source":"@site/blog/2019-01-16-podman-release-v1.0.0.md","title":"Podman v1.0.0 Released","description":"podman logo","date":"2019-01-16T00:00:00.000Z","formattedDate":"January 16, 2019","tags":[{"label":"community","permalink":"/blogs/tags/community"},{"label":"open source","permalink":"/blogs/tags/open-source"},{"label":"podman","permalink":"/blogs/tags/podman"}],"readingTime":2.08,"hasTruncateMarker":true,"authors":[{"name":"mheon"}],"frontMatter":{"title":"Podman v1.0.0 Released","layout":"default","author":"mheon","categories":["releases"],"tags":["community","open source","podman"]},"prevItem":{"title":"Container Tools on RHEL 8 & How to Hack Podman","permalink":"/blogs/2019/02/07/hack-and-tools"},"nextItem":{"title":"Programmatic remote access to Podman via the varlink protocol","permalink":"/blogs/2019/01/16/podman-varlink"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n## Podman has gone 1.0!\\n\\nOur original goal with Podman was to provide a fully-featured debugging experience for [CRI-O](https://github.com/kubernetes-sigs/cri-o), but it has become so much more. Podman 1.0.0 is a fully-featured container engine. It provides a Docker-compatible command line to ease the transition from other container engines. Most Podman commands can be run as a regular user, without requiring additional privileges. Furthermore, all of this is accomplished without a daemon!\\n\\n\x3c!--truncate--\x3e\\n\\nPodman made its first public release, v0.2, a little less than a year ago. We\'ve come a long way since then, adding new features like:\\n\\n- Rootless containers\\n- Support for pods\\n- Interacting with Kubernetes pod YAML\\n- A Varlink API for interacting with Podman on remote machines\\n\\nWe\'ve kept our eyes firmly on stability, fixing over 150 bugs. We\u2019ve also worked on performance, making sure all common operations are optimized. While it is an iterative process, we are pleased with where we stand today. With that, we\'re excited to announce that Podman is ready for prime time, and it is ready for you.\\n\\nA key focus of Podman is around security. In addition to support for rootless containers, we\u2019ve added many other security features. Great support for [User Namespaces](https://opensource.com/article/18/12/podman-and-user-namespaces) has resulted in better container separation. The `podman top` command will tell you what security features are enabled for processes within containers. Podman\u2019s daemonless fork/exec model preserves audit information on containers.\\n\\nThis is just the beginning, and we have plans for much more. For example, numerous improvements are planned for rootless Podman, pod support, the Varlink API, and automatic user namespace separation. If you find a feature missing from Podman, feel free to open an enhancement request on our [Github](https://github.com/containers/podman/issues). We love your feedback, and many of our best ideas come from users and contributors.\\n\\nFinally, the Podman team would like to thank all our contributors. Everyone who submitted code, improved documentation, or reported bugs has been a great help.\\n\\n## Changes\\n\\nA few of the biggest changes from Podman 1.0.0 include:\\n\\n- Added the `podman play kube` command, which creates Podman pods based on Kubernetes pod YAML.\\n- The `podman run` and `podman create` commands now support the `--init` flag, to run a minimal init process in the container.\\n- Added the `podman image sign` command to sign container images.\\n- Image pulls are now parallelized for increased speed\\n\\nAs always, please visit our release notes on [GitHub](https://github.com/containers/podman/blob/main/RELEASE_NOTES.md) to see the full changelog.\\n\\nYou can find instructions for installing Podman [here](https://github.com/containers/podman/blob/main/install.md)"},{"id":"/2019/01/16/podman-varlink","metadata":{"permalink":"/blogs/2019/01/16/podman-varlink","source":"@site/blog/2019-01-16-podman-varlink.md","title":"Programmatic remote access to Podman via the varlink protocol","description":"podman logo","date":"2019-01-16T00:00:00.000Z","formattedDate":"January 16, 2019","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"varlink","permalink":"/blogs/tags/varlink"},{"label":"rust","permalink":"/blogs/tags/rust"},{"label":"python","permalink":"/blogs/tags/python"},{"label":"go","permalink":"/blogs/tags/go"},{"label":"golang","permalink":"/blogs/tags/golang"}],"readingTime":7.015,"hasTruncateMarker":true,"authors":[{"name":"haraldh"}],"frontMatter":{"title":"Programmatic remote access to Podman via the varlink protocol","layout":"default","author":"haraldh","categories":["blogs"],"tags":["podman","varlink","rust","python","go","golang"]},"prevItem":{"title":"Podman v1.0.0 Released","permalink":"/blogs/2019/01/16/podman-release-v1.0.0"},"nextItem":{"title":"Managing pods and containers in a local container runtime","permalink":"/blogs/2019/01/15/podman-pods"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Programmatic remote access to Podman via the varlink protocol\\n\\n## By Harald Hoyer [GitHub](https://github.com/haraldh)\\n\\nThis guide shows how to access Podman remotely via the [varlink interface](https://varlink.org)\\nwith CLI tools and programmatically with python, go and rust.\\n\\nThis should work on Linux, MacOS and Windows 10.\\n\\nThe [compatibility matrix](https://varlink.org/Language-Bindings) shows which feature is supported on which OS in which language.\\n\\n> Note: replace `` in this guide with the IP or hostname of your\\n> Podman machine\\n\\n\x3c!--truncate--\x3e\\n\\n## Prerequisites\\n\\n### Windows ssh\\n\\nIf you are on a windows client machine, install the OpenSSH Client built by Microsoft in a cmd.exe in\\nadmin mode:\\n\\n```cmd\\n> dism /online /Add-Capability /CapabilityName:OpenSSH.Client~~~~0.0.1.0\\n```\\n\\nClose cmd.exe window.\\n\\n> Note: Works also with other ssh clients, e.g. ssh from [Git Bash](https://gitforwindows.org/).\\n\\n### Generate ssh keys\\n\\nIf you don\'t want to type your password all the time, or not use an ssh agent, set an empty password.\\n\\n```bash\\n$ ssh-keygen -f ~/.ssh/podmanuser\\n```\\n\\n## Set up Podman on the Fedora/RHEL machine\\n\\n```bash\\n$ sudo yum install podman libvarlink-util\\n$ sudo groupadd podman\\n```\\n\\nCopy `/lib/tmpfiles.d/podman.conf` to `/etc/tmpfiles.d/podman.conf`.\\n\\n```bash\\n$ sudo cp /lib/tmpfiles.d/podman.conf /etc/tmpfiles.d/podman.conf\\n```\\n\\nEdit `/etc/tmpfiles.d/podman.conf`:\\n\\n```\\nd /run/podman 0750 root podman\\n```\\n\\nCopy `/lib/systemd/system/io.podman.socket` to `/etc/systemd/system/io.podman.socket`.\\n\\n```bash\\n$ sudo cp /lib/systemd/system/io.podman.socket /etc/systemd/system/io.podman.socket\\n```\\n\\nEdit section `[Socket]` of `/etc/systemd/system/io.podman.socket`:\\n\\n```\\n[Socket]\\nListenStream=/run/podman/io.podman\\nSocketMode=0660\\nSocketGroup=podman\\n```\\n\\nThen activate the changes:\\n\\n```bash\\n$ sudo systemctl daemon-reload\\n$ sudo systemd-tmpfiles --create\\n$ sudo systemctl enable --now io.podman.socket\\n```\\n\\nThe directory and socket now belongs to the podman group\\n\\n```bash\\n$ sudo ls -al /run/podman\\ndrwxr-x---. 2 root podman 60 14. Jan 14:50 .\\ndrwxr-xr-x. 51 root root 1420 14. Jan 14:36 ..\\nsrw-rw----. 1 root podman 0 14. Jan 14:50 io.podman\\n```\\n\\n> Note: Wouldn\'t it be nice, if there was a Podman group owning the socket already? ;-)\\n\\nNow we are adding a user `podmanuser` and set a password:\\n\\n```bash\\n$ sudo useradd podmanuser -G podman\\n$ sudo passwd podmanuser\\n```\\n\\nFrom your client machine do\\n\\n```bash\\n$ ssh-copy-id -f ~/.ssh/podmanuser podmanuser@\\n```\\n\\n### ssh config\\n\\nEdit `.ssh/config`\\n\\n```\\nHost \\n RequestTTY no\\n IdentityFile ~/.ssh/podmanuser\\n User podmanuser\\n VisualHostKey no\\n RemoteCommand /usr/bin/varlink bridge --connect unix:/run/podman/io.podman\\n GSSAPIAuthentication no\\n ForwardX11 no\\n```\\n\\n### Optional Lock Down\\n\\nLog into ``\\n\\n```bash\\n$ ssh podmanuser@\\n```\\n\\nNow we lock down `podmanuser` to only be used with the varlink bridge from your client machine:\\n\\nEdit `.ssh/authorized-keys` so that the line begins with:\\n\\n```\\ncommand=\\"/usr/bin/varlink bridge --connect unix:/run/podman/io.podman\\",no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-X11-forwarding ssh-rsa [\u2026]\\n```\\n\\nLog out of ``\\n\\n## Python\\n\\n### Install Python\\n\\nhttps://www.python.org/downloads/\\n\\n### Install varlink for Python\\n\\n```bash\\n$ pip install --user \\"varlink>=30.0.2\\"\\n```\\n\\n### Test if the varlink cli module works\\n\\n```bash\\n$ python -m varlink.cli --help\\nusage: cli.py [-h] [-r RESOLVER] [-A ACTIVATE] [-b BRIDGE]\\n {info,help,bridge,call} ...\\n\u2026\\n```\\n\\n### Interfacing Podman with the python cli module\\n\\n```bash\\n$ python -m varlink.cli --bridge \\"ssh \\" info\\ninfo\\n.1:1234\\nVendor: Atomic\\nProduct: podman\\nVersion: 0.10.1\\nURL: https://github.com/containers/podman\\nInterfaces:\\n org.varlink.service\\n io.podman\\n\\n$ python -m varlink.cli --bridge \\"ssh \\" call io.podman.Ping {}\\n{\\n \\"ping\\": {\\n \\"message\\": \\"OK\\"\\n }\\n}\\n```\\n\\n### Python Client Example\\n\\n`podmanclient.py`:\\n\\n```python\\nimport varlink\\n\\nwith varlink.Client.new_with_bridge([\\"ssh\\", \\"\\"]) as client:\\n with client.open(\\"io.podman\\") as podman:\\n print(podman.Ping())\\n print(podman.GetInfo())\\n print(podman.GetVersion())\\n\\n info = podman.GetInfo()\\n print(\\"Uptime:\\", info[\\"info\\"][\\"host\\"][\\"uptime\\"])\\n print(\\"Os:\\", info[\\"info\\"][\\"host\\"][\\"os\\"])\\n\\n try:\\n podman.MountContainer(\\"container-id\\")\\n except varlink.error.VarlinkError as e:\\n print(e.error(), e.parameters())\\n print(e.as_dict())\\n```\\n\\nTo find out more about the Podman varlink interface read the [io.podman.varlink](https://github.com/containers/podman/blob/main/cmd/podman/varlink/io.podman.varlink) file or\\nthe rendered [API.md](https://github.com/containers/podman/blob/main/API.md).\\n\\nOr you can inspect, what methods your Podman version on `` provides:\\n\\n```bash\\n$ python -m varlink.cli --bridge \\"ssh \\" help io.podman\\n```\\n\\n## Go\\n\\n### Installation\\n\\n```bash\\n$ go get -u github.com/varlink/go/varlink\\n$ go install github.com/varlink/go/cmd/varlink\\n$ go install github.com/varlink/go/cmd/varlink-go-interface-generator\\n```\\n\\n### Running the varlink CLI command\\n\\nThe `varlink` CLI command in `$GOPATH/bin` should output:\\n\\n```bash\\n$ varlink --bridge \\"ssh \\" info\\nVendor: Atomic\\nProduct: podman\\nVersion: 0.10.1\\nURL: https://github.com/containers/podman\\nInterfaces:\\n org.varlink.service\\n io.podman\\n$ varlink --bridge \\"ssh \\" call io.podman.Ping\\n{\\n \\"ping\\": {\\n \\"message\\": \\"OK\\"\\n }\\n}\\n\\n$ varlink --bridge \\"ssh \\" call io.podman.MountContainer \\"{\\\\\\"name\\\\\\": \\\\\\"container-id\\\\\\"}\\"\\nError: Call failed with error: io.podman.ErrorOccurred\\n{\\n \\"reason\\": \\"no container with name or ID container-id found: no such container\\"\\n}\\n```\\n\\nTo find out more about the Podman varlink interface read the [io.podman.varlink](https://github.com/containers/podman/blob/main/cmd/podman/varlink/io.podman.varlink) file or\\nthe rendered [API.md](https://github.com/containers/podman/blob/main/API.md).\\n\\nOr you can inspect, what methods your Podman version on `` provides:\\n\\n```bash\\n$ varlink --bridge \\"ssh \\" help io.podman\\n```\\n\\n### Go Client Example\\n\\nEither clone this [repository](https://github.com/haraldh/podmangoexampleclient) or:\\n\\nCreate a new go project.\\nCreate a sub directory `iopodman` in the project.\\n\\nCreate the `io.podman.varlink` either from the podman github sources or dynamically with:\\n\\n```bash\\n$ varlink --bridge \\"ssh \\" help io.podman > iopodman/io.podman.varlink\\n```\\n\\nCreate iopodman/generate.go:\\n\\n```go\\npackage iopodman\\n\\n//go:generate $GOPATH/bin/varlink-go-interface-generator io.podman.varlink\\n```\\n\\nRun `go generate`:\\n\\n```bash\\n$ go generate ./...\\n```\\n\\nCreate your main.go:\\n\\n```go\\npackage main\\n\\nimport (\\n\\t\\"flag\\"\\n\\t\\"fmt\\"\\n\\t\\"github.com/haraldh/podmangoexampleclient/iopodman\\"\\n\\t\\"github.com/varlink/go/varlink\\"\\n\\t\\"io\\"\\n\\t\\"os\\"\\n)\\n\\nfunc printError(methodname string, err error) {\\n\\tfmt.Fprintf(os.Stderr, \\"Error calling %s: \\", methodname)\\n\\tswitch e := err.(type) {\\n\\tcase *iopodman.ImageNotFound:\\n\\t\\t//error ImageNotFound (name: string)\\n\\t\\tfmt.Fprintf(os.Stderr, \\"\'%v\' name=\'%s\'\\\\n\\", e, e.Name)\\n\\n\\tcase *iopodman.ContainerNotFound:\\n\\t\\t//error ContainerNotFound (name: string)\\n\\t\\tfmt.Fprintf(os.Stderr, \\"\'%v\' name=\'%s\'\\\\n\\", e, e.Name)\\n\\n\\tcase *iopodman.NoContainerRunning:\\n\\t\\t//error NoContainerRunning ()\\n\\t\\tfmt.Fprintf(os.Stderr, \\"\'%v\'\\\\n\\", e)\\n\\n\\tcase *iopodman.PodNotFound:\\n\\t\\t//error PodNotFound (name: string)\\n\\t\\tfmt.Fprintf(os.Stderr, \\"\'%v\' name=\'%s\'\\\\n\\", e, e.Name)\\n\\n\\tcase *iopodman.PodContainerError:\\n\\t\\t//error PodContainerError (podname: string, errors: []PodContainerErrorData)\\n\\t\\tfmt.Fprintf(os.Stderr, \\"\'%v\' podname=\'%s\' errors=\'%v\'\\\\n\\", e, e.Podname, e.Errors)\\n\\n\\tcase *iopodman.NoContainersInPod:\\n\\t\\t//error NoContainersInPod (name: string)\\n\\t\\tfmt.Fprintf(os.Stderr, \\"\'%v\' name=\'%s\'\\\\n\\", e, e.Name)\\n\\n\\tcase *iopodman.ErrorOccurred:\\n\\t\\t//error ErrorOccurred (reason: string)\\n\\t\\tfmt.Fprintf(os.Stderr, \\"\'%v\' reason=\'%s\'\\\\n\\", e, e.Reason)\\n\\n\\tcase *iopodman.RuntimeError:\\n\\t\\t//error RuntimeError (reason: string)\\n\\t\\tfmt.Fprintf(os.Stderr, \\"\'%v\' reason=\'%s\'\\\\n\\", e, e.Reason)\\n\\n\\tcase *varlink.InvalidParameter:\\n\\t\\tfmt.Fprintf(os.Stderr, \\"\'%v\' parameter=\'%s\'\\\\n\\", e, e.Parameter)\\n\\n\\tcase *varlink.MethodNotFound:\\n\\t\\tfmt.Fprintf(os.Stderr, \\"\'%v\' method=\'%s\'\\\\n\\", e, e.Method)\\n\\n\\tcase *varlink.MethodNotImplemented:\\n\\t\\tfmt.Fprintf(os.Stderr, \\"\'%v\' method=\'%s\'\\\\n\\", e, e.Method)\\n\\n\\tcase *varlink.InterfaceNotFound:\\n\\t\\tfmt.Fprintf(os.Stderr, \\"\'%v\' interface=\'%s\'\\\\n\\", e, e.Interface)\\n\\n\\tcase *varlink.Error:\\n\\t\\tfmt.Fprintf(os.Stderr, \\"\'%v\' parameters=\'%v\'\\\\n\\", e, e.Parameters)\\n\\n\\tdefault:\\n\\t\\tif err == io.EOF {\\n\\t\\t\\tfmt.Fprintf(os.Stderr, \\"Connection closed\\\\n\\", )\\n\\t\\t} else if err == io.ErrUnexpectedEOF {\\n\\t\\t\\tfmt.Fprintf(os.Stderr, \\"Connection aborted\\\\n\\", )\\n\\t\\t} else {\\n\\t\\t\\tfmt.Fprintf(os.Stderr, \\"%T - \'%v\'\\\\n\\", err, err)\\n\\t\\t}\\n\\t}\\n}\\n\\nfunc main() {\\n\\tvar c *varlink.Connection\\n\\tvar err error\\n\\n c, err = varlink.NewBridge(\\"ssh \\")\\n\\tif err != nil {\\n\\t\\tfmt.Fprintf(os.Stderr, \\"Error connecting: %T - \'%v\'\\\\n\\", err, err)\\n\\t\\tos.Exit(1)\\n\\t}\\n\\n\\t// Be nice and cleanup\\n\\tdefer c.Close()\\n\\n\\tinfo, err := iopodman.GetInfo().Call(c)\\n\\n\\tif err != nil {\\n\\t\\tprintError(\\"GetInfo()\\", err)\\n\\t\\tos.Exit(1)\\n\\t}\\n\\n\\tfmt.Printf(\\"Info: %+v\\\\n\\\\n\\", info)\\n\\n\\tfmt.Printf(\\"Podman Version: %+v\\\\n\\\\n\\", info.Podman.Podman_version)\\n\\n\\tcontainers, err := iopodman.ListContainers().Call(c)\\n\\n\\tif err != nil {\\n\\t\\tprintError(\\"ListContainers()\\", err)\\n\\t\\tos.Exit(1)\\n\\t}\\n\\n\\tfor container := range containers {\\n\\t\\tprint(container)\\n\\t}\\n\\n\\tmount, err := iopodman.MountContainer().Call(c, \\"foo\\")\\n\\tif err != nil {\\n\\t\\tprintError(\\"MountContainer()\\", err)\\n\\t} else {\\n\\t\\tprint(mount)\\n\\t}\\n}\\n```\\n\\n## Rust\\n\\n### Install the rust toolchain\\n\\n#### Windows\\n\\nFirst install the C++ part of https://visualstudio.microsoft.com/downloads/\\n\\n#### All\\n\\nhttps://rustup.rs/\\n\\n### Install varlink-cli\\n\\n#### For non-Linux systems:\\n\\n```bash\\n$ cargo install varlink-cli\\n```\\n\\n> Note: Ensure that $HOME/.cargo/bin is in your PATH or copy $HOME/.cargo/bin/varlink\\n> in one of your path directories\\n\\n#### For Linux systems:\\n\\nYou can also use `varlink` util from [libvarlink](https://github.com/varlink/libvarlink)\\nor install `libvarlink-util` on Fedora/RHEL machines.\\n\\n### Running the varlink CLI command\\n\\nThe `varlink` CLI command in `~/.cargo/bin` should output:\\n\\n```bash\\n$ varlink --bridge \\"ssh \\" info\\nVendor: Atomic\\nProduct: podman\\nVersion: 0.10.1\\nURL: https://github.com/containers/podman\\nInterfaces:\\n org.varlink.service\\n io.podman\\n$ varlink --bridge \\"ssh \\" call io.podman.Ping\\n{\\n \\"ping\\": {\\n \\"message\\": \\"OK\\"\\n }\\n}\\n\\n$ varlink --bridge \\"ssh \\" call io.podman.MountContainer \\"{\\\\\\"name\\\\\\": \\\\\\"container-id\\\\\\"}\\"\\nError: Call failed with error: io.podman.ErrorOccurred\\n{\\n \\"reason\\": \\"no container with name or ID container-id found: no such container\\"\\n}\\n```\\n\\nTo find out more about the Podman varlink interface read the [io.podman.varlink](https://github.com/containers/podman/blob/main/cmd/podman/varlink/io.podman.varlink) file or\\nthe rendered [API.md](https://github.com/containers/podman/blob/main/API.md).\\n\\nOr you can inspect, what methods your Podman version on `` provides:\\n\\n```bash\\n$ varlink --bridge \\"ssh \\" help io.podman\\n```\\n\\n### Rust Client Example\\n\\nEither clone this [repository](https://github.com/haraldh/podmanrs) or:\\n\\n```bash\\n$ cargo new --bin podmanrs\\n$ cd podmanrs\\n```\\n\\nDownload the varlink interface from the running Podman varlink service:\\n\\n```bash\\n$ varlink --bridge \\"ssh \\" help io.podman > src/io.podman.varlink\\n```\\n\\ncreate `build.rs`:\\n\\n```rust\\nextern crate varlink_generator;\\n\\nfn main() {\\n varlink_generator::cargo_build_tosource(\\"src/io.podman.varlink\\", true);\\n}\\n```\\n\\ncreate `Cargo.toml`:\\n\\n```toml\\n[package]\\nname = \\"podmanrs\\"\\nversion = \\"0.1.0\\"\\nauthors = [\\"Harald Hoyer \\"]\\nbuild = \\"build.rs\\"\\nedition = \\"2018\\"\\n\\n[dependencies]\\nvarlink = \\"7\\"\\nserde = \\"1\\"\\nserde_derive = \\"1\\"\\nserde_json = \\"1\\"\\nchainerror = \\"0.4\\"\\n[build-dependencies]\\nvarlink_generator = \\"7\\"\\n```\\n\\ncreate `src/main.rs`:\\n\\n```rust\\nmod io_podman;\\n\\nuse crate::io_podman::*;\\nuse varlink::Connection;\\nuse std::result::Result;\\nuse std::error::Error;\\n\\nfn main() -> Result<(), Box> {\\n let connection = Connection::with_bridge(\\n \\"ssh \\",\\n )?;\\n let mut podman = VarlinkClient::new(connection.clone());\\n let reply = podman.ping().call()?;\\n println!(\\"Ping() replied with \'{}\'\\", reply.ping.message);\\n let reply = podman.get_info().call()?;\\n println!(\\"Hostname: {}\\", reply.info.host.hostname);\\n println!(\\"Info: {:#?}\\", reply.info);\\n Ok(())\\n}\\n```\\n\\nNow run it:\\n\\n```bash\\n$ cargo run\\n```"},{"id":"/2019/01/15/podman-pods","metadata":{"permalink":"/blogs/2019/01/15/podman-pods","source":"@site/blog/2019-01-15-podman-pods.md","title":"Managing pods and containers in a local container runtime","description":"Brent Baude has written a new article called \\"Managing pods and containers in a local container runtime\\" on the","date":"2019-01-15T00:00:00.000Z","formattedDate":"January 15, 2019","tags":[],"readingTime":0.18,"hasTruncateMarker":false,"authors":[{"name":"baude"}],"frontMatter":{"layout":"default","title":"Managing pods and containers in a local container runtime","author":"baude","categories":["blogs"]},"prevItem":{"title":"Programmatic remote access to Podman via the varlink protocol","permalink":"/blogs/2019/01/16/podman-varlink"},"nextItem":{"title":"Podman Machine and Boot2podman","permalink":"/blogs/2019/01/14/podman-machine-and-boot2podman"}},"content":"Brent Baude has written a new article called \\"[Managing pods and containers in a local container runtime](https://developers.redhat.com/blog/2019/01/15/podman-managing-containers-pods/)\\" on the\\nRed Hat Developer site. Learn how using pods in Podman can help organize and orchestrate your containers."},{"id":"/2019/01/14/podman-machine-and-boot2podman","metadata":{"permalink":"/blogs/2019/01/14/podman-machine-and-boot2podman","source":"@site/blog/2019-01-14-podman-machine-and-boot2podman.md","title":"Podman Machine and Boot2podman","description":"boot2podman logo","date":"2019-01-14T00:00:00.000Z","formattedDate":"January 14, 2019","tags":[{"label":"boot2podman","permalink":"/blogs/tags/boot-2-podman"},{"label":"podman+machine","permalink":"/blogs/tags/podman-machine"}],"readingTime":2.835,"hasTruncateMarker":true,"authors":[{"name":"afbjorklund"}],"frontMatter":{"title":"Podman Machine and Boot2podman","layout":"default","author":"afbjorklund","categories":["blogs"],"tags":["boot2podman","podman+machine"]},"prevItem":{"title":"Managing pods and containers in a local container runtime","permalink":"/blogs/2019/01/15/podman-pods"},"nextItem":{"title":"RHEl 8 beta and Podman","permalink":"/blogs/2019/01/08/rhel-8-and-podman"}},"content":"![boot2podman logo](https://raw.githubusercontent.com/boot2podman/boot2podman/master/logo.png)\\n\\n# Podman Machine and Boot2podman\\n\\n## By Anders F Bj\xf6rklund [GitHub](https://github.com/afbjorklund)\\n\\n### Update: September 9, 2021 - Tom Sweeney\\n\\nThis post initially discussed the boot2podman/machine project, which Anders has since deprecated. Starting with Podman v3.3, the `podman machine` command now does that same function and is part of the Podman project. Please see Brent Baude\'s [update](https://podman.io/blogs/2021/09/06/podman-on-macs.html) or the [podman machine](https://docs.podman.io/en/latest/machine.html) man page on [docs.podman.io](https://docs.podman.io/) for more information on how to run Podman machine. The `podman-machine` command has been deprecated.\\n\\nIn addition, the Podman team is investigating the possibility of creating `Podman Desktop`. Please see the issue on [GitHub](https://github.com/containers/podman/issues/11494), and please add your comments or thoughts to that issue.\\n\\nMore updates are coming, and please keep your eye on the [Podman Mailing List](https://podman.io/community/#mailing-list) and [podman.io](https://podman.io) for further information and developments.\\n\\nFinally, a very big thank you to Anders for his many contributions to Podman, particularly for his work in getting Podman to work smoothly on macOS.\\n\\n## Original Post\\n\\nBy using `podman-machine` and indirectly `boot2podman`, it is easy to get started with podman even if your local host does not support it...\\n\\nIt will start a virtual machine, with everything to run containers. This includes `podman` and `buildah`, and remote access over `varlink`.\\n\\n\x3c!--truncate--\x3e\\n\\nThe command-line tool `podman-machine` is a simple way to create virtual machines running `boot2podman.iso`.\\nIt will create a \\"machine\\" with Linux prepared for running Linux containers, with [Podman](https://podman.io) and [Buildah](https://buildah.io) (and their dependencies) pre-installed.\\n\\nThis way any client will be able to run containers, even though not possible on their operating system.\\nWhether their Linux distribution is too old or too unprivileged, or if they are running Windows or OS X operating systems without native Linux support.\\n\\n## Podman Machine\\n\\nMachine lets you create servers with Podman, then configures the Podman clients.\\n\\n```console\\n$ podman-machine create box\\n$ podman-machine ssh box\\n\\ntc@box:~$ sudo podman\\n```\\n\\nWill automatically download the latest version of the ISO, if not available in the cache.\\n\\n_See:_ [https://github.com/boot2podman/machine](https://github.com/boot2podman/machine)\\n\\n## Boot2Podman ISO\\n\\nBoot2podman is a lightweight Linux distribution made specifically to run Linux containers.\\n\\n- Tiny Core Linux 9.x (x86_64)\\n- Buildah / Varlink / Podman\\n\\nThe distribution runs entirely from RAM, while persisting the containers and ssh keys.\\n\\n_See:_ [https://github.com/boot2podman/boot2podman](https://github.com/boot2podman/boot2podman)\\n\\n## Remote Access\\n\\nIt is possible to use the `pypodman` command-line tool, to control podman remotely:\\n\\n```console\\n$ eval $(podman-machine env box)\\n$ pypodman version\\n```\\n\\n[https://github.com/containers/python-podman](https://github.com/containers/python-podman)\\n\\nOr alternatively to use the `varlink-go` command-line tool, to access the podman API:\\n\\n```console\\n$ eval $(podman-machine env box --varlink)\\n$ varlink-go call io.podman.GetVersion\\n```\\n\\n[https://github.com/boot2podman/varlink-go](https://github.com/boot2podman/varlink-go)\\n\\nBoth methods use SSH, in order to access the podman varlink socket of the VM.\\n\\nThe SSH keys and other configuration is automatically created with the machine.\\n\\n## Tiny Core\\n\\nThe regular `boot2podman.iso` is based on [Tiny Core Linux](http://tinycorelinux.net):\\n\\n[https://github.com/boot2podman/boot2podman/releases](https://github.com/boot2podman/boot2podman/releases)\\n\\nThis is a minimal system, that runs entirely from RAM and uses `init(1)`.\\n\\nThe package manager uses TCZ packages, handled by the `tce-load` program.\\n\\n_See:_ [https://en.wikipedia.org/wiki/Tiny_Core_Linux](https://en.wikipedia.org/wiki/Tiny_Core_Linux)\\n\\n## Fedora\\n\\nThere is also an alternative version, based on [Fedora Linux](https://getfedora.org/):\\n\\n[https://github.com/boot2podman/boot2podman-fedora-iso/releases](https://github.com/boot2podman/boot2podman-fedora-iso/releases)\\n\\nThis is a full system, that boots a regular image and uses `systemd(1)`.\\n\\nThe package manager uses RPM packages, handled by the `dnf` program.\\n\\n_See:_ [https://en.wikipedia.org/wiki/Fedora\\\\_(operating_system)]()\\n\\nBoth versions will do the same thing, in that they will both offer the Podman varlink socket.\\n\\nThe Podman Machine can set up virtual machines for either, by using the \\"url\\" parameters.\\n\\n---\\n\\nFor more posts about boot2podman, see: [https://boot2podman.github.io/](https://boot2podman.github.io/)"},{"id":"/2019/01/08/rhel-8-and-podman","metadata":{"permalink":"/blogs/2019/01/08/rhel-8-and-podman","source":"@site/blog/2019-01-08-rhel-8-and-podman.md","title":"RHEl 8 beta and Podman","description":"Daniel Koszegi has posted a new blog: \\"First look at RHEL 8 and Podman\\". Daniel talks about the RHEL 8 beta and how Podman figures into it!.","date":"2019-01-08T00:00:00.000Z","formattedDate":"January 8, 2019","tags":[],"readingTime":0.135,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"layout":"default","title":"RHEl 8 beta and Podman","author":"tsweeney","categories":["blogs"]},"prevItem":{"title":"Podman Machine and Boot2podman","permalink":"/blogs/2019/01/14/podman-machine-and-boot2podman"},"nextItem":{"title":"Software Factory Container With Buildah And Podman","permalink":"/blogs/2019/01/07/software-factory-podman"}},"content":"Daniel Koszegi has posted a new blog: \\"[First look at RHEL 8 and Podman](https://medium.com/@danielkoszegi/first-look-at-rhel-8-beta-and-podman-f344165c1620)\\". Daniel talks about the RHEL 8 beta and how Podman figures into it!."},{"id":"/2019/01/07/software-factory-podman","metadata":{"permalink":"/blogs/2019/01/07/software-factory-podman","source":"@site/blog/2019-01-07-software-factory-podman.md","title":"Software Factory Container With Buildah And Podman","description":"Tristan de Cacqueray has posted a new blog: \\"Software Factory Container With Buildah And Podman\\".","date":"2019-01-07T00:00:00.000Z","formattedDate":"January 7, 2019","tags":[],"readingTime":0.15,"hasTruncateMarker":false,"authors":[{"name":"tristanC"}],"frontMatter":{"layout":"default","title":"Software Factory Container With Buildah And Podman","author":"tristanC","categories":["blogs"]},"prevItem":{"title":"RHEl 8 beta and Podman","permalink":"/blogs/2019/01/08/rhel-8-and-podman"},"nextItem":{"title":"New Blog from Emilien Macchi, Part 4!","permalink":"/blogs/2018/12/14/openstack-podman-healthchecks"}},"content":"Tristan de Cacqueray has posted a new blog: \\"[Software Factory Container With Buildah And Podman](https://www.softwarefactory-project.io/software-factory-container-with-buildah-and-podman.html)\\".\\nTristan explains how to use Buildah and Podman to containerize a systemd based service suite."},{"id":"/2018/12/14/openstack-podman-healthchecks","metadata":{"permalink":"/blogs/2018/12/14/openstack-podman-healthchecks","source":"@site/blog/2018-12-14-openstack-podman-healthchecks.md","title":"New Blog from Emilien Macchi, Part 4!","description":"Emilien Macchi has posted a fourth blog on how his group is running Healthchecks for Podman containers: \\"OpenStack Containerization with Podman \u2013 Part 4 (Healthchecks)\\". Check it out!","date":"2018-12-14T00:00:00.000Z","formattedDate":"December 14, 2018","tags":[],"readingTime":0.14,"hasTruncateMarker":false,"authors":[],"frontMatter":{"layout":"default","title":"New Blog from Emilien Macchi, Part 4!","categories":["new"]},"prevItem":{"title":"Software Factory Container With Buildah And Podman","permalink":"/blogs/2019/01/07/software-factory-podman"},"nextItem":{"title":"Podman v0.12.1.1 Released","permalink":"/blogs/2018/12/12/podman-alpha-v0.12.1.1"}},"content":"[Emilien Macchi](https://twitter.com/EmilienMacchi) has posted a fourth blog on how his group is running Healthchecks for Podman containers: \\"[OpenStack Containerization with Podman \u2013 Part 4 (Healthchecks)](https://my1.fr/blog/openstack-containerization-with-podman-part-4-healthchecks/)\\". Check it out!"},{"id":"/2018/12/12/podman-alpha-v0.12.1.1","metadata":{"permalink":"/blogs/2018/12/12/podman-alpha-v0.12.1.1","source":"@site/blog/2018-12-12-podman-alpha-v0.12.1.1.md","title":"Podman v0.12.1.1 Released","description":"podman logo","date":"2018-12-12T00:00:00.000Z","formattedDate":"December 12, 2018","tags":[{"label":"community","permalink":"/blogs/tags/community"},{"label":"open source","permalink":"/blogs/tags/open-source"},{"label":"podman","permalink":"/blogs/tags/podman"}],"readingTime":1.2,"hasTruncateMarker":true,"authors":[{"name":"mheon"}],"frontMatter":{"title":"Podman v0.12.1.1 Released","layout":"default","author":"mheon","categories":["releases"],"tags":["community","open source","podman"]},"prevItem":{"title":"New Blog from Emilien Macchi, Part 4!","permalink":"/blogs/2018/12/14/openstack-podman-healthchecks"},"nextItem":{"title":"Simplifying Podman commands with labels","permalink":"/blogs/2018/12/03/podman-runlabel"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman Release 0.12.1.1\\n\\nWe\'re happy to announce the availability of Podman 0.12.1.1, our latest version. We\'ve been very busy over the last month, and it shows! We\'ve merged over 150 new commits since our 0.11 releases, including major new functionality and several critical bugfixes. Pods, Kubernetes compatibility, and container volumes all saw major improvements.\\n\\nWe hope everyone enjoys the release, and stays with us in the future as Podman gets closer to 1.0. As always, many thanks to everyone who contributed to this release!\\n\\n\x3c!--truncate--\x3e\\n\\n## Changes\\n\\nThis release comes with many exciting new features. To highlight a few of our biggest changes:\\n\\n- The `podman generate kube` command was added by Brent Baude, which generates Kubernetes pod and service YAML from Podman containers and pods.\\n- Initial support for named volumes using the `podman volume` set of commands was landed by Urvashi Mohnani\\n- The `podman rm` and `podman rmi` commands can now prune unused containers and images with the `--prune` flag\\n- Ports can now be published to the host from pods\\n\\nNumerous bugs were fixed as well, including a breaking change in rootless Podman found in 0.11.x releases.\\n\\nTo see the full changelog, please visit our release notes on [GitHub](https://github.com/containers/podman/blob/main/RELEASE_NOTES.md)\\n\\nSome of this work, like the `podman volume` command, is still very early. We\'d greatly appreciate feedback! If you have an enhancement request or a bug report, please file them on our [issue page](https://github.com/containers/podman/issues)."},{"id":"/2018/12/03/podman-runlabel","metadata":{"permalink":"/blogs/2018/12/03/podman-runlabel","source":"@site/blog/2018-12-03-podman-runlabel.md","title":"Simplifying Podman commands with labels","description":"podman logo","date":"2018-12-03T00:00:00.000Z","formattedDate":"December 3, 2018","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"}],"readingTime":2.015,"hasTruncateMarker":true,"authors":[{"name":"baude"}],"frontMatter":{"title":"Simplifying Podman commands with labels","layout":"default","author":"baude","categories":["blogs"],"tags":["podman","containers"]},"prevItem":{"title":"Podman v0.12.1.1 Released","permalink":"/blogs/2018/12/12/podman-alpha-v0.12.1.1"},"nextItem":{"title":"Podman container|image exists","permalink":"/blogs/2018/11/27/podman-exists"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Simplifying Podman commands with labels\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\nCommands used by container runtimes to create containers have become complex. It is on purpose of course. When creating\\ncontainers, we want the ability to specify various security or network attributes. But if you are in the unenviable position to have to keystroke in some of these lengthy commands, it can grow tiresome. Defining labels on the container image is a great way to define how the container should be run; however, now with Podman we can read and execute that label saving you potential command line bloat.\\n\\n\x3c!--truncate--\x3e\\n\\n### Container image Labels\\n\\nContainer images have had the concept of a label for quite some time. They are often used as identifiers for the image; i.e. version, release, author, etc. But you can create a container label for just about anything. With the Atomic CLI project, we used to leverage labels such as RUN, INSTALL, and UNINSTALL. These labels we defined for the purpose of their verbiage.\\n\\n### Podman container runlabel\\n\\nTo mimic the Atomic CLI project, we added a sub-command called `podman container runlabel`. This command will execute the contents of a given label as defined by the container image.\\n\\nLets consider an example. I have a simple container image based on mariab that I use for my Podman development. The image is made like so:\\n\\n```\\nFROM docker.io/library/mariadb:latest\\nLABEL RUN=\\"podman run --name some-mariadb -P -e MYSQL_ROOT_PASSWORD=x -dt IMAGE\\"\\nRUN echo \\"bind-address = 0.0.0.0\\" >> /etc/mysql/my.cnf\\n```\\n\\nNote the definition of the RUN label in the image. It contains the complete command line description of how to run it. The use of IMAGE here is a placeholder is automatically substituted by Podman to the real image name. On my system, this image exists as `quay.io/baude/demodb:latest`.\\n\\nWe can get a preview of what Podman would run using the `--display` switch. In the case of my mariab image, a dry-run would show something like this:\\n\\n```\\n$ sudo podman container runlabel --display run quay.io/baude/demodb:latest\\nCommand: /proc/self/exe run --name some-mariadb -P -e MYSQL_ROOT_PASSWORD=x -dt quay.io/baude/demodb:latest\\n```\\n\\nNote how the IMAGE was translated into the image name. If we rerun the previous command and subtract the `--display` option, podman will create the container exactly as described by the run label.\\n\\nSo, next time you create your own image, do yourself a favor and construct labels that Podman can read and simplify your life."},{"id":"/2018/11/27/podman-exists","metadata":{"permalink":"/blogs/2018/11/27/podman-exists","source":"@site/blog/2018-11-27-podman-exists.md","title":"Podman container|image exists","description":"podman logo","date":"2018-11-27T00:00:00.000Z","formattedDate":"November 27, 2018","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"}],"readingTime":2.165,"hasTruncateMarker":true,"authors":[{"name":"baude"}],"frontMatter":{"title":"Podman container|image exists","layout":"default","author":"baude","categories":["blogs"],"tags":["podman","containers"]},"prevItem":{"title":"Simplifying Podman commands with labels","permalink":"/blogs/2018/12/03/podman-runlabel"},"nextItem":{"title":"Build Podman RPMs with a container image","permalink":"/blogs/2018/11/19/build_libpod-container-images"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman container|image exists\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\nWe are seeing a proliferation of Podman usage in users\' daily workflows. As such, these workflows are often scripted -- in something like bash -- and clear exit codes from the applications being run are paramount. One of the tasks we often see is a user wanting to verify if an image or a container exists in local storage. We saw several different approaches approaches to solving this including running `podman ps` or `podman images` with filters or complex uses of grep.\\n\\n\x3c!--truncate--\x3e\\n\\n### Solution\\n\\nAfter a bit of discussion with our users, recorded in [issue #1845] (https://github.com/containers/podman/issues/1845), a plan was hatched to have a specific command that satisfies this use case. It was implemented for both containers and images; and I suppose if users wish, we could implement it for pods as well. If the image or container exists, Podman will return an exit code of `0`. If it does not exist, Podman will return an exit code of `1`. Any other exit code can be attributed to non-verification failures like permissions or failure in reading local storage.\\n\\n### Check on an images\\n\\nTo verify the existence of an image in your local storage, you can use the command `podman image exists `. Let\'s clarify through the use of an example.\\n\\nThe images we have in our local storage are as follows:\\n\\n```\\n$ sudo podman images\\nREPOSITORY TAG IMAGE ID CREATED SIZE\\ndocker.io/library/alpine latest 196d12cf6ab1 2 months ago 4.67 MB\\n```\\n\\nIf we wanted to verify the existence of the image `docker.io/library/alpine:latest`, we would:\\n\\n```\\n$ sudo podman image exists docker.io/library/alpine:latest\\n$ echo $?\\n0\\n```\\n\\nYou can also verify by short-name if preferable:\\n\\n```\\n$ sudo podman image exists alpine\\n$ echo $?\\n0\\n```\\n\\nYou can also verify an image by an image\'s full or shortened ID.\\n\\n```\\n$ sudo podman image exists 196d12cf6ab1\\n$ echo $?\\n0\\n```\\n\\nAnd finally, a failure to verify example would look like:\\n\\n```\\n$ sudo podman image exists busybox\\n$ echo $?\\n1\\n```\\n\\n### Check on a container\\n\\nWe can verify the existence of a container in much the same way as an image. The grammar differs slightly.\\n\\nMy system has the following container:\\n\\n```\\n$ sudo podman ps --format {% raw %}\\"{{.ID}} {{.Names}}\\"{% endraw %}\\n472fde2f48c7 foobar\\n```\\n\\nAnd I can verify the existence of the container with `podman container exists `.\\n\\n```\\n$ sudo podman container exists foobar\\n$ echo $?\\n0\\n```\\n\\nLike images, you can also verify a container using its full or partial container ID."},{"id":"/2018/11/19/build_libpod-container-images","metadata":{"permalink":"/blogs/2018/11/19/build_libpod-container-images","source":"@site/blog/2018-11-19-build_libpod-container-images.md","title":"Build Podman RPMs with a container image","description":"podman logo","date":"2018-11-19T00:00:00.000Z","formattedDate":"November 19, 2018","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"}],"readingTime":2.395,"hasTruncateMarker":true,"authors":[{"name":"baude"}],"frontMatter":{"title":"Build Podman RPMs with a container image","layout":"default","author":"baude","categories":["blogs"],"tags":["podman","containers"]},"prevItem":{"title":"Podman container|image exists","permalink":"/blogs/2018/11/27/podman-exists"},"nextItem":{"title":"The State of Container Technologies in the Operating System","permalink":"/blogs/2018/11/01/talk-state_of_container_technologies"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Build Podman RPMs with a container image\\n\\n## By Brent Baude [GitHub](https://github.com/baude)\\n\\nLibpod development is still very much active and on-going. We often have folks who are looking\\nto test out the latest libpod and Podman for either new features or bug fixes. We typically\\nbuild RPMs for distributions like Fedora on a release cadence, which used to be weekly but now\\nhas slowed down as libpod has stabilized. Building libpod from source is not difficult, but\\nsometimes the user\'s environment will not allow them to install all the packages needed; or\\nperhaps the user is intimidated by building from source; or perhaps the user would prefer\\nthe RPM package because it will make the upgrade process easier down the road.\\n\\nTo solve this problem, I have created a series of container images for CentOS7, Fedora 28, and Fedora 29 that are capable of building a development Podman RPM and associated packages.\\n\\n\x3c!--truncate--\x3e\\n\\n#### A bit about the images themselves\\n\\nThe image that can used to build the RPMs is called _quay.io/libpod/build_libpod_. You simply\\nalter the tag to build for the various distributions. The _latest_ tag will build CentOS7\\nRPMs. Two other tags exist: _fedora28_ and _fedora29_.\\n\\n### Create the temporary directory\\n\\nCreate a directory for where the RPMs will be volume mounted. It **must** be _/tmp/rpms_.\\n\\n```\\n$ mkdir /tmp/rpms\\n```\\n\\n### Build the RPMs\\n\\nBuilding the RPMs is a simple Podman command that leverages the `container runlabel` function in Podman. Once the image is pulled by Podman, it will install the required packages for building the RPMs. After the build is complete, the container will also test to make sure the RPMs install correctly.\\n\\n```\\n$ sudo podman container runlabel -p run quay.io/libpod/build_libpod:fedora29\\nTrying to pull quay.io/libpod/build_libpod:fedora29...Getting image source signatures\\nSkipping fetch of repeat blob sha256:7692efc5f81cadc73ca1afde08b1a5ea126749fd7520537ceea1a9871329efde\\nCopying blob sha256:af79f3045c1f7e253b5952752ae4ecabb15f5ee1e2c7e4148132ed37ea7e0091\\n 24.70 MB / 24.70 MB [======================================================] 2s\\nCopying blob sha256:ff2caf91b3889620d64f6fa5529531c3fed78222ce33a89ac85318e410d302fb\\n 206 B / 206 B [============================================================] 0s\\nCopying blob sha256:dd6fe2d1ef4e4ca5252881a6ab2db0eecc1166486af08384eab121512fd8e1dd\\n 253 B / 253 B [============================================================] 0s\\nCopying blob sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4\\n 32 B / 32 B [==============================================================] 0s\\nSkipping fetch of repeat blob sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4\\nWriting manifest to image destination\\nStoring signatures\\nCommand: /proc/self/exe run -it --rm --net=host -v /tmp/rpms:/root/rpmbuild/RPMS/x86_64/:Z quay.io/libpod/build_libpod:fedora29\\nCloning into \'/go/src/github.com/containers/libpod\'...\\nwarning: redirecting to https://github.com/containers/podman/\\nremote: Enumerating objects: 34, done.\\nremote: Counting objects: 100% (34/34), done.\\nremote: Compressing objects: 100% (31/31), done.\\nremote: Total 23112 (delta 12), reused 12 (delta 3), pack-reused 23078\\nReceiving objects: 100% (23112/23112), 15.96 MiB | 10.16 MiB/s, done.\\nResolving deltas: 100% (13753/13753), done.\\n/go/src/github.com/containers/libpod\\n++ command -v dnf\\n+ pkg_manager=/usr/bin/dnf\\n\\n... ** SHORTENED FOR BREVITY ***\\n\\nInstalled:\\n python3-podman-0.11.2-1542207420.git2b911b0c.fc29.noarch python3-pypodman-0.11.2-1542207420.git2b911b0c.fc29.noarch\\n python3-dateutil-1:2.7.0-3.fc29.noarch python3-humanize-0.5.1-14.fc29.noarch\\n python3-psutil-5.4.3-6.fc29.x86_64\\n\\nComplete!\\n```\\n\\nThe resulting RPMs will end up in your temporary directory of _/tmp/rpms_.\\n\\n```\\n$ find /tmp/rpms/\\n/tmp/rpms/\\n/tmp/rpms/noarch\\n/tmp/rpms/noarch/python3-pypodman-0.11.2-1542210510.git2b911b0c.fc29.noarch.rpm\\n/tmp/rpms/noarch/python3-podman-0.11.2-1542210510.git2b911b0c.fc29.noarch.rpm\\n/tmp/rpms/x86_64\\n/tmp/rpms/x86_64/podman-debuginfo-0.11.2-1542210510.git2b911b0c.fc29.x86_64.rpm\\n/tmp/rpms/x86_64/podman-debugsource-0.11.2-1542210510.git2b911b0c.fc29.x86_64.rpm\\n/tmp/rpms/x86_64/podman-0.11.2-1542210510.git2b911b0c.fc29.x86_64.rpm\\n```\\n\\n### Future\\n\\nIf folks like this, I\'ll consider adding the ability to pass in a specific git commit to build."},{"id":"/2018/11/01/talk-state_of_container_technologies","metadata":{"permalink":"/blogs/2018/11/01/talk-state_of_container_technologies","source":"@site/blog/2018-11-01-talk-state_of_container_technologies.md","title":"The State of Container Technologies in the Operating System","description":"podman logo","date":"2018-11-01T00:00:00.000Z","formattedDate":"November 1, 2018","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"}],"readingTime":0.26,"hasTruncateMarker":false,"authors":[{"name":"dwalsh"}],"frontMatter":{"title":"The State of Container Technologies in the Operating System","layout":"default","author":"dwalsh","categories":["talks"],"tags":["podman","containers"]},"prevItem":{"title":"Build Podman RPMs with a container image","permalink":"/blogs/2018/11/19/build_libpod-container-images"},"nextItem":{"title":"Buildah and Podman Relationship","permalink":"/blogs/2018/10/31/podman-buildah-relationship"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# The State of Container Technologies in the Operating System Talk\\n\\n## By Dan Walsh [GitHub](https://github.com/rhatdan)\\n\\nAt the \\"LISA18\\" conference on October 29-31, 2018 in Nashville, TN, USA, Dan Walsh gave a talk on the State of Container Technologies in the Operating System.\\n\\nThe slides in PDF format are [here](https://podman.io/slides/2018-11-01-state_of_container_technologies_in_the_operating_system.pdf)."},{"id":"/2018/10/31/podman-buildah-relationship","metadata":{"permalink":"/blogs/2018/10/31/podman-buildah-relationship","source":"@site/blog/2018-10-31-podman-buildah-relationship.md","title":"Buildah and Podman Relationship","description":"podman logo","date":"2018-10-31T00:00:00.000Z","formattedDate":"October 31, 2018","tags":[{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"images","permalink":"/blogs/tags/images"},{"label":"docker","permalink":"/blogs/tags/docker"},{"label":"buildah","permalink":"/blogs/tags/buildah"},{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"oci","permalink":"/blogs/tags/oci"}],"readingTime":4.865,"hasTruncateMarker":true,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Buildah and Podman Relationship","layout":"default","author":"tsweeney","categories":["blogs"],"tags":["containers","images","docker","buildah","podman","oci"]},"prevItem":{"title":"The State of Container Technologies in the Operating System","permalink":"/blogs/2018/11/01/talk-state_of_container_technologies"},"nextItem":{"title":"Adding checkpoint/restore support to Podman","permalink":"/blogs/2018/10/10/checkpoint-restore"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n![buildah logo](https://buildah.io/images/buildah.png)\\n\\n# Buildah and Podman Relationship\\n\\n## By Tom Sweeney [GitHub](https://github.com/TomSweeneyRedhat)\\n\\nKubernetes installations can be complex with multiple runtime dependencies and runtime engines. [CRI-O](https://cri-o.io/) was created to provide a lightweight runtime for Kubernetes which adds an abstraction layer between the cluster and the runtime that allows for various OCI runtime technologies. However you still have the problem of daemon dependencies in your cluster for builds - I.e. if you are using the cluster for builds you still need a Docker daemon.\\n\\nEnter Buildah. Buildah allows you to have a Kubernetes cluster without any Docker daemon for both runtime and builds. Excellent. But what if things go wrong? What if you want to do troubleshooting or debugging of containers in your cluster? Buildah isn\u2019t really built for that, what you need is a client tool for working with containers and the one that comes to mind is Docker CLI - but then you\u2019re back to using the daemon.\\n\\nThis is where Podman steps in. Podman allows you to do all of the Docker commands without the daemon dependency. With Podman you can run, build (it calls Buildah under the covers for this), modify and troubleshoot containers in your Kubernetes cluster. With the two projects together, you have a well rounded solution for your OCI container image and container needs.\\n\\n\x3c!--truncate--\x3e\\n\\nBuildah and Podman are two complementary Open-source projects that are available on\\nmost Linux platforms and both projects reside at [GitHub.com](https://github.com)\\nwith Buildah [here](https://github.com/containers/buildah) and Podman [here](https://github.com/containers/podman). Both Buildah and Podman are command line tools that work on OCI images and containers. The two projects are related, but differ in their specialization.\\n\\nBuildah specializes in building OCI images. Buildah\'s commands replicate all\\nof the commands that are found in a Dockerfile. Buildah\u2019s goal is also to provide a lower level coreutils interface to build container images, allowing people to build containers without requiring a Dockerfile. Buildah\u2019s other goal is to allow you to use other scripting languages to build container images without requiring a daemon.\\n\\nPodman specializes in all of the commands and functions that help you to maintain and modify those OCI container images, such as pulling and tagging. It also allows you to create, run, and maintain those containers. If you can do a command in the Docker CLI, you can do the same command in the Podman CLI. In fact you can just alias \u2018podman\u2019 for \u2018docker\u2019 on your machine and you can then build, create and maintain container images and containers without a daemon being present, just as you always have.\\n\\nAlthough Podman uses Buildah\u2019s build functionality under the covers to create a container image, the two projects have differences. The major difference between Podman and Buildah is their concept of a container. Podman allows users to create `traditional containers` and the intent of these containers is to be controlled through the entirety of a container life cycle (pause, checkpoint/restore, etc). While Buildah containers are really created just to allow content to be added to the container _image_. Each project has a separate internal representation of a container that is not shared. Because of this you cannot see Podman containers from within Buildah or vice versa. However the internal representation of a container image is the same between Buildah and Podman. Given this, any container image that has been created, pulled or modified by one can be seen and used by the other.\\n\\nSome of the commands between the two projects overlap significantly but in some cases have slightly different behaviors. The following table illustrates the commands with some overlap between the projects.\\n\\n| Command | Podman Behavior | Buildah Behavior |\\n| :---------------- | :------------------------------------------------------------------------------------------------------------------------------------------------------------------- | :-------------------------------------------------------------------------------------------------------------------------------------------------------------------- |\\n| build | Calls `buildah bud` | Provides the build-using-dockerfile (bud) command that emulates Docker\u2019s build command. |\\n| commit | Commits a Podman container into a container image. Does not work on a Buildah container. Once committed the resulting image can be used by either Podman or Buildah. | Commits a Buildah container into a container image. Does not work on a Podman container. Once committed, the resulting image can be used by either Buildah or Podman. |\\n| mount | Mounts a Podman container. Does not work on a Buildah container. | Mounts a Buildah container. Does not work on a Podman container. |\\n| pull and push | Pull or push an image from a container image registry. Functionally the same as Buildah. | Pull or push an image from a container image registry. Functionally the same as Podman. |\\n| run | Run a process in a new container in the same manner as `docker run`. | Runs the container in the same way as the RUN command in a Dockerfile. |\\n| rm | Removes a Podman container. Does not work on a Buildah container. | Removes a Buildah container. Does not work on a Podman container. |\\n| rmi, images, tag | Equivalent on both projects. | Equivalent on both projects. |\\n| containers and ps | `ps` is used to list Podman containers. The `containers` command does not exist. | containers is used to list Buildah containers. The `ps` command does not exist. |\\n\\nA quick and easy way to summarize the difference between the two projects is the `buildah run` command emulates the RUN command in a Dockerfile while the `podman run` command emulates the `docker run` command in functionality.\\n\\nBuildah is an efficient way to create OCI images while Podman allows you to manage and maintain those images and containers in a production environment using familiar container cli commands. Together they form a strong foundation to support your OCI container image and container needs. Best yet, they are both Open-source projects and you are more than welcome to contribute to either or both projects. Hope to see you there!"},{"id":"/2018/10/10/checkpoint-restore","metadata":{"permalink":"/blogs/2018/10/10/checkpoint-restore","source":"@site/blog/2018-10-10-checkpoint-restore.md","title":"Adding checkpoint/restore support to Podman","description":"podman logo","date":"2018-10-10T00:00:00.000Z","formattedDate":"October 10, 2018","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"}],"readingTime":4.2,"hasTruncateMarker":true,"authors":[{"name":"Adrian Reber"}],"frontMatter":{"title":"Adding checkpoint/restore support to Podman","layout":"default","author":"Adrian Reber","categories":["blogs"],"tags":["podman","containers"]},"prevItem":{"title":"Buildah and Podman Relationship","permalink":"/blogs/2018/10/31/podman-buildah-relationship"},"nextItem":{"title":"OpenStack Containerization with Podman \u2013 Part 3 (Upgrades)","permalink":"/blogs/2018/10/07/tripleo-upgrade"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Adding checkpoint/restore support to Podman\\n\\n## By Adrian Reber\\n\\nWith the help of [Checkpoint/Restore In Userspace (CRIU)](https://criu.org) I\\nwas able to add initial checkpoint/restore support to Podman. Using\\ncheckpoint/restore it is now possible to resume a container after a reboot at\\nexactly the same point in time it was checkpointed.\\n\\n\x3c!--truncate--\x3e\\n\\nIn January 2018 I started to think about bringing checkpoint/restore support to\\nPodman. After a few initial discussions I started to actually look at the\\nnecessary code changes. As Podman uses\\n[runc](https://github.com/opencontainers/runc) to run containers the initial\\nsupport for checkpointing containers was implemented pretty fast. Restoring was\\na bit more complicated as it required additional changes to\\n[conmon](https://github.com/kubernetes-sigs/cri-o/pull/1427).\\n\\nAt that point I was able to checkpoint and restore a simple container.\\n\\nTo make checkpointing and restoring containers actually useful the restored\\ncontainer needs to have the same IP address as the checkpointed container. That\\nwas the point where the implementation got a bit complicated.\\n\\nAlthough having worked on and with different container runtime\'s\\ncheckpoint/restore support I never had a closer look at the networking setup.\\nIt always worked. With Podman it did not at the beginning. The biggest\\ndifference is, as far as I understand it right now, is that Podman uses\\n[Container Network Interface (CNI)](https://github.com/containernetworking/cni)\\nto configure the container\'s network. CNI creates a network namespace and after\\nconfiguring it tells `runc` to use that network namespace for the container.\\n\\nThe difference with this setup is that other container runtimes did not really\\ncare about the actual name of the network namespace and CRIU just created on\\nrestore a **new** network namespace with the same properties as during checkpoint.\\nSo a new network namespace was created. For Podman this needs to be different.\\nCRIU needs to ignore/skip the network namespace and to handle this correctly I\\nhad to adapt runc\\n([Add support to checkpoint and restore into external network namespaces](https://github.com/opencontainers/runc/pull/1849))\\nas well as CRIU\\n([criu: add support for external net namespaces ](https://github.com/checkpoint-restore/criu/commit/a8a3eb902305f0af603afa4c95b1b632fe7bd149)).\\n\\nSo after spending time on `runc` and CRIU I was able to return to Podman and\\nimplement the [necessary changes](https://github.com/containers/podman/pull/469)\\nwhich have been merged into Podman at the beginning of October 2018.\\n\\nWith all the background information out of the way, now finally some examples\\nhow checkpoint/restore can be used in Podman. In my example I am using a\\ncontainer running [Apache Tomcat](https://tomcat.apache.org/) with a slightly\\nmodified HelloWorldExample. The HelloWorldExample has been modified to return\\na single integer which is is incremented after each request.\\n\\nThe following starts my test container:\\n\\n```shell\\n# podman run --security-opt=\\"seccomp=unconfined\\" --tmpfs /tmp --name podman-criu-test -d docker://docker.io/yovfiatbeb/podman-criu-test\\n```\\n\\nAs I am running my tests on a RHEL7 system I have to add\\n`--security-opt=\\"seccomp=unconfined\\"` because CRIU cannot correctly handle\\n`seccomp` on RHEL7. The option `--tmpfs /tmp` is necessary as `tomcat` creates\\ntemporary files in `/tmp` which are only correctly restored by CRIU if `/tmp`\\nis a `tmpfs`.\\n\\nOnce the container is up and running I can use `curl` to make requests to `tomcat`:\\n\\n```shell\\n$ curl 10.22.0.53:8080/examples/servlets/servlet/HelloWorldExample\\n1\\n$ curl 10.22.0.53:8080/examples/servlets/servlet/HelloWorldExample\\n2\\n```\\n\\nI can now checkpoint the container:\\n\\n```shell\\n# podman container checkpoint podman-criu-test\\n```\\n\\nNow the container is no longer running and could be restored. If I would\\nrestore the container now the result would basically be the same as pausing and\\nunpausing the container. To make checkpointing useful I am now rebooting the\\nsystem before restoring the container. Once the system is up again I can\\nrestore the container:\\n\\n```shell\\n# podman container restore --keep podman-criu-test\\n```\\n\\nUsing `curl` to make requests to the container the result will now **not** start at\\n\'1\' again, but continue at the previous value:\\n\\n```shell\\n$ curl 10.22.0.53:8080/examples/servlets/servlet/HelloWorldExample\\n3\\n$ curl 10.22.0.53:8080/examples/servlets/servlet/HelloWorldExample\\n4\\n$ curl 10.22.0.53:8080/examples/servlets/servlet/HelloWorldExample\\n5\\n```\\n\\nAs I have been using the `--keep` flag during restore, Podman has not deleted\\nthe checkpoint after the restore, which would be the normal operation. If I\\nreboot the system again I can restore the container again:\\n\\n```shell\\n$ podman container restore --keep podman-criu-test\\n```\\n\\nAnd now the result from `curl` is the same as before:\\n\\n```shell\\n$ curl 10.22.0.53:8080/examples/servlets/servlet/HelloWorldExample\\n3\\n$ curl 10.22.0.53:8080/examples/servlets/servlet/HelloWorldExample\\n4\\n$ curl 10.22.0.53:8080/examples/servlets/servlet/HelloWorldExample\\n5\\n```\\n\\nSo right now checkpointing and restoring can be used as either a stateful\\npause/unpause between reboots or as way to go back in time of the container\'s\\nlife.\\n\\nI recorded all those steps in the demo below:\\n\\n\\n\\nThe checkpoint/restore support in Podman is still very new and requires a git\\ncheckout of CRIU using the `criu-dev` branch to work right now. The necessary\\nCRIU changes will be in the upcoming CRIU 3.11 release. `runc` and `conmon`\\nalso need to be new enough for checkpoint/restore to work.\\n\\nCurrently only checkpoint/restore on the same system is supported, but to\\nmake this feature really interesting it would be nice to be able to\\nmigrate containers. To make container migration easy I want to offer\\nthe possibility to easily export the checkpoint and appropriate container\\nstate from one Podman instance to another Podman instance to be able to\\nrestore the checkpointed container."},{"id":"/2018/10/07/tripleo-upgrade","metadata":{"permalink":"/blogs/2018/10/07/tripleo-upgrade","source":"@site/blog/2018-10-07-tripleo-upgrade.md","title":"OpenStack Containerization with Podman \u2013 Part 3 (Upgrades)","description":"podman logo","date":"2018-10-07T00:00:00.000Z","formattedDate":"October 7, 2018","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"openstack","permalink":"/blogs/tags/openstack"}],"readingTime":0.185,"hasTruncateMarker":false,"authors":[{"name":"emacchi"}],"frontMatter":{"title":"OpenStack Containerization with Podman \u2013 Part 3 (Upgrades)","layout":"default","author":"emacchi","categories":["blogs"],"tags":["podman","containers","openstack"]},"prevItem":{"title":"Adding checkpoint/restore support to Podman","permalink":"/blogs/2018/10/10/checkpoint-restore"},"nextItem":{"title":"OpenStack Containerization with Podman \u2013 Part 2 (systemd)","permalink":"/blogs/2018/10/05/tripleo-systemd"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Upgrade OpenStack TripleO Undercloud from Docker to Podman containers\\n\\n## By Emilien Macchi [GitHub](https://github.com/EmilienM)\\n\\nI wrote a blog post about how we could upgrade OpenStack TripleO Undercloud\\nfrom Docker to Podman containers.\\n\\n[Read More](https://my1.fr/blog/openstack-containerization-with-podman-part-3-upgrades/)"},{"id":"/2018/10/05/tripleo-systemd","metadata":{"permalink":"/blogs/2018/10/05/tripleo-systemd","source":"@site/blog/2018-10-05-tripleo-systemd.md","title":"OpenStack Containerization with Podman \u2013 Part 2 (systemd)","description":"podman logo","date":"2018-10-05T00:00:00.000Z","formattedDate":"October 5, 2018","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"openstack","permalink":"/blogs/tags/openstack"}],"readingTime":0.155,"hasTruncateMarker":false,"authors":[{"name":"emacchi"}],"frontMatter":{"title":"OpenStack Containerization with Podman \u2013 Part 2 (systemd)","layout":"default","author":"emacchi","categories":["blogs"],"tags":["podman","containers","openstack"]},"prevItem":{"title":"OpenStack Containerization with Podman \u2013 Part 3 (Upgrades)","permalink":"/blogs/2018/10/07/tripleo-upgrade"},"nextItem":{"title":"OpenStack Containerization with Podman \u2013 Part 1 (Undercloud)","permalink":"/blogs/2018/10/05/tripleo-undercloud"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Manage Podman containers with systemd\\n\\n## By Emilien Macchi [GitHub](https://github.com/EmilienM)\\n\\nI wrote a blog post about how we manage Podman containers with systemd in\\nOpenStack TripleO.\\n\\n[Read More](https://my1.fr/blog/openstack-containerization-with-podman-part-2-operations/)"},{"id":"/2018/10/05/tripleo-undercloud","metadata":{"permalink":"/blogs/2018/10/05/tripleo-undercloud","source":"@site/blog/2018-10-05-tripleo-undercloud.md","title":"OpenStack Containerization with Podman \u2013 Part 1 (Undercloud)","description":"podman logo","date":"2018-10-05T00:00:00.000Z","formattedDate":"October 5, 2018","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"openstack","permalink":"/blogs/tags/openstack"}],"readingTime":0.155,"hasTruncateMarker":false,"authors":[{"name":"emacchi"}],"frontMatter":{"title":"OpenStack Containerization with Podman \u2013 Part 1 (Undercloud)","layout":"default","author":"emacchi","categories":["blogs"],"tags":["podman","containers","openstack"]},"prevItem":{"title":"OpenStack Containerization with Podman \u2013 Part 2 (systemd)","permalink":"/blogs/2018/10/05/tripleo-systemd"},"nextItem":{"title":"SELinux blocks Podman container from talking to libvirt","permalink":"/blogs/2018/10/04/selinux-libvirt"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Deploy OpenStack TripleO Undercloud Podman containers\\n\\n## By Emilien Macchi [GitHub](https://github.com/EmilienM)\\n\\nI wrote a blog post about how we deploy OpenStack TripleO Undercloud with\\nPodman containers.\\n\\n[Read More](https://my1.fr/blog/openstack-containerization-with-podman-part-1-undercloud/)"},{"id":"/2018/10/04/selinux-libvirt","metadata":{"permalink":"/blogs/2018/10/04/selinux-libvirt","source":"@site/blog/2018-10-04-selinux-libvirt.md","title":"SELinux blocks Podman container from talking to libvirt","description":"podman logo","date":"2018-10-04T00:00:00.000Z","formattedDate":"October 4, 2018","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"}],"readingTime":0.28,"hasTruncateMarker":false,"authors":[{"name":"dwalsh"}],"frontMatter":{"title":"SELinux blocks Podman container from talking to libvirt","layout":"default","author":"dwalsh","categories":["blogs"],"tags":["podman","containers"]},"prevItem":{"title":"OpenStack Containerization with Podman \u2013 Part 1 (Undercloud)","permalink":"/blogs/2018/10/05/tripleo-undercloud"},"nextItem":{"title":"Why can\u2019t I delete storage files created by non-root podman?","permalink":"/blogs/2018/10/03/podman-remove-content-homedir"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# SELinux blocks Podman container from talking to libvirt\\n\\n## By Dan Walsh [GitHub](https://github.com/rhatdan)\\n\\nI wrote a SELinux blog on running a container with Podman. The talks explains why SELinux blocks the connection to the\\nlibvirt socket. It then goes on to explain how to setup the container to allow\\nthe communication.\\n\\n[Read More](https://danwalsh.livejournal.com/81143.html)"},{"id":"/2018/10/03/podman-remove-content-homedir","metadata":{"permalink":"/blogs/2018/10/03/podman-remove-content-homedir","source":"@site/blog/2018-10-03-podman-remove-content-homedir.md","title":"Why can\u2019t I delete storage files created by non-root podman?","description":"podman logo","date":"2018-10-03T00:00:00.000Z","formattedDate":"October 3, 2018","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"}],"readingTime":4.41,"hasTruncateMarker":true,"authors":[{"name":"dwalsh"}],"frontMatter":{"title":"Why can\u2019t I delete storage files created by non-root podman?","layout":"default","author":"dwalsh","categories":["blogs"],"tags":["podman","containers"]},"prevItem":{"title":"SELinux blocks Podman container from talking to libvirt","permalink":"/blogs/2018/10/04/selinux-libvirt"},"nextItem":{"title":"Replacing Docker with Podman","permalink":"/blogs/2018/10/01/talk-replace-docker-with-podman"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Why can\u2019t I delete storage files created by non-root Podman?\\n\\n## By Dan Walsh [GitHub](https://github.com/rhatdan)\\n\\n## Cool things you can do with Podman\\n\\nWhen running [Podman](https://podman.io) as root, the default location for storage is /var/lib/containers/storage. Of course, users cannot use this directory when running as non root, so Podman creates the storage by default in $HOME/.local/share/containers.\\n\\n\x3c!--truncate--\x3e\\n\\nWhen Podman creates this storage it is running inside of a user namespace and is allowed to create UIDs and GIDs based off the UID ranges stored in /etc/subuid and the GIDs listed in /etc/subgid.\\n\\nFor example my account has UID and GID ranges 100000 through 165535 reserved for it, as well as my UID and primary GID, 3267.\\n\\n```\\n#grep dwalsh /etc/subuid\\ndwalsh:100000:65536\\n$ grep dwalsh /etc/subgid\\ndwalsh:100000:65536\\n```\\n\\nWhen Podman starts a container as non root, by default, it maps my UID, 3267, to UID 0 inside of the container, then it maps 100,000->1, 100,001->2, 100,002->3 \u2026 165,535->65536.\\n\\nYou can see this mapping inside of the container\\n\\n```\\n$ podman run -ti fedora cat /proc/self/uid_map\\n\\t 0 3267 1\\n\\t 1 100000 65536\\n$ podman run -ti fedora cat /proc/self/gid_map\\n\\t 0 3267 1\\n\\t 1 100000 65536\\n```\\n\\nSince I\u2019m root in the container, I can create and set ownership of files inside of the container for using any UIDs and GIDs that are mapped into the container.\\n\\nTo see what happens, I will create a file and directory owned by a non root user inside of a container.\\n\\n```\\npodman run -ti --name testfile fedora bash -c \\"mkdir /testdir; touch /testdir/testfile; chown -R 1:1 /testdir\\"\\n```\\n\\nSince that was successful, let\u2019s mount the container and see what it looks like from outside of the user namespace that\u2019s used for running the container.\\n\\n```\\n$ mnt=$(podman mount testfile)\\n$ echo $mnt\\n/home/dwalsh/.local/share/containers/storage/vfs/dir/691e874b6e1ba6807ecbe73910396b10f118617233aacc3df3297ffc4e1332f9\\n$ ls -l $mnt\\ntotal 4\\nlrwxrwxrwx. 1 dwalsh dwalsh 7 Feb 7 2018 bin -> usr/bin\\ndr-xr-xr-x. 2 dwalsh dwalsh 6 Feb 7 2018 boot\\ndrwxr-xr-x. 2 dwalsh dwalsh 6 Apr 26 09:03 dev\\ndrwxr-xr-x. 44 dwalsh dwalsh 4096 Apr 26 09:03 etc\\ndrwxr-xr-x. 2 dwalsh dwalsh 6 Feb 7 2018 home\\nlrwxrwxrwx. 1 dwalsh dwalsh 7 Feb 7 2018 lib -> usr/lib\\nlrwxrwxrwx. 1 dwalsh dwalsh 9 Feb 7 2018 lib64 -> usr/lib64\\ndrwx------. 2 dwalsh dwalsh 6 Apr 26 09:03 lost+found\\ndrwxr-xr-x. 2 dwalsh dwalsh 6 Feb 7 2018 media\\ndrwxr-xr-x. 2 dwalsh dwalsh 6 Feb 7 2018 mnt\\ndrwxr-xr-x. 2 dwalsh dwalsh 6 Feb 7 2018 opt\\ndrwxr-xr-x. 2 dwalsh dwalsh 6 Apr 26 09:03 proc\\ndr-xr-x---. 2 dwalsh dwalsh 162 Apr 26 09:03 root\\ndrwxr-xr-x. 11 dwalsh dwalsh 169 Sep 25 09:11 run\\nlrwxrwxrwx. 1 dwalsh dwalsh 8 Feb 7 2018 sbin -> usr/sbin\\ndrwxr-xr-x. 2 dwalsh dwalsh 6 Feb 7 2018 srv\\ndrwxr-xr-x. 2 dwalsh dwalsh 6 Apr 26 09:03 sys\\ndrwxr-xr-x. 2 100000 100000 22 Sep 25 13:38 testdir\\ndrwxrwxrwt. 2 dwalsh dwalsh 32 Apr 26 09:03 tmp\\ndrwxr-xr-x. 12 dwalsh dwalsh 144 Apr 26 09:03 usr\\ndrwxr-xr-x. 19 dwalsh dwalsh 249 Apr 26 09:03 var\\n```\\n\\nNotice the ownership of testdir and testfile. The namespace that was used for running the container mapped UID 100000 from outside of the namespace to UID 1 inside of the namespace, and did the same for GID 100000, mapping it to GID 1 inside of the namespace. When I set the ownership to UID and GID 1 from inside of the namespace, the corresponding values from outside of the namespace were what were recorded to disk.\\n\\n```\\n$ ls -la $mnt/testdir\\ntotal 0\\ndrwxr-xr-x. 2 100000 100000 22 Sep 25 13:38 .\\ndrwxr-xr-x. 19 dwalsh dwalsh 257 Sep 25 13:38 ..\\n-rw-r--r--. 1 100000 100000 0 Sep 25 13:38 testfile\\n```\\n\\nIf i just try to clean up my directory I will get lots of errors.\\n\\n```\\nrm -rf .local/share/containers/ 2>&1 | head -2\\nrm: cannot remove \'.local/share/containers/storage/vfs/dir/891e1e4ef82ad02a4ea1f030831f942d722c7694c4db64ca3239c8163b811c58/bin\': Permission denied\\nrm: cannot remove \'.local/share/containers/storage/vfs/dir/891e1e4ef82ad02a4ea1f030831f942d722c7694c4db64ca3239c8163b811c58/boot\': Permission denied\\n```\\n\\nThis is because this content was created from inside of a user namespace where I was UID 0, and because I was UID 0 in that namespace, I could set and change ownership of anything owned by any ID that was mapped into the namespace. In this case, I assigned it an owner that wasn\u2019t mapped to my own user. Once I left the namespace, and I was back in the host namespace where I was just myself again, the contents belonged to the UID that I had mapped to 1 for the user namespace, which wasn\u2019t my own UID.\\n\\nBecause of this, if I wanted to clean it all up, I could become root to remove the directory. But if I don\u2019t have root on the machine, what could I do?\\n\\n### `Buildah unshare` or `rootlesskit bash`\\n\\nWell currently [Buildah](https://buildah.io) or [rootlesskit](https://github.com/rootless-containers/rootlesskit) can put you into the user namespace without launching a container and then you can remove the images.\\n\\n```\\n$ buildah unshare\\n[root@localhost ~]# id\\nuid=0(root) gid=0(root) groups=0(root) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023\\n```\\n\\nI am now root inside of a namespace with the same mappings I\u2019d use for a container, but everything else is the same. In particular, I\u2019m not using the container\u2019s root filesystem.\\n\\n```\\n[root@localhost ~]# pwd\\n/home/dwalsh\\n[root@localhost ~]# rm -rf .local/share/containers/\\n[root@localhost ~]#\\n```\\n\\n### I am able to delete all the files in my homedir."},{"id":"/2018/10/01/talk-replace-docker-with-podman","metadata":{"permalink":"/blogs/2018/10/01/talk-replace-docker-with-podman","source":"@site/blog/2018-10-01-talk-replace-docker-with-podman.md","title":"Replacing Docker with Podman","description":"podman logo","date":"2018-10-01T00:00:00.000Z","formattedDate":"October 1, 2018","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"}],"readingTime":0.295,"hasTruncateMarker":false,"authors":[{"name":"dwalsh"}],"frontMatter":{"title":"Replacing Docker with Podman","layout":"default","author":"dwalsh","categories":["talks"],"tags":["podman","containers"]},"prevItem":{"title":"Why can\u2019t I delete storage files created by non-root podman?","permalink":"/blogs/2018/10/03/podman-remove-content-homedir"},"nextItem":{"title":"Cool thing: Pulling content directly from the Docker Daemon...","permalink":"/blogs/2018/09/25/pulling-images-from-docker"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Replacing Docker with Podman\\n\\n## By Dan Walsh [GitHub](https://github.com/rhatdan)\\n\\nAt the \\"All Systems Go!\\" conference on September 28-30, 2018 in Berlin Germany, Dan Walsh gave a talk on how you can replace `docker` with `podman` and not skip a beat. The talk was taped and can be viewed [here](https://media.ccc.de/v/ASG2018-177-replacing_docker_with_podman#t=3).\\n\\nThe slides in PDF format are [here](https://podman.io/slides/2018_10_01_Replacing_Docker_With_Podman.pdf)."},{"id":"/2018/09/25/pulling-images-from-docker","metadata":{"permalink":"/blogs/2018/09/25/pulling-images-from-docker","source":"@site/blog/2018-09-25-pulling-images-from-docker.md","title":"Cool thing: Pulling content directly from the Docker Daemon...","description":"podman logo","date":"2018-09-25T00:00:00.000Z","formattedDate":"September 25, 2018","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"}],"readingTime":1.39,"hasTruncateMarker":true,"authors":[{"name":"dwalsh"}],"frontMatter":{"title":"Cool thing: Pulling content directly from the Docker Daemon...","layout":"default","author":"dwalsh","categories":["blogs"],"tags":["podman","containers"]},"prevItem":{"title":"Replacing Docker with Podman","permalink":"/blogs/2018/10/01/talk-replace-docker-with-podman"},"nextItem":{"title":"Using systemd to control the startup of Podman containers","permalink":"/blogs/2018/09/13/systemd"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Pulling content directly from the Docker Daemon...\\n\\n## By Dan Walsh [GitHub](https://github.com/rhatdan)\\n\\n## Cool things you can do with Podman.\\n\\nI recently received a bug report about some huge container images not working correctly in Docker. So I suggested to the reporter that they try them with Podman. He responded that he saw the images with docker images, but did not see them with podman images.\\n\\nI explained to him that the Docker image and container database are separate from the Podman image and container database. I told him he would have to pull the images into Podman. Then I decided to try a cool feature of Podman, where I could pull images directly out of the Docker daemon.\\n\\n\x3c!--truncate--\x3e\\n\\n### First I look for the Centos Image inside of Docker.\\n\\n```\\n# docker images | grep centos\\ndocker.io/centos \\t7 \\t49f7960eb7e4 \\t2 months ago \\t200 MB\\n```\\n\\nPodman has the ability through its use of containers/image to pull images using many different transports other than just pulling from Container Registries. It supports pulling directly from the Docker daemon, using the docker-daemon transport.\\n\\n```\\n# podman pull docker-daemon:docker.io/centos:7\\nGetting image source signatures\\nCopying blob sha256:bcc97fbfc9e1a709f0eb78c1da59caeb65f43dc32cd5deeb12b8c1784e5b8237\\n 198.59 MB / 198.59 MB [====================================================] 1s\\nCopying config sha256:49f7960eb7e4cb46f1a02c1f8174c6fac07ebf1eb6d8deffbcb5c695f1c9edd5\\n 2.15 KB / 2.15 KB [========================================================] 0s\\nWriting manifest to image destination\\nStoring signatures\\n49f7960eb7e4cb46f1a02c1f8174c6fac07ebf1eb6d8deffbcb5c695f1c9edd5\\n```\\n\\nNow you have the Centos 7 image in Podman containers/storage datastore.\\n\\n```\\n#podman images | grep centos\\ndocker.io/library/centos \\t7 \\t49f7960eb7e4 2 months ago .com208MB\\n```\\n\\nNow you can start using the image with Podman, Buildah and CRI-O.\\nYou can even create new images and push them back into the Docker daemon.\\n\\n### Try it out\u2026"},{"id":"/2018/09/13/systemd","metadata":{"permalink":"/blogs/2018/09/13/systemd","source":"@site/blog/2018-09-13-systemd.md","title":"Using systemd to control the startup of Podman containers","description":"podman logo","date":"2018-09-13T00:00:00.000Z","formattedDate":"September 13, 2018","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"},{"label":"systemd","permalink":"/blogs/tags/systemd"}],"readingTime":1.795,"hasTruncateMarker":true,"authors":[{"name":"emacchi"}],"frontMatter":{"title":"Using systemd to control the startup of Podman containers","layout":"default","author":"emacchi","categories":["blogs"],"tags":["podman","containers","systemd"]},"prevItem":{"title":"Cool thing: Pulling content directly from the Docker Daemon...","permalink":"/blogs/2018/09/25/pulling-images-from-docker"},"nextItem":{"title":"What\'s NEW!","permalink":"/blogs/2018/09/10/welcome"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Using systemd to control the startup of Podman containers\\n\\n## By Emilien Macchi [GitHub](https://github.com/EmilienM)\\n\\nPodman wasn\'t designed to manage containers startup order, dependency\\nchecking or failed container recovery.\\nIn fact, this job can be done by external tools and this blog post describes\\nhow we can use the systemd initialization service to work with Podman\\ncontainers.\\n\\n\x3c!--truncate--\x3e\\n\\nThanks to systemd, containers can be managed in the same way as other\\nservices on a Linux system.\\n\\nBy setting up a systemd unit file on the host, we can have the host\\nautomatically start, stop, check the status, and otherwise manage a container\\nas a regular systemd service.\\n\\nLet\'s prepare the container (example with Redis):\\n\\n```shell\\npodman pull docker.io/redis\\nsudo podman run -d --name redis -p 6379:6379 redis\\n```\\n\\nCheck that the container is actually running with `podman ps`:\\n\\n```\\nCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES\\n411a6c6be7d8 docker.io/library/redis:latest docker-entrypoint.s... 10 minutes ago Up 5 minutes ago 0.0.0.0:6379->6379/tcp redis\\n```\\n\\nNow, let\'s create the systemd unit file in `/etc/systemd/system/redis.service`:\\n\\n```ini\\n[Unit]\\nDescription=Redis Podman container\\nWants=syslog.service\\n[Service]\\nRestart=always\\nExecStart=/usr/bin/podman start -a redis\\nExecStop=/usr/bin/podman stop -t 10 redis\\n[Install]\\nWantedBy=multi-user.target\\n```\\n\\nEnable and start the systemd service:\\n\\n```shell\\nsudo systemctl enable redis.service\\nsudo systemctl start redis.service\\n```\\n\\nThe container is running redis-server:\\n\\n```\\n$ sudo podman top redis\\nUSER PID PPID %CPU ELAPSED TTY TIME COMMAND\\nredis 1 0 0.000 15m14.490268713s ? 0s redis-server *:6379\\n```\\n\\nCheck that the service is seen as active in systemd with\\n`sudo systemctl status redis`:\\n\\n```\\nredis.service - Redis Podman container\\n Loaded: loaded (/etc/systemd/system/redis.service; enabled; vendor preset: disabled)\\n Active: active (running) since Thu 2018-09-13 12:24:00 PDT; 1s ago\\n Main PID: 1520 (podman)\\n Tasks: 8 (limit: 4708)\\n Memory: 7.8M\\n CGroup: /system.slice/redis.service\\n \u2514\u25001520 /usr/local/bin/podman start -a redis\\n\\nSep 13 12:24:00 fedora28.localdomain systemd[1]: Started Redis Podman container.\\n```\\n\\nNote that if you try to run `podman stop redis`, the container will be\\nrestarted by systemd because of to the \\"Restart=always\\" policy.\\nThe proper way to stop the container is to run `sudo service redis stop`.\\n\\nAn alternative to systemd for controlling containers lifecycle is to use\\n[CRI-O](https://github.com/kubernetes-sigs/cri-o) but this would be for\\nanother blog post :-)."},{"id":"/2018/09/10/welcome","metadata":{"permalink":"/blogs/2018/09/10/welcome","source":"@site/blog/2018-09-10-welcome.md","title":"What\'s NEW!","description":"If you\'ve missed the news so far, CoreOS was acquired by Red Hat at the beginning of 2018. This also means some changes for Buildah and Podman.","date":"2018-09-10T00:00:00.000Z","formattedDate":"September 10, 2018","tags":[],"readingTime":0.5,"hasTruncateMarker":false,"authors":[],"frontMatter":{"layout":"default","title":"What\'s NEW!","categories":["new"]},"prevItem":{"title":"Using systemd to control the startup of Podman containers","permalink":"/blogs/2018/09/13/systemd"},"nextItem":{"title":"Podman Alpha version 0.8.3 Release Announcement","permalink":"/blogs/2018/08/20/podman-alpha-v0.8.3"}},"content":"If you\'ve missed the news so far, CoreOS was acquired by Red Hat at the beginning of 2018. This also means some changes for Buildah and Podman.\\n\\nBuildah and Podman were previously projects within Project Atomic which is going to be sunset in favor of an immutable host combination of Container Linux and Fedora Atomic Host: this combination is called [Fedora CoreOS](https://coreos.fedoraproject.org). We therefore welcome you to the new websites, [buildah.io](https://buildah.io) and [podman.io](https://podman.io) where you will find news, announcements, and more around the respective projects.\\n\\nTo start it up, check out the new [Blogs](https://podman.io/blogs) and [Releases](https://podman.io/releases) sections on the site."},{"id":"/2018/08/20/podman-alpha-v0.8.3","metadata":{"permalink":"/blogs/2018/08/20/podman-alpha-v0.8.3","source":"@site/blog/2018-08-20-podman-alpha-v0.8.3.md","title":"Podman Alpha version 0.8.3 Release Announcement","description":"podman logo","date":"2018-08-20T00:00:00.000Z","formattedDate":"August 20, 2018","tags":[{"label":"community","permalink":"/blogs/tags/community"},{"label":"open source","permalink":"/blogs/tags/open-source"},{"label":"podman","permalink":"/blogs/tags/podman"}],"readingTime":1.135,"hasTruncateMarker":true,"authors":[{"name":"bbaude"}],"frontMatter":{"title":"Podman Alpha version 0.8.3 Release Announcement","layout":"default","author":"bbaude","categories":["releases"],"tags":["community","open source","podman"]},"prevItem":{"title":"What\'s NEW!","permalink":"/blogs/2018/09/10/welcome"},"nextItem":{"title":"Python3 support for Podman","permalink":"/blogs/2018/08/15/python-support-for-podman"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman release 0.8.3\\n\\nOur release this week was very smooth. It seems like between CI infrastructure stability, last minute pull requests, and sometimes just plain bad luck, something always gives us trouble on Friday\u2019s. The Fedora packages are created and I see that they are getting their karma and working through the process already.\\n\\nBy the way, we moved! Our new upstream location is [https://github.com/containers/podman](https://github.com/containers/podman). It seems to be a more natural fit for our project and more closely associates us with some of our sister projects.\\n\\n\x3c!--truncate--\x3e\\n\\nSome of the more obvious changes in this release are:\\n\\n * Updated documentation to mention that systemd is now the default cgroup manager.\\n * The create|run switch of\u200a\u2014\u200auts-host now works correctly.\\n * Add pod stats as a sub-command. Similar to podman stats, it allows you to see statistics about running pods and their containers.\\n * Varlink API endpoints for many of the pod subcommands were added.\\n * Support format for the varlink API endpoint Commit (OCI or docker)\\n * Fix handling of the container\u2019s hostname when using\u200a\u2014\u200ahost=net\\n * When searching multiple registries, do not make an error from one registry be fatal.\\n * Create and Pull commands were added to the python client.\\n\\nOur IRC channel has not moved. Much of the development team can be found on Freenode in #podman. Come by and introduce yourself!"},{"id":"/2018/08/15/python-support-for-podman","metadata":{"permalink":"/blogs/2018/08/15/python-support-for-podman","source":"@site/blog/2018-08-15-python-support-for-podman.md","title":"Python3 support for Podman","description":"podman logo","date":"2018-08-15T00:00:00.000Z","formattedDate":"August 15, 2018","tags":[{"label":"podman","permalink":"/blogs/tags/podman"},{"label":"containers","permalink":"/blogs/tags/containers"}],"readingTime":5.175,"hasTruncateMarker":true,"authors":[{"name":"jwhonce"}],"frontMatter":{"title":"Python3 support for Podman","layout":"default","author":"jwhonce","categories":["blogs"],"tags":["podman","containers"]},"prevItem":{"title":"Podman Alpha version 0.8.3 Release Announcement","permalink":"/blogs/2018/08/20/podman-alpha-v0.8.3"},"nextItem":{"title":"Podman Alpha version 0.8.1 Release Announcement","permalink":"/blogs/2018/08/08/podman-alpha-v0.8.1"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Python3 support for Podman\\n\\n## By Jhon Honce [GitHub](https://github.com/jwhonce)\\n\\nYou\u2019ve learned of Podman and all it\u2019s coolness for running OCI-based containers, but you need a solution that is repeatable and scripted. Rather than just executing Podman commands, you want a stable API to call into and not need to screen scrape the output.\\n\\nWe heard you and now provide a Python package, python3-podman. This package allows you to access the facilities of a Podman service with #nobigfatdaemons.\\n\\n\x3c!--truncate--\x3e\\n\\nThe python3-podman package containers a module that allows you to connect to a Podman socket activated systemd service on the same host or a remote host using a ssh tunnel. Using the python interface means you can run these commands from a MAC or Windows Box, as long as you have a Linux box with podman installed. We connect using _varlink_ for the messaging protocol between client and service.\\n\\nFor the environment, you will need:\\n\\n * Linux host\\n * podman package\\n * enable the io.podman.socket systemd unit file by executing\\n\\nsystemctl enable --now io.podman.socket\\n\\n * Python3\\n * The python3-podman rpm, or podman package from PyPi.\\n\\n_Note: Currently, there is a matching rpm for each version of podman. In time, after the API stabilizes that may no longer be true._\\n\\n## Now lets start coding:\\n\\nUsing your favorite code editor you can copy and paste the following Python program into a file named latest_containers.py. Don\u2019t forget Python uses whitespace to signify end-of-line and code blocks when you paste. The below python code will show all of the containers created since midnight UTC when it is run. The code comments provide a running commentary on how the module works in context.\\n\\n```console\\n#!/usr/bin/env python3\\n\\n# Python standard date/time support\\nfrom datetime import datetime, time, timezone\\n\\n# the module with all the goodness\\nimport podman\\n\\nmidnight = datetime.combine(datetime.today(), time.min, tzinfo=timezone.utc)\\n\\n# Our client is a context manager to make resource clean up easy. No arguments implies\\n# connect to a local Podman service using the default interfaces.\\nwith podman.Client() as client:\\n\\n # Retrieve all containers in containers storage. Each container is presented\\n # as a Namespace and dict. You determine which is easiest for you to use\\n # for your solution.\\n for c in client.containers.list():\\n\\n\\t # A bit of sugar, convert any podman-formatted timestamp to\\n # a python datetime\\n created_at = podman.datetime_parse(c.createdat)\\n\\n if created_at > midnight:\\n\\n # Now the results. We provide datetime_format() for consistent\\n\\t # iso format in results if you wish to use it.\\n print(\'ID: {}\\\\n image: {}\\\\n createdAt: {}\'.format(\\nc.id[:12], c.image[:33], podman.datetime_format(created_at)))\\n```\\n\\nOnce you have this code copied into the file:\\n\\n * chmod 755 latest_containers.py\\n * podman run fedora sleep 300 &\\n * ./latest_containers.py\\n\\n```console\\nID: d7337530c6d1\\n image: registry.fedoraproject.org/fedora\\n createdAt: 2018\u201308\u201310T09:18:09.728858\u201307:00\\n```\\n\\nYou can watch the whole process [here](https://asciinema.org/a/mu8Knm5dj8mII19evrF9heNCF).\\n\\nThe container object above supports the Namespace and dict protocols. This is our most used data structure providing you the ability to use the returned object in your code as you wish.\\n\\nConnecting to a remote host, requires only changing how you create the Client() in any script:\\n\\n```console\\nWith podman.Client(uri=\'unix:/run/user/17945/podman/io.podman\',\\nremote_uri=\'ssh://ruser@podman.example.com:22/run/podman/io.podman\') as client:\\n```\\n\\n * uri provides the local side of the ssh tunnel\\n * user is your username\\n * remote_uri provides the details needed to connect to the remote host, plus the socket file for podman. A complete ssh uri is supported to allow configuration of ports etc.\\n * ruser is the remote host username to be used for authentication\\n * podman.example.com is the FQDN of the host you are running the podman service on\\n * The port number of 22 is given above for completeness, that is the default and may be omitted.\\n * An identity file may be provided via identity_file, otherwise the podman library will defer to ssh for authenticating.\\n\\nAll other function and method calls are the same whether they are remote or local. Note: all filesystem paths are resolved on the host running the podman service not the podman client.\\n\\n## But wait there is more!\\n\\nTo iterate over all the images stored on the system, you only need to change containers to images like:\\n\\n```console\\nfor i in client.images.list():\\n```\\n\\nTo find podman system information, you need to use: `client.system.info()`. Or, `client.system.versions()` if you need to know the release of the podman service components.\\n\\nTo determine if the podman service is available and working, `client.system.ping()` will return `True` if everything is working correctly.\\n\\nOne of the most complex operations is creating a new container from an image, the workflow:\\n\\n * Pull image from registry\\n * Instantiate image object\\n * Set container options\\n * Create OCI container and object\\n\\n```console\\nwith podman.Client() as client:\\n ident = client.images.pull(name)\\n img = client.images.get(ident)\\nopts = {\\n \'memory\': \'1G\',\\n \'memory-reservation\': \'750M\',\\n \'Memory-swap\': \'1.5G\',\\n }\\nctnr = img.container(**opts)\\n```\\n\\nOur calling pattern is \u201cclient.<model>.<method>(<options>)\u201d, where the current models are:\\n\\n * Images\\n * Containers\\n * System\\n\\nThe Podman man pages provide details on the methods and options to be used for each.\\n\\nWhat\u2019s been shown in this blog is how easy it is to use the Python module to do Podman commands from your Linux host. These bindings can be used on the same host that Podman is running on, or they could be used on a remote host. Although there is not a complete one to one correspondence between the Podman commands and the ones available via the Python bindings\u200a\u2014\u200ayet, the end goal for this project is to get to that point. For instance the commands for interacting with pods are currently under development and when available, the Python module will be updated to allow access. In addition to that, there\u2019s work underway to make this Python module available on MacOS and Windows via PyPi. When these ports go live, you will be able to interact with Podman service from any Linux, MacOS or Windows host.\\n\\nI hope you have found the information in this blog to be useful and gives you further insight into Podman and this Python module. If you have any questions a great place to ask them is the IRC channel _#podman_ on _FREENODE_.\\n\\nBetter yet if you\u2019d like to help contribute to Podman or this Python module, please feel free to join us on GitHub!\\n\\n[https://github.com/containers/podman](https://github.com/containers/podman)\\n[https://github.com/containers/podman/tree/main/contrib/python](https://github.com/containers/podman/tree/main/contrib/python)"},{"id":"/2018/08/08/podman-alpha-v0.8.1","metadata":{"permalink":"/blogs/2018/08/08/podman-alpha-v0.8.1","source":"@site/blog/2018-08-08-podman-alpha-v0.8.1.md","title":"Podman Alpha version 0.8.1 Release Announcement","description":"podman logo","date":"2018-08-08T00:00:00.000Z","formattedDate":"August 8, 2018","tags":[{"label":"community","permalink":"/blogs/tags/community"},{"label":"open source","permalink":"/blogs/tags/open-source"},{"label":"podman","permalink":"/blogs/tags/podman"}],"readingTime":0.725,"hasTruncateMarker":true,"authors":[{"name":"bbaude"}],"frontMatter":{"title":"Podman Alpha version 0.8.1 Release Announcement","layout":"default","author":"bbaude","categories":["releases"],"tags":["community","open source","podman"]},"prevItem":{"title":"Python3 support for Podman","permalink":"/blogs/2018/08/15/python-support-for-podman"},"nextItem":{"title":"Podman Alpha version 0.7.2 Release Announcement","permalink":"/blogs/2018/07/16/podman-alpha-v0.7.2"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman release 0.8.1\\n\\nOur latest podman release turned out to be a lot of internal plumbing. We had more than 50 commits but most were tweaks that most users would not notice. So I don\u2019t have a singular, hot feature to point you at.\\n\\n\x3c!--truncate--\x3e\\n\\nThat said, if you haven\u2019t tried the python client to for podman, I recommend you do. It allows you to interact with a remote podman instance via SSH.\\n\\n## Other notable benefits of this release are:\\n\\n * Fixes to rootless containers including network support using slirp4netns written by Akihiro Suda\\n * Adjustments to how images are pulled and their metadata\\n * podman build now supports different isolation mechanims, to better run within a confined container.\\n * Changes to our integration tests to speed them up\\n * podman load now supports xz compression\\n * Tidy up man pages"},{"id":"/2018/07/16/podman-alpha-v0.7.2","metadata":{"permalink":"/blogs/2018/07/16/podman-alpha-v0.7.2","source":"@site/blog/2018-07-16-podman-alpha-v0.7.2.md","title":"Podman Alpha version 0.7.2 Release Announcement","description":"podman logo","date":"2018-07-16T00:00:00.000Z","formattedDate":"July 16, 2018","tags":[{"label":"community","permalink":"/blogs/tags/community"},{"label":"open source","permalink":"/blogs/tags/open-source"},{"label":"podman","permalink":"/blogs/tags/podman"}],"readingTime":1.885,"hasTruncateMarker":true,"authors":[{"name":"bbaude"}],"frontMatter":{"title":"Podman Alpha version 0.7.2 Release Announcement","layout":"default","author":"bbaude","categories":["releases"],"tags":["community","open source","podman"]},"prevItem":{"title":"Podman Alpha version 0.8.1 Release Announcement","permalink":"/blogs/2018/08/08/podman-alpha-v0.8.1"},"nextItem":{"title":"Podman Alpha version 0.7.1 Release Announcement","permalink":"/blogs/2018/07/09/podman-alpha-v0.7.1"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman release 0.7.2\\n\\nAs most weeks are, this was fast and furious. You will see hand fulls of significant features below that have been added to podman this week. All of it is awesome work from the core team and its contributors. There were also two interesting features that users will be interested in: the ability to create a container with multiple networks and the podman remote client.\\n\\n\x3c!--truncate--\x3e\\n\\nWe have heard from users that they wish to be able to create containers with multiple networks. This can now be done with a combination of CNI configurations and podman. The easiest approach is to take the default podman configuration file `/etc/cni/net.d/87-podman-bridge.conflist` and duplicate it. Within the file, change the:\\n\\n * network name\\n * bridge device (cni0 -> cni1)\\n * subnet\\n\\nThen run podman like:\\n\\n```\\n$ podman run -it --network=podman,podman2 fedora:28 /bin/bash\\n```\\n\\nJhon Honce and I have also been working on a remote client for podman, called pypodman. It is written in Python and allows users to have a podman-like front-end that accesses an actual podman backend on another node. It relies heavily on ssh and we recommend the use of ssh keys to simplify things.\\n\\nOur vision is this could eventually become useful for those using Macs or Windows as a development environment. Look for more official blogs and write-ups specifically on this.\\n\\nThis is also the release where we start introducing pod concepts. We now have minimal support for pods. Try `podman pod\u200a\u2014\u200ahelp` for further information.\\n\\n# Other significant features include but are not limited to:\\n\\n * More unit tests for the varlink python client\\n * Correction behavior for podman stats\\n * Add\u200a\u2014\u200avolumes-from to podman run and create\\n * Fix a small regression in our opt handling\\n * Add a default AppArmor profile\\n * Fix path for rootless containers\\n * Varlink API fixes in how we start start and attach to containers\\n * Podman ps now reports containers as \u2018dead\u2019 instead of \u2018unknown\u2019\\n * Correct behavior in podman rmi on how to handle parent image deletions\\n * Logged output now goes to syslog as well as STDERR\\n * When pulling an image by SHA1, we now set the name and tag correctly.\\n * Better recording of exit codes for container exits"},{"id":"/2018/07/09/podman-alpha-v0.7.1","metadata":{"permalink":"/blogs/2018/07/09/podman-alpha-v0.7.1","source":"@site/blog/2018-07-09-podman-alpha-v0.7.1.md","title":"Podman Alpha version 0.7.1 Release Announcement","description":"podman logo","date":"2018-07-09T00:00:00.000Z","formattedDate":"July 9, 2018","tags":[{"label":"community","permalink":"/blogs/tags/community"},{"label":"open source","permalink":"/blogs/tags/open-source"},{"label":"podman","permalink":"/blogs/tags/podman"}],"readingTime":1.26,"hasTruncateMarker":true,"authors":[{"name":"bbaude"}],"frontMatter":{"title":"Podman Alpha version 0.7.1 Release Announcement","layout":"default","author":"bbaude","categories":["releases"],"tags":["community","open source","podman"]},"prevItem":{"title":"Podman Alpha version 0.7.2 Release Announcement","permalink":"/blogs/2018/07/16/podman-alpha-v0.7.2"},"nextItem":{"title":"Podman Alpha version 0.6.4 Release Announcement","permalink":"/blogs/2018/07/02/podman-alpha-v0.6.4"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman release 0.7.1\\n\\nLast week was a busy holiday week here in the United States, but we still managed a nice release full of interesting merges.\\n\\nMany of the significant merges are going to be less than noticeable to users. A lot of updated vendor code was added as well as the removal of unused functions due to cgroups and platform changes.\\n\\n\x3c!--truncate--\x3e\\n\\nSpeaking of platform changes, one thing I have been working on the last few weeks is to cross-compile for Darwin from Linux. This was really our first need to deal with other platforms and was rather invasive at times. It took several merges over the last few weeks to complete but we have are able to _build_ a Darwin binary. I must emphasize _build_ because the binary is known to not run\u200a\u2014\u200aas there is a lengthy list of things that would need to be fixed or implemented first. Nevertheless, my goal here was to implement a CI test that would always perform the build so we can protect against subsequent regressions for Darwin should someone decide to work on that platform.\\n\\n## Other significant changes include:\\n\\n * several changes to the makefile to make it more efficient\\n * fix parsing of short options by vendoring in a new urfave/cli\\n * tutorial fixes\\n * revert back to a shared cgroup for conmon processes\\n * remove buildah requirement for the libpod image library\\n * block use of /proc/acpi from inside containers\\n * factor pkg/ctime into a separate package"},{"id":"/2018/07/02/podman-alpha-v0.6.4","metadata":{"permalink":"/blogs/2018/07/02/podman-alpha-v0.6.4","source":"@site/blog/2018-07-02-podman-alpha-v0.6.4.md","title":"Podman Alpha version 0.6.4 Release Announcement","description":"podman logo","date":"2018-07-02T00:00:00.000Z","formattedDate":"July 2, 2018","tags":[{"label":"community","permalink":"/blogs/tags/community"},{"label":"open source","permalink":"/blogs/tags/open-source"},{"label":"podman","permalink":"/blogs/tags/podman"}],"readingTime":2.265,"hasTruncateMarker":true,"authors":[{"name":"bbaude"}],"frontMatter":{"title":"Podman Alpha version 0.6.4 Release Announcement","layout":"default","author":"bbaude","categories":["releases"],"tags":["community","open source","podman"]},"prevItem":{"title":"Podman Alpha version 0.7.1 Release Announcement","permalink":"/blogs/2018/07/09/podman-alpha-v0.7.1"},"nextItem":{"title":"Podman Alpha version 0.6.1 Release Announcement","permalink":"/blogs/2018/06/04/podman-alpha-v0.6.1"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman release 0.6.4\\n\\nThis afternoon we were able to overcome some last minute bugs and release a new Podman. The packages are building in Fedora and will work their way through Fedora\u2019s bodhi system. For giggles, I looked at the number of individual contributors this week and was glad to see the number at 10.\\n\\nMainly bugfixes this week, one big one was that we do a better job cleaning up containers that run in the back ground.\\n\\n\x3c!--truncate--\x3e\\n\\n**podman container cleanup** was added to cleanup mountpoint, cgroups and network configuration when containers exit. When a container is run in background mode (-d), the podman command exits, but **conmon** continues to run and monitor the container, when the container exits, conmon executes podman container cleanup to cleanup the container.\\n\\nThere were a number of bug fixes and a lot of vendoring new code\u200a\u2014\u200aGolang speak for updating the code we depend on from other projects. Interesting things are in store for podman in the upcoming weeks. Stay tuned!\\n\\nI missed writing this blog the last couple of weeks, and wanted to point out a huge new feature from the **buildah project**. **podman build** now supports layering. As you may know podman build by default only adds one layer when processing a Dockerfile. This is different the **docker build**. Docker defaults to layering each line in the Dockerfile, which makes the creation of an application easier, since docker build jumps to the first line changed in the Dockerfile since the previous build. Podman build on the other hand starts at the beginning, which works better in using a Dockerfile in a build system. With the introducion of the\u200a\u2014\u200alayers flag, you can now get the same behaviour in podman build that you have in docker build, incremental changes to the Dockerfile will start the build at the change point rather then in the beginning. There is even a environment variable BUILDAH_LAYERS which can be set to default to the layers method.\\n\\n## Notable features include:\\n\\n * Continued work on podman remote client. A mock up of a podman remote client went into the contrib/ section of our repository. This is not ready for anyone but Jhon Honce as the primary contributor to the python library code.\\n * Continued work on running podman without requiring you to be root. Giuseppe Scrivano made a bunch of commits related to rootless containers.\\n * added podman-image and podman-container man page links\\n * fixed a fatal error where when a container disappeared during podman ps.\\n * added an authfile option to podman search to deal with private registries.\\n * fixed a bug related to container startup and attached mode.\\n * building podman with varlink support is now optionional."},{"id":"/2018/06/04/podman-alpha-v0.6.1","metadata":{"permalink":"/blogs/2018/06/04/podman-alpha-v0.6.1","source":"@site/blog/2018-06-04-podman-alpha-v0.6.1.md","title":"Podman Alpha version 0.6.1 Release Announcement","description":"podman logo","date":"2018-06-04T00:00:00.000Z","formattedDate":"June 4, 2018","tags":[{"label":"community","permalink":"/blogs/tags/community"},{"label":"open source","permalink":"/blogs/tags/open-source"},{"label":"podman","permalink":"/blogs/tags/podman"}],"readingTime":1.115,"hasTruncateMarker":true,"authors":[{"name":"bbaude"}],"frontMatter":{"title":"Podman Alpha version 0.6.1 Release Announcement","layout":"default","author":"bbaude","categories":["releases"],"tags":["community","open source","podman"]},"prevItem":{"title":"Podman Alpha version 0.6.4 Release Announcement","permalink":"/blogs/2018/07/02/podman-alpha-v0.6.4"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman release 0.6.1\\n\\nIt seems that when we have a short work week here in the US, we have rather large releases. To me, that flies in the face of logic. Speaking of which, one particular milestone was reached this week \u2026\\nWe had our 1000th commit in Podman!\\n\\nThat is particularly special, because prior to this repository, all libpod work was being done within the CRI-O repository. So the 1000 commits is in actuality since we broke apart from CRI-O. I want to recognize all the contributors who have been helping us along way. Great job!\\n##Other notable items in the release:\\n\\n\x3c!--truncate--\x3e\\n\\n## Improvements to podman Remote API\\n\\n * Example usage for the Podman python API\\n * Correct issue with varlink container inspect where not all information was being parsed\\n * varlink build added to the varlink API\\n * Python API now can attach to a container\\n\\n## Improvements to podman build\\n\\n * OnBuild support for podman build\\n\\n## General Improvements\\n\\n * Correctly drop security capabilities when running containers with\u200a\u2014\u200auser\\n * Fix edge case of pulling images with shortnames and no registries defined\\n * Lots of changes with the hooks command\\n * Make some run options exclusive when using an existing container network namespace\\n * Podman ps and images now sorts containers and images by their created time."}]}')}}]); \ No newline at end of file diff --git a/assets/js/1608665e.bd645df7.js b/assets/js/1608665e.7373dfa7.js similarity index 81% rename from assets/js/1608665e.bd645df7.js rename to assets/js/1608665e.7373dfa7.js index 3583ab513..5744a9547 100644 --- a/assets/js/1608665e.bd645df7.js +++ b/assets/js/1608665e.7373dfa7.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[96902],{92862:a=>{a.exports=JSON.parse('{"permalink":"/blogs/tags/podman/page/4","page":4,"postsPerPage":10,"totalPages":19,"totalCount":190,"previousPage":"/blogs/tags/podman/page/3","nextPage":"/blogs/tags/podman/page/5","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[96902],{92862:a=>{a.exports=JSON.parse('{"permalink":"/blogs/tags/podman/page/4","page":4,"postsPerPage":10,"totalPages":19,"totalCount":181,"previousPage":"/blogs/tags/podman/page/3","nextPage":"/blogs/tags/podman/page/5","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/161a8a09.0be3b13c.js b/assets/js/161a8a09.0be3b13c.js new file mode 100644 index 000000000..20236423b --- /dev/null +++ b/assets/js/161a8a09.0be3b13c.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[35206],{3905:(e,a,n)=>{n.d(a,{Zo:()=>m,kt:()=>h});var t=n(67294);function r(e,a,n){return a in e?Object.defineProperty(e,a,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[a]=n,e}function o(e,a){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var t=Object.getOwnPropertySymbols(e);a&&(t=t.filter((function(a){return Object.getOwnPropertyDescriptor(e,a).enumerable}))),n.push.apply(n,t)}return n}function s(e){for(var a=1;a=0||(r[n]=e[n]);return r}(e,a);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(t=0;t=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var i=t.createContext({}),p=function(e){var a=t.useContext(i),n=a;return e&&(n="function"==typeof e?e(a):s(s({},a),e)),n},m=function(e){var a=p(e.components);return t.createElement(i.Provider,{value:a},e.children)},d="mdxType",u={inlineCode:"code",wrapper:function(e){var a=e.children;return t.createElement(t.Fragment,{},a)}},c=t.forwardRef((function(e,a){var n=e.components,r=e.mdxType,o=e.originalType,i=e.parentName,m=l(e,["components","mdxType","originalType","parentName"]),d=p(n),c=r,h=d["".concat(i,".").concat(c)]||d[c]||u[c]||o;return n?t.createElement(h,s(s({ref:a},m),{},{components:n})):t.createElement(h,s({ref:a},m))}));function h(e,a){var n=arguments,r=a&&a.mdxType;if("string"==typeof e||r){var o=n.length,s=new Array(o);s[0]=c;var l={};for(var i in a)hasOwnProperty.call(a,i)&&(l[i]=a[i]);l.originalType=e,l[d]="string"==typeof e?e:r,s[1]=l;for(var p=2;p{n.r(a),n.d(a,{assets:()=>i,contentTitle:()=>s,default:()=>u,frontMatter:()=>o,metadata:()=>l,toc:()=>p});var t=n(87462),r=(n(67294),n(3905));const o={title:"Podman v3.0.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman","hpc","kubernetes"]},s="Podman Release v3.0.0",l={permalink:"/release/2021/02/11/podman-release-v3.0.0",source:"@site/release/2021-02-11-podman-release-v3.0.0.md",title:"Podman v3.0.0 Released",description:"podman logo",date:"2021-02-11T00:00:00.000Z",formattedDate:"February 11, 2021",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"},{label:"hpc",permalink:"/release/tags/hpc"},{label:"kubernetes",permalink:"/release/tags/kubernetes"}],readingTime:2.05,hasTruncateMarker:!1,authors:[{name:"mheon"}],frontMatter:{title:"Podman v3.0.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman","hpc","kubernetes"]},prevItem:{title:"Podman v3.1.0 Released",permalink:"/release/2021/04/02/podman-release-v3.1.0"},nextItem:{title:"Podman v2.2.0 Released",permalink:"/release/2020/12/14/podman-release-v2.2.0"}},i={authorsImageUrls:[void 0]},p=[{value:"Podman 3.0 has been released!",id:"podman-30-has-been-released",level:2}],m={toc:p},d="wrapper";function u(e){let{components:a,...o}=e;return(0,r.kt)(d,(0,t.Z)({},m,o,{components:a,mdxType:"MDXLayout"}),(0,r.kt)("p",null,(0,r.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,r.kt)("h2",{id:"podman-30-has-been-released"},"Podman 3.0 has been released!"),(0,r.kt)("p",null,"This new major release features several exciting new features, including support for ",(0,r.kt)("a",{parentName:"p",href:"https://www.redhat.com/sysadmin/podman-docker-compose"},"Docker Compose"),", improved security around image pulls by short name, improved networking support, and over 100 bug fixes. Podman v3.0 also features numerous improvements to our REST API and the Podman remote client."),(0,r.kt)("p",null,"The headlining feature of Podman 3.0 is the addition of support for Docker Compose which can now run against the Podman REST API. There are no changes needed as Compose won\u2019t even realize it\u2019s using Podman. Compose is only supported when running Podman as root; we aim to support it with rootless Podman in a future release."),(0,r.kt)("p",null,"Podman 3.0 also enables ",(0,r.kt)("a",{parentName:"p",href:"https://www.redhat.com/sysadmin/container-image-short-names"},"secure short name aliasing")," by default, a feature that debuted in experimental form in Podman 2.2. With short name aliasing enabled, every time a user-facing Podman process pulls an image by a short name for the first time (e.g. ",(0,r.kt)("inlineCode",{parentName:"p"},"podman pull fedora"),"), it will prompt to ask the user where they want to pull from. This removes several potential ways an attacker could manipulate where an image was pulled from to cause Podman to pull a malicious image."),(0,r.kt)("p",null,"Podman networking has seen numerous fixes as part of Podman 3.0. We have added a new command, ",(0,r.kt)("inlineCode",{parentName:"p"},"podman network reload"),", which recreates firewall rules for Podman containers. Previously, reloading the system firewall would render all containers running as root unusable until they were restarted; ",(0,r.kt)("inlineCode",{parentName:"p"},"podman network reload")," fixes this. Networks created by ",(0,r.kt)("inlineCode",{parentName:"p"},"podman network create")," also now support labels, and the ",(0,r.kt)("inlineCode",{parentName:"p"},"podman network ls")," command can filter using these labels."),(0,r.kt)("p",null,"Podman v3.0 includes the latest version of ",(0,r.kt)("a",{parentName:"p",href:"https://buildah.io"},"Buildah")," along with updates to our other container libraries. Buildah 1.19.2 includes many new features and fixes, including improved support for building multi-platform container images."),(0,r.kt)("p",null,"Podman v3.0 also includes a fix for CVE-2021-20199. This is a security issue where rootless Podman would rewrite the source address on traffic from published ports to ",(0,r.kt)("inlineCode",{parentName:"p"},"127.0.0.1"),", which could cause an authentication bypass on certain images. We strongly suggest upgrading if you use rootless Podman."),(0,r.kt)("p",null,"As part of 3.0, Podman has dropped support for the legacy Varlink API, which we deprecated in Podman 2.0. We recommend all users of the Varlink API upgrade to the new REST API."),(0,r.kt)("p",null,"Dozens of other features, changes, and bug fixes are all included to improve stability, performance, and compatibility. These include numerous additional commands and options as well as API changes and fixes. You can read more ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/releases/tag/v3.0.0"},"here"),"."))}u.isMDXComponent=!0},1382:(e,a,n)=>{n.d(a,{Z:()=>t});const t=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/170c3def.c08ff83a.js b/assets/js/170c3def.dda81018.js similarity index 59% rename from assets/js/170c3def.c08ff83a.js rename to assets/js/170c3def.dda81018.js index f7570b393..0075fdbf5 100644 --- a/assets/js/170c3def.c08ff83a.js +++ b/assets/js/170c3def.dda81018.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[69319],{14332:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/9","page":9,"postsPerPage":10,"totalPages":26,"totalCount":255,"previousPage":"/blogs/page/8","nextPage":"/blogs/page/10","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[69319],{14332:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/9","page":9,"postsPerPage":10,"totalPages":25,"totalCount":246,"previousPage":"/blogs/page/8","nextPage":"/blogs/page/10","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/18f6552f.1126dea7.js b/assets/js/18f6552f.1126dea7.js new file mode 100644 index 000000000..82bed16c5 --- /dev/null +++ b/assets/js/18f6552f.1126dea7.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[940],{3905:(e,n,t)=>{t.d(n,{Zo:()=>c,kt:()=>f});var a=t(67294);function o(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function r(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);n&&(a=a.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,a)}return t}function i(e){for(var n=1;n=0||(o[t]=e[t]);return o}(e,n);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(o[t]=e[t])}return o}var s=a.createContext({}),p=function(e){var n=a.useContext(s),t=n;return e&&(t="function"==typeof e?e(n):i(i({},n),e)),t},c=function(e){var n=p(e.components);return a.createElement(s.Provider,{value:n},e.children)},d="mdxType",m={inlineCode:"code",wrapper:function(e){var n=e.children;return a.createElement(a.Fragment,{},n)}},u=a.forwardRef((function(e,n){var t=e.components,o=e.mdxType,r=e.originalType,s=e.parentName,c=l(e,["components","mdxType","originalType","parentName"]),d=p(t),u=o,f=d["".concat(s,".").concat(u)]||d[u]||m[u]||r;return t?a.createElement(f,i(i({ref:n},c),{},{components:t})):a.createElement(f,i({ref:n},c))}));function f(e,n){var t=arguments,o=n&&n.mdxType;if("string"==typeof e||o){var r=t.length,i=new Array(r);i[0]=u;var l={};for(var s in n)hasOwnProperty.call(n,s)&&(l[s]=n[s]);l.originalType=e,l[d]="string"==typeof e?e:o,i[1]=l;for(var p=2;p{t.r(n),t.d(n,{assets:()=>s,contentTitle:()=>i,default:()=>m,frontMatter:()=>r,metadata:()=>l,toc:()=>p});var a=t(87462),o=(t(67294),t(3905));const r={title:"Podman Alpha version 0.7.2 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},i=void 0,l={permalink:"/release/2018/07/16/podman-alpha-v0.7.2",source:"@site/release/2018-07-16-podman-alpha-v0.7.2.md",title:"Podman Alpha version 0.7.2 Release Announcement",description:"podman logo",date:"2018-07-16T00:00:00.000Z",formattedDate:"July 16, 2018",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"}],readingTime:1.885,hasTruncateMarker:!0,authors:[{name:"bbaude"}],frontMatter:{title:"Podman Alpha version 0.7.2 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman Alpha version 0.8.1 Release Announcement",permalink:"/release/2018/08/08/podman-alpha-v0.8.1"},nextItem:{title:"Podman Alpha version 0.7.1 Release Announcement",permalink:"/release/2018/07/09/podman-alpha-v0.7.1"}},s={authorsImageUrls:[void 0]},p=[],c={toc:p},d="wrapper";function m(e){let{components:n,...r}=e;return(0,o.kt)(d,(0,a.Z)({},c,r,{components:n,mdxType:"MDXLayout"}),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"podman logo",src:t(1382).Z,width:"228",height:"61"})),(0,o.kt)("h1",{id:"podman-release-072"},"Podman release 0.7.2"),(0,o.kt)("p",null,"As most weeks are, this was fast and furious. You will see hand fulls of significant features below that have been added to podman this week. All of it is awesome work from the core team and its contributors. There were also two interesting features that users will be interested in: the ability to create a container with multiple networks and the podman remote client."),(0,o.kt)("p",null,"We have heard from users that they wish to be able to create containers with multiple networks. This can now be done with a combination of CNI configurations and podman. The easiest approach is to take the default podman configuration file ",(0,o.kt)("inlineCode",{parentName:"p"},"/etc/cni/net.d/87-podman-bridge.conflist")," and duplicate it. Within the file, change the:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},"* network name\n* bridge device (cni0 -> cni1)\n* subnet\n")),(0,o.kt)("p",null,"Then run podman like:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},"$ podman run -it --network=podman,podman2 fedora:28 /bin/bash\n")),(0,o.kt)("p",null,"Jhon Honce and I have also been working on a remote client for podman, called pypodman. It is written in Python and allows users to have a podman-like front-end that accesses an actual podman backend on another node. It relies heavily on ssh and we recommend the use of ssh keys to simplify things."),(0,o.kt)("p",null,"Our vision is this could eventually become useful for those using Macs or Windows as a development environment. Look for more official blogs and write-ups specifically on this."),(0,o.kt)("p",null,"This is also the release where we start introducing pod concepts. We now have minimal support for pods. Try ",(0,o.kt)("inlineCode",{parentName:"p"},"podman pod\u200a\u2014\u200ahelp")," for further information."),(0,o.kt)("h1",{id:"other-significant-features-include-but-are-not-limited-to"},"Other significant features include but are not limited to:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},"* More unit tests for the varlink python client\n* Correction behavior for podman stats\n* Add\u200a\u2014\u200avolumes-from to podman run and create\n* Fix a small regression in our opt handling\n* Add a default AppArmor profile\n* Fix path for rootless containers\n* Varlink API fixes in how we start start and attach to containers\n* Podman ps now reports containers as \u2018dead\u2019 instead of \u2018unknown\u2019\n* Correct behavior in podman rmi on how to handle parent image deletions\n* Logged output now goes to syslog as well as STDERR\n* When pulling an image by SHA1, we now set the name and tag correctly.\n* Better recording of exit codes for container exits\n")))}m.isMDXComponent=!0},1382:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/1a180b3e.05a959fd.js b/assets/js/1a180b3e.05a959fd.js deleted file mode 100644 index 3567e3e55..000000000 --- a/assets/js/1a180b3e.05a959fd.js +++ /dev/null @@ -1 +0,0 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[17391],{3905:(e,t,n)=>{n.d(t,{Zo:()=>m,kt:()=>f});var r=n(67294);function o(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(o[n]=e[n]);return o}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(o[n]=e[n])}return o}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},m=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},p="mdxType",u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,o=e.mdxType,a=e.originalType,s=e.parentName,m=i(e,["components","mdxType","originalType","parentName"]),p=c(n),d=o,f=p["".concat(s,".").concat(d)]||p[d]||u[d]||a;return n?r.createElement(f,l(l({ref:t},m),{},{components:n})):r.createElement(f,l({ref:t},m))}));function f(e,t){var n=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var a=n.length,l=new Array(a);l[0]=d;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i[p]="string"==typeof e?e:o,l[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>l,default:()=>u,frontMatter:()=>a,metadata:()=>i,toc:()=>c});var r=n(87462),o=(n(67294),n(3905));const a={title:"Podman v0.12.1.1 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},l=void 0,i={permalink:"/blogs/2018/12/12/podman-alpha-v0.12.1.1",source:"@site/blog/2018-12-12-podman-alpha-v0.12.1.1.md",title:"Podman v0.12.1.1 Released",description:"podman logo",date:"2018-12-12T00:00:00.000Z",formattedDate:"December 12, 2018",tags:[{label:"community",permalink:"/blogs/tags/community"},{label:"open source",permalink:"/blogs/tags/open-source"},{label:"podman",permalink:"/blogs/tags/podman"}],readingTime:1.2,hasTruncateMarker:!0,authors:[{name:"mheon"}],frontMatter:{title:"Podman v0.12.1.1 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"New Blog from Emilien Macchi, Part 4!",permalink:"/blogs/2018/12/14/openstack-podman-healthchecks"},nextItem:{title:"Simplifying Podman commands with labels",permalink:"/blogs/2018/12/03/podman-runlabel"}},s={authorsImageUrls:[void 0]},c=[],m={toc:c},p="wrapper";function u(e){let{components:t,...a}=e;return(0,o.kt)(p,(0,r.Z)({},m,a,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,o.kt)("h1",{id:"podman-release-01211"},"Podman Release 0.12.1.1"),(0,o.kt)("p",null,"We're happy to announce the availability of Podman 0.12.1.1, our latest version. We've been very busy over the last month, and it shows! We've merged over 150 new commits since our 0.11 releases, including major new functionality and several critical bugfixes. Pods, Kubernetes compatibility, and container volumes all saw major improvements."),(0,o.kt)("p",null,"We hope everyone enjoys the release, and stays with us in the future as Podman gets closer to 1.0. As always, many thanks to everyone who contributed to this release!"))}u.isMDXComponent=!0},1382:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/1b267c09.3b929021.js b/assets/js/1b267c09.3b929021.js new file mode 100644 index 000000000..54a505f6f --- /dev/null +++ b/assets/js/1b267c09.3b929021.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[11310],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>h});var a=n(67294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var s=a.createContext({}),m=function(e){var t=a.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},p=function(e){var t=m(e.components);return a.createElement(s.Provider,{value:t},e.children)},u="mdxType",d={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},c=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,o=e.originalType,s=e.parentName,p=l(e,["components","mdxType","originalType","parentName"]),u=m(n),c=r,h=u["".concat(s,".").concat(c)]||u[c]||d[c]||o;return n?a.createElement(h,i(i({ref:t},p),{},{components:n})):a.createElement(h,i({ref:t},p))}));function h(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var o=n.length,i=new Array(o);i[0]=c;var l={};for(var s in t)hasOwnProperty.call(t,s)&&(l[s]=t[s]);l.originalType=e,l[u]="string"==typeof e?e:r,i[1]=l;for(var m=2;m{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>d,frontMatter:()=>o,metadata:()=>l,toc:()=>m});var a=n(87462),r=(n(67294),n(3905));const o={title:"Podman v1.0.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},i="Podman Release 1.0.0",l={permalink:"/release/2019/01/16/podman-release-v1.0.0",source:"@site/release/2019-01-16-podman-release-v1.0.0.md",title:"Podman v1.0.0 Released",description:"podman logo",date:"2019-01-16T00:00:00.000Z",formattedDate:"January 16, 2019",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"}],readingTime:2.08,hasTruncateMarker:!0,authors:[{name:"mheon"}],frontMatter:{title:"Podman v1.0.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman v1.1.0 Released",permalink:"/release/2019/02/26/podman-release-v1.1.0"},nextItem:{title:"Podman v0.12.1.1 Released",permalink:"/release/2018/12/12/podman-alpha-v0.12.1.1"}},s={authorsImageUrls:[void 0]},m=[{value:"Podman has gone 1.0!",id:"podman-has-gone-10",level:2},{value:"Changes",id:"changes",level:2}],p={toc:m},u="wrapper";function d(e){let{components:t,...o}=e;return(0,r.kt)(u,(0,a.Z)({},p,o,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("p",null,(0,r.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,r.kt)("h2",{id:"podman-has-gone-10"},"Podman has gone 1.0!"),(0,r.kt)("p",null,"Our original goal with Podman was to provide a fully-featured debugging experience for ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/kubernetes-sigs/cri-o"},"CRI-O"),", but it has become so much more. Podman 1.0.0 is a fully-featured container engine. It provides a Docker-compatible command line to ease the transition from other container engines. Most Podman commands can be run as a regular user, without requiring additional privileges. Furthermore, all of this is accomplished without a daemon!"),(0,r.kt)("p",null,"Podman made its first public release, v0.2, a little less than a year ago. We've come a long way since then, adding new features like:"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},"Rootless containers"),(0,r.kt)("li",{parentName:"ul"},"Support for pods"),(0,r.kt)("li",{parentName:"ul"},"Interacting with Kubernetes pod YAML"),(0,r.kt)("li",{parentName:"ul"},"A Varlink API for interacting with Podman on remote machines")),(0,r.kt)("p",null,"We've kept our eyes firmly on stability, fixing over 150 bugs. We\u2019ve also worked on performance, making sure all common operations are optimized. While it is an iterative process, we are pleased with where we stand today. With that, we're excited to announce that Podman is ready for prime time, and it is ready for you."),(0,r.kt)("p",null,"A key focus of Podman is around security. In addition to support for rootless containers, we\u2019ve added many other security features. Great support for ",(0,r.kt)("a",{parentName:"p",href:"https://opensource.com/article/18/12/podman-and-user-namespaces"},"User Namespaces")," has resulted in better container separation. The ",(0,r.kt)("inlineCode",{parentName:"p"},"podman top")," command will tell you what security features are enabled for processes within containers. Podman\u2019s daemonless fork/exec model preserves audit information on containers."),(0,r.kt)("p",null,"This is just the beginning, and we have plans for much more. For example, numerous improvements are planned for rootless Podman, pod support, the Varlink API, and automatic user namespace separation. If you find a feature missing from Podman, feel free to open an enhancement request on our ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/issues"},"Github"),". We love your feedback, and many of our best ideas come from users and contributors."),(0,r.kt)("p",null,"Finally, the Podman team would like to thank all our contributors. Everyone who submitted code, improved documentation, or reported bugs has been a great help."),(0,r.kt)("h2",{id:"changes"},"Changes"),(0,r.kt)("p",null,"A few of the biggest changes from Podman 1.0.0 include:"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},"Added the ",(0,r.kt)("inlineCode",{parentName:"li"},"podman play kube")," command, which creates Podman pods based on Kubernetes pod YAML."),(0,r.kt)("li",{parentName:"ul"},"The ",(0,r.kt)("inlineCode",{parentName:"li"},"podman run")," and ",(0,r.kt)("inlineCode",{parentName:"li"},"podman create")," commands now support the ",(0,r.kt)("inlineCode",{parentName:"li"},"--init")," flag, to run a minimal init process in the container."),(0,r.kt)("li",{parentName:"ul"},"Added the ",(0,r.kt)("inlineCode",{parentName:"li"},"podman image sign")," command to sign container images."),(0,r.kt)("li",{parentName:"ul"},"Image pulls are now parallelized for increased speed")),(0,r.kt)("p",null,"As always, please visit our release notes on ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/RELEASE_NOTES.md"},"GitHub")," to see the full changelog."),(0,r.kt)("p",null,"You can find instructions for installing Podman ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/install.md"},"here")))}d.isMDXComponent=!0},1382:(e,t,n)=>{n.d(t,{Z:()=>a});const a=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/1b28acf9.56c54518.js b/assets/js/1b28acf9.072ecff1.js similarity index 58% rename from assets/js/1b28acf9.56c54518.js rename to assets/js/1b28acf9.072ecff1.js index e7459e110..7bb827f8f 100644 --- a/assets/js/1b28acf9.56c54518.js +++ b/assets/js/1b28acf9.072ecff1.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[25929],{26430:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/5","page":5,"postsPerPage":10,"totalPages":26,"totalCount":255,"previousPage":"/blogs/page/4","nextPage":"/blogs/page/6","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[25929],{26430:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/5","page":5,"postsPerPage":10,"totalPages":25,"totalCount":246,"previousPage":"/blogs/page/4","nextPage":"/blogs/page/6","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/234e638a.ef843736.js b/assets/js/234e638a.ef843736.js new file mode 100644 index 000000000..6b1090fde --- /dev/null +++ b/assets/js/234e638a.ef843736.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[40578],{49794:e=>{e.exports=JSON.parse('{"permalink":"/release/tags/podman/page/2","page":2,"postsPerPage":10,"totalPages":3,"totalCount":26,"previousPage":"/release/tags/podman","nextPage":"/release/tags/podman/page/3","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/23b969f8.d8052e8e.js b/assets/js/23b969f8.67643b30.js similarity index 50% rename from assets/js/23b969f8.d8052e8e.js rename to assets/js/23b969f8.67643b30.js index afd14d035..3313b834e 100644 --- a/assets/js/23b969f8.d8052e8e.js +++ b/assets/js/23b969f8.67643b30.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[16186],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(67294);function o(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function i(e){for(var t=1;t=0||(o[n]=e[n]);return o}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(o[n]=e[n])}return o}var l=r.createContext({}),c=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(l.Provider,{value:t},e.children)},m="mdxType",u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},f=r.forwardRef((function(e,t){var n=e.components,o=e.mdxType,a=e.originalType,l=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),m=c(n),f=o,d=m["".concat(l,".").concat(f)]||m[f]||u[f]||a;return n?r.createElement(d,i(i({ref:t},p),{},{components:n})):r.createElement(d,i({ref:t},p))}));function d(e,t){var n=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var a=n.length,i=new Array(a);i[0]=f;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s[m]="string"==typeof e?e:o,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>u,frontMatter:()=>a,metadata:()=>s,toc:()=>c});var r=n(87462),o=(n(67294),n(3905));const a={layout:"default",title:"What's NEW!",categories:["new"]},i="Welcome to the [podman.io](https://podman.io) website!",s={permalink:"/blogs/2018/09/10/welcome",source:"@site/blog/2018-09-10-welcome.md",title:"What's NEW!",description:"If you've missed the news so far, CoreOS was acquired by Red Hat at the beginning of 2018. This also means some changes for Buildah and Podman.",date:"2018-09-10T00:00:00.000Z",formattedDate:"September 10, 2018",tags:[],readingTime:.5,hasTruncateMarker:!1,authors:[],frontMatter:{layout:"default",title:"What's NEW!",categories:["new"]},prevItem:{title:"Using systemd to control the startup of Podman containers",permalink:"/blogs/2018/09/13/systemd"},nextItem:{title:"Podman Alpha version 0.8.3 Release Announcement",permalink:"/blogs/2018/08/20/podman-alpha-v0.8.3"}},l={authorsImageUrls:[]},c=[],p={toc:c},m="wrapper";function u(e){let{components:t,...n}=e;return(0,o.kt)(m,(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("p",null,"If you've missed the news so far, CoreOS was acquired by Red Hat at the beginning of 2018. This also means some changes for Buildah and Podman."),(0,o.kt)("p",null,"Buildah and Podman were previously projects within Project Atomic which is going to be sunset in favor of an immutable host combination of Container Linux and Fedora Atomic Host: this combination is called ",(0,o.kt)("a",{parentName:"p",href:"https://coreos.fedoraproject.org"},"Fedora CoreOS"),". We therefore welcome you to the new websites, ",(0,o.kt)("a",{parentName:"p",href:"https://buildah.io"},"buildah.io")," and ",(0,o.kt)("a",{parentName:"p",href:"https://podman.io"},"podman.io")," where you will find news, announcements, and more around the respective projects."),(0,o.kt)("p",null,"To start it up, check out the new ",(0,o.kt)("a",{parentName:"p",href:"https://podman.io/blogs"},"Blogs")," and ",(0,o.kt)("a",{parentName:"p",href:"https://podman.io/releases"},"Releases")," sections on the site."))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[16186],{3905:(e,t,n)=>{n.d(t,{Zo:()=>l,kt:()=>d});var r=n(67294);function o(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function i(e){for(var t=1;t=0||(o[n]=e[n]);return o}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(o[n]=e[n])}return o}var p=r.createContext({}),c=function(e){var t=r.useContext(p),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},l=function(e){var t=c(e.components);return r.createElement(p.Provider,{value:t},e.children)},u="mdxType",m={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},f=r.forwardRef((function(e,t){var n=e.components,o=e.mdxType,a=e.originalType,p=e.parentName,l=s(e,["components","mdxType","originalType","parentName"]),u=c(n),f=o,d=u["".concat(p,".").concat(f)]||u[f]||m[f]||a;return n?r.createElement(d,i(i({ref:t},l),{},{components:n})):r.createElement(d,i({ref:t},l))}));function d(e,t){var n=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var a=n.length,i=new Array(a);i[0]=f;var s={};for(var p in t)hasOwnProperty.call(t,p)&&(s[p]=t[p]);s.originalType=e,s[u]="string"==typeof e?e:o,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>p,contentTitle:()=>i,default:()=>m,frontMatter:()=>a,metadata:()=>s,toc:()=>c});var r=n(87462),o=(n(67294),n(3905));const a={layout:"default",title:"What's NEW!",categories:["new"]},i="Welcome to the [podman.io](https://podman.io) website!",s={permalink:"/blogs/2018/09/10/welcome",source:"@site/blog/2018-09-10-welcome.md",title:"What's NEW!",description:"If you've missed the news so far, CoreOS was acquired by Red Hat at the beginning of 2018. This also means some changes for Buildah and Podman.",date:"2018-09-10T00:00:00.000Z",formattedDate:"September 10, 2018",tags:[],readingTime:.5,hasTruncateMarker:!1,authors:[],frontMatter:{layout:"default",title:"What's NEW!",categories:["new"]},prevItem:{title:"Using systemd to control the startup of Podman containers",permalink:"/blogs/2018/09/13/systemd"},nextItem:{title:"Python3 support for Podman",permalink:"/blogs/2018/08/15/python-support-for-podman"}},p={authorsImageUrls:[]},c=[],l={toc:c},u="wrapper";function m(e){let{components:t,...n}=e;return(0,o.kt)(u,(0,r.Z)({},l,n,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("p",null,"If you've missed the news so far, CoreOS was acquired by Red Hat at the beginning of 2018. This also means some changes for Buildah and Podman."),(0,o.kt)("p",null,"Buildah and Podman were previously projects within Project Atomic which is going to be sunset in favor of an immutable host combination of Container Linux and Fedora Atomic Host: this combination is called ",(0,o.kt)("a",{parentName:"p",href:"https://coreos.fedoraproject.org"},"Fedora CoreOS"),". We therefore welcome you to the new websites, ",(0,o.kt)("a",{parentName:"p",href:"https://buildah.io"},"buildah.io")," and ",(0,o.kt)("a",{parentName:"p",href:"https://podman.io"},"podman.io")," where you will find news, announcements, and more around the respective projects."),(0,o.kt)("p",null,"To start it up, check out the new ",(0,o.kt)("a",{parentName:"p",href:"https://podman.io/blogs"},"Blogs")," and ",(0,o.kt)("a",{parentName:"p",href:"https://podman.io/releases"},"Releases")," sections on the site."))}m.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/251e224c.79460c6f.js b/assets/js/251e224c.79460c6f.js new file mode 100644 index 000000000..a23c0235f --- /dev/null +++ b/assets/js/251e224c.79460c6f.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[90451],{54895:e=>{e.exports=JSON.parse('{"label":"community","permalink":"/release/tags/community","allTagsPath":"/release/tags","count":26}')}}]); \ No newline at end of file diff --git a/assets/js/282850f5.7e6b5afc.js b/assets/js/282850f5.cbe04304.js similarity index 59% rename from assets/js/282850f5.7e6b5afc.js rename to assets/js/282850f5.cbe04304.js index 899d8fa96..b9c775384 100644 --- a/assets/js/282850f5.7e6b5afc.js +++ b/assets/js/282850f5.cbe04304.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[28621],{8600:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/15","page":15,"postsPerPage":10,"totalPages":26,"totalCount":255,"previousPage":"/blogs/page/14","nextPage":"/blogs/page/16","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[28621],{8600:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/15","page":15,"postsPerPage":10,"totalPages":25,"totalCount":246,"previousPage":"/blogs/page/14","nextPage":"/blogs/page/16","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/34f2ca0c.b09fae6d.js b/assets/js/34f2ca0c.b09fae6d.js deleted file mode 100644 index a8796c3f8..000000000 --- a/assets/js/34f2ca0c.b09fae6d.js +++ /dev/null @@ -1 +0,0 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[86781],{61832:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/26","page":26,"postsPerPage":10,"totalPages":26,"totalCount":255,"previousPage":"/blogs/page/25","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/35eb483f.c4c70080.js b/assets/js/35eb483f.2f2ac03c.js similarity index 53% rename from assets/js/35eb483f.c4c70080.js rename to assets/js/35eb483f.2f2ac03c.js index 286d1c2d5..ed9b7634a 100644 --- a/assets/js/35eb483f.c4c70080.js +++ b/assets/js/35eb483f.2f2ac03c.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[31472],{3905:(e,t,a)=>{a.d(t,{Zo:()=>s,kt:()=>d});var r=a(67294);function n(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function o(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function l(e){for(var t=1;t=0||(n[a]=e[a]);return n}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(n[a]=e[a])}return n}var p=r.createContext({}),c=function(e){var t=r.useContext(p),a=t;return e&&(a="function"==typeof e?e(t):l(l({},t),e)),a},s=function(e){var t=c(e.components);return r.createElement(p.Provider,{value:t},e.children)},m="mdxType",u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},g=r.forwardRef((function(e,t){var a=e.components,n=e.mdxType,o=e.originalType,p=e.parentName,s=i(e,["components","mdxType","originalType","parentName"]),m=c(a),g=n,d=m["".concat(p,".").concat(g)]||m[g]||u[g]||o;return a?r.createElement(d,l(l({ref:t},s),{},{components:a})):r.createElement(d,l({ref:t},s))}));function d(e,t){var a=arguments,n=t&&t.mdxType;if("string"==typeof e||n){var o=a.length,l=new Array(o);l[0]=g;var i={};for(var p in t)hasOwnProperty.call(t,p)&&(i[p]=t[p]);i.originalType=e,i[m]="string"==typeof e?e:n,l[1]=i;for(var c=2;c{a.r(t),a.d(t,{assets:()=>p,contentTitle:()=>l,default:()=>u,frontMatter:()=>o,metadata:()=>i,toc:()=>c});var r=a(87462),n=(a(67294),a(3905));const o={title:"Programmatic remote access to Podman via the varlink protocol",layout:"default",author:"haraldh",categories:["blogs"],tags:["podman","varlink","rust","python","go","golang"]},l=void 0,i={permalink:"/blogs/2019/01/16/podman-varlink",source:"@site/blog/2019-01-16-podman-varlink.md",title:"Programmatic remote access to Podman via the varlink protocol",description:"podman logo",date:"2019-01-16T00:00:00.000Z",formattedDate:"January 16, 2019",tags:[{label:"podman",permalink:"/blogs/tags/podman"},{label:"varlink",permalink:"/blogs/tags/varlink"},{label:"rust",permalink:"/blogs/tags/rust"},{label:"python",permalink:"/blogs/tags/python"},{label:"go",permalink:"/blogs/tags/go"},{label:"golang",permalink:"/blogs/tags/golang"}],readingTime:7.015,hasTruncateMarker:!0,authors:[{name:"haraldh"}],frontMatter:{title:"Programmatic remote access to Podman via the varlink protocol",layout:"default",author:"haraldh",categories:["blogs"],tags:["podman","varlink","rust","python","go","golang"]},prevItem:{title:"Podman v1.0.0 Released",permalink:"/blogs/2019/01/16/podman-release-v1.0.0"},nextItem:{title:"Managing pods and containers in a local container runtime",permalink:"/blogs/2019/01/15/podman-pods"}},p={authorsImageUrls:[void 0]},c=[{value:"By Harald Hoyer GitHub",id:"by-harald-hoyer-github",level:2}],s={toc:c},m="wrapper";function u(e){let{components:t,...o}=e;return(0,n.kt)(m,(0,r.Z)({},s,o,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("p",null,(0,n.kt)("img",{alt:"podman logo",src:a(1382).Z,width:"228",height:"61"})),(0,n.kt)("h1",{id:"programmatic-remote-access-to-podman-via-the-varlink-protocol"},"Programmatic remote access to Podman via the varlink protocol"),(0,n.kt)("h2",{id:"by-harald-hoyer-github"},"By Harald Hoyer ",(0,n.kt)("a",{parentName:"h2",href:"https://github.com/haraldh"},"GitHub")),(0,n.kt)("p",null,"This guide shows how to access Podman remotely via the ",(0,n.kt)("a",{parentName:"p",href:"https://varlink.org"},"varlink interface"),"\nwith CLI tools and programmatically with python, go and rust."),(0,n.kt)("p",null,"This should work on Linux, MacOS and Windows 10."),(0,n.kt)("p",null,"The ",(0,n.kt)("a",{parentName:"p",href:"https://varlink.org/Language-Bindings"},"compatibility matrix")," shows which feature is supported on which OS in which language."),(0,n.kt)("blockquote",null,(0,n.kt)("p",{parentName:"blockquote"},"Note: replace ",(0,n.kt)("inlineCode",{parentName:"p"},"")," in this guide with the IP or hostname of your\nPodman machine")))}u.isMDXComponent=!0},1382:(e,t,a)=>{a.d(t,{Z:()=>r});const r=a.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[31472],{3905:(e,t,a)=>{a.d(t,{Zo:()=>s,kt:()=>d});var r=a(67294);function n(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function o(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function l(e){for(var t=1;t=0||(n[a]=e[a]);return n}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(n[a]=e[a])}return n}var c=r.createContext({}),p=function(e){var t=r.useContext(c),a=t;return e&&(a="function"==typeof e?e(t):l(l({},t),e)),a},s=function(e){var t=p(e.components);return r.createElement(c.Provider,{value:t},e.children)},m="mdxType",u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},g=r.forwardRef((function(e,t){var a=e.components,n=e.mdxType,o=e.originalType,c=e.parentName,s=i(e,["components","mdxType","originalType","parentName"]),m=p(a),g=n,d=m["".concat(c,".").concat(g)]||m[g]||u[g]||o;return a?r.createElement(d,l(l({ref:t},s),{},{components:a})):r.createElement(d,l({ref:t},s))}));function d(e,t){var a=arguments,n=t&&t.mdxType;if("string"==typeof e||n){var o=a.length,l=new Array(o);l[0]=g;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i[m]="string"==typeof e?e:n,l[1]=i;for(var p=2;p{a.r(t),a.d(t,{assets:()=>c,contentTitle:()=>l,default:()=>u,frontMatter:()=>o,metadata:()=>i,toc:()=>p});var r=a(87462),n=(a(67294),a(3905));const o={title:"Programmatic remote access to Podman via the varlink protocol",layout:"default",author:"haraldh",categories:["blogs"],tags:["podman","varlink","rust","python","go","golang"]},l=void 0,i={permalink:"/blogs/2019/01/16/podman-varlink",source:"@site/blog/2019-01-16-podman-varlink.md",title:"Programmatic remote access to Podman via the varlink protocol",description:"podman logo",date:"2019-01-16T00:00:00.000Z",formattedDate:"January 16, 2019",tags:[{label:"podman",permalink:"/blogs/tags/podman"},{label:"varlink",permalink:"/blogs/tags/varlink"},{label:"rust",permalink:"/blogs/tags/rust"},{label:"python",permalink:"/blogs/tags/python"},{label:"go",permalink:"/blogs/tags/go"},{label:"golang",permalink:"/blogs/tags/golang"}],readingTime:7.015,hasTruncateMarker:!0,authors:[{name:"haraldh"}],frontMatter:{title:"Programmatic remote access to Podman via the varlink protocol",layout:"default",author:"haraldh",categories:["blogs"],tags:["podman","varlink","rust","python","go","golang"]},prevItem:{title:"Container Tools on RHEL 8 & How to Hack Podman",permalink:"/blogs/2019/02/07/hack-and-tools"},nextItem:{title:"Managing pods and containers in a local container runtime",permalink:"/blogs/2019/01/15/podman-pods"}},c={authorsImageUrls:[void 0]},p=[{value:"By Harald Hoyer GitHub",id:"by-harald-hoyer-github",level:2}],s={toc:p},m="wrapper";function u(e){let{components:t,...o}=e;return(0,n.kt)(m,(0,r.Z)({},s,o,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("p",null,(0,n.kt)("img",{alt:"podman logo",src:a(1382).Z,width:"228",height:"61"})),(0,n.kt)("h1",{id:"programmatic-remote-access-to-podman-via-the-varlink-protocol"},"Programmatic remote access to Podman via the varlink protocol"),(0,n.kt)("h2",{id:"by-harald-hoyer-github"},"By Harald Hoyer ",(0,n.kt)("a",{parentName:"h2",href:"https://github.com/haraldh"},"GitHub")),(0,n.kt)("p",null,"This guide shows how to access Podman remotely via the ",(0,n.kt)("a",{parentName:"p",href:"https://varlink.org"},"varlink interface"),"\nwith CLI tools and programmatically with python, go and rust."),(0,n.kt)("p",null,"This should work on Linux, MacOS and Windows 10."),(0,n.kt)("p",null,"The ",(0,n.kt)("a",{parentName:"p",href:"https://varlink.org/Language-Bindings"},"compatibility matrix")," shows which feature is supported on which OS in which language."),(0,n.kt)("blockquote",null,(0,n.kt)("p",{parentName:"blockquote"},"Note: replace ",(0,n.kt)("inlineCode",{parentName:"p"},"")," in this guide with the IP or hostname of your\nPodman machine")))}u.isMDXComponent=!0},1382:(e,t,a)=>{a.d(t,{Z:()=>r});const r=a.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/36fd6b31.c3e125bf.js b/assets/js/36fd6b31.c3e125bf.js new file mode 100644 index 000000000..a4447f822 --- /dev/null +++ b/assets/js/36fd6b31.c3e125bf.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[50566],{3905:(e,n,t)=>{t.d(n,{Zo:()=>p,kt:()=>f});var a=t(67294);function o(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function r(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);n&&(a=a.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,a)}return t}function i(e){for(var n=1;n=0||(o[t]=e[t]);return o}(e,n);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(o[t]=e[t])}return o}var m=a.createContext({}),d=function(e){var n=a.useContext(m),t=n;return e&&(t="function"==typeof e?e(n):i(i({},n),e)),t},p=function(e){var n=d(e.components);return a.createElement(m.Provider,{value:n},e.children)},l="mdxType",u={inlineCode:"code",wrapper:function(e){var n=e.children;return a.createElement(a.Fragment,{},n)}},c=a.forwardRef((function(e,n){var t=e.components,o=e.mdxType,r=e.originalType,m=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),l=d(t),c=o,f=l["".concat(m,".").concat(c)]||l[c]||u[c]||r;return t?a.createElement(f,i(i({ref:n},p),{},{components:t})):a.createElement(f,i({ref:n},p))}));function f(e,n){var t=arguments,o=n&&n.mdxType;if("string"==typeof e||o){var r=t.length,i=new Array(r);i[0]=c;var s={};for(var m in n)hasOwnProperty.call(n,m)&&(s[m]=n[m]);s.originalType=e,s[l]="string"==typeof e?e:o,i[1]=s;for(var d=2;d{t.r(n),t.d(n,{assets:()=>m,contentTitle:()=>i,default:()=>u,frontMatter:()=>r,metadata:()=>s,toc:()=>d});var a=t(87462),o=(t(67294),t(3905));const r={title:"Podman v4.3.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman","hpc","kubernetes"]},i="Podman Release v4.3.0",s={permalink:"/release/2022/10/22/podman-release-v4.3.0",source:"@site/release/2022-10-22-podman-release-v4.3.0.md",title:"Podman v4.3.0 Released",description:"podman logo",date:"2022-10-22T00:00:00.000Z",formattedDate:"October 22, 2022",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"},{label:"hpc",permalink:"/release/tags/hpc"},{label:"kubernetes",permalink:"/release/tags/kubernetes"}],readingTime:2.4,hasTruncateMarker:!1,authors:[{name:"mheon"}],frontMatter:{title:"Podman v4.3.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman","hpc","kubernetes"]},nextItem:{title:"Netavark and Aardvark-dns 1.2.0 released",permalink:"/release/2022/09/28/updated-1.2.0"}},m={authorsImageUrls:[void 0]},d=[],p={toc:d},l="wrapper";function u(e){let{components:n,...r}=e;return(0,o.kt)(l,(0,a.Z)({},p,r,{components:n,mdxType:"MDXLayout"}),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"podman logo",src:t(1382).Z,width:"228",height:"61"})),(0,o.kt)("p",null,"Podman 4.3.0 is now available! There\u2019s a lot to be excited about, including numerous new features, over 30 bug fixes, and many other improvements. A major focus of 4.3 has been on improving Docker compatibility, including the addition of many missing options and aliases to Podman\u2019s command line to further our efforts to make transitioning to Podman a seamless change. Podman\u2019s integration with Kubernetes has also seen many improvements, including improved integration with systemd and support for automatic updates. Read on for more details and these changes and more!"),(0,o.kt)("p",null,"The Podman team made improved compatibility with Docker a priority for Podman 4.3. We audited Podman\u2019s commands against the Docker command line tool to identify missing and unsupported options and then set to work adding and fixing differences. As part of these, we added a dozen new options to various Podman commands, with many of these being missing aliases for existing options. A new set of commands, ",(0,o.kt)("inlineCode",{parentName:"p"},"podman context"),", have been added for compatibility with ",(0,o.kt)("inlineCode",{parentName:"p"},"docker context"),". These are also aliases (for ",(0,o.kt)("inlineCode",{parentName:"p"},"podman system connection")," commands), and will usually be hidden as they are only required for scripts originally written to use Docker. We have also removed a known incompatibility with Docker in Podman\u2019s volume handling. Docker compatibility remains a focus for Podman, and we will continue our efforts to make migrating to Podman effortless."),(0,o.kt)("p",null,"Podman\u2019s Kubernetes integration also saw numerous changes, the biggest of which is the creation of the ",(0,o.kt)("inlineCode",{parentName:"p"},"podman kube")," command. Previously, Kubernetes YAML was generated with ",(0,o.kt)("inlineCode",{parentName:"p"},"podman generate kube")," and ran with ",(0,o.kt)("inlineCode",{parentName:"p"},"podman play kube"),", but users found this confusing - it wasn\u2019t immediately obvious from ",(0,o.kt)("inlineCode",{parentName:"p"},"podman help")," that the commands existed. By moving the commands to ",(0,o.kt)("inlineCode",{parentName:"p"},"podman kube generate")," and ",(0,o.kt)("inlineCode",{parentName:"p"},"podman kube play")," and introducing a new command to tear down pods (",(0,o.kt)("inlineCode",{parentName:"p"},"podman kube down"),"), we consolidated all Kubernetes commands in one easy-to-find place. The ",(0,o.kt)("inlineCode",{parentName:"p"},"podman generate kube"),", and ",(0,o.kt)("inlineCode",{parentName:"p"},"podman play kube")," commands will continue to work, but the new ",(0,o.kt)("inlineCode",{parentName:"p"},"podman kube")," commands will be preferred."),(0,o.kt)("p",null,"Of course, we didn\u2019t stop at just renaming commands. We\u2019ve made a number of further additions to ",(0,o.kt)("inlineCode",{parentName:"p"},"podman kube play"),", most notably improved systemd integration. In Podman 4.2, we added ",(0,o.kt)("inlineCode",{parentName:"p"},"podman-kube@.service")," to allow pods created with ",(0,o.kt)("inlineCode",{parentName:"p"},"podman kube play")," to be managed with systemd. With Podman 4.3, we\u2019ve improved this in two significant ways. First, pods using ",(0,o.kt)("inlineCode",{parentName:"p"},"podman-kube@.service")," can now use sdnotify to verify to systemd that they have started. This laid the groundwork for the following major change: Pods from ",(0,o.kt)("inlineCode",{parentName:"p"},"podman-kube@.service")," now support Podman\u2019s auto-updated mechanism, enabled using an annotation (",(0,o.kt)("inlineCode",{parentName:"p"},"io.containers.auto-update"),"). Furthermore, we made several improvements to ",(0,o.kt)("inlineCode",{parentName:"p"},"podman kube play"),", including support for ",(0,o.kt)("inlineCode",{parentName:"p"},"emptyDir")," volumes, support for user namespaces via ",(0,o.kt)("inlineCode",{parentName:"p"},"HostUsers"),", and support for binary data in ConfigMaps."),(0,o.kt)("p",null,"These are just a few of the over 30 features and bug fixes included in Podman 4.3.0. Be sure to check out the ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/releases/tag/v4.3.0"},"release notes")," for more details!"))}u.isMDXComponent=!0},1382:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/3a93bb9c.23b59710.js b/assets/js/3a93bb9c.23b59710.js deleted file mode 100644 index 85ff592bb..000000000 --- a/assets/js/3a93bb9c.23b59710.js +++ /dev/null @@ -1 +0,0 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[48509],{3905:(e,t,n)=>{n.d(t,{Zo:()=>i,kt:()=>f});var r=n(67294);function o(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(o[n]=e[n]);return o}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(o[n]=e[n])}return o}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},i=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},u="mdxType",m={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,o=e.mdxType,a=e.originalType,s=e.parentName,i=p(e,["components","mdxType","originalType","parentName"]),u=c(n),d=o,f=u["".concat(s,".").concat(d)]||u[d]||m[d]||a;return n?r.createElement(f,l(l({ref:t},i),{},{components:n})):r.createElement(f,l({ref:t},i))}));function f(e,t){var n=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var a=n.length,l=new Array(a);l[0]=d;var p={};for(var s in t)hasOwnProperty.call(t,s)&&(p[s]=t[s]);p.originalType=e,p[u]="string"==typeof e?e:o,l[1]=p;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>l,default:()=>m,frontMatter:()=>a,metadata:()=>p,toc:()=>c});var r=n(87462),o=(n(67294),n(3905));const a={title:"Podman Alpha version 0.8.1 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},l=void 0,p={permalink:"/blogs/2018/08/08/podman-alpha-v0.8.1",source:"@site/blog/2018-08-08-podman-alpha-v0.8.1.md",title:"Podman Alpha version 0.8.1 Release Announcement",description:"podman logo",date:"2018-08-08T00:00:00.000Z",formattedDate:"August 8, 2018",tags:[{label:"community",permalink:"/blogs/tags/community"},{label:"open source",permalink:"/blogs/tags/open-source"},{label:"podman",permalink:"/blogs/tags/podman"}],readingTime:.725,hasTruncateMarker:!0,authors:[{name:"bbaude"}],frontMatter:{title:"Podman Alpha version 0.8.1 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Python3 support for Podman",permalink:"/blogs/2018/08/15/python-support-for-podman"},nextItem:{title:"Podman Alpha version 0.7.2 Release Announcement",permalink:"/blogs/2018/07/16/podman-alpha-v0.7.2"}},s={authorsImageUrls:[void 0]},c=[],i={toc:c},u="wrapper";function m(e){let{components:t,...a}=e;return(0,o.kt)(u,(0,r.Z)({},i,a,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,o.kt)("h1",{id:"podman-release-081"},"Podman release 0.8.1"),(0,o.kt)("p",null,"Our latest podman release turned out to be a lot of internal plumbing. We had more than 50 commits but most were tweaks that most users would not notice. So I don\u2019t have a singular, hot feature to point you at."))}m.isMDXComponent=!0},1382:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/3ad228ae.e37bdf0f.js b/assets/js/3ad228ae.e37bdf0f.js new file mode 100644 index 000000000..e81573315 --- /dev/null +++ b/assets/js/3ad228ae.e37bdf0f.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[71878],{3905:(e,n,t)=>{t.d(n,{Zo:()=>p,kt:()=>h});var a=t(67294);function r(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function o(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);n&&(a=a.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,a)}return t}function l(e){for(var n=1;n=0||(r[t]=e[t]);return r}(e,n);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(r[t]=e[t])}return r}var s=a.createContext({}),m=function(e){var n=a.useContext(s),t=n;return e&&(t="function"==typeof e?e(n):l(l({},n),e)),t},p=function(e){var n=m(e.components);return a.createElement(s.Provider,{value:n},e.children)},u="mdxType",c={inlineCode:"code",wrapper:function(e){var n=e.children;return a.createElement(a.Fragment,{},n)}},d=a.forwardRef((function(e,n){var t=e.components,r=e.mdxType,o=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=m(t),d=r,h=u["".concat(s,".").concat(d)]||u[d]||c[d]||o;return t?a.createElement(h,l(l({ref:n},p),{},{components:t})):a.createElement(h,l({ref:n},p))}));function h(e,n){var t=arguments,r=n&&n.mdxType;if("string"==typeof e||r){var o=t.length,l=new Array(o);l[0]=d;var i={};for(var s in n)hasOwnProperty.call(n,s)&&(i[s]=n[s]);i.originalType=e,i[u]="string"==typeof e?e:r,l[1]=i;for(var m=2;m{t.r(n),t.d(n,{assets:()=>s,contentTitle:()=>l,default:()=>c,frontMatter:()=>o,metadata:()=>i,toc:()=>m});var a=t(87462),r=(t(67294),t(3905));const o={title:"Podman v0.12.1.1 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},l=void 0,i={permalink:"/release/2018/12/12/podman-alpha-v0.12.1.1",source:"@site/release/2018-12-12-podman-alpha-v0.12.1.1.md",title:"Podman v0.12.1.1 Released",description:"podman logo",date:"2018-12-12T00:00:00.000Z",formattedDate:"December 12, 2018",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"}],readingTime:1.2,hasTruncateMarker:!0,authors:[{name:"mheon"}],frontMatter:{title:"Podman v0.12.1.1 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman v1.0.0 Released",permalink:"/release/2019/01/16/podman-release-v1.0.0"},nextItem:{title:"Podman Alpha version 0.8.3 Release Announcement",permalink:"/release/2018/08/20/podman-alpha-v0.8.3"}},s={authorsImageUrls:[void 0]},m=[{value:"Changes",id:"changes",level:2}],p={toc:m},u="wrapper";function c(e){let{components:n,...o}=e;return(0,r.kt)(u,(0,a.Z)({},p,o,{components:n,mdxType:"MDXLayout"}),(0,r.kt)("p",null,(0,r.kt)("img",{alt:"podman logo",src:t(1382).Z,width:"228",height:"61"})),(0,r.kt)("h1",{id:"podman-release-01211"},"Podman Release 0.12.1.1"),(0,r.kt)("p",null,"We're happy to announce the availability of Podman 0.12.1.1, our latest version. We've been very busy over the last month, and it shows! We've merged over 150 new commits since our 0.11 releases, including major new functionality and several critical bugfixes. Pods, Kubernetes compatibility, and container volumes all saw major improvements."),(0,r.kt)("p",null,"We hope everyone enjoys the release, and stays with us in the future as Podman gets closer to 1.0. As always, many thanks to everyone who contributed to this release!"),(0,r.kt)("h2",{id:"changes"},"Changes"),(0,r.kt)("p",null,"This release comes with many exciting new features. To highlight a few of our biggest changes:"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},"The ",(0,r.kt)("inlineCode",{parentName:"li"},"podman generate kube")," command was added by Brent Baude, which generates Kubernetes pod and service YAML from Podman containers and pods."),(0,r.kt)("li",{parentName:"ul"},"Initial support for named volumes using the ",(0,r.kt)("inlineCode",{parentName:"li"},"podman volume")," set of commands was landed by Urvashi Mohnani"),(0,r.kt)("li",{parentName:"ul"},"The ",(0,r.kt)("inlineCode",{parentName:"li"},"podman rm")," and ",(0,r.kt)("inlineCode",{parentName:"li"},"podman rmi")," commands can now prune unused containers and images with the ",(0,r.kt)("inlineCode",{parentName:"li"},"--prune")," flag"),(0,r.kt)("li",{parentName:"ul"},"Ports can now be published to the host from pods")),(0,r.kt)("p",null,"Numerous bugs were fixed as well, including a breaking change in rootless Podman found in 0.11.x releases."),(0,r.kt)("p",null,"To see the full changelog, please visit our release notes on ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/RELEASE_NOTES.md"},"GitHub")),(0,r.kt)("p",null,"Some of this work, like the ",(0,r.kt)("inlineCode",{parentName:"p"},"podman volume")," command, is still very early. We'd greatly appreciate feedback! If you have an enhancement request or a bug report, please file them on our ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/issues"},"issue page"),"."))}c.isMDXComponent=!0},1382:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/3b42de7a.61e6ec64.js b/assets/js/3b42de7a.61e6ec64.js new file mode 100644 index 000000000..6764bb87e --- /dev/null +++ b/assets/js/3b42de7a.61e6ec64.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[73838],{3905:(e,n,t)=>{t.d(n,{Zo:()=>p,kt:()=>h});var o=t(67294);function a(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function r(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);n&&(o=o.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,o)}return t}function i(e){for(var n=1;n=0||(a[t]=e[t]);return a}(e,n);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(o=0;o=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(a[t]=e[t])}return a}var l=o.createContext({}),m=function(e){var n=o.useContext(l),t=n;return e&&(t="function"==typeof e?e(n):i(i({},n),e)),t},p=function(e){var n=m(e.components);return o.createElement(l.Provider,{value:n},e.children)},d="mdxType",u={inlineCode:"code",wrapper:function(e){var n=e.children;return o.createElement(o.Fragment,{},n)}},c=o.forwardRef((function(e,n){var t=e.components,a=e.mdxType,r=e.originalType,l=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),d=m(t),c=a,h=d["".concat(l,".").concat(c)]||d[c]||u[c]||r;return t?o.createElement(h,i(i({ref:n},p),{},{components:t})):o.createElement(h,i({ref:n},p))}));function h(e,n){var t=arguments,a=n&&n.mdxType;if("string"==typeof e||a){var r=t.length,i=new Array(r);i[0]=c;var s={};for(var l in n)hasOwnProperty.call(n,l)&&(s[l]=n[l]);s.originalType=e,s[d]="string"==typeof e?e:a,i[1]=s;for(var m=2;m{t.r(n),t.d(n,{assets:()=>l,contentTitle:()=>i,default:()=>u,frontMatter:()=>r,metadata:()=>s,toc:()=>m});var o=t(87462),a=(t(67294),t(3905));const r={title:"Podman v4.1.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman","hpc","kubernetes"]},i="Podman Release v4.1.0",s={permalink:"/release/2022/05/09/podman-release-v4.1.0",source:"@site/release/2022-05-09-podman-release-v4.1.0.md",title:"Podman v4.1.0 Released",description:"podman logo",date:"2022-05-09T00:00:00.000Z",formattedDate:"May 9, 2022",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"},{label:"hpc",permalink:"/release/tags/hpc"},{label:"kubernetes",permalink:"/release/tags/kubernetes"}],readingTime:2.145,hasTruncateMarker:!1,authors:[{name:"mheon"}],frontMatter:{title:"Podman v4.1.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman","hpc","kubernetes"]},prevItem:{title:"Podman v4.2.0 Released",permalink:"/release/2022/08/17/podman-release-v4.2.0"},nextItem:{title:"Podman v4.0.0 Released",permalink:"/release/2022/02/22/podman-release-v4.0.0"}},l={authorsImageUrls:[void 0]},m=[{value:"Podman v4.1 has been released!",id:"podman-v41-has-been-released",level:2}],p={toc:m},d="wrapper";function u(e){let{components:n,...r}=e;return(0,a.kt)(d,(0,o.Z)({},p,r,{components:n,mdxType:"MDXLayout"}),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"podman logo",src:t(1382).Z,width:"228",height:"61"})),(0,a.kt)("h2",{id:"podman-v41-has-been-released"},"Podman v4.1 has been released!"),(0,a.kt)("p",null,"The new Podman v4.1.0 release is now available. This release is all about new features, with some of the most exciting being improved support for running on Mac and Windows, and adding support for Docker Compose v2.0. These are just the beginning, though, as this release also includes the ability to clone containers, significant improvements to checkpointing, and over 25 bug fixes. Read on for more details!"),(0,a.kt)("p",null,"Podman\u2019s support for running on Mac and Windows via ",(0,a.kt)("inlineCode",{parentName:"p"},"podman machine")," has seen a number of major improvements, chief among them support for mounting the host machine\u2019s home directory into the ",(0,a.kt)("inlineCode",{parentName:"p"},"podman machine")," VMs by default. Also, on Windows, you can now refer to arbitrary Windows drive paths in your volume mount expressions. This allows containers run by Podman to use mounts from the host, an often-requested feature. Additionally, we\u2019ve added a ",(0,a.kt)("inlineCode",{parentName:"p"},"podman machine inspect")," command to inspect existing VMs, and support for modifying the CPU, memory, and disk limits of existing VMs using the ",(0,a.kt)("inlineCode",{parentName:"p"},"podman machine set")," command. Support for non-Linux operating systems continues to be one of our main focuses, and we\u2019re committed to improving our user experience here - stay tuned for more details!"),(0,a.kt)("p",null,"Podman v4.1 is also our first release to support Docker Compose v2.2.0 and up. Since our v3.0 release over a year ago, Podman has supported Compose v1, but the rewritten Compose v2 required further work in Podman to support. Please note that it may be necessary to disable the use of the BuildKit API by setting the environment variable ",(0,a.kt)("inlineCode",{parentName:"p"},"DOCKER_BUILDKIT=0"),"; we\u2019re looking into improving our Buildkit support in the future, so this is not necessary."),(0,a.kt)("p",null,"There are numerous other changes and improvements to all parts of Podman packed into this release. We\u2019ve added several new commands, including ",(0,a.kt)("inlineCode",{parentName:"p"},"podman volume mount")," and ",(0,a.kt)("inlineCode",{parentName:"p"},"podman volume unmount")," (to allow easy copying of files to and from volumes without using them in a container) and ",(0,a.kt)("inlineCode",{parentName:"p"},"podman container clone")," (creates a copy of an existing container, with the ability to change many settings while doing so). Checkpoint and restore have seen a major improvement with the ability to store checkpoints as OCI images, allowing them to be distributed via container registries. Finally, Podman has gone on a diet - we set out to reduce or eliminate many of our dependencies and managed to reduce our binary size by 8MB shaving off 15% of the original binary size. There are many more changes - too many to list all of them here - so be sure to check out the ",(0,a.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/releases/tag/v4.1.0"},"release notes"),"!"))}u.isMDXComponent=!0},1382:(e,n,t)=>{t.d(n,{Z:()=>o});const o=t.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/3b4c1a08.e86418c9.js b/assets/js/3b4c1a08.e86418c9.js new file mode 100644 index 000000000..82e65e85b --- /dev/null +++ b/assets/js/3b4c1a08.e86418c9.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[5215],{3905:(e,t,n)=>{n.d(t,{Zo:()=>m,kt:()=>h});var r=n(67294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function i(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=r.createContext({}),p=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},m=function(e){var t=p(e.components);return r.createElement(s.Provider,{value:t},e.children)},c="mdxType",u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,s=e.parentName,m=l(e,["components","mdxType","originalType","parentName"]),c=p(n),d=a,h=c["".concat(s,".").concat(d)]||c[d]||u[d]||o;return n?r.createElement(h,i(i({ref:t},m),{},{components:n})):r.createElement(h,i({ref:t},m))}));function h(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,i=new Array(o);i[0]=d;var l={};for(var s in t)hasOwnProperty.call(t,s)&&(l[s]=t[s]);l.originalType=e,l[c]="string"==typeof e?e:a,i[1]=l;for(var p=2;p{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>u,frontMatter:()=>o,metadata:()=>l,toc:()=>p});var r=n(87462),a=(n(67294),n(3905));const o={title:"Podman Alpha version 0.6.1 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},i=void 0,l={permalink:"/release/2018/06/04/podman-alpha-v0.6.1",source:"@site/release/2018-06-04-podman-alpha-v0.6.1.md",title:"Podman Alpha version 0.6.1 Release Announcement",description:"podman logo",date:"2018-06-04T00:00:00.000Z",formattedDate:"June 4, 2018",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"}],readingTime:1.115,hasTruncateMarker:!0,authors:[{name:"bbaude"}],frontMatter:{title:"Podman Alpha version 0.6.1 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman Alpha version 0.6.4 Release Announcement",permalink:"/release/2018/07/02/podman-alpha-v0.6.4"}},s={authorsImageUrls:[void 0]},p=[{value:"Improvements to podman Remote API",id:"improvements-to-podman-remote-api",level:2},{value:"Improvements to podman build",id:"improvements-to-podman-build",level:2},{value:"General Improvements",id:"general-improvements",level:2}],m={toc:p},c="wrapper";function u(e){let{components:t,...o}=e;return(0,a.kt)(c,(0,r.Z)({},m,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,a.kt)("h1",{id:"podman-release-061"},"Podman release 0.6.1"),(0,a.kt)("p",null,"It seems that when we have a short work week here in the US, we have rather large releases. To me, that flies in the face of logic. Speaking of which, one particular milestone was reached this week \u2026\nWe had our 1000th commit in Podman!"),(0,a.kt)("p",null,"That is particularly special, because prior to this repository, all libpod work was being done within the CRI-O repository. So the 1000 commits is in actuality since we broke apart from CRI-O. I want to recognize all the contributors who have been helping us along way. Great job!\n##Other notable items in the release:"),(0,a.kt)("h2",{id:"improvements-to-podman-remote-api"},"Improvements to podman Remote API"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"* Example usage for the Podman python API\n* Correct issue with varlink container inspect where not all information was being parsed\n* varlink build added to the varlink API\n* Python API now can attach to a container\n")),(0,a.kt)("h2",{id:"improvements-to-podman-build"},"Improvements to podman build"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"* OnBuild support for podman build\n")),(0,a.kt)("h2",{id:"general-improvements"},"General Improvements"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"* Correctly drop security capabilities when running containers with\u200a\u2014\u200auser\n* Fix edge case of pulling images with shortnames and no registries defined\n* Lots of changes with the hooks command\n* Make some run options exclusive when using an existing container network namespace\n* Podman ps and images now sorts containers and images by their created time.\n")))}u.isMDXComponent=!0},1382:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/3e8d5da4.26d8e736.js b/assets/js/3e8d5da4.26d8e736.js new file mode 100644 index 000000000..db375a1eb --- /dev/null +++ b/assets/js/3e8d5da4.26d8e736.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[1953],{85150:e=>{e.exports=JSON.parse('[{"label":"community","permalink":"/release/tags/community","count":26},{"label":"open source","permalink":"/release/tags/open-source","count":25},{"label":"podman","permalink":"/release/tags/podman","count":26},{"label":"hpc","permalink":"/release/tags/hpc","count":8},{"label":"kubernetes","permalink":"/release/tags/kubernetes","count":8}]')}}]); \ No newline at end of file diff --git a/assets/js/3f6be463.5f063a00.js b/assets/js/3f6be463.5f063a00.js new file mode 100644 index 000000000..6263df2fe --- /dev/null +++ b/assets/js/3f6be463.5f063a00.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[12368],{3905:(e,t,n)=>{n.d(t,{Zo:()=>s,kt:()=>d});var r=n(67294);function o(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(o[n]=e[n]);return o}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(o[n]=e[n])}return o}var c=r.createContext({}),p=function(e){var t=r.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},s=function(e){var t=p(e.components);return r.createElement(c.Provider,{value:t},e.children)},u="mdxType",m={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},f=r.forwardRef((function(e,t){var n=e.components,o=e.mdxType,a=e.originalType,c=e.parentName,s=i(e,["components","mdxType","originalType","parentName"]),u=p(n),f=o,d=u["".concat(c,".").concat(f)]||u[f]||m[f]||a;return n?r.createElement(d,l(l({ref:t},s),{},{components:n})):r.createElement(d,l({ref:t},s))}));function d(e,t){var n=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var a=n.length,l=new Array(a);l[0]=f;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i[u]="string"==typeof e?e:o,l[1]=i;for(var p=2;p{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>l,default:()=>m,frontMatter:()=>a,metadata:()=>i,toc:()=>p});var r=n(87462),o=(n(67294),n(3905));const a={layout:"default",title:"Podman v4.2.0 Released",categories:["new"]},l=void 0,i={permalink:"/blogs/2022/08/17/new",source:"@site/blog/2022-08-17-new.md",title:"Podman v4.2.0 Released",description:"Podman has gone 4.2.0!",date:"2022-08-17T00:00:00.000Z",formattedDate:"August 17, 2022",tags:[],readingTime:.025,hasTruncateMarker:!1,authors:[],frontMatter:{layout:"default",title:"Podman v4.2.0 Released",categories:["new"]},prevItem:{title:"How Podman packaging works on Linux",permalink:"/blogs/2022/10/03/new"},nextItem:{title:"Podman Windows Installer",permalink:"/blogs/2022/06/08/new"}},c={authorsImageUrls:[]},p=[{value:"Podman has gone 4.2.0!",id:"podman-has-gone-420",level:2}],s={toc:p},u="wrapper";function m(e){let{components:t,...n}=e;return(0,o.kt)(u,(0,r.Z)({},s,n,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("h2",{id:"podman-has-gone-420"},(0,o.kt)("a",{parentName:"h2",href:"https://podman.io/releases/2022/08/17/podman-release-v4.2.0.html"},"Podman has gone 4.2.0!")))}m.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/3f6be463.d62d6490.js b/assets/js/3f6be463.d62d6490.js deleted file mode 100644 index f8d4bebf2..000000000 --- a/assets/js/3f6be463.d62d6490.js +++ /dev/null @@ -1 +0,0 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[12368],{3905:(e,t,r)=>{r.d(t,{Zo:()=>s,kt:()=>f});var n=r(67294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function o(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function l(e){for(var t=1;t=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var i=n.createContext({}),p=function(e){var t=n.useContext(i),r=t;return e&&(r="function"==typeof e?e(t):l(l({},t),e)),r},s=function(e){var t=p(e.components);return n.createElement(i.Provider,{value:t},e.children)},u="mdxType",m={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,o=e.originalType,i=e.parentName,s=c(e,["components","mdxType","originalType","parentName"]),u=p(r),d=a,f=u["".concat(i,".").concat(d)]||u[d]||m[d]||o;return r?n.createElement(f,l(l({ref:t},s),{},{components:r})):n.createElement(f,l({ref:t},s))}));function f(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=r.length,l=new Array(o);l[0]=d;var c={};for(var i in t)hasOwnProperty.call(t,i)&&(c[i]=t[i]);c.originalType=e,c[u]="string"==typeof e?e:a,l[1]=c;for(var p=2;p{r.r(t),r.d(t,{assets:()=>i,contentTitle:()=>l,default:()=>m,frontMatter:()=>o,metadata:()=>c,toc:()=>p});var n=r(87462),a=(r(67294),r(3905));const o={layout:"default",title:"Podman v4.2.0 Released",categories:["new"]},l=void 0,c={permalink:"/blogs/2022/08/17/new",source:"@site/blog/2022-08-17-new.md",title:"Podman v4.2.0 Released",description:"Podman has gone 4.2.0!",date:"2022-08-17T00:00:00.000Z",formattedDate:"August 17, 2022",tags:[],readingTime:.025,hasTruncateMarker:!1,authors:[],frontMatter:{layout:"default",title:"Podman v4.2.0 Released",categories:["new"]},prevItem:{title:"Netavark and Aardvark-dns 1.2.0 released",permalink:"/blogs/2022/09/28/updated-1.2.0"},nextItem:{title:"Podman Windows Installer",permalink:"/blogs/2022/06/08/new"}},i={authorsImageUrls:[]},p=[{value:"Podman has gone 4.2.0!",id:"podman-has-gone-420",level:2}],s={toc:p},u="wrapper";function m(e){let{components:t,...r}=e;return(0,a.kt)(u,(0,n.Z)({},s,r,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h2",{id:"podman-has-gone-420"},(0,a.kt)("a",{parentName:"h2",href:"https://podman.io/releases/2022/08/17/podman-release-v4.2.0.html"},"Podman has gone 4.2.0!")))}m.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/3fa39283.f4618526.js b/assets/js/3fa39283.f4618526.js new file mode 100644 index 000000000..5e988d3fe --- /dev/null +++ b/assets/js/3fa39283.f4618526.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[23915],{3905:(e,t,r)=>{r.d(t,{Zo:()=>m,kt:()=>f});var n=r(67294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function o(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function l(e){for(var t=1;t=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var s=n.createContext({}),c=function(e){var t=n.useContext(s),r=t;return e&&(r="function"==typeof e?e(t):l(l({},t),e)),r},m=function(e){var t=c(e.components);return n.createElement(s.Provider,{value:t},e.children)},p="mdxType",u={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,o=e.originalType,s=e.parentName,m=i(e,["components","mdxType","originalType","parentName"]),p=c(r),d=a,f=p["".concat(s,".").concat(d)]||p[d]||u[d]||o;return r?n.createElement(f,l(l({ref:t},m),{},{components:r})):n.createElement(f,l({ref:t},m))}));function f(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=r.length,l=new Array(o);l[0]=d;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i[p]="string"==typeof e?e:a,l[1]=i;for(var c=2;c{r.r(t),r.d(t,{assets:()=>s,contentTitle:()=>l,default:()=>u,frontMatter:()=>o,metadata:()=>i,toc:()=>c});var n=r(87462),a=(r(67294),r(3905));const o={title:"Podman v1.0.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},l="Podman Release 1.0.0",i={permalink:"/release/2019/01/16/podman-release-v1.0.0",source:"@site/release/2019-01-16-podman-release-v1.0.0.md",title:"Podman v1.0.0 Released",description:"podman logo",date:"2019-01-16T00:00:00.000Z",formattedDate:"January 16, 2019",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"}],readingTime:2.08,hasTruncateMarker:!0,authors:[{name:"mheon"}],frontMatter:{title:"Podman v1.0.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman v1.1.0 Released",permalink:"/release/2019/02/26/podman-release-v1.1.0"},nextItem:{title:"Podman v0.12.1.1 Released",permalink:"/release/2018/12/12/podman-alpha-v0.12.1.1"}},s={authorsImageUrls:[void 0]},c=[{value:"Podman has gone 1.0!",id:"podman-has-gone-10",level:2}],m={toc:c},p="wrapper";function u(e){let{components:t,...o}=e;return(0,a.kt)(p,(0,n.Z)({},m,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"podman logo",src:r(1382).Z,width:"228",height:"61"})),(0,a.kt)("h2",{id:"podman-has-gone-10"},"Podman has gone 1.0!"),(0,a.kt)("p",null,"Our original goal with Podman was to provide a fully-featured debugging experience for ",(0,a.kt)("a",{parentName:"p",href:"https://github.com/kubernetes-sigs/cri-o"},"CRI-O"),", but it has become so much more. Podman 1.0.0 is a fully-featured container engine. It provides a Docker-compatible command line to ease the transition from other container engines. Most Podman commands can be run as a regular user, without requiring additional privileges. Furthermore, all of this is accomplished without a daemon!"))}u.isMDXComponent=!0},1382:(e,t,r)=>{r.d(t,{Z:()=>n});const n=r.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/40f1cf9e.3913f82b.js b/assets/js/40f1cf9e.3913f82b.js new file mode 100644 index 000000000..622ac8f05 --- /dev/null +++ b/assets/js/40f1cf9e.3913f82b.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[18952],{3905:(e,t,a)=>{a.d(t,{Zo:()=>c,kt:()=>b});var n=a(67294);function o(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function r(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function i(e){for(var t=1;t=0||(o[a]=e[a]);return o}(e,t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(o[a]=e[a])}return o}var s=n.createContext({}),m=function(e){var t=n.useContext(s),a=t;return e&&(a="function"==typeof e?e(t):i(i({},t),e)),a},c=function(e){var t=m(e.components);return n.createElement(s.Provider,{value:t},e.children)},d="mdxType",u={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},p=n.forwardRef((function(e,t){var a=e.components,o=e.mdxType,r=e.originalType,s=e.parentName,c=l(e,["components","mdxType","originalType","parentName"]),d=m(a),p=o,b=d["".concat(s,".").concat(p)]||d[p]||u[p]||r;return a?n.createElement(b,i(i({ref:t},c),{},{components:a})):n.createElement(b,i({ref:t},c))}));function b(e,t){var a=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var r=a.length,i=new Array(r);i[0]=p;var l={};for(var s in t)hasOwnProperty.call(t,s)&&(l[s]=t[s]);l.originalType=e,l[d]="string"==typeof e?e:o,i[1]=l;for(var m=2;m{a.r(t),a.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>u,frontMatter:()=>r,metadata:()=>l,toc:()=>m});var n=a(87462),o=(a(67294),a(3905));const r={title:"Simplifying Podman commands with labels",layout:"default",author:"baude",categories:["blogs"],tags:["podman","containers"]},i=void 0,l={permalink:"/blogs/2018/12/03/podman-runlabel",source:"@site/blog/2018-12-03-podman-runlabel.md",title:"Simplifying Podman commands with labels",description:"podman logo",date:"2018-12-03T00:00:00.000Z",formattedDate:"December 3, 2018",tags:[{label:"podman",permalink:"/blogs/tags/podman"},{label:"containers",permalink:"/blogs/tags/containers"}],readingTime:2.015,hasTruncateMarker:!0,authors:[{name:"baude"}],frontMatter:{title:"Simplifying Podman commands with labels",layout:"default",author:"baude",categories:["blogs"],tags:["podman","containers"]},prevItem:{title:"New Blog from Emilien Macchi, Part 4!",permalink:"/blogs/2018/12/14/openstack-podman-healthchecks"},nextItem:{title:"Podman container|image exists",permalink:"/blogs/2018/11/27/podman-exists"}},s={authorsImageUrls:[void 0]},m=[{value:"By Brent Baude GitHub",id:"by-brent-baude-github",level:2},{value:"Container image Labels",id:"container-image-labels",level:3},{value:"Podman container runlabel",id:"podman-container-runlabel",level:3}],c={toc:m},d="wrapper";function u(e){let{components:t,...r}=e;return(0,o.kt)(d,(0,n.Z)({},c,r,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"podman logo",src:a(1382).Z,width:"228",height:"61"})),(0,o.kt)("h1",{id:"simplifying-podman-commands-with-labels"},"Simplifying Podman commands with labels"),(0,o.kt)("h2",{id:"by-brent-baude-github"},"By Brent Baude ",(0,o.kt)("a",{parentName:"h2",href:"https://github.com/baude"},"GitHub")),(0,o.kt)("p",null,"Commands used by container runtimes to create containers have become complex. It is on purpose of course. When creating\ncontainers, we want the ability to specify various security or network attributes. But if you are in the unenviable position to have to keystroke in some of these lengthy commands, it can grow tiresome. Defining labels on the container image is a great way to define how the container should be run; however, now with Podman we can read and execute that label saving you potential command line bloat."),(0,o.kt)("h3",{id:"container-image-labels"},"Container image Labels"),(0,o.kt)("p",null,"Container images have had the concept of a label for quite some time. They are often used as identifiers for the image; i.e. version, release, author, etc. But you can create a container label for just about anything. With the Atomic CLI project, we used to leverage labels such as RUN, INSTALL, and UNINSTALL. These labels we defined for the purpose of their verbiage."),(0,o.kt)("h3",{id:"podman-container-runlabel"},"Podman container runlabel"),(0,o.kt)("p",null,"To mimic the Atomic CLI project, we added a sub-command called ",(0,o.kt)("inlineCode",{parentName:"p"},"podman container runlabel"),". This command will execute the contents of a given label as defined by the container image."),(0,o.kt)("p",null,"Lets consider an example. I have a simple container image based on mariab that I use for my Podman development. The image is made like so:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},'FROM docker.io/library/mariadb:latest\nLABEL RUN="podman run --name some-mariadb -P -e MYSQL_ROOT_PASSWORD=x -dt IMAGE"\nRUN echo "bind-address = 0.0.0.0" >> /etc/mysql/my.cnf\n')),(0,o.kt)("p",null,"Note the definition of the RUN label in the image. It contains the complete command line description of how to run it. The use of IMAGE here is a placeholder is automatically substituted by Podman to the real image name. On my system, this image exists as ",(0,o.kt)("inlineCode",{parentName:"p"},"quay.io/baude/demodb:latest"),"."),(0,o.kt)("p",null,"We can get a preview of what Podman would run using the ",(0,o.kt)("inlineCode",{parentName:"p"},"--display")," switch. In the case of my mariab image, a dry-run would show something like this:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},"$ sudo podman container runlabel --display run quay.io/baude/demodb:latest\nCommand: /proc/self/exe run --name some-mariadb -P -e MYSQL_ROOT_PASSWORD=x -dt quay.io/baude/demodb:latest\n")),(0,o.kt)("p",null,"Note how the IMAGE was translated into the image name. If we rerun the previous command and subtract the ",(0,o.kt)("inlineCode",{parentName:"p"},"--display")," option, podman will create the container exactly as described by the run label."),(0,o.kt)("p",null,"So, next time you create your own image, do yourself a favor and construct labels that Podman can read and simplify your life."))}u.isMDXComponent=!0},1382:(e,t,a)=>{a.d(t,{Z:()=>n});const n=a.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/40f1cf9e.7f4e2cfd.js b/assets/js/40f1cf9e.7f4e2cfd.js deleted file mode 100644 index 6d7b816b1..000000000 --- a/assets/js/40f1cf9e.7f4e2cfd.js +++ /dev/null @@ -1 +0,0 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[18952],{3905:(e,t,a)=>{a.d(t,{Zo:()=>c,kt:()=>b});var n=a(67294);function o(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function r(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function i(e){for(var t=1;t=0||(o[a]=e[a]);return o}(e,t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(o[a]=e[a])}return o}var s=n.createContext({}),m=function(e){var t=n.useContext(s),a=t;return e&&(a="function"==typeof e?e(t):i(i({},t),e)),a},c=function(e){var t=m(e.components);return n.createElement(s.Provider,{value:t},e.children)},d="mdxType",u={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},p=n.forwardRef((function(e,t){var a=e.components,o=e.mdxType,r=e.originalType,s=e.parentName,c=l(e,["components","mdxType","originalType","parentName"]),d=m(a),p=o,b=d["".concat(s,".").concat(p)]||d[p]||u[p]||r;return a?n.createElement(b,i(i({ref:t},c),{},{components:a})):n.createElement(b,i({ref:t},c))}));function b(e,t){var a=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var r=a.length,i=new Array(r);i[0]=p;var l={};for(var s in t)hasOwnProperty.call(t,s)&&(l[s]=t[s]);l.originalType=e,l[d]="string"==typeof e?e:o,i[1]=l;for(var m=2;m{a.r(t),a.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>u,frontMatter:()=>r,metadata:()=>l,toc:()=>m});var n=a(87462),o=(a(67294),a(3905));const r={title:"Simplifying Podman commands with labels",layout:"default",author:"baude",categories:["blogs"],tags:["podman","containers"]},i=void 0,l={permalink:"/blogs/2018/12/03/podman-runlabel",source:"@site/blog/2018-12-03-podman-runlabel.md",title:"Simplifying Podman commands with labels",description:"podman logo",date:"2018-12-03T00:00:00.000Z",formattedDate:"December 3, 2018",tags:[{label:"podman",permalink:"/blogs/tags/podman"},{label:"containers",permalink:"/blogs/tags/containers"}],readingTime:2.015,hasTruncateMarker:!0,authors:[{name:"baude"}],frontMatter:{title:"Simplifying Podman commands with labels",layout:"default",author:"baude",categories:["blogs"],tags:["podman","containers"]},prevItem:{title:"Podman v0.12.1.1 Released",permalink:"/blogs/2018/12/12/podman-alpha-v0.12.1.1"},nextItem:{title:"Podman container|image exists",permalink:"/blogs/2018/11/27/podman-exists"}},s={authorsImageUrls:[void 0]},m=[{value:"By Brent Baude GitHub",id:"by-brent-baude-github",level:2},{value:"Container image Labels",id:"container-image-labels",level:3},{value:"Podman container runlabel",id:"podman-container-runlabel",level:3}],c={toc:m},d="wrapper";function u(e){let{components:t,...r}=e;return(0,o.kt)(d,(0,n.Z)({},c,r,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"podman logo",src:a(1382).Z,width:"228",height:"61"})),(0,o.kt)("h1",{id:"simplifying-podman-commands-with-labels"},"Simplifying Podman commands with labels"),(0,o.kt)("h2",{id:"by-brent-baude-github"},"By Brent Baude ",(0,o.kt)("a",{parentName:"h2",href:"https://github.com/baude"},"GitHub")),(0,o.kt)("p",null,"Commands used by container runtimes to create containers have become complex. It is on purpose of course. When creating\ncontainers, we want the ability to specify various security or network attributes. But if you are in the unenviable position to have to keystroke in some of these lengthy commands, it can grow tiresome. Defining labels on the container image is a great way to define how the container should be run; however, now with Podman we can read and execute that label saving you potential command line bloat."),(0,o.kt)("h3",{id:"container-image-labels"},"Container image Labels"),(0,o.kt)("p",null,"Container images have had the concept of a label for quite some time. They are often used as identifiers for the image; i.e. version, release, author, etc. But you can create a container label for just about anything. With the Atomic CLI project, we used to leverage labels such as RUN, INSTALL, and UNINSTALL. These labels we defined for the purpose of their verbiage."),(0,o.kt)("h3",{id:"podman-container-runlabel"},"Podman container runlabel"),(0,o.kt)("p",null,"To mimic the Atomic CLI project, we added a sub-command called ",(0,o.kt)("inlineCode",{parentName:"p"},"podman container runlabel"),". This command will execute the contents of a given label as defined by the container image."),(0,o.kt)("p",null,"Lets consider an example. I have a simple container image based on mariab that I use for my Podman development. The image is made like so:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},'FROM docker.io/library/mariadb:latest\nLABEL RUN="podman run --name some-mariadb -P -e MYSQL_ROOT_PASSWORD=x -dt IMAGE"\nRUN echo "bind-address = 0.0.0.0" >> /etc/mysql/my.cnf\n')),(0,o.kt)("p",null,"Note the definition of the RUN label in the image. It contains the complete command line description of how to run it. The use of IMAGE here is a placeholder is automatically substituted by Podman to the real image name. On my system, this image exists as ",(0,o.kt)("inlineCode",{parentName:"p"},"quay.io/baude/demodb:latest"),"."),(0,o.kt)("p",null,"We can get a preview of what Podman would run using the ",(0,o.kt)("inlineCode",{parentName:"p"},"--display")," switch. In the case of my mariab image, a dry-run would show something like this:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},"$ sudo podman container runlabel --display run quay.io/baude/demodb:latest\nCommand: /proc/self/exe run --name some-mariadb -P -e MYSQL_ROOT_PASSWORD=x -dt quay.io/baude/demodb:latest\n")),(0,o.kt)("p",null,"Note how the IMAGE was translated into the image name. If we rerun the previous command and subtract the ",(0,o.kt)("inlineCode",{parentName:"p"},"--display")," option, podman will create the container exactly as described by the run label."),(0,o.kt)("p",null,"So, next time you create your own image, do yourself a favor and construct labels that Podman can read and simplify your life."))}u.isMDXComponent=!0},1382:(e,t,a)=>{a.d(t,{Z:()=>n});const n=a.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/453c4055.a53b83fd.js b/assets/js/453c4055.a53b83fd.js new file mode 100644 index 000000000..2de8eacca --- /dev/null +++ b/assets/js/453c4055.a53b83fd.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[59300],{77496:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/release/tags/podman","allTagsPath":"/release/tags","count":26}')}}]); \ No newline at end of file diff --git a/assets/js/45ca2515.5508fe6c.js b/assets/js/45ca2515.5508fe6c.js new file mode 100644 index 000000000..7b0dcfcd2 --- /dev/null +++ b/assets/js/45ca2515.5508fe6c.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[95018],{24557:e=>{e.exports=JSON.parse('{"label":"community","permalink":"/release/tags/community","allTagsPath":"/release/tags","count":26}')}}]); \ No newline at end of file diff --git a/assets/js/4741f96c.391f754a.js b/assets/js/4741f96c.69f5ce2c.js similarity index 78% rename from assets/js/4741f96c.391f754a.js rename to assets/js/4741f96c.69f5ce2c.js index 821b05d20..a8740f3e4 100644 --- a/assets/js/4741f96c.391f754a.js +++ b/assets/js/4741f96c.69f5ce2c.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[32810],{37251:a=>{a.exports=JSON.parse('{"permalink":"/blogs/tags/podman","page":1,"postsPerPage":10,"totalPages":19,"totalCount":190,"nextPage":"/blogs/tags/podman/page/2","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[32810],{37251:a=>{a.exports=JSON.parse('{"permalink":"/blogs/tags/podman","page":1,"postsPerPage":10,"totalPages":19,"totalCount":181,"nextPage":"/blogs/tags/podman/page/2","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/4a506fa9.02c7a56d.js b/assets/js/4a506fa9.86ba26ad.js similarity index 87% rename from assets/js/4a506fa9.02c7a56d.js rename to assets/js/4a506fa9.86ba26ad.js index a87335ef9..f0c1c8a01 100644 --- a/assets/js/4a506fa9.02c7a56d.js +++ b/assets/js/4a506fa9.86ba26ad.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[36694],{83941:s=>{s.exports=JSON.parse('{"label":"open source","permalink":"/blogs/tags/open-source","allTagsPath":"/blogs/tags","count":9}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[36694],{83941:s=>{s.exports=JSON.parse('{"label":"open source","permalink":"/blogs/tags/open-source","allTagsPath":"/blogs/tags","count":1}')}}]); \ No newline at end of file diff --git a/assets/js/4a70cc0d.aa4d4f4f.js b/assets/js/4a70cc0d.eb13f101.js similarity index 90% rename from assets/js/4a70cc0d.aa4d4f4f.js rename to assets/js/4a70cc0d.eb13f101.js index f41c865a6..0291e70e9 100644 --- a/assets/js/4a70cc0d.aa4d4f4f.js +++ b/assets/js/4a70cc0d.eb13f101.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[56948],{14872:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/blogs/tags/podman","allTagsPath":"/blogs/tags","count":190}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[56948],{14872:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/blogs/tags/podman","allTagsPath":"/blogs/tags","count":181}')}}]); \ No newline at end of file diff --git a/assets/js/4ad80290.23719dab.js b/assets/js/4ad80290.23719dab.js deleted file mode 100644 index 5aa2aaca3..000000000 --- a/assets/js/4ad80290.23719dab.js +++ /dev/null @@ -1 +0,0 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[24686],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>f});var a=n(67294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var l=a.createContext({}),c=function(e){var t=a.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},p=function(e){var t=c(e.components);return a.createElement(l.Provider,{value:t},e.children)},u="mdxType",m={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},d=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,o=e.originalType,l=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),u=c(n),d=r,f=u["".concat(l,".").concat(d)]||u[d]||m[d]||o;return n?a.createElement(f,i(i({ref:t},p),{},{components:n})):a.createElement(f,i({ref:t},p))}));function f(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var o=n.length,i=new Array(o);i[0]=d;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s[u]="string"==typeof e?e:r,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>m,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var a=n(87462),r=(n(67294),n(3905));const o={title:"Podman Alpha version 0.7.1 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},i=void 0,s={permalink:"/blogs/2018/07/09/podman-alpha-v0.7.1",source:"@site/blog/2018-07-09-podman-alpha-v0.7.1.md",title:"Podman Alpha version 0.7.1 Release Announcement",description:"podman logo",date:"2018-07-09T00:00:00.000Z",formattedDate:"July 9, 2018",tags:[{label:"community",permalink:"/blogs/tags/community"},{label:"open source",permalink:"/blogs/tags/open-source"},{label:"podman",permalink:"/blogs/tags/podman"}],readingTime:1.26,hasTruncateMarker:!0,authors:[{name:"bbaude"}],frontMatter:{title:"Podman Alpha version 0.7.1 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman Alpha version 0.7.2 Release Announcement",permalink:"/blogs/2018/07/16/podman-alpha-v0.7.2"},nextItem:{title:"Podman Alpha version 0.6.4 Release Announcement",permalink:"/blogs/2018/07/02/podman-alpha-v0.6.4"}},l={authorsImageUrls:[void 0]},c=[{value:"Other significant changes include:",id:"other-significant-changes-include",level:2}],p={toc:c},u="wrapper";function m(e){let{components:t,...o}=e;return(0,r.kt)(u,(0,a.Z)({},p,o,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("p",null,(0,r.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,r.kt)("h1",{id:"podman-release-071"},"Podman release 0.7.1"),(0,r.kt)("p",null,"Last week was a busy holiday week here in the United States, but we still managed a nice release full of interesting merges."),(0,r.kt)("p",null,"Many of the significant merges are going to be less than noticeable to users. A lot of updated vendor code was added as well as the removal of unused functions due to cgroups and platform changes."),(0,r.kt)("p",null,"Speaking of platform changes, one thing I have been working on the last few weeks is to cross-compile for Darwin from Linux. This was really our first need to deal with other platforms and was rather invasive at times. It took several merges over the last few weeks to complete but we have are able to ",(0,r.kt)("em",{parentName:"p"},"build")," a Darwin binary. I must emphasize ",(0,r.kt)("em",{parentName:"p"},"build")," because the binary is known to not run\u200a\u2014\u200aas there is a lengthy list of things that would need to be fixed or implemented first. Nevertheless, my goal here was to implement a CI test that would always perform the build so we can protect against subsequent regressions for Darwin should someone decide to work on that platform."),(0,r.kt)("h2",{id:"other-significant-changes-include"},"Other significant changes include:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"* several changes to the makefile to make it more efficient\n* fix parsing of short options by vendoring in a new urfave/cli\n* tutorial fixes\n* revert back to a shared cgroup for conmon processes\n* remove buildah requirement for the libpod image library\n* block use of /proc/acpi from inside containers\n* factor pkg/ctime into a separate package\n")))}m.isMDXComponent=!0},1382:(e,t,n)=>{n.d(t,{Z:()=>a});const a=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/4db9da1d.859ef4c9.js b/assets/js/4db9da1d.6867ceb0.js similarity index 81% rename from assets/js/4db9da1d.859ef4c9.js rename to assets/js/4db9da1d.6867ceb0.js index 9c31c4f93..484bdf5cc 100644 --- a/assets/js/4db9da1d.859ef4c9.js +++ b/assets/js/4db9da1d.6867ceb0.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[63022],{71204:a=>{a.exports=JSON.parse('{"permalink":"/blogs/tags/podman/page/3","page":3,"postsPerPage":10,"totalPages":19,"totalCount":190,"previousPage":"/blogs/tags/podman/page/2","nextPage":"/blogs/tags/podman/page/4","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[63022],{71204:a=>{a.exports=JSON.parse('{"permalink":"/blogs/tags/podman/page/3","page":3,"postsPerPage":10,"totalPages":19,"totalCount":181,"previousPage":"/blogs/tags/podman/page/2","nextPage":"/blogs/tags/podman/page/4","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/4e6ed8f3.fd168e34.js b/assets/js/4e6ed8f3.8206358e.js similarity index 60% rename from assets/js/4e6ed8f3.fd168e34.js rename to assets/js/4e6ed8f3.8206358e.js index 0dc320d2e..4e75f8b82 100644 --- a/assets/js/4e6ed8f3.fd168e34.js +++ b/assets/js/4e6ed8f3.8206358e.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[65533],{3905:(e,n,t)=>{t.d(n,{Zo:()=>p,kt:()=>b});var r=t(67294);function a(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function o(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);n&&(r=r.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,r)}return t}function i(e){for(var n=1;n=0||(a[t]=e[t]);return a}(e,n);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(a[t]=e[t])}return a}var c=r.createContext({}),d=function(e){var n=r.useContext(c),t=n;return e&&(t="function"==typeof e?e(n):i(i({},n),e)),t},p=function(e){var n=d(e.components);return r.createElement(c.Provider,{value:n},e.children)},l="mdxType",s={inlineCode:"code",wrapper:function(e){var n=e.children;return r.createElement(r.Fragment,{},n)}},f=r.forwardRef((function(e,n){var t=e.components,a=e.mdxType,o=e.originalType,c=e.parentName,p=u(e,["components","mdxType","originalType","parentName"]),l=d(t),f=a,b=l["".concat(c,".").concat(f)]||l[f]||s[f]||o;return t?r.createElement(b,i(i({ref:n},p),{},{components:t})):r.createElement(b,i({ref:n},p))}));function b(e,n){var t=arguments,a=n&&n.mdxType;if("string"==typeof e||a){var o=t.length,i=new Array(o);i[0]=f;var u={};for(var c in n)hasOwnProperty.call(n,c)&&(u[c]=n[c]);u.originalType=e,u[l]="string"==typeof e?e:a,i[1]=u;for(var d=2;d{t.r(n),t.d(n,{assets:()=>c,contentTitle:()=>i,default:()=>s,frontMatter:()=>o,metadata:()=>u,toc:()=>d});var r=t(87462),a=(t(67294),t(3905));const o={layout:"default",title:"How Podman packaging works on Linux",categories:["new"]},i=void 0,u={permalink:"/blogs/2022/10/03/new",source:"@site/blog/2022-10-03-new.md",title:"How Podman packaging works on Linux",description:"Get a deep dive into Podman packages for Debian and Ubuntu using Fedora Sources, OBS and Debbuild. Learn More!.",date:"2022-10-03T00:00:00.000Z",formattedDate:"October 3, 2022",tags:[],readingTime:.1,hasTruncateMarker:!1,authors:[],frontMatter:{layout:"default",title:"How Podman packaging works on Linux",categories:["new"]},prevItem:{title:"How Podman packaging works on Linux",permalink:"/blogs/2022/10/03/debbuild"},nextItem:{title:"Netavark and Aardvark-dns 1.2.0 released",permalink:"/blogs/2022/09/28/updated-1.2.0"}},c={authorsImageUrls:[]},d=[{value:"Get a deep dive into Podman packages for Debian and Ubuntu using Fedora Sources, OBS and Debbuild. Learn More!.",id:"get-a-deep-dive-into-podman-packages-for-debian-and-ubuntu-using-fedora-sources-obs-and-debbuild-learn-more",level:2}],p={toc:d},l="wrapper";function s(e){let{components:n,...t}=e;return(0,a.kt)(l,(0,r.Z)({},p,t,{components:n,mdxType:"MDXLayout"}),(0,a.kt)("h2",{id:"get-a-deep-dive-into-podman-packages-for-debian-and-ubuntu-using-fedora-sources-obs-and-debbuild-learn-more"},"Get a deep dive into Podman packages for Debian and Ubuntu using Fedora Sources, OBS and Debbuild. ",(0,a.kt)("a",{parentName:"h2",href:"https://opensource.com/article/22/9/podman-packages-linux"},"Learn More!"),"."))}s.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[65533],{3905:(e,n,t)=>{t.d(n,{Zo:()=>p,kt:()=>m});var r=t(67294);function a(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function o(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);n&&(r=r.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,r)}return t}function i(e){for(var n=1;n=0||(a[t]=e[t]);return a}(e,n);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(a[t]=e[t])}return a}var c=r.createContext({}),l=function(e){var n=r.useContext(c),t=n;return e&&(t="function"==typeof e?e(n):i(i({},n),e)),t},p=function(e){var n=l(e.components);return r.createElement(c.Provider,{value:n},e.children)},d="mdxType",s={inlineCode:"code",wrapper:function(e){var n=e.children;return r.createElement(r.Fragment,{},n)}},f=r.forwardRef((function(e,n){var t=e.components,a=e.mdxType,o=e.originalType,c=e.parentName,p=u(e,["components","mdxType","originalType","parentName"]),d=l(t),f=a,m=d["".concat(c,".").concat(f)]||d[f]||s[f]||o;return t?r.createElement(m,i(i({ref:n},p),{},{components:t})):r.createElement(m,i({ref:n},p))}));function m(e,n){var t=arguments,a=n&&n.mdxType;if("string"==typeof e||a){var o=t.length,i=new Array(o);i[0]=f;var u={};for(var c in n)hasOwnProperty.call(n,c)&&(u[c]=n[c]);u.originalType=e,u[d]="string"==typeof e?e:a,i[1]=u;for(var l=2;l{t.r(n),t.d(n,{assets:()=>c,contentTitle:()=>i,default:()=>s,frontMatter:()=>o,metadata:()=>u,toc:()=>l});var r=t(87462),a=(t(67294),t(3905));const o={layout:"default",title:"How Podman packaging works on Linux",categories:["new"]},i=void 0,u={permalink:"/blogs/2022/10/03/new",source:"@site/blog/2022-10-03-new.md",title:"How Podman packaging works on Linux",description:"Get a deep dive into Podman packages for Debian and Ubuntu using Fedora Sources, OBS and Debbuild. Learn More!.",date:"2022-10-03T00:00:00.000Z",formattedDate:"October 3, 2022",tags:[],readingTime:.1,hasTruncateMarker:!1,authors:[],frontMatter:{layout:"default",title:"How Podman packaging works on Linux",categories:["new"]},prevItem:{title:"How Podman packaging works on Linux",permalink:"/blogs/2022/10/03/debbuild"},nextItem:{title:"Podman v4.2.0 Released",permalink:"/blogs/2022/08/17/new"}},c={authorsImageUrls:[]},l=[{value:"Get a deep dive into Podman packages for Debian and Ubuntu using Fedora Sources, OBS and Debbuild. Learn More!.",id:"get-a-deep-dive-into-podman-packages-for-debian-and-ubuntu-using-fedora-sources-obs-and-debbuild-learn-more",level:2}],p={toc:l},d="wrapper";function s(e){let{components:n,...t}=e;return(0,a.kt)(d,(0,r.Z)({},p,t,{components:n,mdxType:"MDXLayout"}),(0,a.kt)("h2",{id:"get-a-deep-dive-into-podman-packages-for-debian-and-ubuntu-using-fedora-sources-obs-and-debbuild-learn-more"},"Get a deep dive into Podman packages for Debian and Ubuntu using Fedora Sources, OBS and Debbuild. ",(0,a.kt)("a",{parentName:"h2",href:"https://opensource.com/article/22/9/podman-packages-linux"},"Learn More!"),"."))}s.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/4ed45869.8a694d15.js b/assets/js/4ed45869.8a694d15.js new file mode 100644 index 000000000..09eb9a3c6 --- /dev/null +++ b/assets/js/4ed45869.8a694d15.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[86754],{83623:e=>{e.exports=JSON.parse('{"permalink":"/release/tags/open-source/page/3","page":3,"postsPerPage":10,"totalPages":3,"totalCount":25,"previousPage":"/release/tags/open-source/page/2","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/4ef7ce65.15fb41dc.js b/assets/js/4ef7ce65.15fb41dc.js new file mode 100644 index 000000000..b31831793 --- /dev/null +++ b/assets/js/4ef7ce65.15fb41dc.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[72184],{3905:(e,n,t)=>{t.d(n,{Zo:()=>p,kt:()=>h});var a=t(67294);function o(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function r(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);n&&(a=a.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,a)}return t}function s(e){for(var n=1;n=0||(o[t]=e[t]);return o}(e,n);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(o[t]=e[t])}return o}var l=a.createContext({}),m=function(e){var n=a.useContext(l),t=n;return e&&(t="function"==typeof e?e(n):s(s({},n),e)),t},p=function(e){var n=m(e.components);return a.createElement(l.Provider,{value:n},e.children)},d="mdxType",u={inlineCode:"code",wrapper:function(e){var n=e.children;return a.createElement(a.Fragment,{},n)}},c=a.forwardRef((function(e,n){var t=e.components,o=e.mdxType,r=e.originalType,l=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),d=m(t),c=o,h=d["".concat(l,".").concat(c)]||d[c]||u[c]||r;return t?a.createElement(h,s(s({ref:n},p),{},{components:t})):a.createElement(h,s({ref:n},p))}));function h(e,n){var t=arguments,o=n&&n.mdxType;if("string"==typeof e||o){var r=t.length,s=new Array(r);s[0]=c;var i={};for(var l in n)hasOwnProperty.call(n,l)&&(i[l]=n[l]);i.originalType=e,i[d]="string"==typeof e?e:o,s[1]=i;for(var m=2;m{t.r(n),t.d(n,{assets:()=>l,contentTitle:()=>s,default:()=>u,frontMatter:()=>r,metadata:()=>i,toc:()=>m});var a=t(87462),o=(t(67294),t(3905));const r={title:"Podman v2.1.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},s="Podman Release 2.1.0",i={permalink:"/release/2020/10/05/podman-release-v2.1.0",source:"@site/release/2020-10-05-podman-release-v2.1.0.md",title:"Podman v2.1.0 Released",description:"podman logo",date:"2020-10-05T00:00:00.000Z",formattedDate:"October 5, 2020",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"}],readingTime:1.69,hasTruncateMarker:!1,authors:[{name:"mheon"}],frontMatter:{title:"Podman v2.1.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman v2.2.0 Released",permalink:"/release/2020/12/14/podman-release-v2.2.0"},nextItem:{title:"Podman v1.9.0 Released",permalink:"/release/2020/04/17/podman-release-v1.9.0"}},l={authorsImageUrls:[void 0]},m=[{value:"Podman 2.1 has been released!",id:"podman-21-has-been-released",level:2}],p={toc:m},d="wrapper";function u(e){let{components:n,...r}=e;return(0,o.kt)(d,(0,a.Z)({},p,r,{components:n,mdxType:"MDXLayout"}),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"podman logo",src:t(1382).Z,width:"228",height:"61"})),(0,o.kt)("h2",{id:"podman-21-has-been-released"},"Podman 2.1 has been released!"),(0,o.kt)("p",null,"Podman v2.1.0 has just been released! This is one of our largest releases ever, and features numerous new features, over 50 bugs fixed, and extensive work on the REST API. Read on for more details!"),(0,o.kt)("p",null,"Our biggest announcement is that rootless Podman now supports inter-container networking. Previously, it was impossible for rootless Podman containers to communicate directly with each other without using pods. Now, by joining rootless containers to a network, they can communicate with other containers in the same network in the same manner as containers running with full root privileges. This is a major improvement to rootless networking, and addresses one of the largest gaps between running Podman with and without root."),(0,o.kt)("p",null,"We\u2019ve also enabled a number of new features for images. Podman can now mount images (read-only) so their contents can be viewed without creating a container based on the image, using the ",(0,o.kt)("inlineCode",{parentName:"p"},"podman image mount")," command. Additionally, ",(0,o.kt)("inlineCode",{parentName:"p"},"podman save")," and ",(0,o.kt)("inlineCode",{parentName:"p"},"podman load")," can now work with archives containing multiple images, instead of only one at a time. Finally, Podman\u2019s pull logic has been reworked to retry pulling images when a pull fails due to network issues."),(0,o.kt)("p",null,"The ",(0,o.kt)("inlineCode",{parentName:"p"},"podman play kube")," command has also been a focus of attention. It now handles many additional options from Kubernetes YAML. These include support for new volume types (mounting sockets into your pods and setting volumes as read-only), setting restart policy for pods, adding entries to ",(0,o.kt)("inlineCode",{parentName:"p"},"/etc/hosts"),", and many more. These features are available to anyone using ",(0,o.kt)("inlineCode",{parentName:"p"},"podman generate kube")," as well."),(0,o.kt)("p",null,"In addition, there are numerous small improvements. Volume mounts can now use the ",(0,o.kt)("inlineCode",{parentName:"p"},":O")," option to be created as overlay mounts - mounts where changes made by the container will not be propagated back to the host. Podman now supports setting the timezone of containers (using the ",(0,o.kt)("inlineCode",{parentName:"p"},"--tz")," flag). The ",(0,o.kt)("inlineCode",{parentName:"p"},"podman ps")," command now supports a ",(0,o.kt)("inlineCode",{parentName:"p"},"--storage")," option which will display all containers on the system, even those not managed by Podman (e.g. Buildah and CRI-O containers)."))}u.isMDXComponent=!0},1382:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/4fbbeb6d.00330344.js b/assets/js/4fbbeb6d.00330344.js new file mode 100644 index 000000000..5e9793530 --- /dev/null +++ b/assets/js/4fbbeb6d.00330344.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[42798],{3905:(e,n,t)=>{t.d(n,{Zo:()=>p,kt:()=>f});var a=t(67294);function o(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function r(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);n&&(a=a.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,a)}return t}function i(e){for(var n=1;n=0||(o[t]=e[t]);return o}(e,n);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(o[t]=e[t])}return o}var m=a.createContext({}),d=function(e){var n=a.useContext(m),t=n;return e&&(t="function"==typeof e?e(n):i(i({},n),e)),t},p=function(e){var n=d(e.components);return a.createElement(m.Provider,{value:n},e.children)},l="mdxType",u={inlineCode:"code",wrapper:function(e){var n=e.children;return a.createElement(a.Fragment,{},n)}},c=a.forwardRef((function(e,n){var t=e.components,o=e.mdxType,r=e.originalType,m=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),l=d(t),c=o,f=l["".concat(m,".").concat(c)]||l[c]||u[c]||r;return t?a.createElement(f,i(i({ref:n},p),{},{components:t})):a.createElement(f,i({ref:n},p))}));function f(e,n){var t=arguments,o=n&&n.mdxType;if("string"==typeof e||o){var r=t.length,i=new Array(r);i[0]=c;var s={};for(var m in n)hasOwnProperty.call(n,m)&&(s[m]=n[m]);s.originalType=e,s[l]="string"==typeof e?e:o,i[1]=s;for(var d=2;d{t.r(n),t.d(n,{assets:()=>m,contentTitle:()=>i,default:()=>u,frontMatter:()=>r,metadata:()=>s,toc:()=>d});var a=t(87462),o=(t(67294),t(3905));const r={title:"Podman v4.3.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman","hpc","kubernetes"]},i="Podman Release v4.3.0",s={permalink:"/release/2022/10/22/podman-release-v4.3.0",source:"@site/release/2022-10-22-podman-release-v4.3.0.md",title:"Podman v4.3.0 Released",description:"podman logo",date:"2022-10-22T00:00:00.000Z",formattedDate:"October 22, 2022",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"},{label:"hpc",permalink:"/release/tags/hpc"},{label:"kubernetes",permalink:"/release/tags/kubernetes"}],readingTime:2.4,hasTruncateMarker:!1,authors:[{name:"mheon"}],frontMatter:{title:"Podman v4.3.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman","hpc","kubernetes"]},nextItem:{title:"Netavark and Aardvark-dns 1.2.0 released",permalink:"/release/2022/09/28/updated-1.2.0"}},m={authorsImageUrls:[void 0]},d=[],p={toc:d},l="wrapper";function u(e){let{components:n,...r}=e;return(0,o.kt)(l,(0,a.Z)({},p,r,{components:n,mdxType:"MDXLayout"}),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"podman logo",src:t(1382).Z,width:"228",height:"61"})),(0,o.kt)("p",null,"Podman 4.3.0 is now available! There\u2019s a lot to be excited about, including numerous new features, over 30 bug fixes, and many other improvements. A major focus of 4.3 has been on improving Docker compatibility, including the addition of many missing options and aliases to Podman\u2019s command line to further our efforts to make transitioning to Podman a seamless change. Podman\u2019s integration with Kubernetes has also seen many improvements, including improved integration with systemd and support for automatic updates. Read on for more details and these changes and more!"),(0,o.kt)("p",null,"The Podman team made improved compatibility with Docker a priority for Podman 4.3. We audited Podman\u2019s commands against the Docker command line tool to identify missing and unsupported options and then set to work adding and fixing differences. As part of these, we added a dozen new options to various Podman commands, with many of these being missing aliases for existing options. A new set of commands, ",(0,o.kt)("inlineCode",{parentName:"p"},"podman context"),", have been added for compatibility with ",(0,o.kt)("inlineCode",{parentName:"p"},"docker context"),". These are also aliases (for ",(0,o.kt)("inlineCode",{parentName:"p"},"podman system connection")," commands), and will usually be hidden as they are only required for scripts originally written to use Docker. We have also removed a known incompatibility with Docker in Podman\u2019s volume handling. Docker compatibility remains a focus for Podman, and we will continue our efforts to make migrating to Podman effortless."),(0,o.kt)("p",null,"Podman\u2019s Kubernetes integration also saw numerous changes, the biggest of which is the creation of the ",(0,o.kt)("inlineCode",{parentName:"p"},"podman kube")," command. Previously, Kubernetes YAML was generated with ",(0,o.kt)("inlineCode",{parentName:"p"},"podman generate kube")," and ran with ",(0,o.kt)("inlineCode",{parentName:"p"},"podman play kube"),", but users found this confusing - it wasn\u2019t immediately obvious from ",(0,o.kt)("inlineCode",{parentName:"p"},"podman help")," that the commands existed. By moving the commands to ",(0,o.kt)("inlineCode",{parentName:"p"},"podman kube generate")," and ",(0,o.kt)("inlineCode",{parentName:"p"},"podman kube play")," and introducing a new command to tear down pods (",(0,o.kt)("inlineCode",{parentName:"p"},"podman kube down"),"), we consolidated all Kubernetes commands in one easy-to-find place. The ",(0,o.kt)("inlineCode",{parentName:"p"},"podman generate kube"),", and ",(0,o.kt)("inlineCode",{parentName:"p"},"podman play kube")," commands will continue to work, but the new ",(0,o.kt)("inlineCode",{parentName:"p"},"podman kube")," commands will be preferred."),(0,o.kt)("p",null,"Of course, we didn\u2019t stop at just renaming commands. We\u2019ve made a number of further additions to ",(0,o.kt)("inlineCode",{parentName:"p"},"podman kube play"),", most notably improved systemd integration. In Podman 4.2, we added ",(0,o.kt)("inlineCode",{parentName:"p"},"podman-kube@.service")," to allow pods created with ",(0,o.kt)("inlineCode",{parentName:"p"},"podman kube play")," to be managed with systemd. With Podman 4.3, we\u2019ve improved this in two significant ways. First, pods using ",(0,o.kt)("inlineCode",{parentName:"p"},"podman-kube@.service")," can now use sdnotify to verify to systemd that they have started. This laid the groundwork for the following major change: Pods from ",(0,o.kt)("inlineCode",{parentName:"p"},"podman-kube@.service")," now support Podman\u2019s auto-updated mechanism, enabled using an annotation (",(0,o.kt)("inlineCode",{parentName:"p"},"io.containers.auto-update"),"). Furthermore, we made several improvements to ",(0,o.kt)("inlineCode",{parentName:"p"},"podman kube play"),", including support for ",(0,o.kt)("inlineCode",{parentName:"p"},"emptyDir")," volumes, support for user namespaces via ",(0,o.kt)("inlineCode",{parentName:"p"},"HostUsers"),", and support for binary data in ConfigMaps."),(0,o.kt)("p",null,"These are just a few of the over 30 features and bug fixes included in Podman 4.3.0. Be sure to check out the ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/releases/tag/v4.3.0"},"release notes")," for more details!"))}u.isMDXComponent=!0},1382:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/5183b70e.5258fdf2.js b/assets/js/5183b70e.5258fdf2.js deleted file mode 100644 index fc6359a73..000000000 --- a/assets/js/5183b70e.5258fdf2.js +++ /dev/null @@ -1 +0,0 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[52916],{3905:(n,e,a)=>{a.d(e,{Zo:()=>m,kt:()=>h});var t=a(67294);function o(n,e,a){return e in n?Object.defineProperty(n,e,{value:a,enumerable:!0,configurable:!0,writable:!0}):n[e]=a,n}function r(n,e){var a=Object.keys(n);if(Object.getOwnPropertySymbols){var t=Object.getOwnPropertySymbols(n);e&&(t=t.filter((function(e){return Object.getOwnPropertyDescriptor(n,e).enumerable}))),a.push.apply(a,t)}return a}function i(n){for(var e=1;e=0||(o[a]=n[a]);return o}(n,e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(n);for(t=0;t=0||Object.prototype.propertyIsEnumerable.call(n,a)&&(o[a]=n[a])}return o}var s=t.createContext({}),p=function(n){var e=t.useContext(s),a=e;return n&&(a="function"==typeof n?n(e):i(i({},e),n)),a},m=function(n){var e=p(n.components);return t.createElement(s.Provider,{value:e},n.children)},d="mdxType",c={inlineCode:"code",wrapper:function(n){var e=n.children;return t.createElement(t.Fragment,{},e)}},u=t.forwardRef((function(n,e){var a=n.components,o=n.mdxType,r=n.originalType,s=n.parentName,m=l(n,["components","mdxType","originalType","parentName"]),d=p(a),u=o,h=d["".concat(s,".").concat(u)]||d[u]||c[u]||r;return a?t.createElement(h,i(i({ref:e},m),{},{components:a})):t.createElement(h,i({ref:e},m))}));function h(n,e){var a=arguments,o=e&&e.mdxType;if("string"==typeof n||o){var r=a.length,i=new Array(r);i[0]=u;var l={};for(var s in e)hasOwnProperty.call(e,s)&&(l[s]=e[s]);l.originalType=n,l[d]="string"==typeof n?n:o,i[1]=l;for(var p=2;p{a.r(e),a.d(e,{assets:()=>s,contentTitle:()=>i,default:()=>c,frontMatter:()=>r,metadata:()=>l,toc:()=>p});var t=a(87462),o=(a(67294),a(3905));const r={title:"Programmatic remote access to Podman via the varlink protocol",layout:"default",author:"haraldh",categories:["blogs"],tags:["podman","varlink","rust","python","go","golang"]},i=void 0,l={permalink:"/blogs/2019/01/16/podman-varlink",source:"@site/blog/2019-01-16-podman-varlink.md",title:"Programmatic remote access to Podman via the varlink protocol",description:"podman logo",date:"2019-01-16T00:00:00.000Z",formattedDate:"January 16, 2019",tags:[{label:"podman",permalink:"/blogs/tags/podman"},{label:"varlink",permalink:"/blogs/tags/varlink"},{label:"rust",permalink:"/blogs/tags/rust"},{label:"python",permalink:"/blogs/tags/python"},{label:"go",permalink:"/blogs/tags/go"},{label:"golang",permalink:"/blogs/tags/golang"}],readingTime:7.015,hasTruncateMarker:!0,authors:[{name:"haraldh"}],frontMatter:{title:"Programmatic remote access to Podman via the varlink protocol",layout:"default",author:"haraldh",categories:["blogs"],tags:["podman","varlink","rust","python","go","golang"]},prevItem:{title:"Podman v1.0.0 Released",permalink:"/blogs/2019/01/16/podman-release-v1.0.0"},nextItem:{title:"Managing pods and containers in a local container runtime",permalink:"/blogs/2019/01/15/podman-pods"}},s={authorsImageUrls:[void 0]},p=[{value:"By Harald Hoyer GitHub",id:"by-harald-hoyer-github",level:2},{value:"Prerequisites",id:"prerequisites",level:2},{value:"Windows ssh",id:"windows-ssh",level:3},{value:"Generate ssh keys",id:"generate-ssh-keys",level:3},{value:"Set up Podman on the Fedora/RHEL machine",id:"set-up-podman-on-the-fedorarhel-machine",level:2},{value:"ssh config",id:"ssh-config",level:3},{value:"Optional Lock Down",id:"optional-lock-down",level:3},{value:"Python",id:"python",level:2},{value:"Install Python",id:"install-python",level:3},{value:"Install varlink for Python",id:"install-varlink-for-python",level:3},{value:"Test if the varlink cli module works",id:"test-if-the-varlink-cli-module-works",level:3},{value:"Interfacing Podman with the python cli module",id:"interfacing-podman-with-the-python-cli-module",level:3},{value:"Python Client Example",id:"python-client-example",level:3},{value:"Go",id:"go",level:2},{value:"Installation",id:"installation",level:3},{value:"Running the varlink CLI command",id:"running-the-varlink-cli-command",level:3},{value:"Go Client Example",id:"go-client-example",level:3},{value:"Rust",id:"rust",level:2},{value:"Install the rust toolchain",id:"install-the-rust-toolchain",level:3},{value:"Windows",id:"windows",level:4},{value:"All",id:"all",level:4},{value:"Install varlink-cli",id:"install-varlink-cli",level:3},{value:"For non-Linux systems:",id:"for-non-linux-systems",level:4},{value:"For Linux systems:",id:"for-linux-systems",level:4},{value:"Running the varlink CLI command",id:"running-the-varlink-cli-command-1",level:3},{value:"Rust Client Example",id:"rust-client-example",level:3}],m={toc:p},d="wrapper";function c(n){let{components:e,...r}=n;return(0,o.kt)(d,(0,t.Z)({},m,r,{components:e,mdxType:"MDXLayout"}),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"podman logo",src:a(1382).Z,width:"228",height:"61"})),(0,o.kt)("h1",{id:"programmatic-remote-access-to-podman-via-the-varlink-protocol"},"Programmatic remote access to Podman via the varlink protocol"),(0,o.kt)("h2",{id:"by-harald-hoyer-github"},"By Harald Hoyer ",(0,o.kt)("a",{parentName:"h2",href:"https://github.com/haraldh"},"GitHub")),(0,o.kt)("p",null,"This guide shows how to access Podman remotely via the ",(0,o.kt)("a",{parentName:"p",href:"https://varlink.org"},"varlink interface"),"\nwith CLI tools and programmatically with python, go and rust."),(0,o.kt)("p",null,"This should work on Linux, MacOS and Windows 10."),(0,o.kt)("p",null,"The ",(0,o.kt)("a",{parentName:"p",href:"https://varlink.org/Language-Bindings"},"compatibility matrix")," shows which feature is supported on which OS in which language."),(0,o.kt)("blockquote",null,(0,o.kt)("p",{parentName:"blockquote"},"Note: replace ",(0,o.kt)("inlineCode",{parentName:"p"},"")," in this guide with the IP or hostname of your\nPodman machine")),(0,o.kt)("h2",{id:"prerequisites"},"Prerequisites"),(0,o.kt)("h3",{id:"windows-ssh"},"Windows ssh"),(0,o.kt)("p",null,"If you are on a windows client machine, install the OpenSSH Client built by Microsoft in a cmd.exe in\nadmin mode:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-cmd"},"> dism /online /Add-Capability /CapabilityName:OpenSSH.Client~~~~0.0.1.0\n")),(0,o.kt)("p",null,"Close cmd.exe window."),(0,o.kt)("blockquote",null,(0,o.kt)("p",{parentName:"blockquote"},"Note: Works also with other ssh clients, e.g. ssh from ",(0,o.kt)("a",{parentName:"p",href:"https://gitforwindows.org/"},"Git Bash"),".")),(0,o.kt)("h3",{id:"generate-ssh-keys"},"Generate ssh keys"),(0,o.kt)("p",null,"If you don't want to type your password all the time, or not use an ssh agent, set an empty password."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},"$ ssh-keygen -f ~/.ssh/podmanuser\n")),(0,o.kt)("h2",{id:"set-up-podman-on-the-fedorarhel-machine"},"Set up Podman on the Fedora/RHEL machine"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},"$ sudo yum install podman libvarlink-util\n$ sudo groupadd podman\n")),(0,o.kt)("p",null,"Copy ",(0,o.kt)("inlineCode",{parentName:"p"},"/lib/tmpfiles.d/podman.conf")," to ",(0,o.kt)("inlineCode",{parentName:"p"},"/etc/tmpfiles.d/podman.conf"),"."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},"$ sudo cp /lib/tmpfiles.d/podman.conf /etc/tmpfiles.d/podman.conf\n")),(0,o.kt)("p",null,"Edit ",(0,o.kt)("inlineCode",{parentName:"p"},"/etc/tmpfiles.d/podman.conf"),":"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},"d /run/podman 0750 root podman\n")),(0,o.kt)("p",null,"Copy ",(0,o.kt)("inlineCode",{parentName:"p"},"/lib/systemd/system/io.podman.socket")," to ",(0,o.kt)("inlineCode",{parentName:"p"},"/etc/systemd/system/io.podman.socket"),"."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},"$ sudo cp /lib/systemd/system/io.podman.socket /etc/systemd/system/io.podman.socket\n")),(0,o.kt)("p",null,"Edit section ",(0,o.kt)("inlineCode",{parentName:"p"},"[Socket]")," of ",(0,o.kt)("inlineCode",{parentName:"p"},"/etc/systemd/system/io.podman.socket"),":"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},"[Socket]\nListenStream=/run/podman/io.podman\nSocketMode=0660\nSocketGroup=podman\n")),(0,o.kt)("p",null,"Then activate the changes:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},"$ sudo systemctl daemon-reload\n$ sudo systemd-tmpfiles --create\n$ sudo systemctl enable --now io.podman.socket\n")),(0,o.kt)("p",null,"The directory and socket now belongs to the podman group"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},"$ sudo ls -al /run/podman\ndrwxr-x---. 2 root podman 60 14. Jan 14:50 .\ndrwxr-xr-x. 51 root root 1420 14. Jan 14:36 ..\nsrw-rw----. 1 root podman 0 14. Jan 14:50 io.podman\n")),(0,o.kt)("blockquote",null,(0,o.kt)("p",{parentName:"blockquote"},"Note: Wouldn't it be nice, if there was a Podman group owning the socket already? ;-)")),(0,o.kt)("p",null,"Now we are adding a user ",(0,o.kt)("inlineCode",{parentName:"p"},"podmanuser")," and set a password:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},"$ sudo useradd podmanuser -G podman\n$ sudo passwd podmanuser\n")),(0,o.kt)("p",null,"From your client machine do"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},"$ ssh-copy-id -f ~/.ssh/podmanuser podmanuser@\n")),(0,o.kt)("h3",{id:"ssh-config"},"ssh config"),(0,o.kt)("p",null,"Edit ",(0,o.kt)("inlineCode",{parentName:"p"},".ssh/config")),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},"Host \n RequestTTY no\n IdentityFile ~/.ssh/podmanuser\n User podmanuser\n VisualHostKey no\n RemoteCommand /usr/bin/varlink bridge --connect unix:/run/podman/io.podman\n GSSAPIAuthentication no\n ForwardX11 no\n")),(0,o.kt)("h3",{id:"optional-lock-down"},"Optional Lock Down"),(0,o.kt)("p",null,"Log into ",(0,o.kt)("inlineCode",{parentName:"p"},"")),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},"$ ssh podmanuser@\n")),(0,o.kt)("p",null,"Now we lock down ",(0,o.kt)("inlineCode",{parentName:"p"},"podmanuser")," to only be used with the varlink bridge from your client machine:"),(0,o.kt)("p",null,"Edit ",(0,o.kt)("inlineCode",{parentName:"p"},".ssh/authorized-keys")," so that the line begins with:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},'command="/usr/bin/varlink bridge --connect unix:/run/podman/io.podman",no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-X11-forwarding ssh-rsa [\u2026]\n')),(0,o.kt)("p",null,"Log out of ",(0,o.kt)("inlineCode",{parentName:"p"},"")),(0,o.kt)("h2",{id:"python"},"Python"),(0,o.kt)("h3",{id:"install-python"},"Install Python"),(0,o.kt)("p",null,(0,o.kt)("a",{parentName:"p",href:"https://www.python.org/downloads/"},"https://www.python.org/downloads/")),(0,o.kt)("h3",{id:"install-varlink-for-python"},"Install varlink for Python"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},'$ pip install --user "varlink>=30.0.2"\n')),(0,o.kt)("h3",{id:"test-if-the-varlink-cli-module-works"},"Test if the varlink cli module works"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},"$ python -m varlink.cli --help\nusage: cli.py [-h] [-r RESOLVER] [-A ACTIVATE] [-b BRIDGE]\n {info,help,bridge,call} ...\n\u2026\n")),(0,o.kt)("h3",{id:"interfacing-podman-with-the-python-cli-module"},"Interfacing Podman with the python cli module"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},'$ python -m varlink.cli --bridge "ssh " info\ninfo\n.1:1234\nVendor: Atomic\nProduct: podman\nVersion: 0.10.1\nURL: https://github.com/containers/podman\nInterfaces:\n org.varlink.service\n io.podman\n\n$ python -m varlink.cli --bridge "ssh " call io.podman.Ping {}\n{\n "ping": {\n "message": "OK"\n }\n}\n')),(0,o.kt)("h3",{id:"python-client-example"},"Python Client Example"),(0,o.kt)("p",null,(0,o.kt)("inlineCode",{parentName:"p"},"podmanclient.py"),":"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-python"},'import varlink\n\nwith varlink.Client.new_with_bridge(["ssh", ""]) as client:\n with client.open("io.podman") as podman:\n print(podman.Ping())\n print(podman.GetInfo())\n print(podman.GetVersion())\n\n info = podman.GetInfo()\n print("Uptime:", info["info"]["host"]["uptime"])\n print("Os:", info["info"]["host"]["os"])\n\n try:\n podman.MountContainer("container-id")\n except varlink.error.VarlinkError as e:\n print(e.error(), e.parameters())\n print(e.as_dict())\n')),(0,o.kt)("p",null,"To find out more about the Podman varlink interface read the ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/cmd/podman/varlink/io.podman.varlink"},"io.podman.varlink")," file or\nthe rendered ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/API.md"},"API.md"),"."),(0,o.kt)("p",null,"Or you can inspect, what methods your Podman version on ",(0,o.kt)("inlineCode",{parentName:"p"},"")," provides:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},'$ python -m varlink.cli --bridge "ssh " help io.podman\n')),(0,o.kt)("h2",{id:"go"},"Go"),(0,o.kt)("h3",{id:"installation"},"Installation"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},"$ go get -u github.com/varlink/go/varlink\n$ go install github.com/varlink/go/cmd/varlink\n$ go install github.com/varlink/go/cmd/varlink-go-interface-generator\n")),(0,o.kt)("h3",{id:"running-the-varlink-cli-command"},"Running the varlink CLI command"),(0,o.kt)("p",null,"The ",(0,o.kt)("inlineCode",{parentName:"p"},"varlink")," CLI command in ",(0,o.kt)("inlineCode",{parentName:"p"},"$GOPATH/bin")," should output:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},'$ varlink --bridge "ssh " info\nVendor: Atomic\nProduct: podman\nVersion: 0.10.1\nURL: https://github.com/containers/podman\nInterfaces:\n org.varlink.service\n io.podman\n$ varlink --bridge "ssh " call io.podman.Ping\n{\n "ping": {\n "message": "OK"\n }\n}\n\n$ varlink --bridge "ssh " call io.podman.MountContainer "{\\"name\\": \\"container-id\\"}"\nError: Call failed with error: io.podman.ErrorOccurred\n{\n "reason": "no container with name or ID container-id found: no such container"\n}\n')),(0,o.kt)("p",null,"To find out more about the Podman varlink interface read the ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/cmd/podman/varlink/io.podman.varlink"},"io.podman.varlink")," file or\nthe rendered ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/API.md"},"API.md"),"."),(0,o.kt)("p",null,"Or you can inspect, what methods your Podman version on ",(0,o.kt)("inlineCode",{parentName:"p"},"")," provides:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},'$ varlink --bridge "ssh " help io.podman\n')),(0,o.kt)("h3",{id:"go-client-example"},"Go Client Example"),(0,o.kt)("p",null,"Either clone this ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/haraldh/podmangoexampleclient"},"repository")," or:"),(0,o.kt)("p",null,"Create a new go project.\nCreate a sub directory ",(0,o.kt)("inlineCode",{parentName:"p"},"iopodman")," in the project."),(0,o.kt)("p",null,"Create the ",(0,o.kt)("inlineCode",{parentName:"p"},"io.podman.varlink")," either from the podman github sources or dynamically with:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},'$ varlink --bridge "ssh " help io.podman > iopodman/io.podman.varlink\n')),(0,o.kt)("p",null,"Create iopodman/generate.go:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-go"},"package iopodman\n\n//go:generate $GOPATH/bin/varlink-go-interface-generator io.podman.varlink\n")),(0,o.kt)("p",null,"Run ",(0,o.kt)("inlineCode",{parentName:"p"},"go generate"),":"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},"$ go generate ./...\n")),(0,o.kt)("p",null,"Create your main.go:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-go"},'package main\n\nimport (\n "flag"\n "fmt"\n "github.com/haraldh/podmangoexampleclient/iopodman"\n "github.com/varlink/go/varlink"\n "io"\n "os"\n)\n\nfunc printError(methodname string, err error) {\n fmt.Fprintf(os.Stderr, "Error calling %s: ", methodname)\n switch e := err.(type) {\n case *iopodman.ImageNotFound:\n //error ImageNotFound (name: string)\n fmt.Fprintf(os.Stderr, "\'%v\' name=\'%s\'\\n", e, e.Name)\n\n case *iopodman.ContainerNotFound:\n //error ContainerNotFound (name: string)\n fmt.Fprintf(os.Stderr, "\'%v\' name=\'%s\'\\n", e, e.Name)\n\n case *iopodman.NoContainerRunning:\n //error NoContainerRunning ()\n fmt.Fprintf(os.Stderr, "\'%v\'\\n", e)\n\n case *iopodman.PodNotFound:\n //error PodNotFound (name: string)\n fmt.Fprintf(os.Stderr, "\'%v\' name=\'%s\'\\n", e, e.Name)\n\n case *iopodman.PodContainerError:\n //error PodContainerError (podname: string, errors: []PodContainerErrorData)\n fmt.Fprintf(os.Stderr, "\'%v\' podname=\'%s\' errors=\'%v\'\\n", e, e.Podname, e.Errors)\n\n case *iopodman.NoContainersInPod:\n //error NoContainersInPod (name: string)\n fmt.Fprintf(os.Stderr, "\'%v\' name=\'%s\'\\n", e, e.Name)\n\n case *iopodman.ErrorOccurred:\n //error ErrorOccurred (reason: string)\n fmt.Fprintf(os.Stderr, "\'%v\' reason=\'%s\'\\n", e, e.Reason)\n\n case *iopodman.RuntimeError:\n //error RuntimeError (reason: string)\n fmt.Fprintf(os.Stderr, "\'%v\' reason=\'%s\'\\n", e, e.Reason)\n\n case *varlink.InvalidParameter:\n fmt.Fprintf(os.Stderr, "\'%v\' parameter=\'%s\'\\n", e, e.Parameter)\n\n case *varlink.MethodNotFound:\n fmt.Fprintf(os.Stderr, "\'%v\' method=\'%s\'\\n", e, e.Method)\n\n case *varlink.MethodNotImplemented:\n fmt.Fprintf(os.Stderr, "\'%v\' method=\'%s\'\\n", e, e.Method)\n\n case *varlink.InterfaceNotFound:\n fmt.Fprintf(os.Stderr, "\'%v\' interface=\'%s\'\\n", e, e.Interface)\n\n case *varlink.Error:\n fmt.Fprintf(os.Stderr, "\'%v\' parameters=\'%v\'\\n", e, e.Parameters)\n\n default:\n if err == io.EOF {\n fmt.Fprintf(os.Stderr, "Connection closed\\n", )\n } else if err == io.ErrUnexpectedEOF {\n fmt.Fprintf(os.Stderr, "Connection aborted\\n", )\n } else {\n fmt.Fprintf(os.Stderr, "%T - \'%v\'\\n", err, err)\n }\n }\n}\n\nfunc main() {\n var c *varlink.Connection\n var err error\n\n c, err = varlink.NewBridge("ssh ")\n if err != nil {\n fmt.Fprintf(os.Stderr, "Error connecting: %T - \'%v\'\\n", err, err)\n os.Exit(1)\n }\n\n // Be nice and cleanup\n defer c.Close()\n\n info, err := iopodman.GetInfo().Call(c)\n\n if err != nil {\n printError("GetInfo()", err)\n os.Exit(1)\n }\n\n fmt.Printf("Info: %+v\\n\\n", info)\n\n fmt.Printf("Podman Version: %+v\\n\\n", info.Podman.Podman_version)\n\n containers, err := iopodman.ListContainers().Call(c)\n\n if err != nil {\n printError("ListContainers()", err)\n os.Exit(1)\n }\n\n for container := range containers {\n print(container)\n }\n\n mount, err := iopodman.MountContainer().Call(c, "foo")\n if err != nil {\n printError("MountContainer()", err)\n } else {\n print(mount)\n }\n}\n')),(0,o.kt)("h2",{id:"rust"},"Rust"),(0,o.kt)("h3",{id:"install-the-rust-toolchain"},"Install the rust toolchain"),(0,o.kt)("h4",{id:"windows"},"Windows"),(0,o.kt)("p",null,"First install the C++ part of ",(0,o.kt)("a",{parentName:"p",href:"https://visualstudio.microsoft.com/downloads/"},"https://visualstudio.microsoft.com/downloads/")),(0,o.kt)("h4",{id:"all"},"All"),(0,o.kt)("p",null,(0,o.kt)("a",{parentName:"p",href:"https://rustup.rs/"},"https://rustup.rs/")),(0,o.kt)("h3",{id:"install-varlink-cli"},"Install varlink-cli"),(0,o.kt)("h4",{id:"for-non-linux-systems"},"For non-Linux systems:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},"$ cargo install varlink-cli\n")),(0,o.kt)("blockquote",null,(0,o.kt)("p",{parentName:"blockquote"},"Note: Ensure that $HOME/.cargo/bin is in your PATH or copy $HOME/.cargo/bin/varlink\nin one of your path directories")),(0,o.kt)("h4",{id:"for-linux-systems"},"For Linux systems:"),(0,o.kt)("p",null,"You can also use ",(0,o.kt)("inlineCode",{parentName:"p"},"varlink")," util from ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/varlink/libvarlink"},"libvarlink"),"\nor install ",(0,o.kt)("inlineCode",{parentName:"p"},"libvarlink-util")," on Fedora/RHEL machines."),(0,o.kt)("h3",{id:"running-the-varlink-cli-command-1"},"Running the varlink CLI command"),(0,o.kt)("p",null,"The ",(0,o.kt)("inlineCode",{parentName:"p"},"varlink")," CLI command in ",(0,o.kt)("inlineCode",{parentName:"p"},"~/.cargo/bin")," should output:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},'$ varlink --bridge "ssh " info\nVendor: Atomic\nProduct: podman\nVersion: 0.10.1\nURL: https://github.com/containers/podman\nInterfaces:\n org.varlink.service\n io.podman\n$ varlink --bridge "ssh " call io.podman.Ping\n{\n "ping": {\n "message": "OK"\n }\n}\n\n$ varlink --bridge "ssh " call io.podman.MountContainer "{\\"name\\": \\"container-id\\"}"\nError: Call failed with error: io.podman.ErrorOccurred\n{\n "reason": "no container with name or ID container-id found: no such container"\n}\n')),(0,o.kt)("p",null,"To find out more about the Podman varlink interface read the ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/cmd/podman/varlink/io.podman.varlink"},"io.podman.varlink")," file or\nthe rendered ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/API.md"},"API.md"),"."),(0,o.kt)("p",null,"Or you can inspect, what methods your Podman version on ",(0,o.kt)("inlineCode",{parentName:"p"},"")," provides:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},'$ varlink --bridge "ssh " help io.podman\n')),(0,o.kt)("h3",{id:"rust-client-example"},"Rust Client Example"),(0,o.kt)("p",null,"Either clone this ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/haraldh/podmanrs"},"repository")," or:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},"$ cargo new --bin podmanrs\n$ cd podmanrs\n")),(0,o.kt)("p",null,"Download the varlink interface from the running Podman varlink service:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},'$ varlink --bridge "ssh " help io.podman > src/io.podman.varlink\n')),(0,o.kt)("p",null,"create ",(0,o.kt)("inlineCode",{parentName:"p"},"build.rs"),":"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-rust"},'extern crate varlink_generator;\n\nfn main() {\n varlink_generator::cargo_build_tosource("src/io.podman.varlink", true);\n}\n')),(0,o.kt)("p",null,"create ",(0,o.kt)("inlineCode",{parentName:"p"},"Cargo.toml"),":"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-toml"},'[package]\nname = "podmanrs"\nversion = "0.1.0"\nauthors = ["Harald Hoyer "]\nbuild = "build.rs"\nedition = "2018"\n\n[dependencies]\nvarlink = "7"\nserde = "1"\nserde_derive = "1"\nserde_json = "1"\nchainerror = "0.4"\n[build-dependencies]\nvarlink_generator = "7"\n')),(0,o.kt)("p",null,"create ",(0,o.kt)("inlineCode",{parentName:"p"},"src/main.rs"),":"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-rust"},'mod io_podman;\n\nuse crate::io_podman::*;\nuse varlink::Connection;\nuse std::result::Result;\nuse std::error::Error;\n\nfn main() -> Result<(), Box> {\n let connection = Connection::with_bridge(\n "ssh ",\n )?;\n let mut podman = VarlinkClient::new(connection.clone());\n let reply = podman.ping().call()?;\n println!("Ping() replied with \'{}\'", reply.ping.message);\n let reply = podman.get_info().call()?;\n println!("Hostname: {}", reply.info.host.hostname);\n println!("Info: {:#?}", reply.info);\n Ok(())\n}\n')),(0,o.kt)("p",null,"Now run it:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},"$ cargo run\n")))}c.isMDXComponent=!0},1382:(n,e,a)=>{a.d(e,{Z:()=>t});const t=a.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/5183b70e.d54528ef.js b/assets/js/5183b70e.d54528ef.js new file mode 100644 index 000000000..bea50b0e0 --- /dev/null +++ b/assets/js/5183b70e.d54528ef.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[52916],{3905:(n,e,a)=>{a.d(e,{Zo:()=>m,kt:()=>h});var t=a(67294);function o(n,e,a){return e in n?Object.defineProperty(n,e,{value:a,enumerable:!0,configurable:!0,writable:!0}):n[e]=a,n}function r(n,e){var a=Object.keys(n);if(Object.getOwnPropertySymbols){var t=Object.getOwnPropertySymbols(n);e&&(t=t.filter((function(e){return Object.getOwnPropertyDescriptor(n,e).enumerable}))),a.push.apply(a,t)}return a}function i(n){for(var e=1;e=0||(o[a]=n[a]);return o}(n,e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(n);for(t=0;t=0||Object.prototype.propertyIsEnumerable.call(n,a)&&(o[a]=n[a])}return o}var s=t.createContext({}),p=function(n){var e=t.useContext(s),a=e;return n&&(a="function"==typeof n?n(e):i(i({},e),n)),a},m=function(n){var e=p(n.components);return t.createElement(s.Provider,{value:e},n.children)},d="mdxType",c={inlineCode:"code",wrapper:function(n){var e=n.children;return t.createElement(t.Fragment,{},e)}},u=t.forwardRef((function(n,e){var a=n.components,o=n.mdxType,r=n.originalType,s=n.parentName,m=l(n,["components","mdxType","originalType","parentName"]),d=p(a),u=o,h=d["".concat(s,".").concat(u)]||d[u]||c[u]||r;return a?t.createElement(h,i(i({ref:e},m),{},{components:a})):t.createElement(h,i({ref:e},m))}));function h(n,e){var a=arguments,o=e&&e.mdxType;if("string"==typeof n||o){var r=a.length,i=new Array(r);i[0]=u;var l={};for(var s in e)hasOwnProperty.call(e,s)&&(l[s]=e[s]);l.originalType=n,l[d]="string"==typeof n?n:o,i[1]=l;for(var p=2;p{a.r(e),a.d(e,{assets:()=>s,contentTitle:()=>i,default:()=>c,frontMatter:()=>r,metadata:()=>l,toc:()=>p});var t=a(87462),o=(a(67294),a(3905));const r={title:"Programmatic remote access to Podman via the varlink protocol",layout:"default",author:"haraldh",categories:["blogs"],tags:["podman","varlink","rust","python","go","golang"]},i=void 0,l={permalink:"/blogs/2019/01/16/podman-varlink",source:"@site/blog/2019-01-16-podman-varlink.md",title:"Programmatic remote access to Podman via the varlink protocol",description:"podman logo",date:"2019-01-16T00:00:00.000Z",formattedDate:"January 16, 2019",tags:[{label:"podman",permalink:"/blogs/tags/podman"},{label:"varlink",permalink:"/blogs/tags/varlink"},{label:"rust",permalink:"/blogs/tags/rust"},{label:"python",permalink:"/blogs/tags/python"},{label:"go",permalink:"/blogs/tags/go"},{label:"golang",permalink:"/blogs/tags/golang"}],readingTime:7.015,hasTruncateMarker:!0,authors:[{name:"haraldh"}],frontMatter:{title:"Programmatic remote access to Podman via the varlink protocol",layout:"default",author:"haraldh",categories:["blogs"],tags:["podman","varlink","rust","python","go","golang"]},prevItem:{title:"Container Tools on RHEL 8 & How to Hack Podman",permalink:"/blogs/2019/02/07/hack-and-tools"},nextItem:{title:"Managing pods and containers in a local container runtime",permalink:"/blogs/2019/01/15/podman-pods"}},s={authorsImageUrls:[void 0]},p=[{value:"By Harald Hoyer GitHub",id:"by-harald-hoyer-github",level:2},{value:"Prerequisites",id:"prerequisites",level:2},{value:"Windows ssh",id:"windows-ssh",level:3},{value:"Generate ssh keys",id:"generate-ssh-keys",level:3},{value:"Set up Podman on the Fedora/RHEL machine",id:"set-up-podman-on-the-fedorarhel-machine",level:2},{value:"ssh config",id:"ssh-config",level:3},{value:"Optional Lock Down",id:"optional-lock-down",level:3},{value:"Python",id:"python",level:2},{value:"Install Python",id:"install-python",level:3},{value:"Install varlink for Python",id:"install-varlink-for-python",level:3},{value:"Test if the varlink cli module works",id:"test-if-the-varlink-cli-module-works",level:3},{value:"Interfacing Podman with the python cli module",id:"interfacing-podman-with-the-python-cli-module",level:3},{value:"Python Client Example",id:"python-client-example",level:3},{value:"Go",id:"go",level:2},{value:"Installation",id:"installation",level:3},{value:"Running the varlink CLI command",id:"running-the-varlink-cli-command",level:3},{value:"Go Client Example",id:"go-client-example",level:3},{value:"Rust",id:"rust",level:2},{value:"Install the rust toolchain",id:"install-the-rust-toolchain",level:3},{value:"Windows",id:"windows",level:4},{value:"All",id:"all",level:4},{value:"Install varlink-cli",id:"install-varlink-cli",level:3},{value:"For non-Linux systems:",id:"for-non-linux-systems",level:4},{value:"For Linux systems:",id:"for-linux-systems",level:4},{value:"Running the varlink CLI command",id:"running-the-varlink-cli-command-1",level:3},{value:"Rust Client Example",id:"rust-client-example",level:3}],m={toc:p},d="wrapper";function c(n){let{components:e,...r}=n;return(0,o.kt)(d,(0,t.Z)({},m,r,{components:e,mdxType:"MDXLayout"}),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"podman logo",src:a(1382).Z,width:"228",height:"61"})),(0,o.kt)("h1",{id:"programmatic-remote-access-to-podman-via-the-varlink-protocol"},"Programmatic remote access to Podman via the varlink protocol"),(0,o.kt)("h2",{id:"by-harald-hoyer-github"},"By Harald Hoyer ",(0,o.kt)("a",{parentName:"h2",href:"https://github.com/haraldh"},"GitHub")),(0,o.kt)("p",null,"This guide shows how to access Podman remotely via the ",(0,o.kt)("a",{parentName:"p",href:"https://varlink.org"},"varlink interface"),"\nwith CLI tools and programmatically with python, go and rust."),(0,o.kt)("p",null,"This should work on Linux, MacOS and Windows 10."),(0,o.kt)("p",null,"The ",(0,o.kt)("a",{parentName:"p",href:"https://varlink.org/Language-Bindings"},"compatibility matrix")," shows which feature is supported on which OS in which language."),(0,o.kt)("blockquote",null,(0,o.kt)("p",{parentName:"blockquote"},"Note: replace ",(0,o.kt)("inlineCode",{parentName:"p"},"")," in this guide with the IP or hostname of your\nPodman machine")),(0,o.kt)("h2",{id:"prerequisites"},"Prerequisites"),(0,o.kt)("h3",{id:"windows-ssh"},"Windows ssh"),(0,o.kt)("p",null,"If you are on a windows client machine, install the OpenSSH Client built by Microsoft in a cmd.exe in\nadmin mode:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-cmd"},"> dism /online /Add-Capability /CapabilityName:OpenSSH.Client~~~~0.0.1.0\n")),(0,o.kt)("p",null,"Close cmd.exe window."),(0,o.kt)("blockquote",null,(0,o.kt)("p",{parentName:"blockquote"},"Note: Works also with other ssh clients, e.g. ssh from ",(0,o.kt)("a",{parentName:"p",href:"https://gitforwindows.org/"},"Git Bash"),".")),(0,o.kt)("h3",{id:"generate-ssh-keys"},"Generate ssh keys"),(0,o.kt)("p",null,"If you don't want to type your password all the time, or not use an ssh agent, set an empty password."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},"$ ssh-keygen -f ~/.ssh/podmanuser\n")),(0,o.kt)("h2",{id:"set-up-podman-on-the-fedorarhel-machine"},"Set up Podman on the Fedora/RHEL machine"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},"$ sudo yum install podman libvarlink-util\n$ sudo groupadd podman\n")),(0,o.kt)("p",null,"Copy ",(0,o.kt)("inlineCode",{parentName:"p"},"/lib/tmpfiles.d/podman.conf")," to ",(0,o.kt)("inlineCode",{parentName:"p"},"/etc/tmpfiles.d/podman.conf"),"."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},"$ sudo cp /lib/tmpfiles.d/podman.conf /etc/tmpfiles.d/podman.conf\n")),(0,o.kt)("p",null,"Edit ",(0,o.kt)("inlineCode",{parentName:"p"},"/etc/tmpfiles.d/podman.conf"),":"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},"d /run/podman 0750 root podman\n")),(0,o.kt)("p",null,"Copy ",(0,o.kt)("inlineCode",{parentName:"p"},"/lib/systemd/system/io.podman.socket")," to ",(0,o.kt)("inlineCode",{parentName:"p"},"/etc/systemd/system/io.podman.socket"),"."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},"$ sudo cp /lib/systemd/system/io.podman.socket /etc/systemd/system/io.podman.socket\n")),(0,o.kt)("p",null,"Edit section ",(0,o.kt)("inlineCode",{parentName:"p"},"[Socket]")," of ",(0,o.kt)("inlineCode",{parentName:"p"},"/etc/systemd/system/io.podman.socket"),":"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},"[Socket]\nListenStream=/run/podman/io.podman\nSocketMode=0660\nSocketGroup=podman\n")),(0,o.kt)("p",null,"Then activate the changes:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},"$ sudo systemctl daemon-reload\n$ sudo systemd-tmpfiles --create\n$ sudo systemctl enable --now io.podman.socket\n")),(0,o.kt)("p",null,"The directory and socket now belongs to the podman group"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},"$ sudo ls -al /run/podman\ndrwxr-x---. 2 root podman 60 14. Jan 14:50 .\ndrwxr-xr-x. 51 root root 1420 14. Jan 14:36 ..\nsrw-rw----. 1 root podman 0 14. Jan 14:50 io.podman\n")),(0,o.kt)("blockquote",null,(0,o.kt)("p",{parentName:"blockquote"},"Note: Wouldn't it be nice, if there was a Podman group owning the socket already? ;-)")),(0,o.kt)("p",null,"Now we are adding a user ",(0,o.kt)("inlineCode",{parentName:"p"},"podmanuser")," and set a password:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},"$ sudo useradd podmanuser -G podman\n$ sudo passwd podmanuser\n")),(0,o.kt)("p",null,"From your client machine do"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},"$ ssh-copy-id -f ~/.ssh/podmanuser podmanuser@\n")),(0,o.kt)("h3",{id:"ssh-config"},"ssh config"),(0,o.kt)("p",null,"Edit ",(0,o.kt)("inlineCode",{parentName:"p"},".ssh/config")),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},"Host \n RequestTTY no\n IdentityFile ~/.ssh/podmanuser\n User podmanuser\n VisualHostKey no\n RemoteCommand /usr/bin/varlink bridge --connect unix:/run/podman/io.podman\n GSSAPIAuthentication no\n ForwardX11 no\n")),(0,o.kt)("h3",{id:"optional-lock-down"},"Optional Lock Down"),(0,o.kt)("p",null,"Log into ",(0,o.kt)("inlineCode",{parentName:"p"},"")),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},"$ ssh podmanuser@\n")),(0,o.kt)("p",null,"Now we lock down ",(0,o.kt)("inlineCode",{parentName:"p"},"podmanuser")," to only be used with the varlink bridge from your client machine:"),(0,o.kt)("p",null,"Edit ",(0,o.kt)("inlineCode",{parentName:"p"},".ssh/authorized-keys")," so that the line begins with:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},'command="/usr/bin/varlink bridge --connect unix:/run/podman/io.podman",no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-X11-forwarding ssh-rsa [\u2026]\n')),(0,o.kt)("p",null,"Log out of ",(0,o.kt)("inlineCode",{parentName:"p"},"")),(0,o.kt)("h2",{id:"python"},"Python"),(0,o.kt)("h3",{id:"install-python"},"Install Python"),(0,o.kt)("p",null,(0,o.kt)("a",{parentName:"p",href:"https://www.python.org/downloads/"},"https://www.python.org/downloads/")),(0,o.kt)("h3",{id:"install-varlink-for-python"},"Install varlink for Python"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},'$ pip install --user "varlink>=30.0.2"\n')),(0,o.kt)("h3",{id:"test-if-the-varlink-cli-module-works"},"Test if the varlink cli module works"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},"$ python -m varlink.cli --help\nusage: cli.py [-h] [-r RESOLVER] [-A ACTIVATE] [-b BRIDGE]\n {info,help,bridge,call} ...\n\u2026\n")),(0,o.kt)("h3",{id:"interfacing-podman-with-the-python-cli-module"},"Interfacing Podman with the python cli module"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},'$ python -m varlink.cli --bridge "ssh " info\ninfo\n.1:1234\nVendor: Atomic\nProduct: podman\nVersion: 0.10.1\nURL: https://github.com/containers/podman\nInterfaces:\n org.varlink.service\n io.podman\n\n$ python -m varlink.cli --bridge "ssh " call io.podman.Ping {}\n{\n "ping": {\n "message": "OK"\n }\n}\n')),(0,o.kt)("h3",{id:"python-client-example"},"Python Client Example"),(0,o.kt)("p",null,(0,o.kt)("inlineCode",{parentName:"p"},"podmanclient.py"),":"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-python"},'import varlink\n\nwith varlink.Client.new_with_bridge(["ssh", ""]) as client:\n with client.open("io.podman") as podman:\n print(podman.Ping())\n print(podman.GetInfo())\n print(podman.GetVersion())\n\n info = podman.GetInfo()\n print("Uptime:", info["info"]["host"]["uptime"])\n print("Os:", info["info"]["host"]["os"])\n\n try:\n podman.MountContainer("container-id")\n except varlink.error.VarlinkError as e:\n print(e.error(), e.parameters())\n print(e.as_dict())\n')),(0,o.kt)("p",null,"To find out more about the Podman varlink interface read the ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/cmd/podman/varlink/io.podman.varlink"},"io.podman.varlink")," file or\nthe rendered ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/API.md"},"API.md"),"."),(0,o.kt)("p",null,"Or you can inspect, what methods your Podman version on ",(0,o.kt)("inlineCode",{parentName:"p"},"")," provides:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},'$ python -m varlink.cli --bridge "ssh " help io.podman\n')),(0,o.kt)("h2",{id:"go"},"Go"),(0,o.kt)("h3",{id:"installation"},"Installation"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},"$ go get -u github.com/varlink/go/varlink\n$ go install github.com/varlink/go/cmd/varlink\n$ go install github.com/varlink/go/cmd/varlink-go-interface-generator\n")),(0,o.kt)("h3",{id:"running-the-varlink-cli-command"},"Running the varlink CLI command"),(0,o.kt)("p",null,"The ",(0,o.kt)("inlineCode",{parentName:"p"},"varlink")," CLI command in ",(0,o.kt)("inlineCode",{parentName:"p"},"$GOPATH/bin")," should output:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},'$ varlink --bridge "ssh " info\nVendor: Atomic\nProduct: podman\nVersion: 0.10.1\nURL: https://github.com/containers/podman\nInterfaces:\n org.varlink.service\n io.podman\n$ varlink --bridge "ssh " call io.podman.Ping\n{\n "ping": {\n "message": "OK"\n }\n}\n\n$ varlink --bridge "ssh " call io.podman.MountContainer "{\\"name\\": \\"container-id\\"}"\nError: Call failed with error: io.podman.ErrorOccurred\n{\n "reason": "no container with name or ID container-id found: no such container"\n}\n')),(0,o.kt)("p",null,"To find out more about the Podman varlink interface read the ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/cmd/podman/varlink/io.podman.varlink"},"io.podman.varlink")," file or\nthe rendered ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/API.md"},"API.md"),"."),(0,o.kt)("p",null,"Or you can inspect, what methods your Podman version on ",(0,o.kt)("inlineCode",{parentName:"p"},"")," provides:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},'$ varlink --bridge "ssh " help io.podman\n')),(0,o.kt)("h3",{id:"go-client-example"},"Go Client Example"),(0,o.kt)("p",null,"Either clone this ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/haraldh/podmangoexampleclient"},"repository")," or:"),(0,o.kt)("p",null,"Create a new go project.\nCreate a sub directory ",(0,o.kt)("inlineCode",{parentName:"p"},"iopodman")," in the project."),(0,o.kt)("p",null,"Create the ",(0,o.kt)("inlineCode",{parentName:"p"},"io.podman.varlink")," either from the podman github sources or dynamically with:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},'$ varlink --bridge "ssh " help io.podman > iopodman/io.podman.varlink\n')),(0,o.kt)("p",null,"Create iopodman/generate.go:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-go"},"package iopodman\n\n//go:generate $GOPATH/bin/varlink-go-interface-generator io.podman.varlink\n")),(0,o.kt)("p",null,"Run ",(0,o.kt)("inlineCode",{parentName:"p"},"go generate"),":"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},"$ go generate ./...\n")),(0,o.kt)("p",null,"Create your main.go:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-go"},'package main\n\nimport (\n "flag"\n "fmt"\n "github.com/haraldh/podmangoexampleclient/iopodman"\n "github.com/varlink/go/varlink"\n "io"\n "os"\n)\n\nfunc printError(methodname string, err error) {\n fmt.Fprintf(os.Stderr, "Error calling %s: ", methodname)\n switch e := err.(type) {\n case *iopodman.ImageNotFound:\n //error ImageNotFound (name: string)\n fmt.Fprintf(os.Stderr, "\'%v\' name=\'%s\'\\n", e, e.Name)\n\n case *iopodman.ContainerNotFound:\n //error ContainerNotFound (name: string)\n fmt.Fprintf(os.Stderr, "\'%v\' name=\'%s\'\\n", e, e.Name)\n\n case *iopodman.NoContainerRunning:\n //error NoContainerRunning ()\n fmt.Fprintf(os.Stderr, "\'%v\'\\n", e)\n\n case *iopodman.PodNotFound:\n //error PodNotFound (name: string)\n fmt.Fprintf(os.Stderr, "\'%v\' name=\'%s\'\\n", e, e.Name)\n\n case *iopodman.PodContainerError:\n //error PodContainerError (podname: string, errors: []PodContainerErrorData)\n fmt.Fprintf(os.Stderr, "\'%v\' podname=\'%s\' errors=\'%v\'\\n", e, e.Podname, e.Errors)\n\n case *iopodman.NoContainersInPod:\n //error NoContainersInPod (name: string)\n fmt.Fprintf(os.Stderr, "\'%v\' name=\'%s\'\\n", e, e.Name)\n\n case *iopodman.ErrorOccurred:\n //error ErrorOccurred (reason: string)\n fmt.Fprintf(os.Stderr, "\'%v\' reason=\'%s\'\\n", e, e.Reason)\n\n case *iopodman.RuntimeError:\n //error RuntimeError (reason: string)\n fmt.Fprintf(os.Stderr, "\'%v\' reason=\'%s\'\\n", e, e.Reason)\n\n case *varlink.InvalidParameter:\n fmt.Fprintf(os.Stderr, "\'%v\' parameter=\'%s\'\\n", e, e.Parameter)\n\n case *varlink.MethodNotFound:\n fmt.Fprintf(os.Stderr, "\'%v\' method=\'%s\'\\n", e, e.Method)\n\n case *varlink.MethodNotImplemented:\n fmt.Fprintf(os.Stderr, "\'%v\' method=\'%s\'\\n", e, e.Method)\n\n case *varlink.InterfaceNotFound:\n fmt.Fprintf(os.Stderr, "\'%v\' interface=\'%s\'\\n", e, e.Interface)\n\n case *varlink.Error:\n fmt.Fprintf(os.Stderr, "\'%v\' parameters=\'%v\'\\n", e, e.Parameters)\n\n default:\n if err == io.EOF {\n fmt.Fprintf(os.Stderr, "Connection closed\\n", )\n } else if err == io.ErrUnexpectedEOF {\n fmt.Fprintf(os.Stderr, "Connection aborted\\n", )\n } else {\n fmt.Fprintf(os.Stderr, "%T - \'%v\'\\n", err, err)\n }\n }\n}\n\nfunc main() {\n var c *varlink.Connection\n var err error\n\n c, err = varlink.NewBridge("ssh ")\n if err != nil {\n fmt.Fprintf(os.Stderr, "Error connecting: %T - \'%v\'\\n", err, err)\n os.Exit(1)\n }\n\n // Be nice and cleanup\n defer c.Close()\n\n info, err := iopodman.GetInfo().Call(c)\n\n if err != nil {\n printError("GetInfo()", err)\n os.Exit(1)\n }\n\n fmt.Printf("Info: %+v\\n\\n", info)\n\n fmt.Printf("Podman Version: %+v\\n\\n", info.Podman.Podman_version)\n\n containers, err := iopodman.ListContainers().Call(c)\n\n if err != nil {\n printError("ListContainers()", err)\n os.Exit(1)\n }\n\n for container := range containers {\n print(container)\n }\n\n mount, err := iopodman.MountContainer().Call(c, "foo")\n if err != nil {\n printError("MountContainer()", err)\n } else {\n print(mount)\n }\n}\n')),(0,o.kt)("h2",{id:"rust"},"Rust"),(0,o.kt)("h3",{id:"install-the-rust-toolchain"},"Install the rust toolchain"),(0,o.kt)("h4",{id:"windows"},"Windows"),(0,o.kt)("p",null,"First install the C++ part of ",(0,o.kt)("a",{parentName:"p",href:"https://visualstudio.microsoft.com/downloads/"},"https://visualstudio.microsoft.com/downloads/")),(0,o.kt)("h4",{id:"all"},"All"),(0,o.kt)("p",null,(0,o.kt)("a",{parentName:"p",href:"https://rustup.rs/"},"https://rustup.rs/")),(0,o.kt)("h3",{id:"install-varlink-cli"},"Install varlink-cli"),(0,o.kt)("h4",{id:"for-non-linux-systems"},"For non-Linux systems:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},"$ cargo install varlink-cli\n")),(0,o.kt)("blockquote",null,(0,o.kt)("p",{parentName:"blockquote"},"Note: Ensure that $HOME/.cargo/bin is in your PATH or copy $HOME/.cargo/bin/varlink\nin one of your path directories")),(0,o.kt)("h4",{id:"for-linux-systems"},"For Linux systems:"),(0,o.kt)("p",null,"You can also use ",(0,o.kt)("inlineCode",{parentName:"p"},"varlink")," util from ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/varlink/libvarlink"},"libvarlink"),"\nor install ",(0,o.kt)("inlineCode",{parentName:"p"},"libvarlink-util")," on Fedora/RHEL machines."),(0,o.kt)("h3",{id:"running-the-varlink-cli-command-1"},"Running the varlink CLI command"),(0,o.kt)("p",null,"The ",(0,o.kt)("inlineCode",{parentName:"p"},"varlink")," CLI command in ",(0,o.kt)("inlineCode",{parentName:"p"},"~/.cargo/bin")," should output:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},'$ varlink --bridge "ssh " info\nVendor: Atomic\nProduct: podman\nVersion: 0.10.1\nURL: https://github.com/containers/podman\nInterfaces:\n org.varlink.service\n io.podman\n$ varlink --bridge "ssh " call io.podman.Ping\n{\n "ping": {\n "message": "OK"\n }\n}\n\n$ varlink --bridge "ssh " call io.podman.MountContainer "{\\"name\\": \\"container-id\\"}"\nError: Call failed with error: io.podman.ErrorOccurred\n{\n "reason": "no container with name or ID container-id found: no such container"\n}\n')),(0,o.kt)("p",null,"To find out more about the Podman varlink interface read the ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/cmd/podman/varlink/io.podman.varlink"},"io.podman.varlink")," file or\nthe rendered ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/API.md"},"API.md"),"."),(0,o.kt)("p",null,"Or you can inspect, what methods your Podman version on ",(0,o.kt)("inlineCode",{parentName:"p"},"")," provides:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},'$ varlink --bridge "ssh " help io.podman\n')),(0,o.kt)("h3",{id:"rust-client-example"},"Rust Client Example"),(0,o.kt)("p",null,"Either clone this ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/haraldh/podmanrs"},"repository")," or:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},"$ cargo new --bin podmanrs\n$ cd podmanrs\n")),(0,o.kt)("p",null,"Download the varlink interface from the running Podman varlink service:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},'$ varlink --bridge "ssh " help io.podman > src/io.podman.varlink\n')),(0,o.kt)("p",null,"create ",(0,o.kt)("inlineCode",{parentName:"p"},"build.rs"),":"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-rust"},'extern crate varlink_generator;\n\nfn main() {\n varlink_generator::cargo_build_tosource("src/io.podman.varlink", true);\n}\n')),(0,o.kt)("p",null,"create ",(0,o.kt)("inlineCode",{parentName:"p"},"Cargo.toml"),":"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-toml"},'[package]\nname = "podmanrs"\nversion = "0.1.0"\nauthors = ["Harald Hoyer "]\nbuild = "build.rs"\nedition = "2018"\n\n[dependencies]\nvarlink = "7"\nserde = "1"\nserde_derive = "1"\nserde_json = "1"\nchainerror = "0.4"\n[build-dependencies]\nvarlink_generator = "7"\n')),(0,o.kt)("p",null,"create ",(0,o.kt)("inlineCode",{parentName:"p"},"src/main.rs"),":"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-rust"},'mod io_podman;\n\nuse crate::io_podman::*;\nuse varlink::Connection;\nuse std::result::Result;\nuse std::error::Error;\n\nfn main() -> Result<(), Box> {\n let connection = Connection::with_bridge(\n "ssh ",\n )?;\n let mut podman = VarlinkClient::new(connection.clone());\n let reply = podman.ping().call()?;\n println!("Ping() replied with \'{}\'", reply.ping.message);\n let reply = podman.get_info().call()?;\n println!("Hostname: {}", reply.info.host.hostname);\n println!("Info: {:#?}", reply.info);\n Ok(())\n}\n')),(0,o.kt)("p",null,"Now run it:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-bash"},"$ cargo run\n")))}c.isMDXComponent=!0},1382:(n,e,a)=>{a.d(e,{Z:()=>t});const t=a.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/52d10dde.7abbd359.js b/assets/js/52d10dde.4afb8487.js similarity index 59% rename from assets/js/52d10dde.7abbd359.js rename to assets/js/52d10dde.4afb8487.js index 889a998ce..a031a5ed6 100644 --- a/assets/js/52d10dde.7abbd359.js +++ b/assets/js/52d10dde.4afb8487.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[55183],{49230:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/11","page":11,"postsPerPage":10,"totalPages":26,"totalCount":255,"previousPage":"/blogs/page/10","nextPage":"/blogs/page/12","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[55183],{49230:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/11","page":11,"postsPerPage":10,"totalPages":25,"totalCount":246,"previousPage":"/blogs/page/10","nextPage":"/blogs/page/12","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/5447c5cf.03cb115f.js b/assets/js/5447c5cf.03cb115f.js new file mode 100644 index 000000000..f1d30ae65 --- /dev/null +++ b/assets/js/5447c5cf.03cb115f.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[39840],{3905:(e,t,n)=>{n.d(t,{Zo:()=>m,kt:()=>h});var a=n(67294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var l=a.createContext({}),p=function(e){var t=a.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},m=function(e){var t=p(e.components);return a.createElement(l.Provider,{value:t},e.children)},c="mdxType",d={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},u=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,o=e.originalType,l=e.parentName,m=s(e,["components","mdxType","originalType","parentName"]),c=p(n),u=r,h=c["".concat(l,".").concat(u)]||c[u]||d[u]||o;return n?a.createElement(h,i(i({ref:t},m),{},{components:n})):a.createElement(h,i({ref:t},m))}));function h(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var o=n.length,i=new Array(o);i[0]=u;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s[c]="string"==typeof e?e:r,i[1]=s;for(var p=2;p{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>d,frontMatter:()=>o,metadata:()=>s,toc:()=>p});var a=n(87462),r=(n(67294),n(3905));const o={title:"Podman v3.3.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman","hpc","kubernetes"]},i="Podman Release v3.3.0",s={permalink:"/release/2021/08/31/podman-release-v3.3.0",source:"@site/release/2021-08-31-podman-release-v3.3.0.md",title:"Podman v3.3.0 Released",description:"podman logo",date:"2021-08-31T00:00:00.000Z",formattedDate:"August 31, 2021",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"},{label:"hpc",permalink:"/release/tags/hpc"},{label:"kubernetes",permalink:"/release/tags/kubernetes"}],readingTime:1.695,hasTruncateMarker:!1,authors:[{name:"mheon"}],frontMatter:{title:"Podman v3.3.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman","hpc","kubernetes"]},prevItem:{title:"Podman v4.0.0 Released",permalink:"/release/2022/02/22/podman-release-v4.0.0"},nextItem:{title:"Podman v3.1.0 Released",permalink:"/release/2021/04/02/podman-release-v3.1.0"}},l={authorsImageUrls:[void 0]},p=[{value:"Podman 3.3 has been released!",id:"podman-33-has-been-released",level:2}],m={toc:p},c="wrapper";function d(e){let{components:t,...o}=e;return(0,r.kt)(c,(0,a.Z)({},m,o,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("p",null,(0,r.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,r.kt)("h2",{id:"podman-33-has-been-released"},"Podman 3.3 has been released!"),(0,r.kt)("p",null,"A new Podman release is available, featuring a number of exciting new features, including improved support for running Podman on OS X, support for restarting containers after a system restart, improved support for checkpointing and restoring containers, and 60 bug fixes and stability improvements. Read on for more details!"),(0,r.kt)("p",null,"Podman\u2019s support for running on non-Linux operating systems via the ",(0,r.kt)("inlineCode",{parentName:"p"},"podman machine")," command continues to improve in v3.3.0. When containers are run inside a virtual machine created by ",(0,r.kt)("inlineCode",{parentName:"p"},"podman machine"),", port forwarding from the host to the container is now supported - that is, a container that forwards port 8080 on the host to port 80 in the container will now be accessible not just from port 8080 in the Podman-managed virtual machine, but also from port 8080 on the host system. Stability also continues to improve, with many fixes being made to both ",(0,r.kt)("inlineCode",{parentName:"p"},"podman machine")," itself and the remote Podman client."),(0,r.kt)("p",null,"Podman now supports restarting containers created with the ",(0,r.kt)("inlineCode",{parentName:"p"},"--restart")," option after the system is rebooted. Containers created with ",(0,r.kt)("inlineCode",{parentName:"p"},"--restart=always")," can be automatically started when the system boots if the ",(0,r.kt)("inlineCode",{parentName:"p"},"podman-restart.service")," systemd unit is enabled. Our main focus continues to be on managing containers directly with systemd via ",(0,r.kt)("inlineCode",{parentName:"p"},"podman generate systemd"),", which has always allowed containers to be automatically started after boot and provides greater flexibility than the ",(0,r.kt)("inlineCode",{parentName:"p"},"--restart")," option, but the addition of ",(0,r.kt)("inlineCode",{parentName:"p"},"podman-restart.service")," will be useful for those seeking improved compatibility with Docker. The ",(0,r.kt)("inlineCode",{parentName:"p"},"podman generate systemd")," command also saw several improvements, and will not default to using SDNotify instead of PID files, producing smaller and easier-to-understand unit files."),(0,r.kt)("p",null,"Support for checkpoint and restoring containers has seen several new additions, most notably the ability to checkpoint and restore containers that are part of pods. Additionally, when restoring containers, you can now alter what ports the container publishes via the ",(0,r.kt)("inlineCode",{parentName:"p"},"--publish")," option. Together, these greatly increase the flexibility of checkpoint and restore."),(0,r.kt)("p",null,"This release also includes numerous other changes, features, and fixes. Find out more in the ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/releases/tag/v3.3.0"},"release notes"),"."))}d.isMDXComponent=!0},1382:(e,t,n)=>{n.d(t,{Z:()=>a});const a=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/558e1c6c.22913207.js b/assets/js/558e1c6c.b6d05944.js similarity index 90% rename from assets/js/558e1c6c.22913207.js rename to assets/js/558e1c6c.b6d05944.js index 3584d2295..d44eff67e 100644 --- a/assets/js/558e1c6c.22913207.js +++ b/assets/js/558e1c6c.b6d05944.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[81636],{7434:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/blogs/tags/podman","allTagsPath":"/blogs/tags","count":190}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[81636],{7434:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/blogs/tags/podman","allTagsPath":"/blogs/tags","count":181}')}}]); \ No newline at end of file diff --git a/assets/js/55e4d810.c1c5a102.js b/assets/js/55e4d810.ba4d8dc2.js similarity index 70% rename from assets/js/55e4d810.c1c5a102.js rename to assets/js/55e4d810.ba4d8dc2.js index 4fc0f2ad7..9f9a98d86 100644 --- a/assets/js/55e4d810.c1c5a102.js +++ b/assets/js/55e4d810.ba4d8dc2.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[6213],{3905:(e,t,r)=>{r.d(t,{Zo:()=>p,kt:()=>f});var n=r(67294);function o(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function a(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function l(e){for(var t=1;t=0||(o[r]=e[r]);return o}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(o[r]=e[r])}return o}var c=n.createContext({}),s=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):l(l({},t),e)),r},p=function(e){var t=s(e.components);return n.createElement(c.Provider,{value:t},e.children)},u="mdxType",m={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var r=e.components,o=e.mdxType,a=e.originalType,c=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=s(r),d=o,f=u["".concat(c,".").concat(d)]||u[d]||m[d]||a;return r?n.createElement(f,l(l({ref:t},p),{},{components:r})):n.createElement(f,l({ref:t},p))}));function f(e,t){var r=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var a=r.length,l=new Array(a);l[0]=d;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i[u]="string"==typeof e?e:o,l[1]=i;for(var s=2;s{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>l,default:()=>m,frontMatter:()=>a,metadata:()=>i,toc:()=>s});var n=r(87462),o=(r(67294),r(3905));const a={layout:"default",title:"Container Tools on RHEL 8 & How to Hack Podman",author:"tsweeney",categories:["blogs"]},l=void 0,i={permalink:"/blogs/2019/02/07/hack-and-tools",source:"@site/blog/2019-02-07-hack-and-tools.md",title:"Container Tools on RHEL 8 & How to Hack Podman",description:"podman logo",date:"2019-02-07T00:00:00.000Z",formattedDate:"February 7, 2019",tags:[],readingTime:.355,hasTruncateMarker:!1,authors:[{name:"tsweeney"}],frontMatter:{layout:"default",title:"Container Tools on RHEL 8 & How to Hack Podman",author:"tsweeney",categories:["blogs"]},prevItem:{title:"Podman and Buildah for Docker Users!",permalink:"/blogs/2019/02/21/pandb-4-users"},nextItem:{title:"Podman v1.0.0 Released",permalink:"/blogs/2019/01/16/podman-release-v1.0.0"}},c={authorsImageUrls:[void 0]},s=[],p={toc:s},u="wrapper";function m(e){let{components:t,...a}=e;return(0,o.kt)(u,(0,n.Z)({},p,a,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"podman logo",src:r(1382).Z,width:"228",height:"61"})),(0,o.kt)("p",null,'Scott McCarty wrote "',(0,o.kt)("a",{parentName:"p",href:"https://www.redhat.com/en/blog/red-hat-enterprise-linux-8-beta-new-set-container-tools"},"Red Hat Enterprise Linux 8 Beta: A new set of container tools"),'". In the blog Scott introduces the new container tools in RHEL 8 Beta. Spoiler Alert! No Big Fat Daemons were harmed in the examples Scott provides!'),(0,o.kt)("p",null,'Herv\xe9 Beraud wrote "',(0,o.kt)("a",{parentName:"p",href:"https://herve.beraud.io/containers/linux/podman/isolate/environment/2019/02/06/how-to-hack-on-podman.html"},"How to Hack on Podman"),", which walks you through contributing to the Podman project."),(0,o.kt)("p",null,"Both are great reads to help build your container tools knowledge."))}m.isMDXComponent=!0},1382:(e,t,r)=>{r.d(t,{Z:()=>n});const n=r.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[6213],{3905:(e,t,r)=>{r.d(t,{Zo:()=>p,kt:()=>f});var n=r(67294);function o(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function a(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function l(e){for(var t=1;t=0||(o[r]=e[r]);return o}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(o[r]=e[r])}return o}var c=n.createContext({}),s=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):l(l({},t),e)),r},p=function(e){var t=s(e.components);return n.createElement(c.Provider,{value:t},e.children)},u="mdxType",m={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var r=e.components,o=e.mdxType,a=e.originalType,c=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=s(r),d=o,f=u["".concat(c,".").concat(d)]||u[d]||m[d]||a;return r?n.createElement(f,l(l({ref:t},p),{},{components:r})):n.createElement(f,l({ref:t},p))}));function f(e,t){var r=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var a=r.length,l=new Array(a);l[0]=d;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i[u]="string"==typeof e?e:o,l[1]=i;for(var s=2;s{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>l,default:()=>m,frontMatter:()=>a,metadata:()=>i,toc:()=>s});var n=r(87462),o=(r(67294),r(3905));const a={layout:"default",title:"Container Tools on RHEL 8 & How to Hack Podman",author:"tsweeney",categories:["blogs"]},l=void 0,i={permalink:"/blogs/2019/02/07/hack-and-tools",source:"@site/blog/2019-02-07-hack-and-tools.md",title:"Container Tools on RHEL 8 & How to Hack Podman",description:"podman logo",date:"2019-02-07T00:00:00.000Z",formattedDate:"February 7, 2019",tags:[],readingTime:.355,hasTruncateMarker:!1,authors:[{name:"tsweeney"}],frontMatter:{layout:"default",title:"Container Tools on RHEL 8 & How to Hack Podman",author:"tsweeney",categories:["blogs"]},prevItem:{title:"Podman and Buildah for Docker Users!",permalink:"/blogs/2019/02/21/pandb-4-users"},nextItem:{title:"Programmatic remote access to Podman via the varlink protocol",permalink:"/blogs/2019/01/16/podman-varlink"}},c={authorsImageUrls:[void 0]},s=[],p={toc:s},u="wrapper";function m(e){let{components:t,...a}=e;return(0,o.kt)(u,(0,n.Z)({},p,a,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"podman logo",src:r(1382).Z,width:"228",height:"61"})),(0,o.kt)("p",null,'Scott McCarty wrote "',(0,o.kt)("a",{parentName:"p",href:"https://www.redhat.com/en/blog/red-hat-enterprise-linux-8-beta-new-set-container-tools"},"Red Hat Enterprise Linux 8 Beta: A new set of container tools"),'". In the blog Scott introduces the new container tools in RHEL 8 Beta. Spoiler Alert! No Big Fat Daemons were harmed in the examples Scott provides!'),(0,o.kt)("p",null,'Herv\xe9 Beraud wrote "',(0,o.kt)("a",{parentName:"p",href:"https://herve.beraud.io/containers/linux/podman/isolate/environment/2019/02/06/how-to-hack-on-podman.html"},"How to Hack on Podman"),", which walks you through contributing to the Podman project."),(0,o.kt)("p",null,"Both are great reads to help build your container tools knowledge."))}m.isMDXComponent=!0},1382:(e,t,r)=>{r.d(t,{Z:()=>n});const n=r.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/57b59cd4.12383a29.js b/assets/js/57b59cd4.12383a29.js deleted file mode 100644 index 37ecc0639..000000000 --- a/assets/js/57b59cd4.12383a29.js +++ /dev/null @@ -1 +0,0 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[86849],{3905:(e,t,n)=>{n.d(t,{Zo:()=>d,kt:()=>p});var a=n(67294);function o(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function i(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function s(e){for(var t=1;t=0||(o[n]=e[n]);return o}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(o[n]=e[n])}return o}var l=a.createContext({}),h=function(e){var t=a.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):s(s({},t),e)),n},d=function(e){var t=h(e.components);return a.createElement(l.Provider,{value:t},e.children)},u="mdxType",m={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},c=a.forwardRef((function(e,t){var n=e.components,o=e.mdxType,i=e.originalType,l=e.parentName,d=r(e,["components","mdxType","originalType","parentName"]),u=h(n),c=o,p=u["".concat(l,".").concat(c)]||u[c]||m[c]||i;return n?a.createElement(p,s(s({ref:t},d),{},{components:n})):a.createElement(p,s({ref:t},d))}));function p(e,t){var n=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var i=n.length,s=new Array(i);s[0]=c;var r={};for(var l in t)hasOwnProperty.call(t,l)&&(r[l]=t[l]);r.originalType=e,r[u]="string"==typeof e?e:o,s[1]=r;for(var h=2;h{n.d(t,{Z:()=>i});var a=n(67294),o=n(72389);function i(e){let{children:t,fallback:n}=e;return(0,o.Z)()?a.createElement(a.Fragment,null,t?.()):n??null}},51372:(e,t,n)=>{n.d(t,{Z:()=>s});var a=n(67294),o=n(1954);const i={title:"Basic Resources",buttons:[{text:"Installation Instructions",path:"docs/installation",icon:"fa6-solid:book"},{text:"Documentation",path:"https://docs.podman.io/en/latest/",icon:"fa6-solid:book"},{text:"Podman Troubleshooting Guide",path:"https://github.com/containers/podman/blob/main/troubleshooting.md",icon:"fa6-solid:book"}]},s=()=>a.createElement("div",{className:"mt-4 lg:my-0"},a.createElement("header",{className:"container mb-6 text-center xl:mb-8 xl:text-start"},a.createElement("h3",{className:"font-medium text-blue-700 dark:text-blue-500"},i.title)),a.createElement("div",null,a.createElement("ul",{className:"mb-10 mt-4 flex flex-col gap-6 lg:mb-16 lg:mt-8 lg:gap-4 xl:flex-col"},i.buttons.map(((e,t)=>a.createElement("li",{key:t},a.createElement("a",{href:e.path,className:"no-underline hover:no-underline leading-none mx-auto flex h-32 max-w-lg flex-col items-center justify-center gap-4 rounded-md bg-gray-100 p-4 text-center text-purple-700 underline-offset-4 transition duration-150 ease-linear hover:bg-purple-700 hover:text-purple-50 hover:shadow-md dark:bg-gray-700 dark:hover:bg-purple-900 dark:hover:text-white lg:h-auto lg:flex-row xl:justify-start"},a.createElement("span",{className:"text-left"},e.text),a.createElement(o.JO,{icon:e.icon,className:"order-first hidden lg:block"}))))))))},1320:(e,t,n)=>{n.d(t,{Z:()=>m});var a=n(67294),o=n(1954),i=n(92074),s=n(38201),r=n(51372);const l=e=>{let{grid:t,display:n,layout:o,title:i,description:r}=e;return a.createElement("div",{className:`${t} ${n} ${o}`},a.createElement("h1",{className:"mb-6 max-w-sm text-purple-700 dark:text-purple-500 lg:max-w-lg "},i),a.createElement(s.Z,{text:r,styles:"leading-relaxed"}))},h=e=>{let{grid:t,display:n,layout:o,image:i={path:"images/raw/podman-2-196w-172h.png",alt:"Podman Logo"}}=e;return a.createElement("div",null,a.createElement("img",{src:i.path,alt:i.alt,className:`${t} ${n} ${o}`}))};function d(e){let{image:t,basicResources:n}=e;return n?a.createElement(r.Z,null):a.createElement(h,{image:t,layout:"mb-8 lg:mb-0"})}function u(e){let{instructions:t}=e;return t?a.createElement("div",null,a.createElement("h3",{className:"text-gray-700 mb-4"},t.title),a.createElement("p",null,t.subtitle),a.createElement("ul",{className:"mb-10 mt-4 flex flex-col gap-6 sm:flex-row lg:mb-16 lg:gap-4 xl:flex-col"},a.createElement("li",null,a.createElement("a",{href:t.button.path,className:"no-underline hover:no-underline flex h-32 max-w-lg flex-col items-center justify-center gap-4 rounded-md bg-gray-100 p-4 text-center text-purple-700 underline-offset-4 transition duration-150 ease-linear hover:bg-purple-700 hover:text-purple-50 hover:shadow-md dark:bg-gray-700 dark:hover:bg-purple-900 dark:hover:text-white lg:h-auto lg:flex-row xl:justify-start"},a.createElement("span",null,t.button.text),a.createElement(o.JO,{icon:t.button.icon,className:"order-first hidden lg:block"}))))):null}const m=function(e){let{title:t,description:n,image:o,lightColor:s="white",darkColor:r="gray-900",basicResources:h,instructions:m}=e;return a.createElement("header",{className:`bg-${s} dark:bg-${r}`},a.createElement("div",{className:"bg-gradient-to-r from-blue-500 to-purple-700 dark:from-blue-700 dark:to-purple-900 lg:pt-8"},a.createElement(i.Z,null)),a.createElement("div",{className:"container flex flex-col md:flex-row justify-around"},a.createElement("div",null,a.createElement(l,{title:t,description:n,layout:"mt-12 lg:mt-0 mb-8"}),a.createElement(u,{instructions:m})),a.createElement("div",{className:"w-[50%] ml-24"},a.createElement(d,{basicResources:h}))))}},53198:(e,t,n)=>{n.d(t,{Z:()=>i});var a=n(67294),o=n(38201);const i=function(e){let{title:t,description:n,textGradientStops:i="from-blue-700 via-blue-700 to-blue-900 dark:from-blue-500 dark:to-blue-700",textGradient:s=!1,textColor:r="text-gray-900",fontWeight:l,layout:h,bgColor:d}=e;const u=s?`bg-gradient-radial bg-clip-text text-transparent dark:bg-gradient-radial dark:text-transparent ${i}`:`${r}`;return a.createElement("header",{className:`${d} ${h}`},a.createElement("div",{className:"container mx-auto mb-4 mt-12 text-center lg:mt-16"},a.createElement("h2",{className:`${u} ${l}`},t),a.createElement(o.Z,{text:n,styles:"mx-auto my-4 max-w-4xl leading-relaxed text-gray-700 dark:text-gray-100"})))}},92074:(e,t,n)=>{n.d(t,{Z:()=>o});var a=n(67294);const o=function(e){let{light:t="fill-white",dark:n="dark:fill-gray-900",width:o="100",height:i="130",grid:s,layout:r}=e;return a.createElement("svg",{xmlns:"http://www.w3.org/2000/svg",className:`${s} ${r}`,width:`${o}%`,viewBox:`-8620 -1968 1400 ${i}`},a.createElement("path",{className:`${t} ${n}`,d:"M-8629-1935v-10.614s78.25-20.752 155.47-20.752c131.788 0 169.95 23.309 233.125 23.309 108.108 0 138.56-21.268 208.573-21.268s108.701 25.151 233.283 25.151c124.581 0 120.881-43.085 251.082-22.031 112.227 18.148 187.023 22.031 264.45 7.825 76.957-14.12 79.117 14.113 79.014 18.38l.003 258h-1425v-258Z"}))}},37528:(e,t,n)=>{n.d(t,{Z:()=>s});var a=n(67294),o=n(1954),i=n(38201);const s=function(e){let{title:t,description:n,image:s,styles:r,icon:l,bgColor:h="from-blue-700 via-blue-700 to-blue-900 dark:from-blue-500 dark:to-blue-700",titleColor:d="text-purple-700 dark:text-purple-500",marginHeight:u="mt-8 lg:mt-16"}=e;return a.createElement("section",{className:`${r} ${h} ${u} mx-auto w-full`},a.createElement("div",{className:"mx-auto flex max-w-3xl flex-wrap items-center justify-center gap-4 py-4 md:py-8 lg:gap-8 xl:max-w-fit"},a.createElement("div",null,l?a.createElement(o.JO,{icon:l,className:"text-4xl text-white dark:text-gray-50"}):s?a.createElement("img",{src:s.src,alt:s.alt}):a.createElement("p",null,"No image or icon")),t?a.createElement("div",{className:"mx-auto text-center md:text-start lg:pl-4"},a.createElement("h3",{className:`mx-auto mb-4 text-3xl font-bold ${d}`},t),a.createElement(i.Z,{text:n,styles:"mx-auto max-w-4xl leading-relaxed text-gray-700"})):a.createElement(i.Z,{text:n,styles:"mx-auto leading-relaxed"})))}},14307:(e,t,n)=>{n.d(t,{Z:()=>i});var a=n(67294),o=n(1954);const i=function(e){let{as:t="link",outline:n,colors:i,icon:s,text:r,method:l,path:h}=e;const d="text-xl h-fit my-2 block max-w-fit cursor-pointer rounded-md px-6 py-2 font-semibold transition duration-150 ease-in-out hover:no-underline hover:shadow-md whitespace-nowrap",u=n?` no-underline outline dark:bg-white dark:text-purple-700 text-purple-700 dark:text-purple-900 dark:hover:bg-purple-900 dark:hover:text-white ${i}`:`bg-purple-700 dark:bg-purple-900 text-white dark:text-white hover:bg-purple-900 no-underline hover:no-underline dark:hover:text-gray-50 dark:hover:bg-purple-700 hover:text-white ${i}`;return"button"===t?a.createElement("button",{onClick:l,className:`${d} ${u}`},s?a.createElement("span",{className:"flex items-center gap-2"},r," ",a.createElement(o.JO,{icon:s})):a.createElement("span",null,r)):a.createElement("a",{href:h,className:`${d} ${u}`},s?a.createElement("span",{className:"flex items-center gap-2"},r," ",a.createElement(o.JO,{icon:s})):a.createElement("span",null,r))}},4544:(e,t,n)=>{n.d(t,{Z:()=>i});var a=n(67294),o=n(1954);const i=function(e){const t=(0,a.useRef)(),[n,i]=(0,a.useState)(!1);var s,r;return s=t,r=()=>i(!1),(0,a.useEffect)((()=>{const e=e=>{s.current&&!s.current.contains(e.target)&&r(e)};return document.addEventListener("mousedown",e),document.addEventListener("touchstart",e),()=>{document.removeEventListener("mousedown",e),document.removeEventListener("touchstart",e)}}),[s,r]),a.createElement("div",{ref:t},a.createElement("button",{"data-dropdown-toggle":"dropdown",onClick:()=>i((e=>!e)),className:"my-2 flex items-center gap-2 rounded-md bg-white px-4 py-2 font-bold text-purple-700 transition duration-150 ease-linear hover:bg-purple-700 hover:text-white focus:shadow-md dark:text-purple-900 dark:hover:text-white"},a.createElement("span",null,e.text),a.createElement(o.JO,{icon:"ion:caret-down-outline"})),n&&a.createElement("div",{className:"absolute mt-2 max-w-fit rounded-md bg-white shadow-md dark:bg-gray-900"},e.option))}},38201:(e,t,n)=>{n.d(t,{Z:()=>s});var a=n(67294),o=n(91262);const i=(0,a.lazy)((()=>n.e(51195).then(n.bind(n,51195))));const s=function(e){let{text:t,styles:n}=e;return a.createElement(o.Z,null,(()=>a.createElement(a.Suspense,{fallback:a.createElement("p",null,"text loading...")},a.createElement(i,{children:t,className:n}))))}},8039:(e,t,n)=>{n.r(t),n.d(t,{default:()=>Oi});var a={};n.r(a),n.d(a,{contentTitle:()=>ge,default:()=>fe,frontMatter:()=>pe,toc:()=>ye});var o={};n.r(o),n.d(o,{contentTitle:()=>ve,default:()=>Te,frontMatter:()=>be,toc:()=>Me});var i={};n.r(i),n.d(i,{contentTitle:()=>Ce,default:()=>xe,frontMatter:()=>Se,toc:()=>Ne});var s={};n.r(s),n.d(s,{contentTitle:()=>Ee,default:()=>He,frontMatter:()=>Be,toc:()=>We});var r={};n.r(r),n.d(r,{contentTitle:()=>Oe,default:()=>Ye,frontMatter:()=>Re,toc:()=>Je});var l={};n.r(l),n.d(l,{contentTitle:()=>qe,default:()=>Qe,frontMatter:()=>Ue,toc:()=>ze});var h={};n.r(h),n.d(h,{contentTitle:()=>_e,default:()=>tt,frontMatter:()=>Ze,toc:()=>Xe});var d={};n.r(d),n.d(d,{contentTitle:()=>at,default:()=>rt,frontMatter:()=>nt,toc:()=>ot});var u={};n.r(u),n.d(u,{contentTitle:()=>ht,default:()=>ct,frontMatter:()=>lt,toc:()=>dt});var m={};n.r(m),n.d(m,{contentTitle:()=>gt,default:()=>ft,frontMatter:()=>pt,toc:()=>yt});var c={};n.r(c),n.d(c,{contentTitle:()=>vt,default:()=>Tt,frontMatter:()=>bt,toc:()=>Mt});var p={};n.r(p),n.d(p,{contentTitle:()=>Ct,default:()=>xt,frontMatter:()=>St,toc:()=>Nt});var g={};n.r(g),n.d(g,{contentTitle:()=>Et,default:()=>Ht,frontMatter:()=>Bt,toc:()=>Wt});var y={};n.r(y),n.d(y,{contentTitle:()=>Ot,default:()=>Yt,frontMatter:()=>Rt,toc:()=>Jt});var k={};n.r(k),n.d(k,{contentTitle:()=>qt,default:()=>Qt,frontMatter:()=>Ut,toc:()=>zt});var w={};n.r(w),n.d(w,{contentTitle:()=>_t,default:()=>tn,frontMatter:()=>Zt,toc:()=>Xt});var f={};n.r(f),n.d(f,{contentTitle:()=>an,default:()=>ln,frontMatter:()=>nn,toc:()=>on});var b={};n.r(b),n.d(b,{contentTitle:()=>dn,default:()=>pn,frontMatter:()=>hn,toc:()=>un});var v={};n.r(v),n.d(v,{contentTitle:()=>yn,default:()=>bn,frontMatter:()=>gn,toc:()=>kn});var M={};n.r(M),n.d(M,{contentTitle:()=>Mn,default:()=>Sn,frontMatter:()=>vn,toc:()=>In});var I={};n.r(I),n.d(I,{contentTitle:()=>Nn,default:()=>Bn,frontMatter:()=>Cn,toc:()=>Dn});var A={};n.r(A),n.d(A,{contentTitle:()=>Wn,default:()=>Rn,frontMatter:()=>En,toc:()=>jn});var T={};n.r(T),n.d(T,{contentTitle:()=>Jn,default:()=>Un,frontMatter:()=>On,toc:()=>Fn});var S={};n.r(S),n.d(S,{contentTitle:()=>zn,default:()=>Zn,frontMatter:()=>qn,toc:()=>Vn});var C={};n.r(C),n.d(C,{contentTitle:()=>Xn,default:()=>na,frontMatter:()=>_n,toc:()=>$n});var N={};n.r(N),n.d(N,{contentTitle:()=>oa,default:()=>la,frontMatter:()=>aa,toc:()=>ia});var D={};n.r(D),n.d(D,{contentTitle:()=>da,default:()=>pa,frontMatter:()=>ha,toc:()=>ua});var P={};n.r(P),n.d(P,{contentTitle:()=>ya,default:()=>ba,frontMatter:()=>ga,toc:()=>ka});var x={};n.r(x),n.d(x,{contentTitle:()=>Ma,default:()=>Sa,frontMatter:()=>va,toc:()=>Ia});var B={};n.r(B),n.d(B,{contentTitle:()=>Na,default:()=>Ba,frontMatter:()=>Ca,toc:()=>Da});var E={};n.r(E),n.d(E,{contentTitle:()=>Wa,default:()=>Ra,frontMatter:()=>Ea,toc:()=>ja});var W={};n.r(W),n.d(W,{contentTitle:()=>Ja,default:()=>Ua,frontMatter:()=>Oa,toc:()=>Fa});var j={};n.r(j),n.d(j,{contentTitle:()=>za,default:()=>Za,frontMatter:()=>qa,toc:()=>Va});var L={};n.r(L),n.d(L,{contentTitle:()=>Xa,default:()=>no,frontMatter:()=>_a,toc:()=>$a});var H={};n.r(H),n.d(H,{contentTitle:()=>oo,default:()=>lo,frontMatter:()=>ao,toc:()=>io});var R={};n.r(R),n.d(R,{contentTitle:()=>uo,default:()=>go,frontMatter:()=>ho,toc:()=>mo});var O={};n.r(O),n.d(O,{contentTitle:()=>ko,default:()=>vo,frontMatter:()=>yo,toc:()=>wo});var J={};n.r(J),n.d(J,{contentTitle:()=>Io,default:()=>Co,frontMatter:()=>Mo,toc:()=>Ao});var F={};n.r(F),n.d(F,{contentTitle:()=>Do,default:()=>Eo,frontMatter:()=>No,toc:()=>Po});var G={};n.r(G),n.d(G,{contentTitle:()=>jo,default:()=>Oo,frontMatter:()=>Wo,toc:()=>Lo});var Y={};n.r(Y),n.d(Y,{contentTitle:()=>Fo,default:()=>qo,frontMatter:()=>Jo,toc:()=>Go});var U={};n.r(U),n.d(U,{contentTitle:()=>Vo,default:()=>_o,frontMatter:()=>zo,toc:()=>Ko});var q={};n.r(q),n.d(q,{contentTitle:()=>$o,default:()=>ai,frontMatter:()=>Xo,toc:()=>ei});var z={};n.r(z),n.d(z,{contentTitle:()=>ii,default:()=>hi,frontMatter:()=>oi,toc:()=>si});var V={};n.r(V),n.d(V,{contentTitle:()=>ui,default:()=>gi,frontMatter:()=>di,toc:()=>mi});var K={};n.r(K),n.d(K,{F20201006:()=>a,F20201103:()=>u,F20201201:()=>f,F20210202:()=>C,F20210302:()=>j,F20210406:()=>o,F20210504:()=>m,F20210601:()=>b,F20210715:()=>N,F20210803:()=>L,F20210819:()=>i,F20210907:()=>c,F20210916:()=>v,F20211005:()=>D,F20211021:()=>H,F20211102:()=>s,F20211118:()=>p,F20211207:()=>M,F20211216:()=>P,F20220120:()=>R,F20220201:()=>r,F20220217:()=>g,F20220317:()=>I,F20220405:()=>x,F20220421:()=>O,F20220519:()=>l,F20220607:()=>y,F20220721:()=>A,F20220802:()=>B,F20220915:()=>J,F20221004:()=>h,F20221117:()=>k,F20221206:()=>T,F20230119:()=>E,F20230207:()=>F,F20230216:()=>d,F20230316:()=>w,F20230404:()=>S,F20230420:()=>W,F20230518:()=>G,F20230606:()=>Y,F20230615:()=>U,F20230720:()=>q,F20230921:()=>z,F20231003:()=>V});var Q=n(87462),Z=n(67294),_=n(7961),X=n(1954),$=n(38201),ee=n(1320),te=n(53198);const ne=[{label:"Red Hat",href:"https://www.redhat.com/",src:"logos/raw/red-hat-120w-77h.png",alt:"Red Hat Logo"},{label:"Amadeus",href:"https://www.amadeus.com/",src:"logos/raw/amadeus-171w-22h.png",alt:"Amadeus Logo"},{label:"Suse",href:"https://www.suse.com",src:"logos/raw/suse-167w-30h.png",alt:"Suse Logo"},{label:"Motorola",href:"https://www.motorolasolutions.com/",src:"logos/raw/motorola-solutions-128w-110h.png",alt:"Motorola Solutions Logo"},{label:"NTT",href:"https://www.global.ntt",src:"logos/raw/ntt-145w-50h.png",alt:"NTT Logo"},{label:"IBM",href:"https://www.ibm.com",src:"logos/raw/ibm-92w-37h.png",alt:"IBM Logo"},{label:"Debian",href:"https://www.debian.org/",src:"logos/raw/debian-68w-90h.png",alt:"Debian Logo"}];const ae=function(){const[e,t,n,a,o,i,s]=ne;return Z.createElement("section",{className:"my-8 lg:my-12"},Z.createElement("header",{className:"container my-4 text-center lg:my-8"},Z.createElement("h2",{className:"mb-3 text-blue-700 dark:text-purple-500"},"Special thanks to our contributors"),Z.createElement("p",{className:"text-gray-900"},"The Podman community has contributors from many different organizations, including:")),Z.createElement("div",{className:"relative mx-auto my-8 flex items-center"},Z.createElement("button",{onClick:()=>{const e=document.getElementById("slider");e.scrollLeft=e.scrollLeft-500},className:"lg:hidden"},Z.createElement(X.JO,{icon:"fa-solid:arrow-circle-left",className:"text-4xl text-gray-500 opacity-25 transition duration-150 ease-linear hover:text-purple-900 hover:opacity-100 dark:hover:text-purple-700"})),Z.createElement("div",{id:"slider",className:"justify-center mx-auto h-full w-full place-items-center gap-6 overflow-x-scroll scroll-smooth whitespace-nowrap scrollbar scrollbar-track-purple-500 lg:container lg:grid"},Z.createElement("a",{href:e.href,target:"_blank",className:"mx-4 mb-4 inline-block rounded-md p-4 dark:bg-gray-100 lg:row-span-2 lg:row-start-1 lg:mb-0"},Z.createElement("img",(0,Q.Z)({},e,{className:"mx-auto p-4"}))),Z.createElement("a",{href:t.href,target:"_blank",className:"mx-4 mb-4 inline-block rounded-md p-4 dark:bg-gray-100 lg:mb-0 lg:flex lg:h-28 lg:w-80 lg:items-center"},Z.createElement("img",(0,Q.Z)({},t,{className:"object-fit mx-auto max-w-sm p-4 "}))),Z.createElement("a",{href:n.href,target:"_blank",className:"mx-4 mb-4 inline-block rounded-md p-4 dark:bg-gray-100 lg:mb-0 lg:flex lg:h-28 lg:w-80 lg:items-center"},Z.createElement("img",(0,Q.Z)({},n,{className:"object-fit mx-auto max-w-sm p-4 "}))),Z.createElement("a",{href:a.href,target:"_blank",className:"mx-4 mb-4 inline-block rounded-md p-4 dark:bg-gray-100 lg:row-span-2 lg:row-start-1 lg:mb-0"},Z.createElement("img",(0,Q.Z)({},a,{className:"mx-auto p-4"}))),Z.createElement("a",{href:o.href,target:"_blank",className:"mx-4 mb-4 inline-block rounded-md p-4 dark:bg-gray-100 lg:mb-0 lg:flex lg:h-28 lg:w-80 lg:items-center"},Z.createElement("img",(0,Q.Z)({},o,{className:"object-fit mx-auto max-w-sm p-4 "}))),Z.createElement("a",{href:i.href,target:"_blank",className:"col-span-3 mx-4 mb-4 inline-block rounded-md p-4 dark:bg-gray-100 lg:mb-0 lg:flex lg:h-28 lg:w-80 lg:items-center"},Z.createElement("img",(0,Q.Z)({},i,{className:"object-fit mx-auto max-w-sm p-4 "}))),Z.createElement("a",{href:s.href,target:"_blank",className:"mx-4 mb-4 inline-block rounded-md p-4 dark:bg-gray-100 lg:row-span-2 lg:row-start-1 lg:mb-0"},Z.createElement("img",(0,Q.Z)({},s,{className:"mx-auto p-4"})))),Z.createElement("button",{onClick:()=>{const e=document.getElementById("slider");e.scrollLeft=e.scrollLeft+500},className:"lg:hidden"},Z.createElement(X.JO,{icon:"fa-solid:arrow-circle-right",className:"dark:hover-text-purple-700 text-4xl text-gray-500 opacity-25 transition duration-150 ease-linear hover:text-purple-900 hover:opacity-100"}))))};var oe=n(14307);const ie=function(){return Z.createElement("svg",{width:"74.667",xmlns:"http://www.w3.org/2000/svg",className:"film-icon",height:"56",id:"screenshot-f22025ed-2924-807f-8002-a2aff9654955",viewBox:"0 0 74.667 56",fill:"none",version:"1.1"},Z.createElement("g",{id:"shape-f22025ed-2924-807f-8002-a2aff9654955",rx:"0",ry:"0"},Z.createElement("g",{id:"shape-f22025ed-2924-807f-8002-a2af748c75a7",className:"svg-inline--fa fa-film fa-w-16",rx:"0",ry:"0",fill:"url(#fill-0-rumext-id-2)"},Z.createElement("defs",null,Z.createElement("radialGradient",{id:"fill-color-gradient_rumext-id-2_0",cx:"0.5",cy:"0.5",r:"0.5",gradientTransform:"matrix(-1.000000, 0.000000, -0.000000, -1.000000, 1.000000, 1.000000)"},Z.createElement("stop",{offset:"0",stopColor:"#68c6f7",stopOpacity:"1"}),Z.createElement("stop",{offset:"1",stopColor:"#3799cc",stopOpacity:"1"})),Z.createElement("pattern",{patternUnits:"userSpaceOnUse",x:"0.0000022199039904080564",y:"0.0000025210333660652395",height:"56.00000799999998",width:"74.66667200000188","data-loading":"false",id:"fill-0-rumext-id-2"},Z.createElement("g",null,Z.createElement("rect",{width:"74.66667200000188",height:"56.00000799999998",fill:"url(#fill-color-gradient_rumext-id-2_0)"})))),Z.createElement("g",{id:"shape-f22025ed-2924-807f-8002-a2af748c75a8"},Z.createElement("defs",null,Z.createElement("radialGradient",{id:"fill-color-gradient_rumext-id-3_0",cx:"0.5",cy:"0.5",r:"0.5",gradientTransform:"matrix(-1.000000, 0.000000, -0.000000, -1.000000, 1.000000, 1.000000)"},Z.createElement("stop",{offset:"0",stopColor:"#68c6f7",stopOpacity:"1"}),Z.createElement("stop",{offset:"1",stopColor:"#3799cc",stopOpacity:"1"})),Z.createElement("pattern",{patternUnits:"userSpaceOnUse",x:"-0.10779549147923717",y:"0.000006515896984637948",height:"56.000000000000455",width:"75.00000000000205","data-loading":"false",patternTransform:"matrix(1.000000, 0.000000, 0.000000, 1.000000, 0.000000, -0.000000)",id:"fill-0-rumext-id-3"},Z.createElement("g",null,Z.createElement("rect",{width:"75.00000000000205",height:"56.000000000000455",fill:"url(#fill-color-gradient_rumext-id-3_0)"})))),Z.createElement("g",{className:"fills",id:"fills-f22025ed-2924-807f-8002-a2af748c75a8"},Z.createElement("path",{fill:"url(#fill-0-rumext-id-3)",rx:"0",ry:"0",d:"M71.167,0.000L70.000,0.000L70.000,2.917C70.000,3.879,69.213,4.667,68.250,4.667L62.417,4.667C61.454,4.667,60.667,3.879,60.667,2.917L60.667,0.000L14.000,0.000L14.000,2.917C14.000,3.879,13.213,4.667,12.250,4.667L6.417,4.667C5.454,4.667,4.667,3.879,4.667,2.917L4.667,0.000L3.500,0.000C1.560,0.000,0.000,1.560,0.000,3.500L0.000,52.500C0.000,54.440,1.560,56.000,3.500,56.000L4.667,56.000L4.667,53.083C4.667,52.121,5.454,51.333,6.417,51.333L12.250,51.333C13.213,51.333,14.000,52.121,14.000,53.083L14.000,56.000L60.667,56.000L60.667,53.083C60.667,52.121,61.454,51.333,62.417,51.333L68.250,51.333C69.213,51.333,70.000,52.121,70.000,53.083L70.000,56.000L71.167,56.000C73.106,56.000,74.667,54.440,74.667,52.500L74.667,3.500C74.667,1.560,73.106,0.000,71.167,0.000ZZM14.000,44.917C14.000,45.879,13.213,46.667,12.250,46.667L6.417,46.667C5.454,46.667,4.667,45.879,4.667,44.917L4.667,39.083C4.667,38.121,5.454,37.333,6.417,37.333L12.250,37.333C13.213,37.333,14.000,38.121,14.000,39.083L14.000,44.917ZZM14.000,30.917C14.000,31.879,13.213,32.667,12.250,32.667L6.417,32.667C5.454,32.667,4.667,31.879,4.667,30.917L4.667,25.083C4.667,24.121,5.454,23.333,6.417,23.333L12.250,23.333C13.213,23.333,14.000,24.121,14.000,25.083L14.000,30.917ZZM14.000,16.917C14.000,17.879,13.213,18.667,12.250,18.667L6.417,18.667C5.454,18.667,4.667,17.879,4.667,16.917L4.667,11.083C4.667,10.121,5.454,9.333,6.417,9.333L12.250,9.333C13.213,9.333,14.000,10.121,14.000,11.083L14.000,16.917ZZM53.667,47.250C53.667,48.213,52.879,49.000,51.917,49.000L22.750,49.000C21.788,49.000,21.000,48.213,21.000,47.250L21.000,33.250C21.000,32.288,21.788,31.500,22.750,31.500L51.917,31.500C52.879,31.500,53.667,32.288,53.667,33.250L53.667,47.250ZZM53.667,22.750C53.667,23.713,52.879,24.500,51.917,24.500L22.750,24.500C21.788,24.500,21.000,23.713,21.000,22.750L21.000,8.750C21.000,7.788,21.788,7.000,22.750,7.000L51.917,7.000C52.879,7.000,53.667,7.788,53.667,8.750L53.667,22.750ZZM70.000,44.917C70.000,45.879,69.213,46.667,68.250,46.667L62.417,46.667C61.454,46.667,60.667,45.879,60.667,44.917L60.667,39.083C60.667,38.121,61.454,37.333,62.417,37.333L68.250,37.333C69.213,37.333,70.000,38.121,70.000,39.083L70.000,44.917ZZM70.000,30.917C70.000,31.879,69.213,32.667,68.250,32.667L62.417,32.667C61.454,32.667,60.667,31.879,60.667,30.917L60.667,25.083C60.667,24.121,61.454,23.333,62.417,23.333L68.250,23.333C69.213,23.333,70.000,24.121,70.000,25.083L70.000,30.917ZZM70.000,16.917C70.000,17.879,69.213,18.667,68.250,18.667L62.417,18.667C61.454,18.667,60.667,17.879,60.667,16.917L60.667,11.083C60.667,10.121,61.454,9.333,62.417,9.333L68.250,9.333C69.213,9.333,70.000,10.121,70.000,11.083L70.000,16.917ZZ"})))),Z.createElement("g",{id:"shape-f22025ed-2924-807f-8002-a2af7f162a3b",className:"svg-inline--fa fa-film fa-w-16",rx:"0",ry:"0",fill:"url(#fill-0-rumext-id-4)"},Z.createElement("defs",null,Z.createElement("radialGradient",{id:"fill-color-gradient_rumext-id-4_0",cx:"0.5",cy:"0.5",r:"0.5",gradientTransform:"matrix(-1.000000, 0.000000, -0.000000, -1.000000, 1.000000, 1.000000)"},Z.createElement("stop",{offset:"0",stopColor:"#68c6f7",stopOpacity:"1"}),Z.createElement("stop",{offset:"1",stopColor:"#3799cc",stopOpacity:"1"})),Z.createElement("pattern",{patternUnits:"userSpaceOnUse",x:"0.0000022199039904080564",y:"56.000002521033366",height:"56.00000799999998",width:"74.66667200000188","data-loading":"false",id:"fill-0-rumext-id-4"},Z.createElement("g",null,Z.createElement("rect",{width:"74.66667200000188",height:"56.00000799999998",fill:"url(#fill-color-gradient_rumext-id-4_0)"})))),Z.createElement("g",{id:"shape-f22025ed-2924-807f-8002-a2af7f162a3c"},Z.createElement("defs",null,Z.createElement("radialGradient",{id:"fill-color-gradient_rumext-id-5_0",cx:"0.5",cy:"0.5",r:"0.5",gradientTransform:"matrix(-1.000000, 0.000000, -0.000000, -1.000000, 1.000000, 1.000000)"},Z.createElement("stop",{offset:"0",stopColor:"#68c6f7",stopOpacity:"1"}),Z.createElement("stop",{offset:"1",stopColor:"#3799cc",stopOpacity:"1"})),Z.createElement("pattern",{patternUnits:"userSpaceOnUse",x:"-0.10779549147923717",y:"56.000006515896985",height:"56.000000000000455",width:"75.00000000000205","data-loading":"false",patternTransform:"matrix(1.000000, 0.000000, 0.000000, 1.000000, 0.000000, -0.000000)",id:"fill-0-rumext-id-5"},Z.createElement("g",null,Z.createElement("rect",{width:"75.00000000000205",height:"56.000000000000455",fill:"url(#fill-color-gradient_rumext-id-5_0)"})))),Z.createElement("g",{className:"fills",id:"fills-f22025ed-2924-807f-8002-a2af7f162a3c"},Z.createElement("path",{fill:"url(#fill-0-rumext-id-5)",rx:"0",ry:"0",d:"M71.167,56.000L70.000,56.000L70.000,58.917C70.000,59.879,69.213,60.667,68.250,60.667L62.417,60.667C61.454,60.667,60.667,59.879,60.667,58.917L60.667,56.000L14.000,56.000L14.000,58.917C14.000,59.879,13.213,60.667,12.250,60.667L6.417,60.667C5.454,60.667,4.667,59.879,4.667,58.917L4.667,56.000L3.500,56.000C1.560,56.000,0.000,57.560,0.000,59.500L0.000,108.500C0.000,110.440,1.560,112.000,3.500,112.000L4.667,112.000L4.667,109.083C4.667,108.121,5.454,107.333,6.417,107.333L12.250,107.333C13.213,107.333,14.000,108.121,14.000,109.083L14.000,112.000L60.667,112.000L60.667,109.083C60.667,108.121,61.454,107.333,62.417,107.333L68.250,107.333C69.213,107.333,70.000,108.121,70.000,109.083L70.000,112.000L71.167,112.000C73.106,112.000,74.667,110.440,74.667,108.500L74.667,59.500C74.667,57.560,73.106,56.000,71.167,56.000ZZM14.000,100.917C14.000,101.879,13.213,102.667,12.250,102.667L6.417,102.667C5.454,102.667,4.667,101.879,4.667,100.917L4.667,95.083C4.667,94.121,5.454,93.333,6.417,93.333L12.250,93.333C13.213,93.333,14.000,94.121,14.000,95.083L14.000,100.917ZZM14.000,86.917C14.000,87.879,13.213,88.667,12.250,88.667L6.417,88.667C5.454,88.667,4.667,87.879,4.667,86.917L4.667,81.083C4.667,80.121,5.454,79.333,6.417,79.333L12.250,79.333C13.213,79.333,14.000,80.121,14.000,81.083L14.000,86.917ZZM14.000,72.917C14.000,73.879,13.213,74.667,12.250,74.667L6.417,74.667C5.454,74.667,4.667,73.879,4.667,72.917L4.667,67.083C4.667,66.121,5.454,65.333,6.417,65.333L12.250,65.333C13.213,65.333,14.000,66.121,14.000,67.083L14.000,72.917ZZM53.667,103.250C53.667,104.213,52.879,105.000,51.917,105.000L22.750,105.000C21.788,105.000,21.000,104.213,21.000,103.250L21.000,89.250C21.000,88.288,21.788,87.500,22.750,87.500L51.917,87.500C52.879,87.500,53.667,88.288,53.667,89.250L53.667,103.250ZZM53.667,78.750C53.667,79.713,52.879,80.500,51.917,80.500L22.750,80.500C21.788,80.500,21.000,79.713,21.000,78.750L21.000,64.750C21.000,63.788,21.788,63.000,22.750,63.000L51.917,63.000C52.879,63.000,53.667,63.788,53.667,64.750L53.667,78.750ZZM70.000,100.917C70.000,101.879,69.213,102.667,68.250,102.667L62.417,102.667C61.454,102.667,60.667,101.879,60.667,100.917L60.667,95.083C60.667,94.121,61.454,93.333,62.417,93.333L68.250,93.333C69.213,93.333,70.000,94.121,70.000,95.083L70.000,100.917ZZM70.000,86.917C70.000,87.879,69.213,88.667,68.250,88.667L62.417,88.667C61.454,88.667,60.667,87.879,60.667,86.917L60.667,81.083C60.667,80.121,61.454,79.333,62.417,79.333L68.250,79.333C69.213,79.333,70.000,80.121,70.000,81.083L70.000,86.917ZZM70.000,72.917C70.000,73.879,69.213,74.667,68.250,74.667L62.417,74.667C61.454,74.667,60.667,73.879,60.667,72.917L60.667,67.083C60.667,66.121,61.454,65.333,62.417,65.333L68.250,65.333C69.213,65.333,70.000,66.121,70.000,67.083L70.000,72.917ZZ"}))))))};function se(e){const{title:t,subtitle:n,details:a}=e;return Z.createElement("div",{className:"mx-2 mb-10 mt-4 text-center"},Z.createElement("h3",{className:"mb-3 whitespace-nowrap font-bold text-gray-700 dark:text-gray-50"},t),Z.createElement($.Z,{text:n,styles:"text-gray-700"}),Z.createElement($.Z,{text:a,styles:"text-gray-700"}))}function re(e){const{text:t}=e;return Z.createElement("div",{className:"mx-2 my-6 overflow-y-auto lg:my-8"},Z.createElement("p",{id:"cardBody-parsed",className:"text-gray-700 dark:text-gray-100"},Z.createElement($.Z,{text:t})))}function le(e){const{data:t=[{text:"button text",markDown:Z.createElement(Z.Fragment,null,"No MarkDown to Display!")}],primary:n=!1,method:a=(()=>{console.error("No callback method passed")})}=e;return Z.createElement("div",{className:"align-center mb-4 mt-8 flex flex-row flex-wrap justify-center gap-4 lg:mb-8 2xl:px-10"},n?t.map(((e,t)=>Z.createElement("div",{key:t},0==t?Z.createElement(oe.Z,(0,Q.Z)({as:"link"},e)):Z.createElement(oe.Z,(0,Q.Z)({as:"link",outline:!0},e))))):t.map(((e,t)=>Z.createElement("div",{key:t},0==t?Z.createElement(oe.Z,(0,Q.Z)({as:"link",outline:!0},e)):Z.createElement(oe.Z,(0,Q.Z)({as:"button",method:()=>{a(e)},outline:!0},e))))))}const he=function(e){return Z.createElement("article",{style:e.primary?{maxHeight:"550px",flex:1}:{},className:"flex w-11/12 flex-col rounded-lg bg-gray-50 p-4 shadow-xl dark:bg-gray-700 dark:shadow-none lg:mx-8 lg:my-4"},Z.createElement(se,e),e?.icon?Z.createElement(ie,null):Z.createElement(re,e),Z.createElement(le,e))};const de=function(e){let{cards:t,toggleIsModalOpen:n}=e;return Z.createElement("div",{className:"mb-4 flex lg:mb-6"},t?.map(((e,t)=>{let a=new Date(e.date).getDay();return Z.createElement(he,{key:t,title:e.date,subtitle:(o=a,["Sunday","Monday","Tuesday","Wednesday","Thursday","Friday","Saturday"][o]),details:e.timeZone,text:e.subtitle,data:e.buttons,icon:e.icon,method:t=>{n(t,e.date)}});var o})))};const ue=function(e){const{dropdownRef:t}=e,[n,a]=(0,Z.useState)(!1);var o,i;return o=t,i=()=>a(!1),(0,Z.useEffect)((()=>{const e=e=>{o.current&&!o.current.contains(e.target)&&i(e)};return document.addEventListener("mousedown",e),document.addEventListener("touchstart",e),()=>{document.removeEventListener("mousedown",e),document.removeEventListener("touchstart",e)}}),[o,i]),Z.createElement("div",{ref:t},Z.createElement("div",{"data-dropdown-toggle":"dropdown",onClick:()=>a((e=>!e)),className:"my-2 flex cursor-pointer items-center gap-1 py-2 pl-12 font-bold text-purple-700 dark:text-purple-500"},Z.createElement("div",{className:`transition duration-150 ease-linear ${n&&"rotate-90"}`},Z.createElement(X.JO,{icon:"bi:caret-right-square-fill"})),Z.createElement("span",null,e.text)),Z.createElement("div",{className:"dropdown-options absolute mt-2 flex flex-col overflow-y-auto overflow-x-hidden shadow-md scrollbar-thin scrollbar-track-gray-100 scrollbar-thumb-gray-300 dark:bg-gray-900 md:max-h-full lg:max-h-96"},n&&e?.options.map((e=>e))))};const me=function(e){const{classNames:t}=e;return Z.createElement("svg",{width:"33",xmlns:"http://www.w3.org/2000/svg",height:"33",id:"screenshot-6dbb9699-50de-8051-8002-b160b2203dcd",viewBox:"-0.5 -0.5 33 33",fill:"rgb(177, 178, 181)",version:"1.1",className:t},Z.createElement("g",{id:"shape-6dbb9699-50de-8051-8002-b160b2203dcd",rx:"0",ry:"0"},Z.createElement("g",{id:"shape-6dbb9699-50de-8051-8002-b15f80612846"},Z.createElement("g",{className:"fills",id:"fills-6dbb9699-50de-8051-8002-b15f80612846"},Z.createElement("path",{d:"M5,0 h22 a5,5 0 0 1 5,5 v22 a5,5 0 0 1 -5,5 h-22 a5,5 0 0 1 -5,-5 v-22 a5,5 0 0 1 5,-5 z",x:"0",y:"0",transform:"matrix(1.000000, 0.000000, 0.000000, 1.000000, 0.000000, 0.000000)",width:"32",height:"32"})),Z.createElement("g",{id:"strokes-6dbb9699-50de-8051-8002-b15f80612846",className:"strokes"},Z.createElement("g",{className:"stroke-shape"},Z.createElement("path",{d:"M5,0 h22 a5,5 0 0 1 5,5 v22 a5,5 0 0 1 -5,5 h-22 a5,5 0 0 1 -5,-5 v-22 a5,5 0 0 1 5,-5 z",x:"0",y:"0",transform:"matrix(1.000000, 0.000000, 0.000000, 1.000000, 0.000000, 0.000000)",width:"32",height:"32",opacity:"0.5",fill:"none",strokeWidth:"1",stroke:"rgb(0, 0, 0)",strokeOpacity:"1"})))),Z.createElement("g",{id:"shape-6dbb9699-50de-8051-8002-b16031b36494"},Z.createElement("g",{className:"fills",id:"fills-6dbb9699-50de-8051-8002-b16031b36494"},Z.createElement("path",{rx:"0",ry:"0",d:"M28.500,3.500L3.500,29.500"})),Z.createElement("g",{id:"strokes-6dbb9699-50de-8051-8002-b16031b36494",className:"strokes"},Z.createElement("g",{className:"stroke-shape"},Z.createElement("path",{rx:"0",ry:"0",d:"M28.500,3.500L3.500,29.500",fill:"none",strokeWidth:"2",stroke:"rgb(0, 0, 0)",strokeOpacity:"1"})))),Z.createElement("g",{id:"shape-6dbb9699-50de-8051-8002-b1604c231d3e"},Z.createElement("g",{className:"fills",id:"fills-6dbb9699-50de-8051-8002-b1604c231d3e"},Z.createElement("path",{rx:"0",ry:"0",d:"M28.500,28.500L2.500,3.500"})),Z.createElement("g",{id:"strokes-6dbb9699-50de-8051-8002-b1604c231d3e",className:"strokes"},Z.createElement("g",{className:"stroke-shape"},Z.createElement("path",{rx:"0",ry:"0",d:"M28.500,28.500L2.500,3.500",fill:"none",strokeWidth:"2",stroke:"rgb(0, 0, 0)",strokeOpacity:"1"}))))))};var ce=n(3905);const pe={layout:"default",title:"Podman Community Meeting"},ge=void 0,ye=[{value:"October 6, 2020 11:00 a.m. Eastern",id:"october-6-2020-1100-am-eastern",level:2},{value:"Attendees (34 total)",id:"attendees-34-total",level:3},{value:"Introductions",id:"introductions",level:2},{value:"Upcoming",id:"upcoming",level:2},{value:"Podman v3.0 Planning",id:"podman-v30-planning",level:2},{value:"HPC",id:"hpc",level:2},{value:"Questions?",id:"questions",level:2},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday, November 3, 2020, 11:00 a.m. Eastern",id:"next-meeting-tuesday-november-3-2020-1100-am-eastern",level:2},{value:"BlueJeans Chat raw copy/paste:",id:"bluejeans-chat-raw-copypaste",level:2}],ke={toc:ye},we="wrapper";function fe(e){let{components:t,...a}=e;return(0,ce.kt)(we,(0,Q.Z)({},ke,a,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("p",null,(0,ce.kt)("img",{alt:"Podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,ce.kt)("h1",{id:"-pagetitle-"},"{{ page.title }}"),(0,ce.kt)("h2",{id:"october-6-2020-1100-am-eastern"},"October 6, 2020 11:00 a.m. Eastern"),(0,ce.kt)("h3",{id:"attendees-34-total"},"Attendees (34 total)"),(0,ce.kt)("p",null,"Tom Sweeney, Alex Litvak, Chris Evich, Christian Felder, Douglas, Ed Santaigo, Josep Gooch, Joe Doss, Lokesh Mand, Manish, Matt Heon, Reinhard Tartler, Valentin Rothberg, Wolfgang K, Nalin Dahyabhai, Dusty Mabe, Urvashi Mohnani, Sally O'Malley, Eduardo Santiago, Anders, Miloslav Trma\u010d, Jhon Honce, Parker Van Roy, Brent Baude, James Alt, Greg Shomo, Paul Holzinger, Ralf Haferkamp, Giuseppe Scrivano, Scott McCarty, Anders Bj\xf6rklund (afbjorklund), Balamurugan, Brian Smith, Drew Baily"),(0,ce.kt)("h2",{id:"introductions"},"Introductions"),(0,ce.kt)("p",null,"Each of the attendees gave a quick introduction."),(0,ce.kt)("h2",{id:"upcoming"},"Upcoming"),(0,ce.kt)("p",null,"Matt Heon discussed the upcoming releases and some of their content. He said, v2.1 came out a little over a week ago, v2.1.1 coming with bug fixes in the next week or so.\nAiming v3.0 towards sometime in February, which will include the removal of the varlink api as it has been deprecated. The big changes for v3.0 will be the removal of varlink and it will include improvements in handling short image names."),(0,ce.kt)("p",null,"Trying to get additional commands such as ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman container clone")," and other commands in as well. Also improvements to the REST API, including new endpoints to more closely mimic what Podman locally does."),(0,ce.kt)("p",null,"Lots of effort currently being put into fixing reported bugs and moving people from established Docker shops who want to transition."),(0,ce.kt)("h2",{id:"podman-v30-planning"},"Podman v3.0 Planning"),(0,ce.kt)("p",null,"Dan Walsh led the discussion on Podman v3.0 planning. Short names of images will be added. This will help prevent spoofing of images. ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman pull foo")," will go to all the defined registries and you'll be given a choice to pick from a list. If you pull later, it will repull that same pick. Similar to known hosts in ssh. Better support for Kata containers. More documentation and enhancements in usernamespace. Auto-selection of usernamespace is one such area of improvement. Also kubernetes integration enhancements, currently underway from a number of community members."),(0,ce.kt)("h2",{id:"hpc"},"HPC"),(0,ce.kt)("p",null,"Dan talked in general about the HPC community and that the development team would like to work closely with that community. Valentin talked about the differences in that environment. The goal is to generalize the problems and make them more usable."),(0,ce.kt)("h2",{id:"questions"},"Questions?"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Any plans for improved systemd integration with rootless? Specifically running systemd units with the ",(0,ce.kt)("inlineCode",{parentName:"li"},"User=")," directive calling podman rootless.\n(jdoss)")),(0,ce.kt)("p",null,"Podman team has talked to the systemd team and the systemd team was somewhat confused about why someone would want that. Further talks had about ways to use it are ongoing, but no support from systemd team at the moment. We'd like to get it in, but rely on the systemd team's help."),(0,ce.kt)("ol",{start:2},(0,ce.kt)("li",{parentName:"ol"},"Could you elaborate on the timing of integration of podman 2.x and 3.x into certain RHEL 8.x releases? (JA)")),(0,ce.kt)("p",null,"Podman 2.0 is 8.3.0, Podman 2.1 in 8.3.1. Not sure about 3.0 yet - perhaps 8.4.0 if we make the deadline there."),(0,ce.kt)("ol",{start:3},(0,ce.kt)("li",{parentName:"ol"},"What versions of podman/buildah/skopeo can we expect to end up in RHEL7 (RHEL8)? (R. Tartier)")),(0,ce.kt)("p",null,"RHEL7 is now frozen on 1.6.4"),(0,ce.kt)("ol",{start:4},(0,ce.kt)("li",{parentName:"ol"},"Will this go into another module stream though? (C Felder)")),(0,ce.kt)("p",null,"Yes. Nevertheless, RHEL8 stream is always rolling to the latest."),(0,ce.kt)("ol",{start:5},(0,ce.kt)("li",{parentName:"ol"},'Does "kind" work with Podman?')),(0,ce.kt)("p",null,"It should work now for Podman running as root in Podman 2.0."),(0,ce.kt)("ol",{start:6},(0,ce.kt)("li",{parentName:"ol"},"Does the podman team work with the Quay team about registry interactions - access control features? ability to move older images to a different registry with different permissions? maybe these are quay questions...")),(0,ce.kt)("p",null,"We'd like to work closer with Quay, but they've been overloaded since onboarding with Red Hat. We'd love any feedback that we can get. The majority of the answers to this question would have to come from the Quay team."),(0,ce.kt)("ol",{start:7},(0,ce.kt)("li",{parentName:"ol"},"podman go api -- any updates around ",(0,ce.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/6866"},"https://github.com/containers/podman/issues/6866"))),(0,ce.kt)("p",null,"Brent Baude answered. The best I can say is this is on the roadmap. Brent discussed that we've been bug fixing mostly as of late, but that it is on our road map."),(0,ce.kt)("ol",{start:8},(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Do you folks plan on publishing a public road map that shows community and Red Hat needs/wants for features/bug?"),(0,ce.kt)("p",{parentName:"li"},"Scott is working on this for the RHEL side of things. Brent is using Jira for our \"internal\" work. He'd like to share the Jira cards, but he's not sure about the timing of getting them done. Dusty suggested on grouping which are near term items vs more future items."))),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("p",null,"Is support for different logging drivers is on the road map in the future?"),(0,ce.kt)("p",null,"What Red Hat Thinks - Design directions - Brent Baude"),(0,ce.kt)("p",null,"I could do a summary of boot2podman/podman-machine (basically a varlink post-mortem) - Anders Bj\xf6rklund (Sold! and thanks!)\nCurrently involved in a little project to make a vagrant shell wrapper similar to it."),(0,ce.kt)("h2",{id:"next-meeting-tuesday-november-3-2020-1100-am-eastern"},"Next Meeting: Tuesday, November 3, 2020, 11:00 a.m. Eastern"),(0,ce.kt)("h2",{id:"bluejeans-chat-raw-copypaste"},"BlueJeans Chat raw copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Christian Felder10:57 AM\nHi, this is Christian from Munich\nReinhard Tartler10:57 AM\nHi, this is Reinhard from New York!\nAlex Litvak10:57 AM\nHi this is Alex from Chicago\nMe10:58 AM\nHowdy All! Tom from Leominster, MA. We'll be starting shortly\nLokesh S Mandvekar11:00 AM\nHello everyone\nnice to put faces to some of the names finally :)\nGreg Shomo11:00 AM\nhello, world\nJoe Doss (jdoss)11:00 AM\nHello! Joe Doss from Chicago I work for DEV Community Inc https://dev.to / forem.com\nDusty Mabe11:01 AM\nhey All, I'm Dusty Mabe - work for Red Hat on Fedora CoreOS and RHCOS. Good to meet everyone.\nMe11:01 AM\nMeeting Notes: https://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nmanish11:02 AM\nhello , i am manish\nMe11:02 AM\nPlease add yourself to the attendees list if I didn't get you there.\nafbjorklund11:04 AM\nI am Anders Bj\xf6rklund, and I was doing boot2podman. Might have to drop out today since I am joining from car\nBalamurugan11:08 AM\nyes\nDusty Mabe11:09 AM\nthere can be only one Dan\nLokesh S Mandvekar11:15 AM\n@tom: ManIsh, not ManUsh\nScott McCarty11:15 AM\nMight be worth sharing with this group. Red Hat has a community program called Red Hat Accelerators which gives you access to Red Hat engineering and leadership. I believe it was just announced today: https://access.redhat.com/accelerators#overview\nReinhard Tartler11:17 AM\nHi, I'm Reinhard, long-term Debian and Ubuntu Core Developer (13 years), and I've integrated podman 2.0.6 into the upcoming Debian 11 and Ubuntu 20.10 releases. I'm located in New York and work at Bloomberg leading a team working on a firmwide integration build system\nBrent Baude11:17 AM\n@Reinhard, please to meet you\nScott McCarty11:20 AM\n@Reinhard, that is super exciting to hear!\nLokesh S Mandvekar11:21 AM\nthanks a ton Reinhard :)\nJoe Doss (jdoss)11:24 AM\nAny plans for improved systemd integration with rootless?\nBrent Baude11:25 AM\nid encourage you to ask ... and specify what exactly you want\nJoe Doss (jdoss)11:25 AM\nSpecifically running systemd units with the User= directive calling podman rootless.\nJA11:27 AM\nCould you elaborate on the timing of integration of podman 2.x and 3.x into certain RHEL 8.x releases?\nmheon11:27 AM\n@JA - Podman 2.0 is 8.3.0, Podman 2.1 in 8.3.1\nNot sure about 3.0 yet - perhaps 8.4.0 if we make the deadline there\nReinhard Tartler11:28 AM\nQ: What versions of podman/buildah/skopeo can we expect to end up in RHEL7 (RHEL8)? - I'm asking because I need to decide what version to integrate for Debian 11, and would love to hear some opinions.\nChristian Felder11:29 AM\nfollow up on JA's question. Will this go into another module stream though?\nmheon11:30 AM\n@Reinhard - RHEL7 is now frozen on 1.6.4\nRHEL8 has two streams, one rolling steadily to the latest release, one with long-term-support releases\nBalamurugan11:30 AM\nwhat is the latest podman stable release for rhel 8.2\nDouglas11:30 AM\nHey Tom, what's the current status of running kind on top of podman?\nmheon11:31 AM\nTragically, the 2.0 module does not have Podman 2.0\nWe may have made a naming error, there...\nChristian Felder11:32 AM\nalright, to get the latest stuf just stay on rhel8 stream though\nmheon11:33 AM\n@Douglas - RHEL 8.2 has 1.6.4 in both streams. 8.2.1 has the fast-moving stream upgraded from 1.6.4 to 1.9.3\n@Christian - yes, RHEL8 stream is rolling to the latest\nChristian Felder11:33 AM\nthanks\nReinhard Tartler11:34 AM\nI'd love to see the Debian images added to the \"well-known\" list :-)\nDouglas11:34 AM\nnot sure if I follow mheon :(\nmy question is regarding kind - kubernetes\nmheon11:35 AM\nOh, sorry, replied to the wrong person\nThat was re: Balamurugan\nDouglas11:35 AM\nno worries\nAlex Litvak11:35 AM\nReinhard, is there a chance of podman backported to 20.04 LTS on ubuntu ?\nBalamurugan11:35 AM\nthanks @mheon\nAlex Litvak11:36 AM\nspeaking of a package of course\nDouglas11:39 AM\nthanks. Going to retest in a fresh git clone.\nmanish11:40 AM\ngvisor with podman.? is possible near future?\nBrent Baude11:41 AM\n@Tom, can I ask questions?\nmheon11:41 AM\n@manish - Should work fine as root. Rootless would require support from the gvisor folks\nJust need to add it as a runtime to containers.conf\nAlex Litvak11:42 AM\nany comments on the future logging support similar to docker?\nmanish11:43 AM\nthanks mheon.\nJA11:43 AM\nDoes the podman team work with the Quay team about registry interactions - access control features? ability to move older images to a different registry with different permissions? maybe these are quay questions...\nDrew Bailey11:43 AM\npodman go api -- any updates around https://github.com/containers/podman/issues/6866\nBrent Baude11:44 AM\nDrew, let's sdiscuss now!\nJoe Doss (jdoss)11:48 AM\nDo you folks plan on publishing a pubic road map that shows community and Red Hat needs/wants for features/bug?\nMe11:48 AM\nTopics for next time? Please add to: https://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nDrew Bailey11:52 AM\n\ud83d\udc4d awesome thanks, will help us get off varlink :D\nJoe Doss (jdoss)11:57 AM\nI think it would be nice for the community to have insights into what is important for the RH Podman Team and maybe the community can help. Also design direction within the roadmap would help inform community help.\nhelp guide community help**\nJoe Doss (jdoss)11:59 AM\nWe can help if we know what direction you folks want to go.\nSally O'Malley11:59 AM\nthank you everyone! i have to drop - see you all next month\nBrent Baude11:59 AM\njoe you are exactly correct.\nmanish12:00 PM\nthanks :)\nJoe Doss (jdoss)12:00 PM\nGreat call and turnout!\nValentin Rothberg12:00 PM\nThanks for joining, all!\n")))}fe.isMDXComponent=!0;const be={},ve="Podman Community Meeting",Me=[{value:"April 6, 2021 08:00 p.m. Eastern (UTC-4)",id:"april-6-2021-0800-pm-eastern-utc-4",level:2},{value:"Attendees (18 total)",id:"attendees-18-total",level:3},{value:"Meeting Start: 8:00 p.m.",id:"meeting-start-800-pm",level:2},{value:"BlueJeans Recording",id:"bluejeans-recording",level:3},{value:"Podman Commit Topic Standards",id:"podman-commit-topic-standards",level:2},{value:"Matt Heon",id:"matt-heon",level:3},{value:"(2:17 in the video)",id:"217-in-the-video",level:4},{value:"Podman v3.1 Preview",id:"podman-v31-preview",level:2},{value:"Matt Heon",id:"matt-heon-1",level:3},{value:"(3:00 in the video)",id:"300-in-the-video",level:4},{value:"U volume flag to chown source volumes",id:"u-volume-flag-to-chown-source-volumes",level:2},{value:"Eduardo Vega",id:"eduardo-vega",level:3},{value:"(6:58 in the video)",id:"658-in-the-video",level:4},{value:"Demo (8:30 in the video)",id:"demo-830-in-the-video",level:5},{value:"Podman on Mac Preview",id:"podman-on-mac-preview",level:2},{value:"Brent Baude/Ashley Cui",id:"brent-baudeashley-cui",level:3},{value:"(15:20 in the video)",id:"1520-in-the-video",level:4},{value:"Demo (19:22 in the video)",id:"demo-1922-in-the-video",level:5},{value:"Questions?",id:"questions",level:2},{value:"(35:00) in the video)",id:"3500-in-the-video",level:4},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday May 4, 2021, 11:00 a.m. Eastern (UTC-4)",id:"next-meeting-tuesday-may-4-2021-1100-am-eastern-utc-4",level:2},{value:"Meeting End: 8:43 p.m. Eastern (UTC-4)",id:"meeting-end-843-pm-eastern-utc-4",level:3},{value:"BlueJeans Chat copy/paste:",id:"bluejeans-chat-copypaste",level:2}],Ie={toc:Me},Ae="wrapper";function Te(e){let{components:t,...n}=e;return(0,ce.kt)(Ae,(0,Q.Z)({},Ie,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting"},"Podman Community Meeting"),(0,ce.kt)("h2",{id:"april-6-2021-0800-pm-eastern-utc-4"},"April 6, 2021 08:00 p.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"attendees-18-total"},"Attendees (18 total)"),(0,ce.kt)("p",null,"Tom Sweeney, Brent Baude, Jhon Honce, Dan Walsh, Chris Evich, Lokesh Mandvekar, Urvashi Mohnani, Nalin Dahyabhai, Eduardo Santiago, Matt Heon, Ashley Cui, Sumantro Mukherjee, Scott McCarty, Shion Tanaka, Juanje Ojeda, Edward Shen, Reinhard Tartler"),(0,ce.kt)("h2",{id:"meeting-start-800-pm"},"Meeting Start: 8:00 p.m."),(0,ce.kt)("h3",{id:"bluejeans-recording"},"BlueJeans ",(0,ce.kt)("a",{parentName:"h3",href:"https://bluejeans.com/s/@f3vA2PsK7a"},"Recording")),(0,ce.kt)("h2",{id:"podman-commit-topic-standards"},"Podman Commit Topic Standards"),(0,ce.kt)("h3",{id:"matt-heon"},"Matt Heon"),(0,ce.kt)("h4",{id:"217-in-the-video"},"(2:17 in the video)"),(0,ce.kt)("p",null,"If you're fixing a bug or an issue, please include a link to the commit message or at least in a comment."),(0,ce.kt)("h2",{id:"podman-v31-preview"},"Podman v3.1 Preview"),(0,ce.kt)("h3",{id:"matt-heon-1"},"Matt Heon"),(0,ce.kt)("h4",{id:"300-in-the-video"},"(3:00 in the video)"),(0,ce.kt)("p",null,"Matt pulled up the release notes (",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/RELEASE_NOTES.md"},"https://github.com/containers/podman/blob/main/RELEASE_NOTES.md"),"). Matt likes to get rleases out every 6 to 8 weeks"),(0,ce.kt)("p",null,"Added secrets, although not with crypto, manifest commands and prune have been added. The Podman copy command has been reworked heavily by Valentin Rothberg. Now you can copy to directories too now. You should now be able to copy anywhere in a container."),(0,ce.kt)("p",null,"Also added U option for mounting volumes."),(0,ce.kt)("p",null,"Matt then went over a number of bugs/issues about 50, with many fixes from the community and a small CVE."),(0,ce.kt)("p",null,"More significant work in the next release coming up in"),(0,ce.kt)("h2",{id:"u-volume-flag-to-chown-source-volumes"},"U volume flag to chown source volumes"),(0,ce.kt)("h3",{id:"eduardo-vega"},"Eduardo Vega"),(0,ce.kt)("h4",{id:"658-in-the-video"},"(6:58 in the video)"),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman.io/blob/main/community/meeting/notes/2021-04-06/Podman-U-Volume-Opt-06_04_2021.pptx"},"slides")),(0,ce.kt)("p",null,"New Volume option."),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Podman create and Podman run with --volume."),(0,ce.kt)("li",{parentName:"ul"},'"U" uppercase letter is the new option'),(0,ce.kt)("li",{parentName:"ul"},"Changes ownership of source volumes on the host.",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"Based on the container owners uid and gid and maps those to th host."),(0,ce.kt)("li",{parentName:"ul"},"The container and the volume will have the same owners")))),(0,ce.kt)("h5",{id:"demo-830-in-the-video"},"Demo (8:30 in the video)"),(0,ce.kt)("p",null,"podman run -it -v /tmp/data01:/data:Z --user 998:998 fedora sh"),(0,ce.kt)("p",null,"This showed that the wrong user (root) owned directories in the container."),(0,ce.kt)("p",null,"Now with 'U' added to the volume specification."),(0,ce.kt)("p",null,"podman run -it -v /tmp/data01:/data:Z,U --user 998:998 fedora sh"),(0,ce.kt)("p",null,"The directory and files are now owned by 998."),(0,ce.kt)("p",null,"This can also be run with tmpfs volumes"),(0,ce.kt)("p",null,"podman run -it --rm --tmpfs /data:Z,U --user 998:998 fedora ls -la data"),(0,ce.kt)("p",null,"This also shows the directory has the right permissions. Ditto overlayfs."),(0,ce.kt)("p",null,"Dan talked about some other use cases."),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Usefull when running mariadb in a container, you could volume mount /var/lib/mariadb for it with the correct permissions."),(0,ce.kt)("li",{parentName:"ul"},"It's super useful for a rootless user in the usernamespace."),(0,ce.kt)("li",{parentName:"ul"},"It's a really great and powerful feature that people haven't disovered yet.")),(0,ce.kt)("h2",{id:"podman-on-mac-preview"},"Podman on Mac Preview"),(0,ce.kt)("h3",{id:"brent-baudeashley-cui"},"Brent Baude/Ashley Cui"),(0,ce.kt)("h4",{id:"1520-in-the-video"},"(15:20 in the video)"),(0,ce.kt)("p",null,'Brent Baude led off. Creating a Podman on Mac using a subcommand in pocman called "machine" building upon other efforts. The code is very modular. The initial implementation is Fedora CoreOS in the vm which is configurable.'),(0,ce.kt)("p",null,"Testing on X86 linux on Mac OS X8664 and aarch64."),(0,ce.kt)("p",null,"Current implementation relies on qemu which currently has some platform dependencies."),(0,ce.kt)("p",null,"Hurdle to resolve the networking on the VM and exposing services running in the container on the host."),(0,ce.kt)("p",null,"Podman machine is upstream now and works, but no ability to expose services at this point. But you can build images and experiment with how it works."),(0,ce.kt)("h5",{id:"demo-1922-in-the-video"},"Demo (19:22 in the video)"),(0,ce.kt)("p",null,"Ashley did a demo running on her Mac."),(0,ce.kt)("p",null,"Used the\npodman-remote machine --help command\npodman-remote machine init # pulled fedora coreos image"),(0,ce.kt)("p",null,"podman-remote machine init anothername # creates with the specified name."),(0,ce.kt)("p",null,"podman-remote machine ls # shows the machines create"),(0,ce.kt)("p",null,"When you init the vm, it creates connections automatically."),(0,ce.kt)("p",null,"podman-remote machine start # starts the VM"),(0,ce.kt)("p",null,"podman-remote machine ssh podman-machine-default # sshinto the machine"),(0,ce.kt)("p",null,"podman-remote pull alpine #failed with socket issue being chased."),(0,ce.kt)("p",null,"Ashely tried a number of pulls and it finally worked after a number of attempts and tweaking."),(0,ce.kt)("p",null,"The container runs on the VM, but you type on the Mac. It does work, but socket activation issues are being chased."),(0,ce.kt)("p",null,"This is running on the Mac M1 now, and work in progress on Mac Intel based."),(0,ce.kt)("p",null,"Questions on the systemd socket. The socket issue is likely due to Podman talking to systemd. Dan thinks it's fixed upstream in systemd."),(0,ce.kt)("p",null,'The demo showed "podman-remote", but the final release will just be "podman".'),(0,ce.kt)("p",null,'The user experience should be you would just install "podman" and everything needed will come along with that.'),(0,ce.kt)("p",null,"Dan asked about install: goal user experience is\n",(0,ce.kt)("inlineCode",{parentName:"p"},"brew install podman"),", ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman machine init"),", ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman machine start"),", and then you're running as if you're on a linux box."),(0,ce.kt)("h2",{id:"questions"},"Questions?"),(0,ce.kt)("h4",{id:"3500-in-the-video"},"(35:00) in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"What about Podman on windows? The current leaning is to use WSL2 probably Ubuntu. It's being looked at and we'd love community help."),(0,ce.kt)("li",{parentName:"ol"},"Tshirts were recently available, but are not currently due to a vendoring problem. ;^("),(0,ce.kt)("li",{parentName:"ol"},"For FCOS, does the machine pull stable every time? It pulls the next stream and you can use a URL if you'd like."),(0,ce.kt)("li",{parentName:"ol"},"Will podman machine will work on a linux box? Yes")),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("h2",{id:"next-meeting-tuesday-may-4-2021-1100-am-eastern-utc-4"},"Next Meeting: Tuesday May 4, 2021, 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"meeting-end-843-pm-eastern-utc-4"},"Meeting End: 8:43 p.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"bluejeans-chat-copypaste"},"BlueJeans Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Me:7:57 PM\nPlease sign in at: https://hackmd.io/fc1zraYdS0-klJ2KJcfC7w?both\nBrent Baude8:00 PM\nok, had one flicker of the power from the storm here .... three flickers and we're out\nReinhard 'siretart' Tartler8:08 PM\nFWIW, I've got the podman 3.1 package almost ready, will upload to debian/experimental later this week\nDaniel (rhatdan) Walsh8:08 PM\nThanks\nBrent Baude8:08 PM\noutstanding\njhonce8:08 PM\n@siretart Great!\nBrent Baude8:09 PM\n@siretart, maybe connect with us to make sure the latest libcap and crun are being used? we can explain.\nperhaps stay a few minutes after and we can elaborate ?\nReinhard 'siretart' Tartler8:09 PM\nsure thing!\nMatt Heon8:13 PM\nThis is *very* useful for rootless user/group mapping issues. I'm writing a blog on this right now and am definitely mentioning this.\nBrent Baude8:14 PM\n++ mheon\nMe:8:15 PM\nVery nice!\nShion Tanaka8:18 PM\nI'm interested in being able to run Podman on a Mac, since VS Code's Remote Containers feature is not available on Macs.\nsumantrom8:31 PM\nAwesome Presentation Asley, for FCOS, it pulls the latest stable everytime by default?\nsumantrom8:32 PM\nthanks!\nReinhard 'siretart' Tartler8:38 PM\nI'd love to see podman working out of the box on wsl2 and macs (at dayjob, that's what the company provides)\nawesome t-shirt. Where can I get one? :-)\nShion Tanaka8:38 PM\nThanks for the great demo!\nReinhard 'siretart' Tartler8:39 PM\n+1 -- awesome!\ndebian and ubuntu, for that matter :-)\nReinhard 'siretart' Tartler8:41 PM\nwill do\nthanks for organizing this meeting, amazing demos, really enjoyed them!\nEd8:42 PM\nGreat work, thanks!\nJuanje Ojeda8:44 PM\nGreat meeting and demos. Thanks!\nsumantrom8:44 PM\nThanks for organizing!\n\n")))}Te.isMDXComponent=!0;const Se={},Ce="Podman Community Cabal Meeting Notes",Ne=[{value:"August 19, 2021 11:00 a.m. Eastern",id:"august-19-2021-1100-am-eastern",level:2},{value:"August 19, 2021 Topics",id:"august-19-2021-topics",level:2},{value:"Open Discussion",id:"open-discussion",level:3},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"Podman v4.0 inclusions (1:22 in the video)",id:"podman-v40-inclusions-122-in-the-video",level:4},{value:"Podman on Windows (12:30 in the video)",id:"podman-on-windows-1230-in-the-video",level:4},{value:"Open discussion (39:45 in the video)",id:"open-discussion-3945-in-the-video",level:4},{value:"Next Cabal Meeting: Thursday September 16, 2021 10:00 a.m. EDT (UTC-4)",id:"next-cabal-meeting-thursday-september-16-2021-1000-am-edt-utc-4",level:3}],De={toc:Ne},Pe="wrapper";function xe(e){let{components:t,...n}=e;return(0,ce.kt)(Pe,(0,Q.Z)({},De,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("p",null,"Attendees (22): Tom Sweeney, Nalin Dahyabhai, Paul Holzinger, Dan WAlsh, Preethi Thomas, Valentin Rothberg, Matt Heon, Pavel Sosin, Chris Evich, Ashley Cui, Anders Bjorklund, Peter Hutn, Urvashi Mohnani, Brent Baude, Erik Bernoth, Giuseppe Scrivano, Ed Santiago, Guillaume Rose, Mehul Arora, Miloslav Trmac, Scott McCarty"),(0,ce.kt)("h2",{id:"august-19-2021-1100-am-eastern"},"August 19, 2021 11:00 a.m. Eastern"),(0,ce.kt)("h2",{id:"august-19-2021-topics"},"August 19, 2021 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Podman v4.0 inclusions"),(0,ce.kt)("li",{parentName:"ol"},"Podman on Windows"),(0,ce.kt)("li",{parentName:"ol"},"Open Discussion")),(0,ce.kt)("h3",{id:"open-discussion"},"Open Discussion"),(0,ce.kt)("p",null,"Save the last 15 minutes for an open floor discussion."),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://drive.google.com/file/d/1VOzFK0zpG4MgjQnyiGDZL3J9gMIj-msh/view"},"Recording"),"\nAttendees:"),(0,ce.kt)("p",null,"Meeting start 10:05 a.m Thursday August 19, 2021"),(0,ce.kt)("h4",{id:"podman-v40-inclusions-122-in-the-video"},"Podman v4.0 inclusions (1:22 in the video)"),(0,ce.kt)("p",null,"Podman 4.0-dev is now upstream.\nPaul Holzinger has added a large change for Networks.\nMore performance analysis and attempting to lessen memory and CPU usage. Adopting Buildkit functionality in Buildah and thus Podman build."),(0,ce.kt)("p",null,"Giuseppe is working with supporting virtual pools to retrieve just files that are not already present in local storage, to help decrease load times. It may not be Docker compatible, it may have to be OCI based only."),(0,ce.kt)("p",null,"We're looking for ideas/changes that might require breaking API changes. But are hoping not to make too many at once."),(0,ce.kt)("h4",{id:"podman-on-windows-1230-in-the-video"},"Podman on Windows (12:30 in the video)"),(0,ce.kt)("p",null,"Currently looking into WSL possible solutions."),(0,ce.kt)("p",null,"Pavel talked about his use case of using Fedora directly from the Microsoft Windows Store. Once installed, he was able to run the latest Podman on Fedora."),(0,ce.kt)("p",null,"Erik asked if systemd is working? (Not likely to at the moment.) He too uses Podman on Windows and it works fine for him now."),(0,ce.kt)("p",null,"WSL2 is installed on windows by default already in the latest, and then install Fedora from Microsoft store, and then Podman ran from there."),(0,ce.kt)("p",null,"Docker has a GUI interface that can be used from Windows, we would probably not provide a similar out of the box."),(0,ce.kt)("p",null,"If you create a container currently in Windows using the Fedora, you can't talk to the container outside of that Windows host. Something that will need looking at."),(0,ce.kt)("p",null,"Fedora costs $10 for Fedora 34 distribution from the Microsoft Store."),(0,ce.kt)("p",null,"Dan would like to default to just click a button somewhere once to install Podman. The issue with that is keeping it updated over time. The best case is to get the Fedora team to provide Fedora with Podman preinstalled in the Microsoft Store."),(0,ce.kt)("p",null,"What should the experience be for when the podman-machine needs to be updated? What is the best case scenario? TBD."),(0,ce.kt)("p",null,"Two upgrade paths in Windows per Pavel. We'd like to know how the upgrade could happen seamlessly for the end-user."),(0,ce.kt)("p",null,"Docker checks the version at starti-up and then asks the user to do update. Information is stored in a small json file. They apparently do an update in a separate VM."),(0,ce.kt)("p",null,"On Docker, can you do a volume mount on a Windows directory? Giuillaume says it does work."),(0,ce.kt)("h4",{id:"open-discussion-3945-in-the-video"},"Open discussion (39:45 in the video)"),(0,ce.kt)("p",null,"When's Podman v3.3 coming out? Hopefully Monday, Aug 23, 2021. Then we will likely be creating a Podman 3.4 for sometime later in the fall."),(0,ce.kt)("p",null,"One thing to watch is that Podman v4.0 can not break Fedora 35. Fedora 36 should be in April 2022 and would be the target if we break Fedora 35, but that hopefully won't be the case."),(0,ce.kt)("h3",{id:"next-cabal-meeting-thursday-september-16-2021-1000-am-edt-utc-4"},"Next Cabal Meeting: Thursday September 16, 2021 10:00 a.m. EDT (UTC-4)"),(0,ce.kt)("p",null,"Raw BlueJeans:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Nalin Dahyabhai10:02 AM\nAgenda: https://hackmd.io/gQCfskDuRLm7iOsWgH2yrg\nErik Bernoth10:39 AM\nI have to go. If you do a podman on Windows issue on GH, please CC me. See you next time!\nBrent Baude10:43 AM\nhttps://www.redhat.com/sysadmin/podman-windows-wsl2\n")))}xe.isMDXComponent=!0;const Be={},Ee="Podman Community Meeting",We=[{value:"November 2, 2021 11:00 a.m. Eastern (UTC-4)",id:"november-2-2021-1100-am-eastern-utc-4",level:2},{value:"Attendees (21 total)",id:"attendees-21-total",level:3},{value:"Meeting Start: 11:03 a.m.",id:"meeting-start-1103-am",level:2},{value:"BlueJeans Recording",id:"bluejeans-recording",level:3},{value:"Buildah buildkit update",id:"buildah-buildkit-update",level:2},{value:"Aditya Rajan",id:"aditya-rajan",level:3},{value:"(2:10 in the video)",id:"210-in-the-video",level:4},{value:"Podman on Mac Status",id:"podman-on-mac-status",level:2},{value:"Ashley Cui/Brent Baude",id:"ashley-cuibrent-baude",level:3},{value:"(13:45 in the video)",id:"1345-in-the-video",level:4},{value:"netavark update",id:"netavark-update",level:2},{value:"Matt Heon/Brent Baude",id:"matt-heonbrent-baude",level:3},{value:"(15:44 in the video) 23",id:"1544-in-the-video-23",level:4},{value:"Open Forum/Questions?",id:"open-forumquestions",level:2},{value:"(18:15) in the video)",id:"1815-in-the-video",level:4},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday December 7, 2021, 11:00 a.m. Eastern (UTC-5)",id:"next-meeting-tuesday-december-7-2021-1100-am-eastern-utc-5",level:2},{value:"Next Cabal Meeting: Thursday November 18, 2021, 10:00 a.m. Eastern (UTC-5)",id:"next-cabal-meeting-thursday-november-18-2021-1000-am-eastern-utc-5",level:2},{value:"Meeting End: 11: a.m. Eastern (UTC-4)",id:"meeting-end-11-am-eastern-utc-4",level:3},{value:"BlueJeans Chat copy/paste:",id:"bluejeans-chat-copypaste",level:2}],je={toc:We},Le="wrapper";function He(e){let{components:t,...n}=e;return(0,ce.kt)(Le,(0,Q.Z)({},je,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting"},"Podman Community Meeting"),(0,ce.kt)("h2",{id:"november-2-2021-1100-am-eastern-utc-4"},"November 2, 2021 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"attendees-21-total"},"Attendees (21 total)"),(0,ce.kt)("p",null,"Tom Sweeney, Jhon Honce, Chris Evich, Urvashi Mohnani, Matt Heon, Erik Bernoth, Chris Evich, Scott McCarty, Anders Bj\xf6rklund, Lokesh Mandvekar, Ashley Cui, Brent Baude, Aditya Rajan, Giuseppe Scrivan, Miloslav Trma\u010d, Rudolf Vesely, Shion Tanaka, Christian Felder"),(0,ce.kt)("h2",{id:"meeting-start-1103-am"},"Meeting Start: 11:03 a.m."),(0,ce.kt)("h3",{id:"bluejeans-recording"},"BlueJeans ",(0,ce.kt)("a",{parentName:"h3",href:"https://bluejeans.com/s/bhRBWYOh02V"},"Recording")),(0,ce.kt)("h2",{id:"buildah-buildkit-update"},"Buildah buildkit update"),(0,ce.kt)("h3",{id:"aditya-rajan"},"Aditya Rajan"),(0,ce.kt)("h4",{id:"210-in-the-video"},"(2:10 in the video)"),(0,ce.kt)("p",null,"There are features in buildkit that are not in Buildah. New features added include --mount=type-bind, which allows performing a bind mount and scoped to current RUN statements.\nYou can also mount by stages if you would like. This is in upstream now and will be in Podman in the near future."),(0,ce.kt)("p",null,"The other feature added is --mount=type=cache. This adds support for persistent caching across builds. So it could be used by other images other than the one being built."),(0,ce.kt)("p",null,"Another is --mount=type=tmpfs which allows a user to mount a chunk of volatile memory instead of a persistent storage device. It looks like an actual disk for the build, but it's only temporary and doesn't persist after the build completes."),(0,ce.kt)("p",null,"This is upstream in Buildah now, will likely be in Buildah v1.24.","*"," and higher and Podman v4.0. Both will be out by early next year."),(0,ce.kt)("p",null,"Demo (7:11 in the video)"),(0,ce.kt)("p",null,"A feature to skip stages is underway but not complete."),(0,ce.kt)("p",null,"Is it possible by using --mount-type=cache to prevent a rogue/misguided Containerfile from using a cache that it should not use? We have the option to segregate cache but no way to avoid other builds from using it. Something Aditya will look into it."),(0,ce.kt)("h2",{id:"podman-on-mac-status"},"Podman on Mac Status"),(0,ce.kt)("h3",{id:"ashley-cuibrent-baude"},"Ashley Cui/Brent Baude"),(0,ce.kt)("h4",{id:"1345-in-the-video"},"(13:45 in the video)"),(0,ce.kt)("p",null,"DEMO (14:00 in the video)"),(0,ce.kt)("p",null,"Ashley showed several mockups for the new Mac interface. They show the machines available and then the ability to start/stop them. She's been looking into doing this with Swift."),(0,ce.kt)("p",null,"Brent noted that we're working on volumes, the Docker socket, and other sockets. In addition, rootful and rootless. The big issue with the volume mount is if you use a bind mount, it's mounted in the VM rather than the host machine itself."),(0,ce.kt)("p",null,"Would it make sense to implement the GUI with Qt? Isn\u2019t Swift just available for the Mac? Yes, for now, looking at POC, then thinking about figuring out what to do with Windows. Things work well on WSL there now, and it runs in Linux there."),(0,ce.kt)("h2",{id:"netavark-update"},"netavark update"),(0,ce.kt)("h3",{id:"matt-heonbrent-baude"},"Matt Heon/Brent Baude"),(0,ce.kt)("h4",{id:"1544-in-the-video-23"},"(15:44 in the video) 23"),(0,ce.kt)("p",null,"The ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/netavark"},"netavark")," project is a new project and replaces CNI plugins. Podman would call this with JSON input, and it would handle network setup, firewalls, etc. Being written in RUST and have a basic piece of code running today for a typical setup except the JSON response and firewall rules."),(0,ce.kt)("p",null,"We're doing this mainly to get the ipv6 support and DNS in play. The DNS piece will not be in place for the initial Podman v4.0 release but a later release. The team feels this will be a more supportable layer for the network."),(0,ce.kt)("p",null,"The team is happy to have RUST experts come in and contribute."),(0,ce.kt)("p",null,"How to understand netavark? Take a look at what CNI is doing under the covers, and that's being emulated/replaced? Also, a decent understanding of network concepts."),(0,ce.kt)("p",null,"We will be supporting firewalld as a backend to support firewall tables."),(0,ce.kt)("h2",{id:"open-forumquestions"},"Open Forum/Questions?"),(0,ce.kt)("h4",{id:"1815-in-the-video"},"(18:15) in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Podman on Windows priority? Lower on the priority list as the WSL solution is pretty solid now. But something we're looking into.")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"IRC slack connections: ",(0,ce.kt)("a",{parentName:"p",href:"https://podman.io/community/#slack-irc-matrix-and-discord"},"https://podman.io/community/#slack-irc-matrix-and-discord"))),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"We should use an interface approach for the volume drivers work per Anders. The issue now is the machine configuration is in containers/common, and that can be a bit of a dance. Brent and Anders have been looking into a few options, including ssh. There are other things they're looking at that have better speed but not as much functionality. For the ssh solution, playing with the crypto levels might help with speed."))),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("h2",{id:"next-meeting-tuesday-december-7-2021-1100-am-eastern-utc-5"},"Next Meeting: Tuesday December 7, 2021, 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h2",{id:"next-cabal-meeting-thursday-november-18-2021-1000-am-eastern-utc-5"},"Next Cabal Meeting: Thursday November 18, 2021, 10:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"meeting-end-11-am-eastern-utc-4"},"Meeting End: 11: a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"bluejeans-chat-copypaste"},"BlueJeans Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Me11:01 AM\nhttps://hackmd.io/fc1zraYdS0-klJ2KJcfC7w?both\nMiloslav Trmac11:13 AM\nIs there some scoping mechanism to the --mount-type=cache, so that a rogue/misguided Containerfile can't use a cache it shouldn't be using?\nMatt Heon11:19 AM\nMounting the Docker socket?\nChristian Felder11:21 AM\nWouldn't it make sense to implement the GUI with e.g. Qt? Isn't Swift just available for Mac?\nAnders Bj\xf6rklund11:21 AM\nI halted the Qt GUI fo rnow\nhttps://github.com/afbjorklund/podman-systray\nChristian Felder11:22 AM\nOk, I just thought about having the same GUI for Windows... So you wouldn't need to reimplement it\nAnders Bj\xf6rklund11:23 AM\nPodman doesn't really work on Windows, only on WSL (Linux)\nChristian Felder11:23 AM\nOk, thanks\nAnders Bj\xf6rklund11:23 AM\nbut I suppose you could run `wsl podman` or something\nbaude11:23 AM\nhttps://github.com/containers/netavark\nShion Tanaka11:27 AM\nIs there any other knowledge I should know to understand netavark?\nShion Tanaka11:29 AM\nOK,thanks!\nbaude11:30 AM\ncatching us on irc or the matrix bridge is probably the best approach for that\nLokesh Mandvekar11:31 AM\nhttps://podman.io/community/#slack-irc-matrix-and-discord\n\n")))}He.isMDXComponent=!0;const Re={},Oe="Podman Community Meeting",Je=[{value:"February 1, 2021 11:00 a.m. Eastern (UTC-5)",id:"february-1-2021-1100-am-eastern-utc-5",level:2},{value:"Attendees (26 total)",id:"attendees-26-total",level:3},{value:"Meeting Start: 11:02 a.m. EST",id:"meeting-start-1102-am-est",level:2},{value:"BlueJeans Recording",id:"bluejeans-recording",level:3},{value:"Container Plumbing Days",id:"container-plumbing-days",level:2},{value:"Tom Sweeney",id:"tom-sweeney",level:3},{value:"(1:23 in the video)",id:"123-in-the-video",level:4},{value:"Podman on Windows Demo",id:"podman-on-windows-demo",level:2},{value:"Jason Greene",id:"jason-greene",level:3},{value:"(2:14 in the video)",id:"214-in-the-video",level:4},{value:"Podman Network",id:"podman-network",level:2},{value:"Matt Heon",id:"matt-heon",level:3},{value:"(19:15 in the video)",id:"1915-in-the-video",level:4},{value:"Open Forum/Questions?",id:"open-forumquestions",level:2},{value:"(26:53) in the video)",id:"2653-in-the-video",level:4},{value:"Podman Desktop Companion Demo",id:"podman-desktop-companion-demo",level:2},{value:"Ionut Stoicia",id:"ionut-stoicia",level:3},{value:"(34:27 in the video)",id:"3427-in-the-video",level:4},{value:"Easter Egg",id:"easter-egg",level:2},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday April 5, 2021, 11:00 a.m. Eastern (UTC-4)",id:"next-meeting-tuesday-april-5-2021-1100-am-eastern-utc-4",level:2},{value:"Next Cabal Meeting: Thursday February 17, 2021, 11:00 a.m. Eastern (UTC-5)",id:"next-cabal-meeting-thursday-february-17-2021-1100-am-eastern-utc-5",level:2},{value:"Meeting End: 11:51 a.m. Eastern (UTC-5)",id:"meeting-end-1151-am-eastern-utc-5",level:3},{value:"BlueJeans Chat copy/paste:",id:"bluejeans-chat-copypaste",level:2}],Fe={toc:Je},Ge="wrapper";function Ye(e){let{components:t,...n}=e;return(0,ce.kt)(Ge,(0,Q.Z)({},Fe,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting"},"Podman Community Meeting"),(0,ce.kt)("h2",{id:"february-1-2021-1100-am-eastern-utc-5"},"February 1, 2021 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"attendees-26-total"},"Attendees (26 total)"),(0,ce.kt)("p",null,"Tom Sweeney, Jhon Honce, Chris Evich, Urvashi Mohnani, Matt Heon, Chris Evich, Anders Bj\xf6rklund, Ashley Cui, Aditya Rajan, Eduardo Santiago, Valentin Rothberg, Paul Holzinger, Nalin Dahyabhai, Ionut Stoica, Jason Greene, Giuseppe Scrivano, Chris Evich, Lokesh Mandvekar, Niall Crowe"),(0,ce.kt)("h2",{id:"meeting-start-1102-am-est"},"Meeting Start: 11:02 a.m. EST"),(0,ce.kt)("h3",{id:"bluejeans-recording"},"BlueJeans ",(0,ce.kt)("a",{parentName:"h3",href:"https://youtu.be/-dVK9CfqeNM"},"Recording")),(0,ce.kt)("h2",{id:"container-plumbing-days"},"Container Plumbing Days"),(0,ce.kt)("h3",{id:"tom-sweeney"},"Tom Sweeney"),(0,ce.kt)("h4",{id:"123-in-the-video"},"(1:23 in the video)"),(0,ce.kt)("p",null,"We are looking for speakers for the ",(0,ce.kt)("a",{parentName:"p",href:"https://containerplumbing.org/speakers"},"Container Plumbing days"),". It is occurring on March 22 and 23, 2022, in the morning through early afternoon Eastern time. They are looking for all kinds of container-related topics. Check the website for more details."),(0,ce.kt)("h2",{id:"podman-on-windows-demo"},"Podman on Windows Demo"),(0,ce.kt)("h3",{id:"jason-greene"},"Jason Greene"),(0,ce.kt)("h4",{id:"214-in-the-video"},"(2:14 in the video)"),(0,ce.kt)("p",null,"API event forwarding is working and demonstrated that."),(0,ce.kt)("p",null,"Jason started a machine on Windows under WSL. If you're using typical Docker, it expects a pipe to be opened, and Podman can now talk to that same pipe."),(0,ce.kt)("p",null,"He did a number of Docker commands that ran under Podman."),(0,ce.kt)("p",null,"The ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman machine start other")," will allow for multiple instances of podman to run on the Windows machine. If you do ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman ps"),', it will show only the "other machine" instances, but you can hop back to the original and see the ones running under that machine.'),(0,ce.kt)("p",null,"Podman machine is starting a separate API forwarding service, and it's hooked into the windows event logging system. It's not running using .NET, but some of the .NET tools."),(0,ce.kt)("p",null,"The proxy is called win-sshproxy by default."),(0,ce.kt)("p",null,"He's exporting the root socket to pull this off to allow the Docker APIs to work with this. WSL is running under the user's identity, so not a security vulnerability."),(0,ce.kt)("p",null,"This is all running in WSL running in the shared WSL VM. Similar to a privilged container image. It is just mapping Docker to the Podman socket."),(0,ce.kt)("p",null,"Do volume mounts outside of /mnt work? i.e. /home/user/projects. That should work withing the WSL Linux environment."),(0,ce.kt)("p",null,"Extend podman-py to integration with WSL podman machine windows socket."),(0,ce.kt)("h2",{id:"podman-network"},"Podman Network"),(0,ce.kt)("h3",{id:"matt-heon"},"Matt Heon"),(0,ce.kt)("h4",{id:"1915-in-the-video"},"(19:15 in the video)"),(0,ce.kt)("p",null,"A new update to the network stack. The new stack is created by ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/netavark"},"netavark")," and ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/aardvark-dns"},"aardvark-dns"),". The aardvark-dns project handles DNS, netavark takes care of the rest of the stack. It is undergoing extensive testing as of now."),(0,ce.kt)("p",null,"Blog post soon on how to use the new stack."),(0,ce.kt)("p",null,"If you upgrade from Podman v3 to Podman v4, you will continue to use CNI so you won't break. But you can configure up to the new stack as you wish."),(0,ce.kt)("p",null,"Multiple IPs per container and IPv6 support will be provided."),(0,ce.kt)("p",null,"Netavark is based on similar kernel facilities as CNI. It is going to be eventually be working in the firewald framework soon."),(0,ce.kt)("h2",{id:"open-forumquestions"},"Open Forum/Questions?"),(0,ce.kt)("h4",{id:"2653-in-the-video"},"(26:53) in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"For people using Fedora, Podman v4 will be on Fedora 36, but not Fedora 35 as it's a breaking change there. If you want Podman v4.0 on Fedora 35, you will need to install it. We're leaning towards not doing a parallel stream due to the connection issues with the Podman socket in that scenario.")),(0,ce.kt)("h2",{id:"podman-desktop-companion-demo"},"Podman Desktop Companion Demo"),(0,ce.kt)("h3",{id:"ionut-stoicia"},"Ionut Stoicia"),(0,ce.kt)("h4",{id:"3427-in-the-video"},"(34:27 in the video)"),(0,ce.kt)("p",null,"Slides - ",(0,ce.kt)("a",{parentName:"p",href:"https://podman.io/community/meeting/notes/2022-02-01/Podman_Desktop_Companion.pdf"},"here")),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("p",{parentName:"li"},"Target - People wanting to learn about containers (Podman) and full-stack developers.")),(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("p",{parentName:"li"},"Goals - Look and feel the same on all operating systems with a familiar UI."),(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"This project supports Windows and macOS."))),(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("p",{parentName:"li"},"Trials - Native trial using Lazarus, GTK4, and QT."),(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"All looked good, but each had its hurdles.")))),(0,ce.kt)("p",null,"At the end, Ionut went with the Electron Web APP and is still exploring. It's easy to develop/share ownership using it. Electron also handles many major OSs for an end product."),(0,ce.kt)("p",null,"Immediate Goals: Windows and Mac binaries ASAP, then on to GitHub issues. Then need to advertise. Wants to take the 10 most useful scenarios in Podman and convert them to desktop demos."),(0,ce.kt)("p",null,"Demo (41:50 in the video)"),(0,ce.kt)("p",null,"Showed inspecting a container, secrets management space, and volumes. All were GUI driven."),(0,ce.kt)("p",null,"Question: Are you looking to add build/pull images? Eventually, build functionality is not yet available though."),(0,ce.kt)("p",null,"He's using the Podman API after talking with Anders. After seeing Jason's demo, Ionut thinks he can make progress there. It is handing only rootless there now. Anders had an update for Lima that will help."),(0,ce.kt)("p",null,"Ionut aims for the main Podman functions to start, and he wants the project to handle as many functions as possible. Ionut intends to create a GUI that's very useful to the CI."),(0,ce.kt)("p",null,"Ionut would like to include this project under ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers"},"containers"),". He will work with Brent and Dan to make that happen in the near future."),(0,ce.kt)("h2",{id:"easter-egg"},"Easter Egg"),(0,ce.kt)("p",null,(0,ce.kt)("inlineCode",{parentName:"p"},"podman run quay.io/podman/hello")),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Sparsefile handling with Podman - Giuseppe Scrivano")),(0,ce.kt)("h2",{id:"next-meeting-tuesday-april-5-2021-1100-am-eastern-utc-4"},"Next Meeting: Tuesday April 5, 2021, 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"next-cabal-meeting-thursday-february-17-2021-1100-am-eastern-utc-5"},"Next Cabal Meeting: Thursday February 17, 2021, 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"meeting-end-1151-am-eastern-utc-5"},"Meeting End: 11:51 a.m. Eastern (UTC-5)"),(0,ce.kt)("h2",{id:"bluejeans-chat-copypaste"},"BlueJeans Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Me11:02 AM\nhttps://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nScott McCarty11:07 AM\nI always love Jason's videos. I'm so jealous LOL\njhonce11:14 AM\nw00t!\nIonut Stoica11:18 AM\nI have one, do volume mounts that are not from /mnt work ? Let's say /home/user/Projects\nJason Greene11:21 AM\nthanks guys!\nIonut Stoica11:21 AM\nCan you guys hear me ?\nMatthew Heon11:26 AM\nWe can't, sorry\nJason Greene11:26 AM\nis netavark based on similar kernel facilities as cni?\nPaul Holzinger11:26 AM\nyes\nIonut Stoica11:26 AM\nswitching browsers\nPaul Holzinger11:27 AM\nhopefully better firewalld support soon\nJason Greene11:27 AM\nawesome thats great\nionut stoica11:28 AM\nI can see myself / test works, but you guys cannot\nI am in firefox\nAdi11:29 AM\ntry to open in a private tab of firefox\nEduardo Santiago11:29 AM\nI thought the reason for BJ was ease of publishing recordings?\nionut stoica11:30 AM\nI've created a google meeting, there it works https://meet.google.com/uvv-dzzg-cxa but wont be recorded\nbaude11:31 AM\n@Anders, can you stick behind after the meeting?\nMe11:32 AM\nIonut, let me try to stream that\nJason Greene11:37 AM\nwoohoo\njhonce11:47 AM\n:+1:\n\ud83d\udc4d\nJason Greene11:48 AM\nvery cool\nAdi11:49 AM\n\ud83d\udc4d\nJason Greene11:50 AM\nare you aiming for parity with the command line or just main tasks?\nMe11:51 AM\ndwalsh@redhat.com\nbaude11:52 AM\nplease include\nbbaude@redhat.com\nbc Dan is just going to fw it to me :)\nAnders11:53 AM\nWill stay\n")))}Ye.isMDXComponent=!0;const Ue={},qe="Podman Community Cabal Meeting Notes",ze=[{value:"May 19, 2022 11:00 a.m. Eastern",id:"may-19-2022-1100-am-eastern",level:2},{value:"May 19, 2022 Topics",id:"may-19-2022-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"Container Lock Contention - (1:10 in video) - Matt Heon",id:"container-lock-contention---110-in-video---matt-heon",level:3},{value:"Vendoring and release hygiene - (12:53 in video) - Reinhard Tartler",id:"vendoring-and-release-hygiene---1253-in-video---reinhard-tartler",level:3},{value:"Podman API specgen/create options - (24:47 in video) - Charlie Doern",id:"podman-api-specgencreate-options---2447-in-video---charlie-doern",level:3},{value:"Open discussion (: in video) - 45",id:"open-discussion--in-video---45",level:4},{value:"Next Meeting: Thursday June 16, 2022 11:00 a.m. EDT (UTC-5)",id:"next-meeting-thursday-june-16-2022-1100-am-edt-utc-5",level:3},{value:"June 16, 2022 Topics",id:"june-16-2022-topics",level:2},{value:"Next Community Meeting: Tuesday June 7, 2022 11:00 a.m. EDT (UTC-5)",id:"next-community-meeting-tuesday-june-7-2022-1100-am-edt-utc-5",level:3},{value:"Possible Topics:",id:"possible-topics",level:3}],Ve={toc:ze},Ke="wrapper";function Qe(e){let{components:t,...n}=e;return(0,ce.kt)(Ke,(0,Q.Z)({},Ve,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("p",null,"Attendees: Tom Sweeney, Matt Heon, Brent Baude, Nalin Dahyabhai, Paul Holzinger, Karthik Elango, Charlie Doern, Lokesh Mandvekar, Urvashi Mohnani, Niall Crowe, Lance Lovette, Zachariah Cavazos, Reinhard Tartler, Leon N, Dan Walsh, Valentin Rothberg, Miloslav Trmac, Mohan Bodu"),(0,ce.kt)("h2",{id:"may-19-2022-1100-am-eastern"},"May 19, 2022 11:00 a.m. Eastern"),(0,ce.kt)("h2",{id:"may-19-2022-topics"},"May 19, 2022 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Container Lock Contention - Matt Heon"),(0,ce.kt)("li",{parentName:"ol"},"Vendoring and release hygiene - Reinhard Tartler"),(0,ce.kt)("li",{parentName:"ol"},"Podman API specgen/create options - Charlie Doern")),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://youtu.be/G4pad4k2Az4"},"Recording")),(0,ce.kt)("p",null,"Meeting start 11:02 a.m. Thursday May 19, 2022"),(0,ce.kt)("h3",{id:"container-lock-contention---110-in-video---matt-heon"},"Container Lock Contention - (1:10 in video) - Matt Heon"),(0,ce.kt)("p",null,"Issues that spun up the discussion ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/issues/11940"},"here:")),(0,ce.kt)("p",null,"Restarting 100 containers at once does not take a trivial amount of time, and then ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman ps")," hangs. Most other commands hang at too. Matt is looking for suggestions. Looking for a fairness doctrine so other things can go on while restart is cranking."),(0,ce.kt)("p",null,"Brent suggested looking into readlocks, but we're using glib locks, and they don't have one currently available. Having a daemon would help with lock contention, but something to avoid given our design model."),(0,ce.kt)("p",null,"Podman restart goes to do 100 containers, and it does them in a particular order. At the same time, spin-off ps, it takes less time to run than restart, so it eventually hangs when it tries to ps a container that's locked due to the restart."),(0,ce.kt)("p",null,"As ps refreshes the status of the container, it requires the lock to be held. If a container exited, ps writes to the database with that new info, so it can not use a read lock."),(0,ce.kt)("p",null,"Potentially the code could be changed to use a read lock. Then if an update is needed, spin-off a thread to wait for the write lock."),(0,ce.kt)("p",null,"Action item to look further."),(0,ce.kt)("h3",{id:"vendoring-and-release-hygiene---1253-in-video---reinhard-tartler"},"Vendoring and release hygiene - (12:53 in video) - Reinhard Tartler"),(0,ce.kt)("p",null,"Packaging dependencies up to Podman v4.1. Most of his time is spent on figuring out dependencies that need to be updated. The dependencies have caused problems for gzip in the past. Problems also occur when runtime-tools include features that are not available."),(0,ce.kt)("p",null,"He's needed to update with a snapshot which hasn't made him very comfortable."),(0,ce.kt)("p",null,"New versions haven't been released for image-spec. Dan will ping the folks in Red Hat who have the ability to merge things that Reinhard is required. ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/opencontainers/runtime-tools/issues/702"},"https://github.com/opencontainers/runtime-tools/issues/702")),(0,ce.kt)("p",null,"A similar issue applies to image-spec: ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/opencontainers/image-spec/issues/918"},"https://github.com/opencontainers/image-spec/issues/918")),(0,ce.kt)("p",null,"Podman 4.1 isn't stable yet as he needs to figure out what the dependencies are. It has, however, been uploaded to Debian/experimental today and is being built on the official Debian builders. Also, he needs to write upgrade notes for Podman v3.","*"," to v4.1. For instance, netavark is not currently available in Debian."),(0,ce.kt)("p",null,"Brent says not having Netavark would be problematic. Not much bug fixing going on with CNI. Theoretically, nothing would break."),(0,ce.kt)("p",null,"Reinhard will be looking to move Netavark to Debian. He'd love to have some volunteers, cf ",(0,ce.kt)("a",{parentName:"p",href:"https://bugs.debian.org/1009713"},"https://bugs.debian.org/1009713"),". Lokesh asked about the golang packaging team requirements, and Reinhard says not much experience is not necessary. ",(0,ce.kt)("a",{parentName:"p",href:"https://go-team.pages.debian.net/"},"https://go-team.pages.debian.net/")," for getting started."),(0,ce.kt)("p",null,"Wants to avoid unreleased dependencies. Introducing libraries to Debian is not always a quick thing to do."),(0,ce.kt)("p",null,"Going forward, we'll need to get Netavark/Aardvark into Debian long term."),(0,ce.kt)("h3",{id:"podman-api-specgencreate-options---2447-in-video---charlie-doern"},"Podman API specgen/create options - (24:47 in video) - Charlie Doern"),(0,ce.kt)("p",null,'Last year, Charlie rewired the infra container for pods to a "regular" container.'),(0,ce.kt)("p",null,"The Issue"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Infra container was redesigned to automatically receive most of the pod options."),(0,ce.kt)("li",{parentName:"ul"},"This means the infra spec is filled out with ",(0,ce.kt)("inlineCode",{parentName:"li"},"cmd/podman")," before any remote calls kick in"),(0,ce.kt)("li",{parentName:"ul"},"When a remote call happens, we cannot marshal the infra spec as that would expose far too many untested options to users that pods should not have"),(0,ce.kt)("li",{parentName:"ul"},"This causes all of the work for infra to be undone only to be recreated again in infra within the remote handling code")),(0,ce.kt)("p",null,"There's a difference in syntax that he's found. For instance, a SpecGenerator is attached for all types that have a creation process."),(0,ce.kt)("p",null,"SpecGenerator was first designed for the REST API, primarily for consumption for the JSON API. It was meant to offset the parsing required in the front-end work."),(0,ce.kt)("p",null,"Having a way to allow users to access infra spec in the API or a specific remote SpecGenerator."),(0,ce.kt)("p",null,"Paul's concerned that sending the infra is duplicated attributes would be sent across the wire, slowing things down. We need a single source of truth. He suggests removing the attributes from the POD spec and adding them only to the infra container."),(0,ce.kt)("p",null,"Matt is fine with that but thinks it's a Podman v5.0 delivery."),(0,ce.kt)("p",null,"Paul suggests moving from the Pod spec and leave/move it in infra spec. That way, duplicate fields with different data won't have to be figured out. Currently, we at times ignore the infra spec."),(0,ce.kt)("p",null,"So going foward, we'll remove resource limits from the pod spec and will expose the infra spec to the REST API. The downside is people would need to add the infra spec to the API."),(0,ce.kt)("p",null,"Dan is suggesting a major release for next January, Valentin isn't sure that's a good idea. Dan asked if we could bump the version of the API. We also can't break versions of the API, especially a ",(0,ce.kt)("inlineCode",{parentName:"p"},"-1")," to a ",(0,ce.kt)("inlineCode",{parentName:"p"},"-2"),"."),(0,ce.kt)("p",null,"Doing this would potentially detach the client and remote API versions. It's not a pretty thing to do, but possible. This is a real user issue."),(0,ce.kt)("p",null,"A pod spec should be a container spec with additional fields. We'll need to change the infra spec too."),(0,ce.kt)("h4",{id:"open-discussion--in-video---45"},"Open discussion (: in video) - 45"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Looking for major features for Podman for v4.2. One on the table is better ",(0,ce.kt)("inlineCode",{parentName:"li"},"podman play kube"),", possibly sigstore, more mac/windows work, and maybe podman desktop."),(0,ce.kt)("li",{parentName:"ol"},"Looking for Podman v4.1.1. to come out in the next few weeks, sometime in early June.")),(0,ce.kt)("h3",{id:"next-meeting-thursday-june-16-2022-1100-am-edt-utc-5"},"Next Meeting: Thursday June 16, 2022 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h2",{id:"june-16-2022-topics"},"June 16, 2022 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"})),(0,ce.kt)("h3",{id:"next-community-meeting-tuesday-june-7-2022-1100-am-edt-utc-5"},"Next Community Meeting: Tuesday June 7, 2022 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h3",{id:"possible-topics"},"Possible Topics:"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"})),(0,ce.kt)("p",null,"Meeting finished 11:48 a.m."),(0,ce.kt)("p",null,"Raw Meeting Chat:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"You\n11:00 AM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nYou\n11:03 AM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nMatt Heon\n11:04 AM\nhttps://github.com/containers/podman/issues/11940\n")))}Qe.isMDXComponent=!0;const Ze={},_e="Podman Community Meeting Notes",Xe=[{value:"October 4, 2022, 11:00 a.m. Eastern (UTC-5)",id:"october-4-2022-1100-am-eastern-utc-5",level:2},{value:"Attendees (24 total)",id:"attendees-24-total",level:3},{value:"Meeting Start: 11:02 a.m. EDT",id:"meeting-start-1102-am-edt",level:2},{value:"BlueJeans Recording",id:"bluejeans-recording",level:3},{value:"Distrobox Demo",id:"distrobox-demo",level:2},{value:"Luca Di Maio",id:"luca-di-maio",level:3},{value:"(1:37 in the video)",id:"137-in-the-video",level:4},{value:"Vault Test Suite",id:"vault-test-suite",level:2},{value:"Alex Scheel",id:"alex-scheel",level:3},{value:"(23:01 in the video)",id:"2301-in-the-video",level:4},{value:"Podman on Mac Installer Update",id:"podman-on-mac-installer-update",level:2},{value:"Ashley Cui",id:"ashley-cui",level:3},{value:"(42:50 in the video)",id:"4250-in-the-video",level:4},{value:"Open Forum/Questions?",id:"open-forumquestions",level:2},{value:"(44:34 in the video)",id:"4434-in-the-video",level:4},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday December 6, 2022, 11:00 a.m. Eastern (UTC-4)",id:"next-meeting-tuesday-december-6-2022-1100-am-eastern-utc-4",level:2},{value:"Next Cabal Meeting: Thursday November 17, 2022, 11:00 a.m. Eastern (UTC-4)",id:"next-cabal-meeting-thursday-november-17-2022-1100-am-eastern-utc-4",level:2},{value:"Meeting End: 11:56 a.m. Eastern (UTC-4)",id:"meeting-end-1156-am-eastern-utc-4",level:3},{value:"BlueJeans Chat copy/paste:",id:"bluejeans-chat-copypaste",level:2}],$e={toc:Xe},et="wrapper";function tt(e){let{components:t,...n}=e;return(0,ce.kt)(et,(0,Q.Z)({},$e,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting-notes"},"Podman Community Meeting Notes"),(0,ce.kt)("h2",{id:"october-4-2022-1100-am-eastern-utc-5"},"October 4, 2022, 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"attendees-24-total"},"Attendees (24 total)"),(0,ce.kt)("p",null,"Tom Sweeney, Alex Scheel, Luca Di Maio Chris Evich, Ashley Cui, Paul Holzinger, Nalin Dahyabhai, Giuseppe Scrivano, Preethi Thomas, Lokesh Mandvekar, Charlie Doern, Matt Heon, Mark Russell, Miloslav Trmac, Urvashi Mohnani, Mohan Boddu, Mohan Bodu, Eduardo Santiago, Christian Felder, Marcin Skarbek, Lokesh Mandvekar, Marcin Skarbek, Puvi Ganeshar, Stevan Le Meur, Steve Clark, Tim deBoer,"),(0,ce.kt)("h2",{id:"meeting-start-1102-am-edt"},"Meeting Start: 11:02 a.m. EDT"),(0,ce.kt)("h3",{id:"bluejeans-recording"},"BlueJeans ",(0,ce.kt)("a",{parentName:"h3",href:"https://www.youtube.com/watch?v=JNijOHL4_Ko"},"Recording")),(0,ce.kt)("h2",{id:"distrobox-demo"},"Distrobox Demo"),(0,ce.kt)("h3",{id:"luca-di-maio"},"Luca Di Maio"),(0,ce.kt)("h4",{id:"137-in-the-video"},"(1:37 in the video)"),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://podman.io/community/meeting/notes/2022-10-04/distrobox-presentation.pdf"},"Slides"),"\nDistrobox is a simple Posix Shell that wrap around Docker and Podman. It helps to remove the complexity of container runtimes. It is your entire userspace unbound and integrated with the base operating system"),(0,ce.kt)("p",null,"Why not chroot over Podman?"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Simpler to use than pure chroot"),(0,ce.kt)("li",{parentName:"ul"},"Battle-tested container engines"),(0,ce.kt)("li",{parentName:"ul"},"Easy to use image management"),(0,ce.kt)("li",{parentName:"ul"},"Healthy ecosystem of container images ready to use")),(0,ce.kt)("p",null,"Host Integration:"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Wayland an X programs"),(0,ce.kt)("li",{parentName:"ul"},"Audio"),(0,ce.kt)("li",{parentName:"ul"},"SSH and GPG Agent"),(0,ce.kt)("li",{parentName:"ul"},"Automatically Generate Desktop Entries"),(0,ce.kt)("li",{parentName:"ul"},"Launch host's command from container and vice versa")),(0,ce.kt)("p",null,"Usage"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Intuitive management commands:",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"create, enter, list, rm and stop"))),(0,ce.kt)("li",{parentName:"ul"},"Utilities",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"Upgrade will keep all containers up to date"),(0,ce.kt)("li",{parentName:"ul"},"ephemeral create, enter, destroy a temporary container"),(0,ce.kt)("li",{parentName:"ul"},"generate-entry - create a desktop icon")))),(0,ce.kt)("p",null,'Useful for "pet" containers that you don\'t want to remove/recreate all the time.'),(0,ce.kt)("p",null,"Use Cases"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Immutable Desktop",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"Endless OS (",(0,ce.kt)("a",{parentName:"li",href:"https://endlessos.com"},"https://endlessos.com"),")"),(0,ce.kt)("li",{parentName:"ul"},"Fedora Silverblue/Kinoite (https:getfedora.org/it/silverblue/, ",(0,ce.kt)("a",{parentName:"li",href:"https://kinoite.fedoraproject.org"},"https://kinoite.fedoraproject.org"),")"),(0,ce.kt)("li",{parentName:"ul"},"OpenSuse MicroOS (",(0,ce.kt)("a",{parentName:"li",href:"https://microos.opensuse.org"},"https://microos.opensuse.org"),")"),(0,ce.kt)("li",{parentName:"ul"},"SteamOS 3 (https:github.com/ValveSoftware/SteamOS/)"))),(0,ce.kt)("li",{parentName:"ul"},"Minimize base operating system",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"Less moving parts that can break"),(0,ce.kt)("li",{parentName:"ul"},"Userland can be easily replaced"),(0,ce.kt)("li",{parentName:"ul"},"Easier to make reproducible"))),(0,ce.kt)("li",{parentName:"ul"},"Sudoless setups",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"Enterprise setups where you can't be sudo, but you need a package manager. Easy to use Podman rootless containers here."))),(0,ce.kt)("li",{parentName:"ul"},"Mix and Match Distro",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"Custom kernel for abandoned hardware stuck on ancient distribution"),(0,ce.kt)("li",{parentName:"ul"},"Access to the latest software on an LTS/Stable release distribution"),(0,ce.kt)("li",{parentName:"ul"},"Access old software on a bleeding edge distribution: Distrobox ensures compatibility almost 10 years back in time.")))),(0,ce.kt)("p",null,"Diversity"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Host compatiblity with all the major distributions"),(0,ce.kt)("li",{parentName:"ul"},"Container compatibility with over 60 combinations of distributions and major versions"),(0,ce.kt)("li",{parentName:"ul"},"Mix and match distributions and version to enhance software availability.")),(0,ce.kt)("p",null,"Demo - (8:45 in the video)"),(0,ce.kt)("p",null,"Using Distrobox, quickly setup a container and he showed what was going on within the container. Including the local system user getting to their systemctl."),(0,ce.kt)("p",null,"The distrobox daemon starts in user space and can easily be used by the user who owns it."),(0,ce.kt)("p",null,"Distrobox also supports rootful containers with the ",(0,ce.kt)("inlineCode",{parentName:"p"},"--root")," option."),(0,ce.kt)("p",null,"Flexibility comes from the Podman side and Distrobox simiplifies the Podman command line for those that don't want to fully invest, but want the container experience. It also includes a ",(0,ce.kt)("inlineCode",{parentName:"p"},"--dry-run")," option to try the commands in advance."),(0,ce.kt)("p",null,"Heavily inspired from containers tool box on SilverBlue, but he needed more than that offered and that was where Distrobox was born. Core concept is the same he thought it might be easier to do at the entrypoints and a few other options that have caused a divergence. Toolbox is Fedora oriented with a dedicated image for it to work, Distrobox works with a number of cloud images. Currently about 65 different images work with it, Debian, ClearLinux, Gentoo and more."),(0,ce.kt)("p",null,"Running ClearLinux under Distrobox turned out to be faster than the host machine due to the ClearLinux optimizations."),(0,ce.kt)("h2",{id:"vault-test-suite"},"Vault Test Suite"),(0,ce.kt)("h3",{id:"alex-scheel"},"Alex Scheel"),(0,ce.kt)("h4",{id:"2301-in-the-video"},"(23:01 in the video)"),(0,ce.kt)("p",null,"Working for Hashicorp and working on the Vault project there."),(0,ce.kt)("p",null,"Demo - (25:26 in the video)"),(0,ce.kt)("p",null,"He had problems running Podman on a test suite and dove into it."),(0,ce.kt)("p",null,"He uses Podman on Ubuntu currently, had run on Fedora and noticed that Docker was being run so, enabled the podman.socket in the test suite."),(0,ce.kt)("p",null,"Some of his containers in Docker used a lot of memory and sometimes failed, yet when he changed to Podman that was no longer an issue."),(0,ce.kt)("p",null,"He ran into timeouts with Podman due to networks that Podman were trying to use but docker-radius in the environment was ignoring the requests. He added a PR to docker-radius, but it has yet to be accepted."),(0,ce.kt)("p",null,"His CI was spinning up Docker processes and that was failing in the environment too."),(0,ce.kt)("p",null,"He used a big hammer and changed the entrypoing to docker-radius to sleep. Probably not optimal, but it does work."),(0,ce.kt)("p",null,"He wanted to change Podman api calls to cli calls and the answer was to build a tarball. He built a way to create a context from code within the test case . Build the tarball, set it ups and send it along. So that removed the hack of doing the echo to the container writing the sleep."),(0,ce.kt)("p",null,"He can spin up a Vault test cluster, issue certs, and drop it into an nginx container. That spawns a container with the particular info that Vault needs."),(0,ce.kt)("p",null,"He's then able to copy the files that he needs into the containers, so they don't have to build the image each time. Especially so for certificates. Guven, they're on containers, they can run in parallel."),(0,ce.kt)("p",null,"He'd like to expose the vault cluster to talk to the test containers. Future work for Alex. He's thinking that he may need to use another container to do that communication."),(0,ce.kt)("h2",{id:"podman-on-mac-installer-update"},"Podman on Mac Installer Update"),(0,ce.kt)("h3",{id:"ashley-cui"},"Ashley Cui"),(0,ce.kt)("h4",{id:"4250-in-the-video"},"(42:50 in the video)"),(0,ce.kt)("p",null,"We have a packages installer and our building packages on GitHub. Signed for all of our releases and unsigned for RCs. So no need for Brew. It's all in GitHub."),(0,ce.kt)("h2",{id:"open-forumquestions"},"Open Forum/Questions?"),(0,ce.kt)("h4",{id:"4434-in-the-video"},"(44:34 in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Puvi running Jenkin builds daily. Spins up containers on a cluster. Trying to move to Podman from Docker due to the Dockershim being deprecated. They're using the DOcker.socket and want to use Podman, as the socket isn't secure. They tried rootless, but it's much slower due to the network. Worked much better in rootful and dropped fuse."),(0,ce.kt)("p",{parentName:"li"},"Luca suggested using a mount point which should help, but you have to watch if concurrent builds are in play."),(0,ce.kt)("p",{parentName:"li"},"Puvi is trying NFS mounts, but in Amazon, he'd have to use AFS, which is slow and costly."),(0,ce.kt)("p",{parentName:"li"},"Luca and Puvi discussed a number of configs to try, and that have been tried. Work ongoing."))),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"NA")),(0,ce.kt)("h2",{id:"next-meeting-tuesday-december-6-2022-1100-am-eastern-utc-4"},"Next Meeting: Tuesday December 6, 2022, 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"next-cabal-meeting-thursday-november-17-2022-1100-am-eastern-utc-4"},"Next Cabal Meeting: Thursday November 17, 2022, 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"meeting-end-1156-am-eastern-utc-4"},"Meeting End: 11:56 a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"bluejeans-chat-copypaste"},"BlueJeans Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Me11:00 AM\nhttps://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nMe11:06 AM\nhack md, please sign in: https://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nMark Russell11:23 AM\nThis is super cool\nalegrey9111:23 AM\nGreat too!\nLokesh Mandvekar11:29 AM\nis it just me hearing choppy audio ?\nMark Russell11:29 AM\nseems ok here\nLokesh Mandvekar11:29 AM\nack, thanks\nAshley Cui11:47 AM\nhttps://github.com/containers/podman/releases/tag/v4.2.1\nChristian Felder11:49 AM\naarch64 is meant to be used on Apple Silicon M1?\nMatt Heon11:51 AM\n@Christian Felder Yes\nChristian Felder11:57 AM\nThanks!\nAlex Scheel - HCP11:57 AM\nThank you!\nMohan Boddu11:58 AM\nThanks!\n")))}tt.isMDXComponent=!0;const nt={},at="Podman Community Cabal Meeting Notes",ot=[{value:"February 16, 2023 11:00 a.m. Eastern",id:"february-16-2023-1100-am-eastern",level:2},{value:"February 16, 2023 Topics",id:"february-16-2023-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"Podman Default Network: Enable DNS by default (0:57 in the video) - Matt Heon",id:"podman-default-network-enable-dns-by-default-057-in-the-video---matt-heon",level:3},{value:"Open discussion (29:17 in the video)",id:"open-discussion-2917-in-the-video",level:4},{value:"Next Meeting: Thursday, March 16, 2023, 11:00 a.m. EDT (UTC-5)",id:"next-meeting-thursday-march-16-2023-1100-am-edt-utc-5",level:3},{value:"Possible Topics",id:"possible-topics",level:2},{value:"Next Community Meeting: Tuesday, April 4, 2023, 11:00 a.m. EDT (UTC-4)",id:"next-community-meeting-tuesday-april-4-2023-1100-am-edt-utc-4",level:3},{value:"Possible Topics:",id:"possible-topics-1",level:3}],it={toc:ot},st="wrapper";function rt(e){let{components:t,...n}=e;return(0,ce.kt)(st,(0,Q.Z)({},it,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("p",null,"Attendees: Matt Heon, Nalin Dahyabhai, Paul Holzinger, Lokesh Mandvekar, Valentin Rothberg, Eduardo Santiago, Giuseppe Scrivano, Aditya Rajan, Preethi Thomas, Ashley Cui, Brent Baude, Chris Evich, Urvashi Mohnani, Martin Jackson, Max Ehlers, Matthew McComas, Peter Buffon"),(0,ce.kt)("h2",{id:"february-16-2023-1100-am-eastern"},"February 16, 2023 11:00 a.m. Eastern"),(0,ce.kt)("h2",{id:"february-16-2023-topics"},"February 16, 2023 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Podman Default Network: Enable DNS by default - Matt Heon")),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://youtu.be/Rn8SKgubXQ4"},"Recording")),(0,ce.kt)("p",null,"Meeting start: 11:02 a.m. Thursday, February 16, 2023"),(0,ce.kt)("h3",{id:"podman-default-network-enable-dns-by-default-057-in-the-video---matt-heon"},"Podman Default Network: Enable DNS by default (0:57 in the video) - Matt Heon"),(0,ce.kt)("p",null,"We currently don't currently start DNS on the container by default. So you can't talk to other containers by name."),(0,ce.kt)("p",null,"The question is, going forward, should we turn it on by default?"),(0,ce.kt)("p",null,"Paul thinks the concern might be having a DNS server running on each container."),(0,ce.kt)("p",null,"Brent thinks this will be a performance hit as another service will need to be run, and an up/down check will need to be run also."),(0,ce.kt)("p",null,'Docker compose on Podman currently runs on a network without DNS, so we may need to adjust. The "play kube" command may also need to be adjusted.'),(0,ce.kt)("p",null,"DNS is complex, and the more enablement you do, the more problems that can be encountered. Brent is concerned."),(0,ce.kt)("p",null,"Matt noted that only startup performance and shutdown performance that should be impacted the most. Paul thinks there may be extra latency for the first request."),(0,ce.kt)("p",null,"Valentin thinks we have had enough questions from customers asking why DNS doesn't work out of the gate, that it is worth looking into."),(0,ce.kt)("p",null,"Matt noted that changing the default network will be pretty trivial."),(0,ce.kt)("p",null,"Giuseppe asked if there is a security concern with containers being able to use DNS. Paul thinks that we're only providing name resolution, but it's not that much different than allowing for IP communication between containers."),(0,ce.kt)("p",null,"Paul thinks we should do a study of the plusses and minuses of the change and then make a decision from there. Regardless, we should make the selection process of the default network a be one-line change for ease of use."),(0,ce.kt)("p",null,"Matt would like to do it as it's an advantage over what Docker does He thinks it's a straight enhancement over Docker."),(0,ce.kt)("p",null,"Matt is proposing having Netavark set as default DNS to on, while CNI would remain as not defaulting to DNS."),(0,ce.kt)("p",null,"The question is, should this change, if it goes forward, go into a Podman 4.","*"," release, or the Podman 5.0 release? Is it a breaking change? Paul leans towards 5.0."),(0,ce.kt)("p",null,"Paul pointed out that we can't do this for CNI as it would break some functionality there."),(0,ce.kt)("p",null,"The leaning is toward implementing this at Podman v5.0 and making it easily configurable."),(0,ce.kt)("p",null,"Brent's concern is will the average user be able to update the conf file. He thinks it's easy to do, but finding it is sometimes hard to locate. Should we make it configurable from Podman itself? We could do a network-update command in Podman, or allow the user to configure it via a Podman command."),(0,ce.kt)("p",null,"Plumbing work to happen in the near future, final switch on Podman v5.0?"),(0,ce.kt)("h4",{id:"open-discussion-2917-in-the-video"},"Open discussion (29:17 in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Max asked about the WireGuard PR for Netavark.")),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/netavark/pull/472"},"Netavark PR")),(0,ce.kt)("p",null,"We had marked it as experimental. Paul says he hasn't had the time to do a proper review due to the size and the lack of WireGuard experience."),(0,ce.kt)("p",null,"Brent suggested that we might merge it, marking it as experimental, and then building some kind of gate around it."),(0,ce.kt)("p",null,"Brent and Matt will review it and work to make it in. Brent asked if Paul thought there was enough documentation surrounding it, especially pointers to WireGuard itself."),(0,ce.kt)("p",null,"Many thanks to Max for his contribution."),(0,ce.kt)("h3",{id:"next-meeting-thursday-march-16-2023-1100-am-edt-utc-5"},"Next Meeting: Thursday, March 16, 2023, 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h2",{id:"possible-topics"},"Possible Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"})),(0,ce.kt)("h3",{id:"next-community-meeting-tuesday-april-4-2023-1100-am-edt-utc-4"},"Next Community Meeting: Tuesday, April 4, 2023, 11:00 a.m. EDT (UTC-4)"),(0,ce.kt)("h3",{id:"possible-topics-1"},"Possible Topics:"),(0,ce.kt)("p",null,"Meeting finished 11:40 a.m."),(0,ce.kt)("p",null,"Raw Meeting Chat:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"The raw chat was not captured.\n")))}rt.isMDXComponent=!0;const lt={},ht="Podman Community Meeting",dt=[{value:"November 3, 2020 11:00 a.m. Eastern",id:"november-3-2020-1100-am-eastern",level:2},{value:"Attendees (36 total)",id:"attendees-36-total",level:3},{value:"Meeting Start: 11:03 a.m.",id:"meeting-start-1103-am",level:2},{value:"BlueJeans Recording",id:"bluejeans-recording",level:3},{value:"boot2podman/podman-machine",id:"boot2podmanpodman-machine",level:2},{value:"Anders Bj\xf6rklund",id:"anders-bj\xf6rklund",level:3},{value:"rise and fall of boot2podman",id:"rise-and-fall-of-boot2podman",level:4},{value:"Basically a varlink post-mortem",id:"basically-a-varlink-post-mortem",level:4},{value:"(1:40 in the video)",id:"140-in-the-video",level:5},{value:"What Red Hat Thinks - Design directions",id:"what-red-hat-thinks---design-directions",level:2},{value:"Brent Baude",id:"brent-baude",level:3},{value:"(20:55 in the video)",id:"2055-in-the-video",level:5},{value:"Short Image Name Pulling Demo",id:"short-image-name-pulling-demo",level:2},{value:"Valentin Rothberg",id:"valentin-rothberg",level:3},{value:"(27:30 in the video)",id:"2730-in-the-video",level:5},{value:"Questions?",id:"questions",level:2},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday December 1, 2020, 11:00 a.m. Eastern (UTC-5)",id:"next-meeting-tuesday-december-1-2020-1100-am-eastern-utc-5",level:2},{value:"Meeting End: 12:14 p.m.",id:"meeting-end-1214-pm",level:2},{value:"BlueJeans Chat copy/paste:",id:"bluejeans-chat-copypaste",level:2}],ut={toc:dt},mt="wrapper";function ct(e){let{components:t,...n}=e;return(0,ce.kt)(mt,(0,Q.Z)({},ut,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting"},"Podman Community Meeting"),(0,ce.kt)("h2",{id:"november-3-2020-1100-am-eastern"},"November 3, 2020 11:00 a.m. Eastern"),(0,ce.kt)("h3",{id:"attendees-36-total"},"Attendees (36 total)"),(0,ce.kt)("p",null,"Tom Sweeney, Brent Baude, Anders Bj\xf6rklund (afbjorklund), Greg Shomo, sshnaidm, Jordan Christiansen (xordspar0), Ralf Haferkamp, Paul Holzinger, Giuseppe Scrivano, Shenghao Yang, Ashley Cui, Brett Tofel, Alex Litvak, Nalin Dahyabhai, Qi Wang, Scott McCarty, Lokesh Mandvekar, Ed Haynes, Valentin Rothberg, Christian Felder, Holger Gantikow, James Cassell, Dan Walsh, Peter Hunt, Urvashi Mohnani"),(0,ce.kt)("h2",{id:"meeting-start-1103-am"},"Meeting Start: 11:03 a.m."),(0,ce.kt)("h3",{id:"bluejeans-recording"},"BlueJeans ",(0,ce.kt)("a",{parentName:"h3",href:"https://bluejeans.com/s/PwWkFkPIlI6"},"Recording")),(0,ce.kt)("h2",{id:"boot2podmanpodman-machine"},"boot2podman/podman-machine"),(0,ce.kt)("h3",{id:"anders-bj\xf6rklund"},"Anders Bj\xf6rklund"),(0,ce.kt)("h4",{id:"rise-and-fall-of-boot2podman"},"rise and fall of boot2podman"),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://boot2podman.github.io/"},"https://boot2podman.github.io/")),(0,ce.kt)("h4",{id:"basically-a-varlink-post-mortem"},"Basically a varlink post-mortem"),(0,ce.kt)("h5",{id:"140-in-the-video"},"(1:40 in the video)"),(0,ce.kt)("p",null,"Anders talked about his work in containers starting with chroot to jails, to zones, to openVZ, to LX and finally to Docker. Slide Deck ",(0,ce.kt)("a",{parentName:"p",href:"https://boot2podman.github.io/assets/Boot2PodmanProject.pdf"},"here"),"."),(0,ce.kt)("p",null,"Within Docker, runc, containerd and Moby project."),(0,ce.kt)("p",null,"What was very interesting to him was the boot2docker, a lightweight distribution based on Tiny Core Linux made specifically to run Docker containers. This was productized into the Docker toolbox."),(0,ce.kt)("p",null,"Base.Tiny Core Linux which runs on multiple architectures."),(0,ce.kt)("p",null,"His boot2podman project was to try and emulate boot2docker. Used a custom kernel, add-on initrd and build tools."),(0,ce.kt)("p",null,"When running containers from scratch you need kernel, build, packages (runc, Podman, conmon, cni-plugins, varlink Buildah, Skopeo) and others such as ssh. Varlink was used to run remote connections for Podman."),(0,ce.kt)("p",null,"Varlink tool and library talks to different interfaces and runs on a socket."),(0,ce.kt)("p",null,"Machine lets you create Podman hosts on computer, it creates servers with Podman on them, then configures the Podman client to talk to them."),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Docker to Podman conversion"),(0,ce.kt)("li",{parentName:"ul"},"Drop support for Swarm"),(0,ce.kt)("li",{parentName:"ul"},"Add the driver for QEMU"),(0,ce.kt)("li",{parentName:"ul"},"Drop support for cloud")),(0,ce.kt)("p",null,"boot2docker was recently deprecated and move to unmaintained image. boot2podman also deprecated due to varlink being replaced with REST API."),(0,ce.kt)("p",null,"Anders then ran a ",(0,ce.kt)("a",{parentName:"p",href:"https://boot2podman.github.io/2020/11/03/boot2podman-project.html"},"demo")," ",(0,ce.kt)("strong",{parentName:"p"},"(16:00 in video)"),". He does not yet have support for V2 Podman, but in the works."),(0,ce.kt)("h2",{id:"what-red-hat-thinks---design-directions"},"What Red Hat Thinks - Design directions"),(0,ce.kt)("h3",{id:"brent-baude"},"Brent Baude"),(0,ce.kt)("h5",{id:"2055-in-the-video"},"(20:55 in the video)"),(0,ce.kt)("p",null,"Determing priorities"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Resolve migration hurdles from Docker to Podman",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"Number 1 focus of the team at the moment."))),(0,ce.kt)("li",{parentName:"ul"},"What are we hearing?"),(0,ce.kt)("li",{parentName:"ul"},"What do we know?")),(0,ce.kt)("p",null,"The following is not a commitment from Red Hat, but what we think and hope to do."),(0,ce.kt)("p",null,"How we work"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Stakeholders",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"Upstream"),(0,ce.kt)("li",{parentName:"ul"},"Product Management"),(0,ce.kt)("li",{parentName:"ul"},"Distribution and OpenShfit"))),(0,ce.kt)("li",{parentName:"ul"},"Agile driven",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"3 week sprints"))),(0,ce.kt)("li",{parentName:"ul"},"Complications",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"No easy bugs"),(0,ce.kt)("li",{parentName:"ul"},"Bug counts")))),(0,ce.kt)("p",null,"Short Names (see next topic)"),(0,ce.kt)("p",null,"Upcoming priorities."),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},'Possible now with "compatibilty" RESTful interface'),(0,ce.kt)("li",{parentName:"ul"},"CI testing to prevent regressions",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"No obvious framework for using docker-py tests",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"Problems using swarm, working through that."))),(0,ce.kt)("li",{parentName:"ul"},"Wrote testsuite but needs completion"))),(0,ce.kt)("li",{parentName:"ul"},"Linchpin - Opens up possibilities for other applications.",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"Grype, for example, a vulnerbality scanner that uses docker-py that ran into an issue and has been addressed.")))),(0,ce.kt)("p",null,"Volume plugins\n",(0,ce.kt)("em",{parentName:"p"}," Ongoing requirement from users and customers\n")," Compatible with Docker"),(0,ce.kt)("p",null,"Docker compose\n",(0,ce.kt)("em",{parentName:"p"}," Ongoing requirement from users and customers\n")," podman-compose\n",(0,ce.kt)("em",{parentName:"p"}," Getting close\n")," Podman generate and play kube is strategic future."),(0,ce.kt)("p",null,"Network Alias\n",(0,ce.kt)("em",{parentName:"p"}," Longstanding upstream request\n")," ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman run --network-alias foo1 ..."),"\n",(0,ce.kt)("em",{parentName:"p"}," Wired into dnsname plugin.\n")," Backend and Frontend WIP PR's exist.\n",(0,ce.kt)("em",{parentName:"p"}," Opens up network connect and disconnect.\n")," Work is ongoing and needed for docker-compose."),(0,ce.kt)("p",null,"Clone (rename) containers\n",(0,ce.kt)("em",{parentName:"p"}," Longstanding upstream request\n")," Challenges our architecture where container description are immutable."),(0,ce.kt)("p",null,"Secrets\n",(0,ce.kt)("em",{parentName:"p"},' Add "secrets" to a container\n')," Lots of open-ended questions here yet, but design meeting pending. Ashley Cui driving."),(0,ce.kt)("p",null,"Mount image into container ","*"," Convenience command to allwo mounting of an image into a container in a single step."),(0,ce.kt)("p",null,"Help Needed"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Keeping bugs below 200."),(0,ce.kt)("li",{parentName:"ul"},"Need community to help us balance bugs and new features.\n",(0,ce.kt)("em",{parentName:"li"}," Reproducers alone are very helpful!\n")," Answer questions\n",(0,ce.kt)("em",{parentName:"li"}," Submit fixes\n")," Blogs"),(0,ce.kt)("li",{parentName:"ul"},"RESTful compatibilty endpoint for archive"),(0,ce.kt)("li",{parentName:"ul"},"Secure implementation of 'cp' for podman-remote"),(0,ce.kt)("li",{parentName:"ul"},"podman-py")),(0,ce.kt)("p",null,"(Note for Brent: Look into docker log drivers.)"),(0,ce.kt)("h2",{id:"short-image-name-pulling-demo"},"Short Image Name Pulling Demo"),(0,ce.kt)("h3",{id:"valentin-rothberg"},"Valentin Rothberg"),(0,ce.kt)("h5",{id:"2730-in-the-video"},"(27:30 in the video)"),(0,ce.kt)("p",null,'Valentin took over in the middle of Brent\'s talk.\n"debian" vs fully qualified "docker.io/library/debian:latest"'),(0,ce.kt)("p",null,"Ambiguity when completing short names, uses /etc/containers/registries.conf to determine where to pull from."),(0,ce.kt)("p",null,"Risk of hitting a malicious repository"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Depends on order of registries in list"),(0,ce.kt)("li",{parentName:"ul"},"registry.fedorproject.io, ..., docker.io")),(0,ce.kt)("p",null,"Solution: short name aliasing and prompting"),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/shortnames"},"https://github.com/containers/shortnames")," for more info."),(0,ce.kt)("p",null,"Valentin ran a demo on short names."),(0,ce.kt)("p",null,"This is to ship with Podman v2.2 along with a blog post describing it."),(0,ce.kt)("p",null,"(A number of questions in bluejeans chat on shortnames, see below.)"),(0,ce.kt)("h2",{id:"questions"},"Questions?"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Marcin Skarbek having problems starting a container in Podman v2.0.5. New issue incoming. Brent believes fixed by changes in upstream."),(0,ce.kt)("li",{parentName:"ol"},"Jordan Christiansen asked about podman play kube volume support. Peter Hunt said to report an issue if problem found which he suspects there is."),(0,ce.kt)("li",{parentName:"ol"},"Shenghao Yang asked about fuse-overlayfs to store in a NFS use case. The goal is to get there. Experimental now due to the uids that come into play. Long term goal is to get NFS to understand and use usernamespace safely.")),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("p",null,"None suggested, happy to take some! (",(0,ce.kt)("a",{parentName:"p",href:"mailto:tsweeney@redhat.com"},"tsweeney@redhat.com"),")"),(0,ce.kt)("h2",{id:"next-meeting-tuesday-december-1-2020-1100-am-eastern-utc-5"},"Next Meeting: Tuesday December 1, 2020, 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h2",{id:"meeting-end-1214-pm"},"Meeting End: 12:14 p.m."),(0,ce.kt)("h2",{id:"bluejeans-chat-copypaste"},"BlueJeans Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"tsweeney10:56 AM\nHackMD for notes and questions, please sign in there at the top! https://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nScott McCarty11:05 AM\nHello everyone!\nChristian Felder11:27 AM\nI don't want to interrupt the current session, but I've a question regarding boot2podman: If you publish a port is it published just on box or on the host as well?\nDAN (ME)11:29 AM\nWe connect via ssh tunnel, so no open ports on the VM by default.\nOther then ssh port.\nPodman v2 listens on local unix domain socket, and podman-remote uses ssh under the covers to connect to this unix domain socket.\nChristian Felder11:29 AM\nok... that's a bit different from the docker experience... if you use docker run -p it is published on the host although there is this vm behind the scenes\nafbjorklund11:30 AM\ndocker-machine opens 22 and 2376, but podman-machine does everything over 22 - although tunneled to a random local port\nDAN (ME)11:30 AM\nYou can setup Podman to listen on random ports, but we discourage this because of the security risks.\nafbjorklund11:30 AM\nthere is no publishing on the laptop, that is docker desktop rather than docker toolbox\n(when using docker-machine that was)\nmheon11:31 AM\n@Christian - ports are only published on the VM now.\nI think Dan is confusing port mapping and the API port\nDAN (ME)11:31 AM\nafbjorklund nice job on the presentation.\nafbjorklund11:31 AM\nthanks! it'll be on the blog site eventually\nDAN (ME)11:31 AM\nmheon I am talking about which port the podman socket listens on\nChristian Felder11:32 AM\nok from my experience I could telnet to a port on localhost (on the host machine) when using the docker-cli, e.g. docker run -p ...\nmheon11:32 AM\n@Dan I'm fairly certain the question is about `-p` for podman run\n@Christian - yes, that's not implemented yet\nChristian Felder11:32 AM\nalright thanks\nmheon11:33 AM\nI'd love to get it working, but there are only so many engineers on the project right now\nafbjorklund11:33 AM\nwhen you use this docker-machine/podman-machine setup, anything that you publish is available on the VM IP (rather than 127.0.0.1)\nChristian Felder11:33 AM\nthanks afbjorklund that was what i expected. I did a similar setup with podman-remote and a custom vm\nafbjorklund11:34 AM\nsome details are on https://github.com/boot2podman/machine\nAlex Litvak11:35 AM\nmissed previous speaker, will the video be posted ?\nDAN (ME)11:35 AM\nyes\nMe11:35 AM\nAlex, yes it will. At least a link on podman.io\nAlex Litvak11:35 AM\nthanks\nChristian Felder11:37 AM\ndocker.io/mariadb:latest -> docker.io/library/mariadb:latest (is the first a shortname as well?)\nmheon11:38 AM\n@Christian - It has a repository in it explicitly, so I would say no\nJames Cassell11:39 AM\ndoes it support cascading configs? can a user override only part of the system config?\nmheon11:39 AM\nI'll leave that one to Valentin\nDAN (ME)11:40 AM\nJames we will leave it to distros to choose which shortnames they want to ship by default.\nValentin Rothberg11:40 AM\n@Christian: Matt is right. docker.io/foo is a special case as Docker normalizes with library/\n@James: the registries.conf supports drop-in config files that allow to override previous entries\nDAN (ME)11:41 AM\ngithub.com/contaiers/shortnames, is just for disto based images at this point. If fedora wants to defaul mariadb to a fedora version, then this is up to fedora.\nValentin Rothberg11:41 AM\n`man containers-registries.conf.d` is the place to look\nChristian Felder11:42 AM\nI just stumbled accross this when using podman_image modules for ansible which checks for the image name because the code checks for the image name which changes when pulling from the shorter url which resolves to docker.io/library/...\nthanks for your answers\nJames Cassell11:43 AM\nthanks! drop-ins are great\nJames Cassell11:45 AM\nif docker-compose compat REST API works, does it make podman-compose irrelevant, since folks can just use the docker-compose binary to talk to podman?\nJames Cassell11:45 AM\nhttps://hackmd.io/fc1zraYdS0-klJ2KJcfC7w (reposting link from start)\nChristian11:46 AM\ndo you have an example of what won't be possible with docker-compose / docker-py ?\nmheon11:46 AM\nFor docker-py - anything in the Swarm APIs\nRenaming containers\nThose are the big two\nNetworking will have some limits for now but I think we can work through those\nAlex Litvak11:47 AM\nare docker log drivers a part ofthe picture?\nChristian11:48 AM\nthanks!\nafbjorklund11:57 AM\npodman-py, not to be confused with pypodman :-)\nmheon11:57 AM\nLesson here: Don't let engineers name things\nSagi Shnaidman11:59 AM\nYou can demonstrate podman modules for Ansible, for example :)\nafbjorklund12:00 PM\nit should be noted that minikube has support for podman, so you can use podman in order to run \"real\" kubernetes too\n(both podman v1 and v2 as of lately)\n`minikube start --driver=podman`\nGreg Shomo (Northeastern University)12:03 PM\nthank you all for your time\nErik Bernoth12:11 PM\nthanks for the greet meeting, have to leave. Bye\nafbjorklund12:13 PM\nPosted slides and demos on the boot2podman site\nMe12:13 PM\nThanks AB!\n")))}ct.isMDXComponent=!0;const pt={},gt="Podman Community Meeting",yt=[{value:"May 4, 2021 11:00 a.m. Eastern (UTC-4)",id:"may-4-2021-1100-am-eastern-utc-4",level:2},{value:"Attendees (36 total)",id:"attendees-36-total",level:3},{value:"May the Fourth be with You! - podman run --rm -it -e mode=stdout quay.io/tomsweeneyredhat/asciistarwars:latest",id:"may-the-fourth-be-with-you---podman-run---rm--it--e-modestdout-quayiotomsweeneyredhatasciistarwarslatest",level:4},{value:"Meeting Start: 11:05 a.m.",id:"meeting-start-1105-am",level:2},{value:"BlueJeans Recording",id:"bluejeans-recording",level:3},{value:"Podman and IPv6 Status",id:"podman-and-ipv6-status",level:2},{value:"Matt Heon",id:"matt-heon",level:3},{value:"(1:49 in the video)",id:"149-in-the-video",level:4},{value:"Running Docker, Podman, and even Kubernetes inside rootless Podman containers",id:"running-docker-podman-and-even-kubernetes-inside-rootless-podman-containers",level:2},{value:"Cesar Talledo - Nestybox",id:"cesar-talledo---nestybox",level:3},{value:"(5:10 in the video)",id:"510-in-the-video",level:4},{value:"Demo (20:55 in the video)",id:"demo-2055-in-the-video",level:5},{value:"Podman Python Client Demo",id:"podman-python-client-demo",level:2},{value:"Jhon Honce",id:"jhon-honce",level:3},{value:"(33:45 in the video)",id:"3345-in-the-video",level:4},{value:"Demo (40:32 in the video)",id:"demo-4032-in-the-video",level:5},{value:"Questions?",id:"questions",level:2},{value:"(47:30 in the video)",id:"4730-in-the-video",level:4},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday June 1, 2021, 11:00 a.m. Eastern (UTC-4)",id:"next-meeting-tuesday-june-1-2021-1100-am-eastern-utc-4",level:2},{value:"Meeting End: 11:55 a.m. Eastern (UTC-4)",id:"meeting-end-1155-am-eastern-utc-4",level:3},{value:"BlueJeans Chat copy/paste:",id:"bluejeans-chat-copypaste",level:2}],kt={toc:yt},wt="wrapper";function ft(e){let{components:t,...n}=e;return(0,ce.kt)(wt,(0,Q.Z)({},kt,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting"},"Podman Community Meeting"),(0,ce.kt)("h2",{id:"may-4-2021-1100-am-eastern-utc-4"},"May 4, 2021 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"attendees-36-total"},"Attendees (36 total)"),(0,ce.kt)("p",null,"Tom Sweeney, Brent Baude, Jhon Honce, Dan Walsh, Chris Evich, Lokesh Mandvekar, Urvashi Mohnani, Nalin Dahyabhai, Eduardo Santiago, Matt Heon, Ashley Cui, Giuseppe Scrivano, Anders Bj\xf6rklund, Paul Holzinger, Greg Shomo, Scott McCarty, Ed Haynes, Christian Felder, Eduardo Vega, Alex Litvak, Holger Gantikow"),(0,ce.kt)("h4",{id:"may-the-fourth-be-with-you---podman-run---rm--it--e-modestdout-quayiotomsweeneyredhatasciistarwarslatest"},"May the Fourth be with You! - ",(0,ce.kt)("inlineCode",{parentName:"h4"},"podman run --rm -it -e mode=stdout quay.io/tomsweeneyredhat/asciistarwars:latest")),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://www.redhat.com/sysadmin/may-fourth-podman"},"May the 4th Article")),(0,ce.kt)("h2",{id:"meeting-start-1105-am"},"Meeting Start: 11:05 a.m."),(0,ce.kt)("h3",{id:"bluejeans-recording"},"BlueJeans ",(0,ce.kt)("a",{parentName:"h3",href:"https://bluejeans.com/s/Qq_IsjrnOaG"},"Recording")),(0,ce.kt)("h2",{id:"podman-and-ipv6-status"},"Podman and IPv6 Status"),(0,ce.kt)("h3",{id:"matt-heon"},"Matt Heon"),(0,ce.kt)("h4",{id:"149-in-the-video"},"(1:49 in the video)"),(0,ce.kt)("p",null,"Working on improving Podman IPv6 support, the ability to set multiple static IP addresses for a cotainer, this will allow Podman to do --ip and --ipv6 on the same containers so you can have static IPs for both network types. Also work ongoing for different ip's at the same time for one container on different network types (one v4 and one v6 per network)."),(0,ce.kt)("p",null,"Support being worked on to allow Podman to automatically set IPv6 as the default network. The current default network does not support IPv6 at all. Working on improving support IPv6 in ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman network")," so via configuration options, you'll be able to automatically assign using this command."),(0,ce.kt)("p",null,"No work on IPv6 port forwarding in the next release, but sometime in the future. Looking at Podman v3.3 for delivery of the IPv6 improvements. Next relase v3.2 rc1 is being cut tomorrow."),(0,ce.kt)("h2",{id:"running-docker-podman-and-even-kubernetes-inside-rootless-podman-containers"},"Running Docker, Podman, and even Kubernetes inside rootless Podman containers"),(0,ce.kt)("h3",{id:"cesar-talledo---nestybox"},"Cesar Talledo - ",(0,ce.kt)("a",{parentName:"h3",href:"https://www.nestybox.com/"},"Nestybox")),(0,ce.kt)("h4",{id:"510-in-the-video"},"(5:10 in the video)"),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman.io/blob/main/community/meeting/notes/2021-05-04/sysbox-podman-community-meeting.pdf"},"slides")),(0,ce.kt)("p",null,"Podman integrated to running system level software inside of rootless containers."),(0,ce.kt)("p",null,"Developers of the Sysbox runtime, founders of Nestybox."),(0,ce.kt)("p",null,"Enhance containers to run most workloads that run in VMs, seamlessly and with strong isolation."),(0,ce.kt)("p",null,"systemd, Docker, Podman and K8s, etc are the system workloads they're looking to run, seamlessly and with strong isolation."),(0,ce.kt)("p",null,"A command like ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman run --userns=auto:size=65536 -it any-image")," could run a container running any system, easy, powerful and secure."),(0,ce.kt)("p",null,"They made the changes with sysbox-runc. Strong isolation (Linux User Namespace), Runs same workloads on VMs, seamlessly. No special images."),(0,ce.kt)("p",null,"OpenSource software."),(0,ce.kt)("p",null,"Features:\nUsernamespace on all containers\nfile-system ID shifting (shiftfs now, ID-mapped mounts soon)\nprocfs and sysfs virtualization\nsyscall interception\nInitial mount locking\nEasy preloading of inner container images\nSharing inner container images across Sysbox containers.\nEasy to load inner container images\nAllows for shared disk space of inner container images"),(0,ce.kt)("p",null,"Limitations\nLinux only\nNeed 5.5+, Ubuntu 5.0+\n90% OCI compatible\nSets up container environments to enable it to run system software, for instance '--privilege' option won't work, but that makes sense.\nSome workloads don't run inside the containers\nIPvs, kernel module loading, etc.\nSysbox is a daemon that must run as root."),(0,ce.kt)("p",null,"Tries not to get in the way of the syscalls"),(0,ce.kt)("h5",{id:"demo-2055-in-the-video"},"Demo (20:55 in the video)"),(0,ce.kt)("p",null,"Prefers Ubuntu, but deals with other linux."),(0,ce.kt)("p",null,"systemctl start sysbox\nsudo podman run --runtime=sysbox-runc -it --rm --userns=auto:size=65536 --hostname=syscont nestybox/ubuntu-bionic-systemd-docker"),(0,ce.kt)("p",null,"Showed the inside of the container with Docker already running, all inside the container."),(0,ce.kt)("p",null,"Solving a container with limit to cgroup with certain memory, then that's what you should see. They want to hide as much info of the host from inside the container."),(0,ce.kt)("p",null,(0,ce.kt)("strong",{parentName:"p"},"Summary")),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Currently runing system sofware in containers requires\n Insecure (privileged) containers\n Complex container images and commands\n\nWe need to change this\n Enables powerful use cases for containers (beyond micro-service deployment)\n\nSysbox is a next-gen runc designed for this.\n\nEnterprises are using it to replace VMs in many scenarios.\n")),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://github.com/nestybox/sysbox"},"Nestybox GitHub")),(0,ce.kt)("h2",{id:"podman-python-client-demo"},"Podman Python Client Demo"),(0,ce.kt)("h3",{id:"jhon-honce"},"Jhon Honce"),(0,ce.kt)("h4",{id:"3345-in-the-video"},"(33:45 in the video)"),(0,ce.kt)("p",null,"Python bindings are modeled after Docker py. Wanted to allow people to run their Docker py scripts."),(0,ce.kt)("p",null,"Podman py is up on ",(0,ce.kt)("a",{parentName:"p",href:"https://pypi.org/project/podman-py/"},"Pypi")," and ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman-py/blob/main/contrib/examples/demo.py"},"Demo")," on repo in GitHub."),(0,ce.kt)("p",null,"Python Podman going through the packagin process for Fedora now, RHEL later."),(0,ce.kt)("h5",{id:"demo-4032-in-the-video"},"Demo (40:32 in the video)"),(0,ce.kt)("p",null,"Created a pod, and removed containers and pods that were created."),(0,ce.kt)("p",null,"Showed code, craete client, shows version, api and min api. Pulled latest alpine image and created a pod and container in the pod, and then removes image, pod and containers. Then lists the images."),(0,ce.kt)("p",null,"Used the unix domain socket, new Pull Requests for ssh in the works and also tcp sockets."),(0,ce.kt)("p",null,"Bindings are now on par with ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman --remote")," for doing connections."),(0,ce.kt)("p",null,"Can you run Docker py and Podman py at the same time? Yes! No locking preventing that. Can even run podman --remote through the compatibiltiy layer."),(0,ce.kt)("h2",{id:"questions"},"Questions?"),(0,ce.kt)("h4",{id:"4730-in-the-video"},"(47:30 in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"No questions asked.")),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("h2",{id:"next-meeting-tuesday-june-1-2021-1100-am-eastern-utc-4"},"Next Meeting: Tuesday June 1, 2021, 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"meeting-end-1155-am-eastern-utc-4"},"Meeting End: 11:55 a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"bluejeans-chat-copypaste"},"BlueJeans Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},'Me10:55 AM\nPlease sign in on HackMD https://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nAnd "May the Fourt be with you!\nEdward Haynes11:19 AM\nI remember a few years ago Intel was working on "clear containers" to put very lightweight virt around each container for protection ... did this ever amount to anything?\nDan Walsh (rhatdan)11:20 AM\nEdward ClearContainers became Kata Containers, But they run with a virtualization layer, and their own kernel.\nRodny Molina11:21 AM\nhttps://github.com/nestybox/sysbox\nAlex Litvak11:21 AM\nbad audio\nDan Walsh (rhatdan)11:22 AM\nAlex it sounds fine here\nAlex Litvak11:23 AM\nsorry it look like a local problem\nAnders Bj\xf6rklund11:33 AM\nWhat is the biggest difference between this (product) and LXC ?\nRodny Molina11:34 AM\nSysbox is, by design, compatible with Docker, K8s and now Podman. LXC (and LXD) are not AFAIK.\nAnders Bj\xf6rklund11:35 AM\nSo a difference for the forward-looking but similar but for the backward-looking, got it. Thanks.\nRodny Molina11:38 AM\nEven for the backward-looking, Sysbox procfs/sysfs emulation goes further than what LXD is doing, so we believe you should be able to run many more system workloads in Sysbox when compared to LXD. To be fair, LXD has some features that we don\'t have.\nmanish11:39 AM\nnice cesar ... great project\nCesar Talledo11:39 AM\nthanks Manish!\nAnders Bj\xf6rklund11:39 AM\nWe originally used OpenVZ for this, which was how I got started with containers originally\nMatt Heon11:42 AM\nAh, wayland!\nLokesh Mandvekar11:43 AM\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1956841\njhonce11:45 AM\nssh ro-BRmMS9jtgcXdRW6eMRyH5zrQV@sfo2.tmate.io\nUwe11:55 AM\nthanx\nMe11:55 AM\nhttps://www.redhat.com/sysadmin/may-fourth-podman\n')))}ft.isMDXComponent=!0;const bt={},vt="Podman Community Meeting",Mt=[{value:"September 7, 2021 11:00 a.m. Eastern (UTC-4)",id:"september-7-2021-1100-am-eastern-utc-4",level:2},{value:"Attendees (18 total)",id:"attendees-18-total",level:3},{value:"Meeting Start: 11:03 a.m.",id:"meeting-start-1103-am",level:2},{value:"BlueJeans Recording",id:"bluejeans-recording",level:3},{value:"Official Debian/Ubuntu Packages Updates",id:"official-debianubuntu-packages-updates",level:2},{value:"Reinhard Tartler/Lokesh Mandvekar",id:"reinhard-tartlerlokesh-mandvekar",level:3},{value:"(1:42 in the video)",id:"142-in-the-video",level:4},{value:"Podman machine Updates",id:"podman-machine-updates",level:2},{value:"Matt Heon",id:"matt-heon",level:3},{value:"(4:17 in the video)",id:"417-in-the-video",level:4},{value:"Containerized DNA Analysis",id:"containerized-dna-analysis",level:2},{value:"Erik Bernoth",id:"erik-bernoth",level:3},{value:"(8:27 in the video)",id:"827-in-the-video",level:4},{value:"Meeting notes from Erik:",id:"meeting-notes-from-erik",level:5},{value:"Using Podman in an IDE",id:"using-podman-in-an-ide",level:2},{value:"Chris Short",id:"chris-short",level:3},{value:"(23:14 in the video)",id:"2314-in-the-video",level:4},{value:"Open Forum/Questions?",id:"open-forumquestions",level:2},{value:"(32:52 in the video)",id:"3252-in-the-video",level:4},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday October 5, 2021, 11:00 a.m. Eastern (UTC-4)",id:"next-meeting-tuesday-october-5-2021-1100-am-eastern-utc-4",level:2},{value:"Next Cabal Meeting: Thursday September 16, 2021, 10:00 a.m. Eastern (UTC-4)",id:"next-cabal-meeting-thursday-september-16-2021-1000-am-eastern-utc-4",level:2},{value:"Meeting End: 11:40 a.m. Eastern (UTC-4)",id:"meeting-end-1140-am-eastern-utc-4",level:3},{value:"BlueJeans Chat copy/paste:",id:"bluejeans-chat-copypaste",level:2}],It={toc:Mt},At="wrapper";function Tt(e){let{components:t,...n}=e;return(0,ce.kt)(At,(0,Q.Z)({},It,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting"},"Podman Community Meeting"),(0,ce.kt)("h2",{id:"september-7-2021-1100-am-eastern-utc-4"},"September 7, 2021 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"attendees-18-total"},"Attendees (18 total)"),(0,ce.kt)("p",null,"Tom Sweeney, Jhon Honce, Dan Walsh, Chris Evich, Urvashi Mohnani, Nalin Dahyabhai, Eduardo Santiago, Matt Heon, Paul Holzinger, Erik Bernoth, Charlie Doern, Chris Evich, Scott McCarty, Anders Bj\xf6rklund, Lokesh Mandvekar, Valentin Rothberg, Guillaume Rose, Rudolf Vesely"),(0,ce.kt)("h2",{id:"meeting-start-1103-am"},"Meeting Start: 11:03 a.m."),(0,ce.kt)("h3",{id:"bluejeans-recording"},"BlueJeans ",(0,ce.kt)("a",{parentName:"h3",href:"https://bluejeans.com/s/16n3v6p@XWp/"},"Recording")),(0,ce.kt)("h2",{id:"official-debianubuntu-packages-updates"},"Official Debian/Ubuntu Packages Updates"),(0,ce.kt)("h3",{id:"reinhard-tartlerlokesh-mandvekar"},"Reinhard Tartler/Lokesh Mandvekar"),(0,ce.kt)("h4",{id:"142-in-the-video"},"(1:42 in the video)"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Debian 11/bullseye ships with kernel 5.10 and Podman 3.0."),(0,ce.kt)("li",{parentName:"ul"},"Podman 3.2 from Debian experimental also works well per Reinhard's local testing."),(0,ce.kt)("li",{parentName:"ul"},'Debian "unstable" is now open for development. Work on shipping Podman 3.3 is currently underway.'),(0,ce.kt)("li",{parentName:"ul"},"Upcoming Ubuntu 21.10 release will likely include podman 3.2"),(0,ce.kt)("li",{parentName:"ul"},"Reinhard would like assistance with:",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"Identifying and upgrading package dependencies in Debian"),(0,ce.kt)("li",{parentName:"ul"},"Filing bugs on what needs to be upgraded"),(0,ce.kt)("li",{parentName:"ul"},"Preparing package uploads on the GitLab instance at salsa.debian.org"))),(0,ce.kt)("li",{parentName:"ul"},"Reinhard's contact info: siretart AT debian DOT org, siretart on GitHub")),(0,ce.kt)("h2",{id:"podman-machine-updates"},"Podman machine Updates"),(0,ce.kt)("h3",{id:"matt-heon"},"Matt Heon"),(0,ce.kt)("h4",{id:"417-in-the-video"},"(4:17 in the video)"),(0,ce.kt)("p",null,"In the past few weeks, a number of significant developments in desktop containerization. Due to that, we've seen an upswing in activity due to Podman machine and Podman in general."),(0,ce.kt)("p",null,"Two requests we're getting are the ability to mount a Docker compatible socket natively on the host. So you would not have to worry about sshing from your Mac or Windows machine into a Linux host."),(0,ce.kt)("p",null,"The second request is volume mount, which is not handled automatically now in podman machine. Lots of discussion about this, but no clear path forward at the moment, and we're hoping to change that."),(0,ce.kt)("p",null,"At the Cabal meeting next Thursday, September 15, at 10:00 a.m. EDT (UTC-4), we will be discussing the direction for Podman machine and volume mounts, and would love community involvement."),(0,ce.kt)("h2",{id:"containerized-dna-analysis"},"Containerized DNA Analysis"),(0,ce.kt)("h3",{id:"erik-bernoth"},"Erik Bernoth"),(0,ce.kt)("h4",{id:"827-in-the-video"},"(8:27 in the video)"),(0,ce.kt)("p",null,"Started a new project where friends are analyzing DNA. Looking to find out what the small markers are. In the picture, fly eyes colors are noted and can be used to denote the familial connections of the flies."),(0,ce.kt)("p",null,"Showed a tutorial for one of the tools, one included the read for DNA. Showed FASTQ that showed all the data points, including metadata. From this, they get a quality marker."),(0,ce.kt)("p",null,"The output shows a lot of dots and some char when there's a significant match. From this data, you can figure out if you have a mutation or not. Also, other essential markers that decide eye color and such. This takes a lot of computing power."),(0,ce.kt)("p",null,"There are vertical and horizontal analyzers that are needed. There are tools used, and Erik showed a script his friend uses, which takes a lot of time and does some multiprocessing. It takes a long time to complete."),(0,ce.kt)("p",null,"Can this be containerized? That's in his current project, and he is wondering if we have possible ways to containerize it. Erik would like input."),(0,ce.kt)("p",null,"Looking to build a way to use Podman to containerize this."),(0,ce.kt)("h5",{id:"meeting-notes-from-erik"},"Meeting notes from Erik:"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Intro ",(0,ce.kt)("a",{parentName:"li",href:"https://github.com/ecerami/ecerami.github.io/blob/master/samtools_primer.md"},"sequencing data crunching process"),"."),(0,ce.kt)("li",{parentName:"ol"},"YSEQ Specialty: ",(0,ce.kt)("a",{parentName:"li",href:"https://www.yseq.net/product_info.php?products_id=175886"},"Whole Genome Sequence with 400 bases (WGS400)")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("a",{parentName:"li",href:"https://genomes.yseq.net/WGS/400SE/STR_examples/"},"STR Example")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("a",{parentName:"li",href:"https://gist.github.com/tkrahn/7dfc51c2bb97a6d654378a21ea0a96d4"},"BWA Pipeline")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("a",{parentName:"li",href:"https://genomes.yseq.net/WGS/400SE/16672/16672_result_summary.txt"},"Result Summary Example")," and ",(0,ce.kt)("a",{parentName:"li",href:"https://genomes.yseq.net/WGS/400SE/16672/"},"Full Example (opt.)"),"\nFuture: ",(0,ce.kt)("a",{parentName:"li",href:"https://genomebiology.biomedcentral.com/articles/10.1186/s13059-020-1935-5"},"Nanopore?"))),(0,ce.kt)("h2",{id:"using-podman-in-an-ide"},"Using Podman in an IDE"),(0,ce.kt)("h3",{id:"chris-short"},"Chris Short"),(0,ce.kt)("h4",{id:"2314-in-the-video"},"(23:14 in the video)"),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://drive.google.com/file/d/1Elb5Pb8z7tkKRaBnewRBvDsby2bWduza/view"},"Video")),(0,ce.kt)("p",null,"Showed VSCode with the Remote Development extension installed, which he is running on his Mac. This can work on WSL/Windows too. In theory, you can create a container within it. It's looking at his local ssh config. He could be anywhere in the world and could run anything he wanted from his Linux machine."),(0,ce.kt)("p",null,"He ssh's into his Linux machine from VSCode, and VSCode opens up what it needs to the machine. He now has a terminal instance from his Mac on the remote Fedora box. So he's in the IDE using a terminal on his Fedora box and can run Podman commands as needed."),(0,ce.kt)("p",null,"Chris blurred out several data points for privacy reasons."),(0,ce.kt)("p",null,"He then showed the website on his Mac that he had run via Podman."),(0,ce.kt)("p",null,"Jhon Honce noted that we have people using the Docker plugin in VSCode to use Podman. It would be nice to get a Podman plugin at some point for VSCode."),(0,ce.kt)("h2",{id:"open-forumquestions"},"Open Forum/Questions?"),(0,ce.kt)("h4",{id:"3252-in-the-video"},"(32:52 in the video)"),(0,ce.kt)("p",null,"Dan is trying to get Docker Security Bench translated into Podman Security Bench. A long-term project and community involvement would be great."),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://discord.com/channels/852634929845239818/852634929845239824"},"Discord server")," is now up and bridged with the ",(0,ce.kt)("a",{parentName:"p",href:"https://matrix.to/#/#podman:matrix.org"},"Podman Matrix room"),"."),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("p",null,"Rootless container networking - Paul Holzinger\nPodman Security Bench - Dan Walsh"),(0,ce.kt)("h2",{id:"next-meeting-tuesday-october-5-2021-1100-am-eastern-utc-4"},"Next Meeting: Tuesday October 5, 2021, 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"next-cabal-meeting-thursday-september-16-2021-1000-am-eastern-utc-4"},"Next Cabal Meeting: Thursday September 16, 2021, 10:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"meeting-end-1140-am-eastern-utc-4"},"Meeting End: 11:40 a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"bluejeans-chat-copypaste"},"BlueJeans Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Me10:59 AM\nPlease sign in here; https://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nMe11:06 AM\nI can't hear Lokesh, is it just me?\nValentin Rothberg11:06 AM\nI hear him\nDan Walsh11:06 AM\nI hear him fine\nLokesh Mandvekar11:06 AM\ni'm done\nDan Walsh11:06 AM\nTom back to you\nLokesh Mandvekar11:06 AM\ntom, back to you\nDan Walsh11:07 AM\nWe can not hear you tom\nMe11:07 AM\nMatt, please take it\nMatt Heon11:07 AM\nTom, no audio from you\ncevich11:07 AM\nI blame Tom's cat.\njhonce11:08 AM\nNetwork issues are now spreading...\nMe11:09 AM\nI can hear now, had to reset all the audio options.\nIt flicked off when I plugged my headset in\nErik Bernoth11:11 AM\nWe still can\u2019t hear you\nErik Bernoth11:27 AM\nThanks, Scott. Good to know that someone already knows some about this topic area. :)\nScott McCarty (fatherlinux)11:31 AM\nLOL, oh man I LOVED bioinformatics\nI miss that work\nMaybe that will be my retirement :-)\nLokesh Mandvekar11:39 AM\nMehul is pronounced May-houl :)\nErik Bernoth11:39 AM\nMatrix also works well from the browser btw\nScott McCarty (fatherlinux)11:40 AM\nhttps://discord.gg/sKgupVHaGg\n")))}Tt.isMDXComponent=!0;const St={},Ct="Podman Community Cabal Meeting Notes",Nt=[{value:"November 18, 2021 11:00 a.m. Eastern",id:"november-18-2021-1100-am-eastern",level:2},{value:"November 18, 2021 Topics",id:"november-18-2021-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"Podman.io redesign ( 0:52 in video)",id:"podmanio-redesign--052-in-video",level:3},{value:"Forwarding Play Kube HTTP API ( 24:45 in video)",id:"forwarding-play-kube-http-api--2445-in-video",level:3},{value:"Adding docker.io as default to image name (30:54 in video)",id:"adding-dockerio-as-default-to-image-name-3054-in-video",level:3},{value:"Open discussion ( : in video)",id:"open-discussion---in-video",level:4},{value:"Next Meeting: Thursday December 16, 2021 11:00 a.m. EDT (UTC-5)",id:"next-meeting-thursday-december-16-2021-1100-am-edt-utc-5",level:3},{value:"Possible Topics:",id:"possible-topics",level:3}],Dt={toc:Nt},Pt="wrapper";function xt(e){let{components:t,...n}=e;return(0,ce.kt)(Pt,(0,Q.Z)({},Dt,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("p",null,"Attendees: Tom Sweeney, Aditya Rajan, Matt Heon, Brent Baude, Ashley Cui, Preethi Thomas, Urvashi Mohnani, Eduardo Santiago, Giuseppe Scrivano, Nalin Dahyabhai, Paul Holzinger, Anders Bj\xf6rklund, Dan Walsh, M\xe1ir\xedn Duffy, Michael Scherer, Lokesh Mandvekar, Shion Tanaka, Jhon Honce, Valentin Rothberg, Ed Haynes, Jakub Dzon, James Cassel, Mairin Duffy, Michael Scherer, Scott McCarty, Shion Tanaka, Mehul Arora,"),(0,ce.kt)("h2",{id:"november-18-2021-1100-am-eastern"},"November 18, 2021 11:00 a.m. Eastern"),(0,ce.kt)("h2",{id:"november-18-2021-topics"},"November 18, 2021 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Podman.io redesign - M\xe1ir\xedn Duffy"),(0,ce.kt)("li",{parentName:"ol"},"Forwarding Play Kube HTTP API configmaps query parameter to the container engine - Urvashi Mohnani"),(0,ce.kt)("li",{parentName:"ol"},"Discuss Adding docker.io to unqualified image name - ",(0,ce.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/pull/12321"},"https://github.com/containers/podman/pull/12321"))),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://www.youtube.com/watch?v=y9PxhYF-uNM"},"Recording")),(0,ce.kt)("p",null,"Meeting start: 11:03 a.m. EST Thursday, November 18, 2021"),(0,ce.kt)("h3",{id:"podmanio-redesign--052-in-video"},"Podman.io redesign ( 0:52 in video)"),(0,ce.kt)("p",null,"At this link, use the dropdown in the upper left corner to page through the mockups (they aren't hooked up to be click-thru yet):\n",(0,ce.kt)("a",{parentName:"p",href:"https://design.penpot.app/#/view/c1192050-2619-11ec-bdd0-f35c6ae458e9?page-id=c1192051-2619-11ec-bdd0-f35c6ae458e9&index=0&share-id=554e5be0-2b66-11ec-91a7-f08c5eccf3df"},"https://design.penpot.app/#/view/c1192050-2619-11ec-bdd0-f35c6ae458e9?page-id=c1192051-2619-11ec-bdd0-f35c6ae458e9&index=0&share-id=554e5be0-2b66-11ec-91a7-f08c5eccf3df")),(0,ce.kt)("p",null,"(This is using Penpot.app, an open-source UX tool.)"),(0,ce.kt)("p",null,'GTK as an example site. The main page redesign from some of Dan\'s talks and wondering to herself why would I want to use Podman? Prominent link to the docs, to GitHub, and more. The front page has the focus on "Give it a try". Then additional links to blogs and coloring books.'),(0,ce.kt)("p",null,"Looking for help on how the other tools tie together on the front page."),(0,ce.kt)("p",null,"Leaning toward GitHub pages using AsciiDoc with Jekyll. Might be able to use AsciiDoc to update contributing doc across projects. So you can pull sections from another project perhaps. This is a new process she's still working through."),(0,ce.kt)("p",null,"Showed the community page too, including Code of Conduct, chat, meeting mailing lists. Javascript to show the time zones of the maintainers would be nice. At the bottom, showed how to submit pull requests."),(0,ce.kt)("p",null,"Then she showed the Feature page, showing basic first steps. Getting Started, community page, find a page on the site similar to the one in GitHub."),(0,ce.kt)("p",null,"Shows features of cockpit UI, blog posts, and coloring book."),(0,ce.kt)("p",null,"Another page for folks just starting with Podman"),(0,ce.kt)("p",null,"We might want to add pages for Mac, Windows, and how to use Podman on it."),(0,ce.kt)("h3",{id:"forwarding-play-kube-http-api--2445-in-video"},"Forwarding Play Kube HTTP API ( 24:45 in video)"),(0,ce.kt)("p",null,"PR in question: ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/pull/12243"},"https://github.com/containers/podman/pull/12243")),(0,ce.kt)("p",null,"YAML is not getting cast correctly when sent. Jakub is wondering if the solution proposed to use a configmap is OK per the community. Paul asked how we should send the content to the server."),(0,ce.kt)("p",null,"Currently, it is a configmap that points to files, but Jakub would like to expand."),(0,ce.kt)("p",null,"Jhon likes it better as GoLang and other bindings wouldn't have to jump through many hoops. Brent thinks it's a reasonable approach along with Paul. Jakub will pursue."),(0,ce.kt)("h3",{id:"adding-dockerio-as-default-to-image-name-3054-in-video"},"Adding docker.io as default to image name (30:54 in video)"),(0,ce.kt)("p",null,"PR in question: ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/pull/12321"},"https://github.com/containers/podman/pull/12321")),(0,ce.kt)("p",null,"Michael talked through the PR. Basically, it will add \"docker.io\" if the image doesn't have any in it. This will be the default, if fully qualified, docker.io wouldn't be added."),(0,ce.kt)("p",null,"Docker does this and we're not fully compatible here. The full discussion in the PR at: ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/pull/12321#issuecomment-971412475"},"https://github.com/containers/podman/pull/12321#issuecomment-971412475")),(0,ce.kt)("p",null,"Dan thinks too many people have stumbled across this and doesn't think we should have to have them go to registry.conf to set their default."),(0,ce.kt)("p",null,"Valentin doesn't think we'll ever be compatible with Docker here as we allow aliases for image names. We also need to be compatible with atomic docker and it supports registries. Third, if we change this, we'll break current behavior. Fourth, a huge page to enforce docker.io due to the code structure in c/image. Valentin thinks registries.conf changes are the way to go to address this."),(0,ce.kt)("p",null,"Matt proposed that we should support the docker.io use case. Docker on RHEL doesn't do this. He's suggesting adding a flag in containers.conf to toggle this between adding and not adding docker.io to the image."),(0,ce.kt)("p",null,"Valentin warned this is likely to cause breaking changes in the code as changes in Buildah, Podman, Skopeo, c/image, and more."),(0,ce.kt)("p",null,'If we had "docker.io compat mode" in the system context, that would be the easiest way to get the info down, but it\u2019s still not an insignificant amount of work.'),(0,ce.kt)("p",null,"What's the chance of getting Moby to change their behavior? In the past, changes like that have been slow-moving."),(0,ce.kt)("p",null,"Dan likes the flag idea, but Valentin is concerned that this will be a huge change for a simple idea."),(0,ce.kt)("p",null,"Dan is concerned that if we don't make the change, we'll get bad feedback from users."),(0,ce.kt)("p",null,"We've made decisions in the past to not be compatible in this space."),(0,ce.kt)("p",null,"The consensus is that we want to do the right thing for the user, the hard part is figuring out the way to get this done. How is unknown. Brent doesn't want to implement something too large."),(0,ce.kt)("p",null,'Matt doesn\'t think this will be as bad as Valentin believes. However, build will probably "bad", but create might not be too bad.'),(0,ce.kt)("p",null,"The next step is to look at the compatibility library and see where the place is to do it."),(0,ce.kt)("h4",{id:"open-discussion---in-video"},"Open discussion ( : in video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"None, we ran out of time.")),(0,ce.kt)("h3",{id:"next-meeting-thursday-december-16-2021-1100-am-edt-utc-5"},"Next Meeting: Thursday December 16, 2021 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h3",{id:"possible-topics"},"Possible Topics:"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"})),(0,ce.kt)("p",null,"Raw Meeting Chat:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Brent Baude11:01 AM\nstepping away for a minute\nYou11:01 AM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nValentin Rothberg11:01 AM\n@Dan: I muted you since you gave an echo\nYou11:02 AM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nLokesh Mandvekar11:07 AM\nnew site gonna rock\nChristopher Evich11:08 AM\nYou matched the background water perspective to the icon perspective *wow*\nAnders F Bj\xf6rklund11:08 AM\na common theme between the sites would be nice\ni.e. linking podman and cri-o\nBrent Baude11:09 AM\nare we going to talk about our blogging problem/isssue ?\nMichael Scherer11:10 AM\nOSPO team can also provides openshift hosting, we have a cluster for community project, and so that's just a question of building one or more containers (we did it for project atomic, with 3 git repo combined)\nYou11:16 AM\nhttps://www.youtube.com/channel/UCk8PKFfMXESWNXgGG5U_F_w\nyoutube channel ^^^\nLokesh Mandvekar11:16 AM\nfor IRC link..maybe we can just link to the libera's web ui OR we could just redirect them to the matrix room, call me biased :)\nValentin Rothberg11:22 AM\nA seal eating an apple :)\nUrvashi Mohnani11:28 AM\nhttps://github.com/containers/podman/pull/12243\nValentin Rothberg11:28 AM\nGreat work. I am looking forward to see it in action :)\nYou11:29 AM\nhttps://github.com/containers/podman/pull/12243\nPR under discussion\nM\xe1ir\xedn Duffy11:29 AM\ni'm gonna drop now but feel free to reach out any time w q's / feedback / ideas etc, I'm lurking in the podman matrix room o/\nMichael Scherer11:34 AM\nhttps://github.com/containers/podman/pull/12321\nYou11:34 AM\nhttps://github.com/containers/podman/pull/12321\nMichael Scherer11:36 AM\nhttps://github.com/containers/podman/pull/12321#issuecomment-971412475 so that's the detail\nAnders F Bj\xf6rklund11:42 AM\nwe have big problems with this in minikube, where we try to present a common API towards images from docker, cri-o (podman) and containerd (ctr and buildctl).\nUnfortunately kubernetes has no global policy on how to specify images\nAnders F Bj\xf6rklund11:45 AM\n(also includes other things, like if image ID include a \"sha256:\" prefix or not)\nMatt Heon11:47 AM\nSmall things like that, we should fix\nNo reason not to\nre: sha256 prefix\nAnders F Bj\xf6rklund11:54 AM\ncontainerd is now making the full names more visible to people, if it is any consolation\nBrent Baude11:54 AM\ngreat! but the problem exists in what has historically been set and expected\nAnders F Bj\xf6rklund11:54 AM\n(when people change their kubernetes CRI, from docker/cri-docker over to containerd)\nieq-pxhy-jbh\n")))}xt.isMDXComponent=!0;const Bt={},Et="Podman Community Cabal Meeting Notes",Wt=[{value:"February 17, 2022 11:00 a.m. Eastern",id:"february-17-2022-1100-am-eastern",level:2},{value:"February 17, 2022 Topics",id:"february-17-2022-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"Meta package for manpages, config files - (0:50 in video) - Valentin Rothberg",id:"meta-package-for-manpages-config-files---050-in-video---valentin-rothberg",level:3},{value:"Open discussion (25:30 in video)",id:"open-discussion-2530-in-video",level:4},{value:"Next Meeting: Thursday March 17, 2022 11:00 a.m. EDT (UTC-5)",id:"next-meeting-thursday-march-17-2022-1100-am-edt-utc-5",level:3},{value:"Possible Topics:",id:"possible-topics",level:3}],jt={toc:Wt},Lt="wrapper";function Ht(e){let{components:t,...n}=e;return(0,ce.kt)(Lt,(0,Q.Z)({},jt,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("p",null,"Attendees: Tom Sweeney, Aditya Rajan, Matt Heon, Brent Baude, Ashley Cui, Chris Evich, Urvashi Mohnani, Giuseppe Scrivano, Nalin Dahyabhai, Paul Holzinger, Anders Bj\xf6rklund, Dan Walsh, Valentin Rothberg, Jhon Honce, Miloslav Trma\u010d, Charlie Doern, Lokesh Mandvekar, Oleg Bulatov, Flavian Missi, Niall Crowe, F. Poirotte,"),(0,ce.kt)("h2",{id:"february-17-2022-1100-am-eastern"},"February 17, 2022 11:00 a.m. Eastern"),(0,ce.kt)("h2",{id:"february-17-2022-topics"},"February 17, 2022 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Meta package for manpages, config files - Valentin Rothberg")),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://youtu.be/ysFO1s7h-YE"},"Recording")),(0,ce.kt)("p",null,"The meeting started at 11:02 a.m. Thursday, February 17, 2022"),(0,ce.kt)("h3",{id:"meta-package-for-manpages-config-files---050-in-video---valentin-rothberg"},"Meta package for manpages, config files - (0:50 in video) - Valentin Rothberg"),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/common/issues/925"},"Issue discussed")),(0,ce.kt)("p",null,"The ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/common"},"https://github.com/containers/common")," project is used for man pages, config files, and common files. Used by containers/storage, containers/image, containers/buildah, containers/podman. The containers/common package is pushed out in the containers-common package."),(0,ce.kt)("p",null,"First issue: Hard for downstream packagers to know what and when to package. The common package should only ship with Podman, but it's not transparent to downstream packagers. For them, it's hard to know when to ship, especially since there are four projects of note: c/storage, c/image, c/common, c/crun."),(0,ce.kt)("p",null,"Second issue: We have a high frequency of releases. I.e., recently 5 RC's of Podman. Which caused a lot of churn and problems for an arch-linux packager. The issue is ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/common/issues/925"},"here"),"."),(0,ce.kt)("p",null,"Dan wonders if there's a way to add links to GitHub repos to tie them together. Valentin doesn't think there's a way to do this via GitHub, but possibly via Git itself, and he thinks it might be hairy."),(0,ce.kt)("p",null,"Chris Evich mentioned ",(0,ce.kt)("a",{parentName:"p",href:"https://blog.developer.atlassian.com/the-power-of-git-subtree/?_ga=2-71978451-1385799339-1568044055-1068396449-1567112770"},"git-subtree")),(0,ce.kt)("p",null,"The problem remains if there's a Buildah or Podman that can use a particular version of the files in containers-common. It would be nice to have a packager grab version X of Podman, and that would then get all of the associated packages at the right versions."),(0,ce.kt)("p",null,"Miloslav Trmac suggested adding something to Podman update/create the containers-common package when Podman creates its package. This would require some Makefile work."),(0,ce.kt)("p",null,"Chris thinks there's an option in GitHub to create a tarball, but others pointed out it's only suitable for files in the physical repository."),(0,ce.kt)("p",null,"Currently, we're grabbing things from the main branch, but we should grab from what is listed in the go.mod file."),(0,ce.kt)("p",null,"Dan thinks putting Fedora's script into Podman and then working that back into the Fedora release cycles. It won't fix the issue but will at least make it obvious."),(0,ce.kt)("p",null,"This is something that needs to happen for Buildah and Podman. We don't need to worry about CRI-O as they have a different setup and config files."),(0,ce.kt)("p",null,"Dan and Lokesh will work together to try and make some progress in this space. This will mean moving update.sh, which will be renamed, into Podman."),(0,ce.kt)("p",null,"Another concern has been the number of release candidates we had for Podman v4.0 (5 RC's). This has worked well for the development team but has caused packagers massive headaches."),(0,ce.kt)("p",null,"Ideally, it would be nice if we could create a containers bundle. Lokesh has an upcoming blog that will talk about this too."),(0,ce.kt)("p",null,"Tom would like to make sure we can do an RC release as it helped QE. Valentin pointed out the issue lies in that we're moving along RCs for Podman, but also point releases, rather than RCs for Buildah, Skopeo, etc., which is where the churn is."),(0,ce.kt)("h4",{id:"open-discussion-2530-in-video"},"Open discussion (25:30 in video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"4.0 close to releasing. We are waiting on one last set of tests to finish successfully. Lokesh is working on documentation for netavark and aardvark-dns.")),(0,ce.kt)("p",null,"The network stack will remain on CNI if Podman already exists on a system that Podman v4.0 is installed/upgraded on. If the host has no Podman presence, they will run with the new netavark stack."),(0,ce.kt)("p",null,"The ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman system reset --force")," command should be used if moving up to Podman 4.0 with a host that used Podman v3.0 in the past."),(0,ce.kt)("p",null,"Podman v4.0 will not be in Fedora 35 as it's a breaking change but will be available with Fedora 36. On Fedora 35, you will be able to update from ",(0,ce.kt)("a",{parentName:"p",href:"https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman4/"},"Copr")," if you decide to."),(0,ce.kt)("p",null,"Looking at a week delay until the Mac and Windows versions are available."),(0,ce.kt)("p",null,"A discussion was had on how to handle a downgrade. Most likely, containers and images would have to be removed."),(0,ce.kt)("ol",{start:2},(0,ce.kt)("li",{parentName:"ol"},"Podman desktop update (38:37 in the video)\nDan noted that we're working with the developer on that. Potentially will merge CRC with the desktop. Meetings are coming up next week. Podman Desktop will not be released as part of Podman v4.0. Likely to be synchronized in the Fedora 36 release. The desktop the team is working on in Red Hat is Mac only via a Brew install on the side. This will pull in qemu as well.")),(0,ce.kt)("p",null,"Anders noted that qemu (from brew) has a lot of architectures within it, but that's making it close to a Gigabyte in size."),(0,ce.kt)("p",null,"Virtio-fs has been re-written in rust and can now be run on a Mac. There are two virtio-fs daemons, one in C, the other in Rust. The C version will be going away over time. Looking at Podman 4.2 or 4.3"),(0,ce.kt)("h3",{id:"next-meeting-thursday-march-17-2022-1100-am-edt-utc-5"},"Next Meeting: Thursday March 17, 2022 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h3",{id:"possible-topics"},"Possible Topics:"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"})),(0,ce.kt)("p",null,"Meeting finished 11:49"),(0,ce.kt)("p",null,"Raw Meeting Chat:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},'You11:00 AM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nYou11:02 AM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nValentin Rothberg11:03 AM\nhttps://github.com/containers/common/issues/925\nValentin Rothberg11:10 AM\nhttps://git-scm.com/docs/git-submodule\nChristopher Evich11:11 AM\nThis seems to be the "new" way:\nGiuseppe Scrivano11:11 AM\ncrun is using submodules to track changes to libocispec, and libocispec uses submodules for tracking runtime-spec and image-spec\nChristopher Evich11:11 AM\nhttps://blog.developer.atlassian.com/the-power-of-git-subtree/?_ga=2-71978451-1385799339-1568044055-1068396449-1567112770\n(git subtree)\nAnders F Bj\xf6rklund11:14 AM\nwouldn\'t this use versions ? (tags)\nor is packages building from git these days ?\nLokesh Mandvekar11:15 AM\nusually from tags, but sometimes from git commits\nAnders F Bj\xf6rklund11:16 AM\nbut still tarballs, rather than git clones\nLokesh Mandvekar11:16 AM\nyup, fedora buildsys doesn\'t allow network access\nLokesh Mandvekar11:32 AM\n`rhcontainerbot/podman4`\nhttps://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman4/\nLokesh Mandvekar11:34 AM\nFedora 35 and CentOS 9 Stream users should prefer that if they want the latest podman releases (will include RCs)\nAnders F Bj\xf6rklund11:36 AM\nyup, fedora-coreos-35.20220216.dev.0-qemu.x86_64.qcow2.xz has a "dev" in it\nAnders F Bj\xf6rklund11:39 AM\nand it does have 4.0.0-rc5 in it\nieq-pxhy-jbh\n')))}Ht.isMDXComponent=!0;const Rt={},Ot="Podman Community Meeting Notes",Jt=[{value:"June 7, 2022 11:00 a.m. Eastern (UTC-5)",id:"june-7-2022-1100-am-eastern-utc-5",level:2},{value:"Attendees (27 total)",id:"attendees-27-total",level:3},{value:"Meeting Start: 11:02 a.m. EST",id:"meeting-start-1102-am-est",level:2},{value:"BlueJeans Recording",id:"bluejeans-recording",level:3},{value:"Podman on Windows Update",id:"podman-on-windows-update",level:2},{value:"Jason Greene/Tom Sweeney",id:"jason-greenetom-sweeney",level:3},{value:"(1:04 in the video)",id:"104-in-the-video",level:4},{value:"Podman Desktop Update",id:"podman-desktop-update",level:2},{value:"Florent Benoit",id:"florent-benoit",level:3},{value:"(4:00 in the video)",id:"400-in-the-video",level:4},{value:"Podman Install on MacOS",id:"podman-install-on-macos",level:2},{value:"Gerard Braad",id:"gerard-braad",level:3},{value:"(22:00 in the video)",id:"2200-in-the-video",level:4},{value:"Podman Upcoming Releases Update",id:"podman-upcoming-releases-update",level:2},{value:"Brent Baude",id:"brent-baude",level:3},{value:"(25:10 in the video)",id:"2510-in-the-video",level:4},{value:"Open Forum/Questions?",id:"open-forumquestions",level:2},{value:"(29:00 in the video)",id:"2900-in-the-video",level:4},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday August 2, 2021, 11:00 a.m. Eastern (UTC-5)",id:"next-meeting-tuesday-august-2-2021-1100-am-eastern-utc-5",level:2},{value:"Next Cabal Meeting: Thursday June 16, 2021, 11:00 a.m. Eastern (UTC-5)",id:"next-cabal-meeting-thursday-june-16-2021-1100-am-eastern-utc-5",level:2},{value:"Meeting End: 11:46 a.m. Eastern (UTC-5)",id:"meeting-end-1146-am-eastern-utc-5",level:3},{value:"BlueJeans Chat copy/paste:",id:"bluejeans-chat-copypaste",level:2}],Ft={toc:Jt},Gt="wrapper";function Yt(e){let{components:t,...n}=e;return(0,ce.kt)(Gt,(0,Q.Z)({},Ft,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting-notes"},"Podman Community Meeting Notes"),(0,ce.kt)("h2",{id:"june-7-2022-1100-am-eastern-utc-5"},"June 7, 2022 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"attendees-27-total"},"Attendees (27 total)"),(0,ce.kt)("p",null,"Tom Sweeney, Jhon Honce, Chris Evich, Matt Heon, Ashley Cui, Eduardo Santiago, Valentin Rothberg, Paul Holzinger, Nalin Dahyabhai, Giuseppe Scrivano, Preethi Thomas, Lokesh Mandvekar, Niall Crowe, Charlie Doern, Dan Walsh, Brent Baude, Aditya Rajan, Dev Kumar, Florent Benoit, Gerard Braad, Ionut Stoica, Jake Correnti, Karthik Elango, Mark Russell, Miloslav Trmac, Nalin Dahyabhai, Pavel, Preethi Thomas, Stevan Le Meur, Tim deBoer, Urvashi Mohnani"),(0,ce.kt)("h2",{id:"meeting-start-1102-am-est"},"Meeting Start: 11:02 a.m. EST"),(0,ce.kt)("h3",{id:"bluejeans-recording"},"BlueJeans ",(0,ce.kt)("a",{parentName:"h3",href:"https://www.youtube.com/watch?v=lherM_ah3GU"},"Recording")),(0,ce.kt)("h2",{id:"podman-on-windows-update"},"Podman on Windows Update"),(0,ce.kt)("h3",{id:"jason-greenetom-sweeney"},"Jason Greene/Tom Sweeney"),(0,ce.kt)("h4",{id:"104-in-the-video"},"(1:04 in the video)"),(0,ce.kt)("p",null,"Jason was going to present today but had a recent COVID diagnosis and could not attend. Instead, Tom talked briefly about his recent blog ",(0,ce.kt)("a",{parentName:"p",href:"https://www.redhat.com/sysadmin/run-podman-windows"},"post")," talking about how to install the new Podman Windows installer, which is ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/releases/download/v4.1.0/podman-v4.1.0.msi"},"here")," The Podman YouTube ",(0,ce.kt)("a",{parentName:"p",href:"https://youtube.com/c/Podman"},"channel")," also has a ",(0,ce.kt)("a",{parentName:"p",href:"https://www.youtube.com/watch?v=zHOC5QkhLVw"},"video")," of the process that Tom did to do the installation on Windows. Jason has also created a detailed ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/docs/tutorials/podman-for-windows.md"},"tutorial")," for the installer and the Podman on Windows Client. Hopefully, Jason will be able to present at the next meeting."),(0,ce.kt)("h2",{id:"podman-desktop-update"},"Podman Desktop Update"),(0,ce.kt)("h3",{id:"florent-benoit"},"Florent Benoit"),(0,ce.kt)("h4",{id:"400-in-the-video"},"(4:00 in the video)"),(0,ce.kt)("p",null,"The project is located ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman-desktop"},"here")," on GitHub. The desktop lets you run in Windows or macOS."),(0,ce.kt)("p",null,"Demo - 4:35 in the video"),(0,ce.kt)("p",null,"Showed Gui listing Containers, Images, and Preferences. He was also able to do things on the command line, and they showed up in the desktop. He showed how he could pull an image from quay.io from the desktop."),(0,ce.kt)("p",null,"Some Plugins are also available. He showed one for Podman, and now he can see more details of the images."),(0,ce.kt)("p",null,'The desktop just watches the Podman Socket and is not polling all the time. You can use either rootful or rootless. You can\'t do that through the Desktop, but you can start the "podman machine" as rootful or rootless, and the Desktop will use the one available.'),(0,ce.kt)("p",null,"Currently, the desktop is using a socket, so it might be possible for it to use ssh to use a podman machine on a remote host. A probable future enhancement."),(0,ce.kt)("p",null,"Pods are not currently supported but are part of the future plan as a feature. Need more requests via GitHub to get it a bit more precedence."),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https:/github.com/containers/podman-desktop/wiki/Roadmap"},"Roadmap")," in their Wiki with the features planned. The developers are looking for more help in the development of the tool."),(0,ce.kt)("p",null,"Brent wonders if there was still an open issue about machine events between the Desktop and Podman development teams. Brent will work with the Desktop team to close the loop as he thinks he has a solution."),(0,ce.kt)("h2",{id:"podman-install-on-macos"},"Podman Install on MacOS"),(0,ce.kt)("h3",{id:"gerard-braad"},"Gerard Braad"),(0,ce.kt)("h4",{id:"2200-in-the-video"},"(22:00 in the video)"),(0,ce.kt)("p",null,"Working on a test release on a different repo. Works on M1 and Intel. The current location is ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers-contribs/podman-installer/releases"},"here"),". When complete, it will be part of the regular Podman release and would be added to the assets section in Podman releases."),(0,ce.kt)("h2",{id:"podman-upcoming-releases-update"},"Podman Upcoming Releases Update"),(0,ce.kt)("h3",{id:"brent-baude"},"Brent Baude"),(0,ce.kt)("h4",{id:"2510-in-the-video"},"(25:10 in the video)"),(0,ce.kt)("p",null,'The next Release is v4.2 and likely a 4.1.x prior. Release candidates for v4.2 should be coming out in July with a target of mid-August for a final release. Quite a number of commits already. A lot of bug fixes due to a Red Hat internal bug squish week and "ToDo" fixes in the code. Updates to Podman machine and other enhancements are also included.'),(0,ce.kt)("p",null,"Podman v4.1.1 sometime later this week per Matt Heon."),(0,ce.kt)("h2",{id:"open-forumquestions"},"Open Forum/Questions?"),(0,ce.kt)("h4",{id:"2900-in-the-video"},"(29:00 in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Can you tell when podman machine has an update? Currently no. If you have a new Podman, it will pull machine too. Brent hopes to update GUI later to show an update to the CoreOS image. The dev team knows about this, but it's not a non-trivial fix to make this happen.")),(0,ce.kt)("p",null,"An issue to be created for this, Brent to create. (Issue)","[https://github.com/containers/podman/issues/14514]"),(0,ce.kt)("ol",{start:2},(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Dan has opened a PR against qemu to break it up for different distro needs. This slims down the footprint of the binary. The size went from 40 MB to 4 MB. Bugzilla concerning this ",(0,ce.kt)("a",{parentName:"p",href:"https://bugzilla.redhat.com/show_bug.cgi?id=2061584"},"here"))),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Pavel is having problems with Syslog from Podman. The issue isn't showing errors, and it isn't working. So it's very hard to debug. The issue is in crun and we'll have Giuseppe look into the problem."))),(0,ce.kt)("p",null,"Pavel to update his (discussion](",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/discussions/12693"},"https://github.com/containers/podman/discussions/12693"),")."),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Podman on Mac installer.")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Podman on Windows"))),(0,ce.kt)("h2",{id:"next-meeting-tuesday-august-2-2021-1100-am-eastern-utc-5"},"Next Meeting: Tuesday August 2, 2021, 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h2",{id:"next-cabal-meeting-thursday-june-16-2021-1100-am-eastern-utc-5"},"Next Cabal Meeting: Thursday June 16, 2021, 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"meeting-end-1146-am-eastern-utc-5"},"Meeting End: 11:46 a.m. Eastern (UTC-5)"),(0,ce.kt)("h2",{id:"bluejeans-chat-copypaste"},"BlueJeans Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Me11:00 AM\nhttps://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nStevan Le Meur11:05 AM\nsorry!\nStevan Le Meur11:11 AM\nFeel free to share feedback, issues, ideas on the repository: https://github.com/containers/podman-desktop\nFlorent Benoit11:20 AM\nhttps://github.com/containers/podman-desktop/wiki/Roadmap\nGerard Braad11:21 AM\nit sounbsd like the wrong mic is used\nmuch better!\nGerard Braad11:22 AM\nWould it be possible to also plug something?\nbaude11:23 AM\nplug?\nGerard Braad11:23 AM\nWe have been working on a test release of the Podman installer for macOS (Intel and M1), and would like feedback\nStevan Le Meur11:23 AM\n\ud83d\udc4d\nMe11:23 AM\nSure thing Gerard, do you want to do a quick update after this wraps?\nGerard Braad11:23 AM\nPlease\nbaude11:23 AM\nyes please\nGerard Braad11:24 AM\nhttps://github.com/containers-contribs/podman-installer/releases\n\nWe will propose it this week as a PR, but have experienced some delays on our end.\nGerard Braad11:28 AM\nThank you guys\nionut stoica11:31 AM\nI do have a Q\nCan you know preemptively when a podman machine has update ?\nMicrophone dead! :(\nGerard Braad11:32 AM\nSo this is about a 'Update notification' ?\nionut stoica11:33 AM\nYes, some users wanted to know as they certify their envs and analyze all they bring in\nGerard Braad11:34 AM\nDoes an issue exist to track this?\nLet's create?\nionut stoica11:34 AM\n:) Awesome!\nGerard Braad11:35 AM\nWe have the same issue around CRC for the image. So le's create this and I'll ping you Ionut\nGerard Braad11:38 AM\n@ionut @baude I added an issue for this: https://github.com/containers/podman/issues/14514\nDaniel (rhatdan) Walsh11:39 AM\ntom https://bugzilla.redhat.com/show_bug.cgi?id=2061584\nMe11:39 AM\nthx dan\nMe11:41 AM\nThx Gerard, added it and the BZ to the mtg notes\nGerard Braad11:41 AM\n:+1 Thanks. I remember Baude and I also talked about this particular issue in February or so. It is not an easy problem to solve, but it is worthwhile to collect the issues and possible solutions.\nbaude11:44 AM\ni have to step away\nMe11:44 AM\ngithub.com/podman/discussions\nFlorent Benoit11:44 AM\nhttps://github.com/containers/podman/discussions\nMe11:44 AM\nhttps://github.com/containers/podman/discussions\nMark Russell11:46 AM\nthanks, Tom!\n")))}Yt.isMDXComponent=!0;const Ut={},qt="Podman Community Cabal Meeting Notes",zt=[{value:"November 17, 2022 11:00 a.m. Eastern",id:"november-17-2022-1100-am-eastern",level:2},{value:"November 17, 2022 Topics",id:"november-17-2022-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"Docker Compose Support from the Command Line - (0:55 in the video) - Dan Walsh",id:"docker-compose-support-from-the-command-line---055-in-the-video---dan-walsh",level:3},{value:"Docker Socket helper on macOS enabled by default - (28:50 in the video) - Florent Benoit",id:"docker-socket-helper-on-macos-enabled-by-default---2850-in-the-video---florent-benoit",level:3},{value:"Open discussion (35:30 in the video)",id:"open-discussion-3530-in-the-video",level:4},{value:"Next Meeting: Thursday, December 15, 2022, 11:00 a.m. EDT (UTC-5)",id:"next-meeting-thursday-december-15-2022-1100-am-edt-utc-5",level:3},{value:"December 15, 2022 Topics",id:"december-15-2022-topics",level:2},{value:"Next Community Meeting: Tuesday, December 6, 2022, 11:00 a.m. EDT (UTC-5)",id:"next-community-meeting-tuesday-december-6-2022-1100-am-edt-utc-5",level:3},{value:"Possible Topics:",id:"possible-topics",level:3}],Vt={toc:zt},Kt="wrapper";function Qt(e){let{components:t,...n}=e;return(0,ce.kt)(Kt,(0,Q.Z)({},Vt,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("p",null,"Attendees: Matt Heon, Dan Walsh, Nalin Dahyabhai, Paul Holzinger, Lokesh Mandvekar, Valentin Rothberg, Mohan Boddu, Eduardo Santiago, Giuseppe Scrivano, Aditya Rajan, Urvashi Mohnani, Preethi Thomas, Ashley Cui, Florent Benoit, Martin Jackson, Charlie Drage, Lorenzo Prosseda, Luca Fuse, Steven Le Meur,"),(0,ce.kt)("h2",{id:"november-17-2022-1100-am-eastern"},"November 17, 2022 11:00 a.m. Eastern"),(0,ce.kt)("h2",{id:"november-17-2022-topics"},"November 17, 2022 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Docker Compose Support from the Command Line - Dan Walsh")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Docker Socket helper on macOS enabled by default - Florent Benoit"),(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"(It is enabled by default on Windows but needs an extra step on macOS")))),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://youtu.be/HIzZYPpE304"},"Recording")),(0,ce.kt)("p",null,"Meeting start: 11:02 a.m. Thursday, November 17, 2022"),(0,ce.kt)("h3",{id:"docker-compose-support-from-the-command-line---055-in-the-video---dan-walsh"},"Docker Compose Support from the Command Line - (0:55 in the video) - Dan Walsh"),(0,ce.kt)("p",null,"Podman Desktop is asking to add Docker Compose. The Desktop folks are getting a lot of pull from the community about using Docker Compose from the Desktop."),(0,ce.kt)("p",null,"Stevan believes Rancher supports this based on the container type."),(0,ce.kt)("p",null,"We could do either Podman Compose or vendor in Docker Compose from Docker. We'd need to go to the latest version of Docker Compose with the highest available Golang to make it work with Podman."),(0,ce.kt)("p",null,"Since we have to use client/server services, Dan thinks Docker Compose would be the way to go. Plus, it has good usage by the community. Podman Compose needs further work. Either way, a lot of work is necessary to make it happen."),(0,ce.kt)("p",null,"Martin has been involved with Docker Compose and uses it outside of Podman. He thinks having Docker Compose would be useful. He thinks Kube support would be upgraded for Podman, too, with Docker Compose."),(0,ce.kt)("p",null,"Let's say ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman kube")," does 75% of Docker Compose, but Docker Compose has become the deFacto standard. It's also an easy-to-understand format. Martin prefers it over Kube YAML for ease of use. He feels there would be value in having Docker Compose work under Podman."),(0,ce.kt)("p",null,"The latest Docker Compose has a few new commands that aren't in the Python library. You can run the Docker Compose v2 as standalone, and you don't need Docker to run also. This makes it more likely it could be used by Podman."),(0,ce.kt)("p",null,'Dan would be happiest if we could exec to Docker Compose rather than having to vendor or ingrain it into Podman. Brent is concerned about the reaction of this by our community when we note that Podman claims "Docker Compose" support, and we\'re only shipping the client. This is where the idea of using a plugin for him has come from.'),(0,ce.kt)("p",null,"A plugin would just be a CLI, and Dan is worried about increasing the size of the Podman binary if we do this."),(0,ce.kt)("p",null,"Matt thinks we need to ship the Docker Compose v2 client within the image, and it doesn't need to be integrated into Podman."),(0,ce.kt)("p",null,"We will need to figure out how to make a supported version for RHEL/Red Hat. Currently, if there's a problem with Docker Compose, we report it upstream but don't fix it. Once we ingrain it, the onus comes onto the Red Hat team for RHEL support."),(0,ce.kt)("p",null,"Dan has heard from customers is they are waiting to move to Podman Desktop until Docker Compose functionality is available."),(0,ce.kt)("p",null,"Stevan is documenting these kinds of requests from customers."),(0,ce.kt)("p",null,"Florent wondered which socket, Docker Compose or Podman, would be called. Matt suggests using a symlink from Podman to Docker, but this could be a problem if both were installed."),(0,ce.kt)("p",null,"From a Red Hat perspective, we'll need to get \u201cbuy-in\u201d from our product management team. We'll need to build a case, but that shouldn't be too hard to do. Florent has opened an ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/issues/16548"},"issue")," to address this socket problem."),(0,ce.kt)("p",null,"This is a similar situation to Dockerfile. We need to support all of the functionality there, and once we take on Docker Compose, we'll need to do that there too."),(0,ce.kt)("p",null,"Docker Compose is the last piece of the Docker-controlled container world that Podman does not handle well currently."),(0,ce.kt)("p",null,"Brent thinks that if we can provide Docker Compose support, the community will love it. The hard part will be finding the time to do the work and then support it over time."),(0,ce.kt)("h3",{id:"docker-socket-helper-on-macos-enabled-by-default---2850-in-the-video---florent-benoit"},"Docker Socket helper on macOS enabled by default - (28:50 in the video) - Florent Benoit"),(0,ce.kt)("p",null,"We have a number of people studying Podman and how it's attached to the Podman Socket. It's not working all the time with the Podman Machine in Mac. By default, the Podman socket is mounted for Windows."),(0,ce.kt)("p",null,"In Windows, if it's not finding Docker being mounted, then it mounts the Podman socket. Florent would like to do similar on the mac."),(0,ce.kt)("p",null,"Paul is concerned that the Mac would require root, which is not enabled by default."),(0,ce.kt)("p",null,"Ashley doesn't think root will be needed for this. Homebrew doesn't, so she thinks opt might not need root-level privileges."),(0,ce.kt)("p",null,"Dan suggests that we talk to Gerard to figure out a workaround. We could make the change such that at installation, it would optionally ask for a root password. Florent to open up an ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/issues/16547"},"issue")," against Podman to see if we can move this forward."),(0,ce.kt)("p",null,"On Linux, we shipped Podman-Docker, which takes care of this issue. Docker has a new change in this area, and it may not require root for the socket. Further investigation/study is to be done."),(0,ce.kt)("h4",{id:"open-discussion-3530-in-the-video"},"Open discussion (35:30 in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Issue Triage on Podman. (35:30 in the video)")),(0,ce.kt)("p",null,"Paul has noted an increase of issues reported against much older versions of Podman and issues that are incomplete. In addition, bugs reported against RHEL are being logged as issues rather than Bugzillas, as they should be."),(0,ce.kt)("p",null,"Brent thinks anything against Podman v1 and v2 should just be closed, and the people told to move up to a newer version."),(0,ce.kt)("p",null,'We might add a "unable to reproduce" flag that would close an issue if it was around for 30+ days.'),(0,ce.kt)("p",null,"A robot to ask for the ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman info")," output in an issue would also be nice."),(0,ce.kt)("p",null,"Reporters don't always report the information that's needed to resolve the issue."),(0,ce.kt)("p",null,"It would be nice to have AI that could move GitHub issues that should be discussions automatically."),(0,ce.kt)("p",null,"It would also be nice to block comments on issues that have been closed for several months or more."),(0,ce.kt)("p",null,"Podman Desktop has fields that they use in their issue template. The Podman team will look at what they're doing and see if we can align a bit better. The document is ",(0,ce.kt)("a",{parentName:"p",href:"https://docs.github.com/en/communities/using-templates-to-encourage-useful-issues-and-pull-requests/configuring-issue-templates-for-your-repository#creating-issue-forms"},"here"),". Brent and Mohan will poke at this further."),(0,ce.kt)("ol",{start:2},(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Podman 4.3 update (47:08 in the video)\nAbout three weeks old at this point. A new Podman v4.3.2 will come out sometime in December after an upcoming bug week."),(0,ce.kt)("p",{parentName:"li"},"Then Podman v4.4 RCs are likely to come out in late January.")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},(0,ce.kt)("inlineCode",{parentName:"p"},"podman kube play")," volume issue (48:30 in the video)\nMartin asked about the volume ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/pull/16420"},"issue")," with the ",(0,ce.kt)("inlineCode",{parentName:"p"},"kube play")," command. Podman Kube Play doesn't work with volumes that are associated with the Kube YAML. On restart, the volumes don't work. Team to look at this for Podman v4.4 at the latest."),(0,ce.kt)("p",{parentName:"li"},"Also upcoming in Podman v4.4 is a focus on performance, updates to podman machine, network improvements, podman Kube fixes, quadlet changes, a new ",(0,ce.kt)("inlineCode",{parentName:"p"},"--dns")," selector option, and pasta support."))),(0,ce.kt)("h3",{id:"next-meeting-thursday-december-15-2022-1100-am-edt-utc-5"},"Next Meeting: Thursday, December 15, 2022, 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h2",{id:"december-15-2022-topics"},"December 15, 2022 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"None Suggested")),(0,ce.kt)("h3",{id:"next-community-meeting-tuesday-december-6-2022-1100-am-edt-utc-5"},"Next Community Meeting: Tuesday, December 6, 2022, 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h3",{id:"possible-topics"},"Possible Topics:"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"MinIO Demo - Will Dinyes"),(0,ce.kt)("li",{parentName:"ol"},"Kubernetes Demo -")),(0,ce.kt)("p",null,"Meeting finished at 11:57 a.m."))}Qt.isMDXComponent=!0;const Zt={},_t="Podman Community Cabal Meeting Notes",Xt=[{value:"March 16, 2023 11:00 a.m. Eastern",id:"march-16-2023-1100-am-eastern",level:2},{value:"March 16, 2023 Topics",id:"march-16-2023-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"Podman and SQLite (0:45 in the video) - Matt Heon",id:"podman-and-sqlite-045-in-the-video---matt-heon",level:3},{value:"Hack/Perf Scripts (7:07 in the video) - Valentin Rothberg",id:"hackperf-scripts-707-in-the-video---valentin-rothberg",level:3},{value:"Container Tools (podman) test day (24:15 in the video) - Mohan/Lokesh/Sumantro",id:"container-tools-podman-test-day-2415-in-the-video---mohanlokeshsumantro",level:3},{value:"Open discussion (49:00 in video)",id:"open-discussion-4900-in-video",level:4},{value:"Next Meeting: Thursday, April 20, 2023, 11:00 a.m. EDT (UTC-5)",id:"next-meeting-thursday-april-20-2023-1100-am-edt-utc-5",level:3},{value:"Possible Topics",id:"possible-topics",level:2},{value:"Next Community Meeting: Tuesday, April 4, 2023, 11:00 a.m. EDT (UTC-5)",id:"next-community-meeting-tuesday-april-4-2023-1100-am-edt-utc-5",level:3},{value:"Possible Topics:",id:"possible-topics-1",level:3}],$t={toc:Xt},en="wrapper";function tn(e){let{components:t,...n}=e;return(0,ce.kt)(en,(0,Q.Z)({},$t,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("p",null,"Attendees: Matt Heon, Nalin Dahyabhai, Paul Holzinger, Lokesh Mandvekar, Valentin Rothberg, Eduardo Santiago, Giuseppe Scrivano, Preethi Thomas, Ashley Cui, Brent Baude, Chris Evich, Urvashi Mohnani, Martin Jackson, Mohan Boddu, Lance Lovette, and Sumantro Mukherjee"),(0,ce.kt)("h2",{id:"march-16-2023-1100-am-eastern"},"March 16, 2023 11:00 a.m. Eastern"),(0,ce.kt)("h2",{id:"march-16-2023-topics"},"March 16, 2023 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Podman and SQLite - Matt Heon"),(0,ce.kt)("li",{parentName:"ol"},"Hack/Perf scripts - Valentin Rothberg"),(0,ce.kt)("li",{parentName:"ol"},"Container Tools (podman) test day - Mohan/Lokesh/Sumantro")),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://youtu.be/k_88s2RQm5Q"},"Recording")),(0,ce.kt)("p",null,"Meeting start 11:03 a.m. EDT Thursday, March 16, 2023"),(0,ce.kt)("h3",{id:"podman-and-sqlite-045-in-the-video---matt-heon"},"Podman and SQLite (0:45 in the video) - Matt Heon"),(0,ce.kt)("p",null,'BoltDB is used currently as the database engine for Podman. We have encountered issues with BoltDB and discovered that BoltDB, for all intents and purposes, is no longer supported. The database can be corrupted after a power outage if the timing is badly "right".'),(0,ce.kt)("p",null,"Matt has looked into SQLite and has worked up replacement routines. By default, starting in August, new Podman installs will get SQLite. Later, the BoltDB databases may be converted, method TBD."),(0,ce.kt)("p",null,"So far, a slight performance increase with SQLite, a 30 to 40-millisecond speed up with container commands."),(0,ce.kt)("p",null,"Nothing for the user to do, except maybe initialize a database conversion routine."),(0,ce.kt)("p",null,"This should be out in Podman v4.5."),(0,ce.kt)("p",null,"Currently, the plan is to have ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman system reset")," clear the database, and scripts are being looked into also, but no promises. Matt thinks he'll keep BoltDB around for at least a year."),(0,ce.kt)("h3",{id:"hackperf-scripts-707-in-the-video---valentin-rothberg"},"Hack/Perf Scripts (7:07 in the video) - Valentin Rothberg"),(0,ce.kt)("p",null,"Showed a configurable script that drives the test. It uses ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/sharkdp/hyperfine"},"Hyperfine"),". It shows the output of a variety of Docker and Podman commands."),(0,ce.kt)("p",null,'The script consists of a "prepare" command to set things up in advance, but it does not have a post-test run process capability.'),(0,ce.kt)("p",null,"The scripts are under ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/tree/main/hack/perf"},"hack/perf")," on GitHub; contributions are gratefully accepted."),(0,ce.kt)("p",null,"Brent asked if you could run just one engine? No, these scripts are written in mind to compare two engines. But the scripts could be modified; or new ones created to work with just one engine."),(0,ce.kt)("p",null,"For cleanup, Valentin put procedures in the startup scripts."),(0,ce.kt)("p",null,"Dan thinks it would be nice to have a run.sh to feed commands into the test to check on those particular commands. Valentin likes the idea, but for cleaning/setting stuff up as you should do for a perf test, Valentin found the scripts to be easier to handle."),(0,ce.kt)("p",null,"Dan would like to be able to flop the order of Docker and Podman runs. He thinks the kernel may pre-load stuff that sometimes makes the second engine faster."),(0,ce.kt)("p",null,"This is helpful for not only comparing Docker/Podman but also different versions of Podman."),(0,ce.kt)("h3",{id:"container-tools-podman-test-day-2415-in-the-video---mohanlokeshsumantro"},"Container Tools (podman) test day (24:15 in the video) - Mohan/Lokesh/Sumantro"),(0,ce.kt)("p",null,"Similar to Fedora test days. He does FCOS test days and wants to add a cycle for when Podman has a new version to test."),(0,ce.kt)("p",null,"As a requirement, we need to get Podman latest into FCOS so the team could run the tests with it."),(0,ce.kt)("p",null,"They could grab Podman packages from the Fedora Test systems before it goes to stable."),(0,ce.kt)("p",null,"Generally, Podman releases every two months in general, with Release Candidates two weeks prior."),(0,ce.kt)("p",null,"The biggest one for us is install testing. Matt thinks running our system tests on FCOS would be good, but Brent thinks that environment might be challenging due to the packages that would have to be added to the FCOS image. Sumantro said we could instead use Workstation for the test."),(0,ce.kt)("p",null,"Generally, FCOS is used as a server, while FCOS workstation is more client-side."),(0,ce.kt)("p",null,"Paul is unsure of the advantage of running system tests in this environment. He thinks it would be better if we had users running tests rather than automated ones."),(0,ce.kt)("p",null,"Lokesh would prefer to start this in the second week of April or later."),(0,ce.kt)("p",null,"Mohan asked if they can do performance testing as well. An example test ",(0,ce.kt)("a",{parentName:"p",href:"https://testdays.fedoraproject.org/events/152"},"app"),". Sumantro could write stuff up and maintain it. We could potentially use Valentin\u2019s tests, but we need to figure out how to determine baselines and retain them."),(0,ce.kt)("p",null,"Mohan also asked if multiple architectures could be tested. The challenge here is to find the machines that can be used."),(0,ce.kt)("p",null,"Chris pointed out that along with the test results, we need to capture the system setup, down to the kernel versions that were in play."),(0,ce.kt)("p",null,"Dan noted that we don't alway get our release notes out in a timely manner, and we should in order to help this testing. The issue with that is the time necessary to put the notes together. Building a chopped version more quickly might be doable, but will need investigation. We should at least be able to get a list of issues out more quickly."),(0,ce.kt)("p",null,"Paul thinks it would not be a problem to run a benchmark with a before version and then the test version of Podman."),(0,ce.kt)("p",null,"FYI, here's a ",(0,ce.kt)("a",{parentName:"p",href:"https://fedoraproject.org/wiki/QA:Testcase_Podman"},"Podman Test Case")," that was used in the past."),(0,ce.kt)("p",null,"As far as ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman machine")," goes, we could test on FCOS Workstation, then the testing would be useful and valuable."),(0,ce.kt)("p",null,"Mohan wondered if they had any Mac/Windows based testing. They do have some, that can be used."),(0,ce.kt)("p",null,"Paul noted the big thing is writing up the test cases to see what should be tested. Most of the CI is for regression testing only. He suggests that we might ask people provide test cases within a Pull Request statement."),(0,ce.kt)("p",null,"What is the next steps for moving forward with this?",(0,ce.kt)("br",{parentName:"p"}),"\n","Sumantro needs a pointer to tests that are not covered. He could do so via issues on the GitHub. Targeting mid-April for the first test run."),(0,ce.kt)("h4",{id:"open-discussion-4900-in-video"},"Open discussion (49:00 in video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Lance asked how the port works between the mac, machine and the container. If he publishes the port, it seems to be exposed on the mac. He wants to know if he can connect the port to the podman machine directly rather than the mac. Paul says not doable now, but we can take a feature request in GitHub and will publsh it."),(0,ce.kt)("p",{parentName:"li"},"Brent asked if he wanted to publish the port beyond the machine or did he just want to hit it from the mac. Slirpnetns or passt is a bit of a black hole, and you throw something in there, then it comes out where we told it to, and it's hard to select it. The problem is your running rootless, so there are limitations."),(0,ce.kt)("p",{parentName:"li"},"The virtual machine is isolated from the MacOS, ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/gvisor-tap-vsock"},"gvproxy")," is the glue that lets you do port handling."),(0,ce.kt)("p",{parentName:"li"},"You will need root privs not only in the 'podman machine vm' but also on the MacOS."),(0,ce.kt)("p",{parentName:"li"},(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/gvisor-tap-vsock"},"gvproxy")," is under containers on GitHub, and we contribute it."),(0,ce.kt)("p",{parentName:"li"},"This ",(0,ce.kt)("a",{parentName:"p",href:"https://www.redhat.com/sysadmin/run-containers-mac-podman"},"article")," was helpful to Lance for all of this."))),(0,ce.kt)("p",null,"2) Brent asked if ssh keys need to be encrypted in the view of others. A ",(0,ce.kt)("a",{parentName:"p",href:"https://www.redhat.com/sysadmin/run-containers-mac-podman"},"Discussion")," was started in GitHub. We had one request recently and we're leaning towards doing keychain, but there's been several challenges with that."),(0,ce.kt)("p",null," If they used encrypted keys, the user would be prompted for the password with every command. Adding a key to the key ring has proven to be challenging. Paul thinks this can be done securely with ssh, Brent asked Paul to write up a proposal for the changes he's suggesting. The user may run into issue when dealing with keys for the podman machine. Brent is trying to figure out the amount of work for it all."),(0,ce.kt)("h3",{id:"next-meeting-thursday-april-20-2023-1100-am-edt-utc-5"},"Next Meeting: Thursday, April 20, 2023, 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h2",{id:"possible-topics"},"Possible Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"None discussed")),(0,ce.kt)("h3",{id:"next-community-meeting-tuesday-april-4-2023-1100-am-edt-utc-5"},"Next Community Meeting: Tuesday, April 4, 2023, 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h3",{id:"possible-topics-1"},"Possible Topics:"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"None discussed")),(0,ce.kt)("p",null,"Meeting finished 12:08 p.m."),(0,ce.kt)("p",null,"Raw Meeting Chat:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"You\n11:02\u202fAM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nMartin Jackson\n11:11\u202fAM\nI think the speedup was in milli-seconds, not micro-seconds? Perhaps I misheard\nMatt Heon\n11:11\u202fAM\nYeah, milliseconds\nYou\n11:12\u202fAM\nThanks for the touch up.\nMatt Heon\n11:12\u202fAM\nDB writes are ~2x as fast with SQLite. Reads are a bit slower, but those only take tens of microseconds, so it doesn't really matter.\nWrites being ~5ms for SQLite versus ~10ms for Bolt. Most of which is fsync.\nMohan Boddu\n11:19\u202fAM\nSomeone at the door, bbiab\nMohan Boddu\n11:27\u202fAM\nback\nYou\n11:29\u202fAM\nValentin, have you shared the hack/perf scripts with Yiqiao and the rest of the QE team?\nValentin Rothberg\n11:29\u202fAM\n@Tom, no, I didn't share them with QE. But I see where you're going. It's probably a good idea to let them know.\nPreethi Thomas\n11:35\u202fAM\nYou may have already talked about it as I a only half listening. How about podman-machine/podman-remote tests on FCOS?\nSumantro Mukherjee\n11:36\u202fAM\nhttps://testdays.fedoraproject.org/events/152\nSumantro Mukherjee\n11:44\u202fAM\nhttps://fedoraproject.org/wiki/QA:Testcase_Podman\nPaul Holzinger\n11:52\u202fAM\ngit log --all --grep='\\[NO NEW TESTS NEEDED\\]'\nBrent Baude\n11:52\u202fAM\ni have a question as well\nLokesh Mandvekar\n11:53\u202fAM\nbtw, if someone can back me up on the rpm side, then we don't need to wait for me to get back\nMatt Heon\n11:54\u202fAM\nCould we route the Podman subnet from OS X to the VM? That would let (root) containers be accessed directly from OS X\nLance Lovette\n12:01\u202fPM\nhttps://www.redhat.com/sysadmin/run-containers-mac-podman\nYou\n12:01\u202fPM\nTY!\nBrent Baude\n12:01\u202fPM\nhttps://github.com/containers/podman/discussions/17795\n")))}tn.isMDXComponent=!0;const nn={},an="Podman Community Meeting",on=[{value:"December 1, 2020 11:00 a.m. Eastern (UTC-5)",id:"december-1-2020-1100-am-eastern-utc-5",level:2},{value:"Attendees (35 total)",id:"attendees-35-total",level:3},{value:"Meeting Start: 11:03 a.m.",id:"meeting-start-1103-am",level:2},{value:"BlueJeans Recording",id:"bluejeans-recording",level:3},{value:"Introducing Network Aliases",id:"introducing-network-aliases",level:2},{value:"Matt Heon",id:"matt-heon",level:3},{value:"(1:50 in the video)",id:"150-in-the-video",level:4},{value:"Podman Split Brain API",id:"podman-split-brain-api",level:2},{value:"Jhon Honce",id:"jhon-honce",level:3},{value:"(12:33 in the video)",id:"1233-in-the-video",level:4},{value:"Demo containers.conf usage",id:"demo-containersconf-usage",level:2},{value:"Dan Walsh",id:"dan-walsh",level:3},{value:"(22:34 in video)",id:"2234-in-video",level:4},{value:"Podman development update",id:"podman-development-update",level:2},{value:"Brent Baude",id:"brent-baude",level:3},{value:"(38:30 in the video)",id:"3830-in-the-video",level:4},{value:"Discussion on a Podman forum.",id:"discussion-on-a-podman-forum",level:2},{value:"(44:28 in the video)",id:"4428-in-the-video",level:4},{value:"Any pain points?",id:"any-pain-points",level:2},{value:"(49:19 in the video)",id:"4919-in-the-video",level:4},{value:"systemd discussion",id:"systemd-discussion",level:2},{value:"(51:19 in the video)",id:"5119-in-the-video",level:4},{value:"Questions?",id:"questions",level:2},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"NOTE no January meeting.",id:"note-no-january-meeting",level:3},{value:"(54:03 in the video)",id:"5403-in-the-video",level:4},{value:"Next Meeting: Tuesday February 2, 2020, 11:00 a.m. Eastern (UTC-5)",id:"next-meeting-tuesday-february-2-2020-1100-am-eastern-utc-5",level:2},{value:"Meeting End: 12:03 p.m. Eastern (UTC-5)",id:"meeting-end-1203-pm-eastern-utc-5",level:3},{value:"BlueJeans Chat copy/paste:",id:"bluejeans-chat-copypaste",level:2}],sn={toc:on},rn="wrapper";function ln(e){let{components:t,...n}=e;return(0,ce.kt)(rn,(0,Q.Z)({},sn,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting"},"Podman Community Meeting"),(0,ce.kt)("h2",{id:"december-1-2020-1100-am-eastern-utc-5"},"December 1, 2020 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"attendees-35-total"},"Attendees (35 total)"),(0,ce.kt)("p",null,"Tom Sweeney, Brent Baude, Jhon Honce, Reinhard Tartler, Dan Walsh, Chris Evich, Lokesh Mandvekar, Anders Bj\xf6rklund, Greg Shomo, Urvashi Mohnani, Nalin Dahyabhai, Qi Wang, Eduardo Santiago, Ed Haynes, Sally O'Malley, James Cassell, Scott McCarty, Christian Felder, Valentin Rothberg, Christian Korneck, Neal Gompa, Brian Smith, Giuseppe Scrivano, Joe Crist, Joe Doss, Miloslav Trmac, Pablo Greco, Parker Van Roy, Peter Hunt, Preethi Thomas, James Ault"),(0,ce.kt)("h2",{id:"meeting-start-1103-am"},"Meeting Start: 11:03 a.m."),(0,ce.kt)("h3",{id:"bluejeans-recording"},"BlueJeans ",(0,ce.kt)("a",{parentName:"h3",href:"https://bluejeans.com/s/aOaqCoRSJB4/"},"Recording")),(0,ce.kt)("h2",{id:"introducing-network-aliases"},"Introducing Network Aliases"),(0,ce.kt)("h3",{id:"matt-heon"},"Matt Heon"),(0,ce.kt)("h4",{id:"150-in-the-video"},"(1:50 in the video)"),(0,ce.kt)("p",null,"Podman v2.2 came out last night. Network connect lets you take an existing container and will let you connect to another containers network."),(0,ce.kt)("p",null,"Still limited, calling it initial support."),(0,ce.kt)("p",null,"Second thing is network aliases. Podman allows you to access other containers by its name. Supported since v1.6. Useful for database container and a http container that you want to talk to. Network alias allows you to add further names to the containers to make it even easier to communicate with."),(0,ce.kt)("p",null,"A new ",(0,ce.kt)("inlineCode",{parentName:"p"},"dnsname")," plugin is required. Existing networks from ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman network connect")," are not compatible as-is but are simple to upgrade (small change to their config)."),(0,ce.kt)("p",null,"Matt started a demo (",(0,ce.kt)("a",{parentName:"p",href:"https://asciinema.org/a/376554"},"https://asciinema.org/a/376554"),") ",(0,ce.kt)("strong",{parentName:"p"},"(4:59 in the video)"),"."),(0,ce.kt)("p",null,"The demo showed how you can use either the name of the container or its newly established alias to do a run command against."),(0,ce.kt)("p",null,"He then demo'd setting up a network connection."),(0,ce.kt)("h2",{id:"podman-split-brain-api"},"Podman Split Brain API"),(0,ce.kt)("h3",{id:"jhon-honce"},"Jhon Honce"),(0,ce.kt)("h4",{id:"1233-in-the-video"},"(12:33 in the video)"),(0,ce.kt)("p",null,"Community was resistant to a new API that differed greatly from Docker. Podman v2.0 featured API v2.0.x. Split brain comes form DNS split brain . We have an api that is Docker compatible and one that is not. The two trees are versioned independently."),(0,ce.kt)("p",null,"Moving to Podman and API v3.X for both in the near future. We needed improvements especially in newlines where we've run into issues with v2.0. V3.0 will complete more of the compatibility resources. It will add new commands such as network connect and disconnect. Also removal of the varlink API which will cause the size of the binary to be slimmed down."),(0,ce.kt)("p",null,"Brent also talked about slimming down other areas of Podman as well in v3.0. Dan pointed out the help that the community has provided in tuning the API."),(0,ce.kt)("p",null,"See ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/tree/main/test/apiv2/rest_api"},"API tests using python requests library")," for examples."),(0,ce.kt)("h2",{id:"demo-containersconf-usage"},"Demo containers.conf usage"),(0,ce.kt)("h3",{id:"dan-walsh"},"Dan Walsh"),(0,ce.kt)("h4",{id:"2234-in-video"},"(22:34 in video)"),(0,ce.kt)("p",null,"Dan talked about containers.conf which will allow for users to change the default settings for the container engine on the host."),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"/usr/share/containers/containers.conf is the main file to use."),(0,ce.kt)("li",{parentName:"ul"},"/etc/containers/containers.conf is the secondary file which an admin can use to change for all container projects (Buildah, Podman, Skopeo, etc.)"),(0,ce.kt)("li",{parentName:"ul"},"$HOME/.config/containers/containers.conf is used by an individual user to configure their rootless containers.")),(0,ce.kt)("p",null,"The containers.conf file allows for sysctl to be configured/toggled. There are many options within the files."),(0,ce.kt)("p",null,"Does rootless ignore the /etc/containers/containers.conf version? It does not per Dan."),(0,ce.kt)("p",null,"Neal Gompa asked if we could provide a containers.conf.d similar to registries.conf.d which makes it even easier to tailor. Dan said it's been thought about and we'd be amiable to it being included."),(0,ce.kt)("p",null,"Dan then did a demo."),(0,ce.kt)("p",null,"HPC had massive amounts of containers and want to set up defaults. A blog is in the works."),(0,ce.kt)("p",null,"James Cassell asked about libpod.conf. It's gone away and been replaced by containers.conf."),(0,ce.kt)("h2",{id:"podman-development-update"},"Podman development update"),(0,ce.kt)("h3",{id:"brent-baude"},"Brent Baude"),(0,ce.kt)("h4",{id:"3830-in-the-video"},"(38:30 in the video)"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("p",{parentName:"li"},"Podman v2.2 was just cut yesterday Nov 30, 2020 and upstream was switched to v3.0 development. Varlink was removed from Fedora 33 which will have Podman 3.0. Fedora 32 will not have Podman v3.0.")),(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("p",{parentName:"li"},"Podman 2.1.1 will be in RHEL 8.3.1 to be released in Feb 2021, and RHEL 8.4 in May 2021 will have Podman v3.0.")),(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("p",{parentName:"li"},"The Debian and Ubuntu distro packages currently ship with varlink enabled at build time, and ship with systemd units."))),(0,ce.kt)("h2",{id:"discussion-on-a-podman-forum"},"Discussion on a Podman forum."),(0,ce.kt)("h4",{id:"4428-in-the-video"},"(44:28 in the video)"),(0,ce.kt)("p",null,"Joe Doss suggested a Podman category on this forum: ",(0,ce.kt)("a",{parentName:"p",href:"https://discussion.fedoraproject.org/c/server/coreos/5"},"https://discussion.fedoraproject.org/c/server/coreos/5")," like FCOS?\nTom Sweeney pointed out there is a podman wiki and the mailing list. Thought was expanding the wiki would be useful. Matt Heon would like a place to document what people are doing and how which would probably fit well with a forum or a Wiki. Tom Sweeney to look into setting up a forum in the fedoraproject.org site."),(0,ce.kt)("h2",{id:"any-pain-points"},"Any pain points?"),(0,ce.kt)("h4",{id:"4919-in-the-video"},"(49:19 in the video)"),(0,ce.kt)("p",null,"Brent Baude asked the attendees if they had any pain points with Podman:"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("p",{parentName:"li"},"--cache-from on image building, huge pain not having that.")),(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("p",{parentName:"li"},"jitsi-meet and k3d working in podman?")),(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("p",{parentName:"li"},"we would certainly like to see integration between podman and MPI versions: e.g. mpirun podman imagename to launch a job on some HPC nodes in a rootless podman environment....")),(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("p",{parentName:"li"},"Has cgroup functionaly matured more, especially with systemd. This is still ongoing.")),(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("p",{parentName:"li"},"handling ",(0,ce.kt)("inlineCode",{parentName:"p"},"isDeaultGateway")," properly in podman network create (currenlty it is hard-coded to false in NewHostLocalBridge) - I already created an issue ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/issues/8483"},"#8483")))),(0,ce.kt)("h2",{id:"systemd-discussion"},"systemd discussion"),(0,ce.kt)("h4",{id:"5119-in-the-video"},"(51:19 in the video)"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Joe Doss asked if the interaction between Podman and systemd in regards to cgroups is in a mature state? He's had issues with rootless Podman and systemd. Matt Heon said work has been done, but more work needed.\n\nValentin noted that \"how to\" run a rootless container with systemd is documented in the man pages, but it's not always the greatest place to find info. More blogs and how-tos would be nice to have, from both Red Hat and the community.\n\nA blog post with example config files for this example (running a rootless container with systemd) would be excellent...\n")),(0,ce.kt)("h2",{id:"questions"},"Questions?"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"James Cassell asked about how libpod.conf is handled. In v2.0 we swapped out the default reading order so containers.conf is now read first. The libpod.conf file is still supported, but it is suggested to move to containers.conf which is used by more projects (Buildah, Skopeo) other than Podman. We may drop it in v3.0, something to discuss by the development team."),(0,ce.kt)("li",{parentName:"ul"},"If a containers.conf has specified a volume, but it doesn't exist? The intent of the question was a way to have a container disable parts of containers.conf (or all of it) and not obey global configuration. This is not presently possible - containers.conf is intended to be a global configuration for all containers. It is possible to override individual settings manually, or for a specific user by adding a containers.conf for the user. We may reevaluate this in the future."),(0,ce.kt)("li",{parentName:"ul"},"Is there a way to send a particular option to a particular container using this (containers.conf)? We don't currently have a way to do that specifically at this time.")),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("h3",{id:"note-no-january-meeting"},(0,ce.kt)("strong",{parentName:"h3"},"NOTE")," no January meeting."),(0,ce.kt)("h4",{id:"5403-in-the-video"},"(54:03 in the video)"),(0,ce.kt)("p",null,"Two Proposed Topics:"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"systemd with containers - Valentin Rothberg"),(0,ce.kt)("li",{parentName:"ul"},"Docker compose with Podman - Brent Baude")),(0,ce.kt)("h2",{id:"next-meeting-tuesday-february-2-2020-1100-am-eastern-utc-5"},"Next Meeting: Tuesday February 2, 2020, 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"meeting-end-1203-pm-eastern-utc-5"},"Meeting End: 12:03 p.m. Eastern (UTC-5)"),(0,ce.kt)("h2",{id:"bluejeans-chat-copypaste"},"BlueJeans Chat copy/paste:"),(0,ce.kt)("p",null,(0,ce.kt)("strong",{parentName:"p"},"Note:")," Many thanks to James Cassell for capturing the Bluejeans chat!"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Tom Sweeney10:56 AM\nPlease sign in at HackMD: https://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nMe11:08 AM\nyes\nGuest 511:14 AM\nso the alias is for a hostname or networks? -- I'm confused on what exactly is aliased.\nBrent Baude11:14 AM\nyes\nmheon11:14 AM\nIt's basically a DNS CNAME\nGuest 511:14 AM\nbut it is bound to the network. So if the container gets disconnected, the alias is dangling?\nmheon11:15 AM\nThe alias is removed from the container when we disconnect\nGuest 511:15 AM\nthanks!\nmheon11:16 AM\nhttps://asciinema.org/a/376554\nMe11:16 AM\nlooks like 2.1.1 is the newest available in updates-testing on Fedora 33\nDaniel (rhatdan) Walsh11:16 AM\nI saw it this morning.\nBrent Baude11:16 AM\npodman-2.2.0-1.fc32 and fc33 just built\nDaniel (rhatdan) Walsh11:17 AM\nkoji latest-pkg f33-updates-candidate podman\nMe11:17 AM\ngreat! probably hasn't made it to the mirrors yet\nBrent Baude11:17 AM\nit needs bodhi first\nhttps://bodhi.fedoraproject.org/updates/FEDORA-2020-fd0574be76\nNeal Gompa11:17 AM\nhey all!\nBrent Baude11:17 AM\nhttps://bodhi.fedoraproject.org/updates/FEDORA-2020-c9a8fdbd34\nafbjorklund11:17 AM\npodman 2.2.0 is out for ubuntu (ironically enough)\nNeal Gompa11:18 AM\nwell, not for stable releases :)\nand not in the official repos\neven hirsute still only has podman 2.0.6\nafbjorklund11:18 AM\nWill there be a 2.1.2 ?\nBrent Baude11:19 AM\nno\nDaniel (rhatdan) Walsh11:19 AM\nMaster branch is now on 3.0-devel\nBrent Baude11:19 AM\nlets talk versions in wrap up?\nMe11:19 AM\npodman 2.2.0 has buildah 1.18?\nmheon11:20 AM\nYes - 1.18.0\nJoe Doss11:22 AM\n100% agree Neal\nMe11:29 AM\nDoes rootless ignore the /etc/containers/containers.conf version?\nMe11:35 AM\nlibpod.conf?\nGuest 511:35 AM\nhow to disable options on the command-line that are specified in the configuration file?\nJoe Doss11:36 AM\nOnline Documentation on containers.conf?\nBrent Baude11:36 AM\ncmds overrule conf files\nGuest 511:36 AM\nExample: if containers.conf is specifying some volume, but I have a usecase where that must not exist?\nah, ok. makes sense\nMe11:36 AM\nthanks! containers.conf sounds great\nMe11:37 AM\n\"WARN[0000] Found deprecated file /etc/containers/libpod.conf, please remove. Use /etc/containers/containers.conf to override defaults.\"\nGuest 511:39 AM\naah, thanks for the clarification. the distinction between appendable and non-appendable option wasn't obvious to me\nGuest 511:41 AM\nfor clarity, it was an explorative question, I don't have a specific use-case in mind\nGuest 511:45 AM\ndebian does right now (for better or worse)\nubuntu is following debian\nI'd love to drop it, but evidently, nomad-podman is still depending on it\nPablo Greco11:46 AM\ndid I understand correctly, there won't be podman 2.2.x in RHEL?\nChristian Korneck11:47 AM\nunrelated general question: I kind of miss an equivalent to the Docker Forum for Podman where users can exchange about their Podman usage. Stuff that can get verbose. (I think github issues are more dev related?). Would it maybe make sense to create some forum (i.e. by enabling github discussions on the gh repo)?\nBrent Baude11:47 AM\ngood question\nlets talk about it\nMe11:48 AM\nmailing list\nafbjorklund11:48 AM\nWe talked about it last meeting, but podman-machine and minikube were both using varlink. Currently frozen at podman 1.9.3\nMinikube now also supports podman2, so it will use whatever version is on the server (actually looks for \"varlink\" binary)\nChristian Korneck11:49 AM\nok, let me try and jump on the mailinglist :)\nNeal Gompa11:49 AM\nhttps://lists.podman.io\nUwe11:49 AM\nThe list is fine\nJoe Doss11:50 AM\n+1 on a single source of truth for online docs.\nNeal Gompa11:50 AM\ngotta jump off, bye y'all\nJoe Doss11:50 AM\nBye Neal\nafbjorklund11:51 AM\nI have three audio dials\nJoe Doss11:52 AM\nRegarding a forum Maybe a Podman category on https://discussion.fedoraproject.org/c/server/coreos/5 like FCOS?\nmheon11:53 AM\nWe definitely do get questions there\nJoe Doss11:53 AM\nwould be a fast and easy way to get community discussion going for Podman that is not a mailing list.\n--cache-from on image building\nhuge pain not having that.\nGuest 511:54 AM\njitsi-meet and k3d working in podman ? ;-)\nwould be my pet peeves :-)\nJA11:54 AM\nwe would certainly like to see integration between podman and MPI versions: e.g. mpirun podman imagename to launch a job on some HPC nodes....\nPablo Greco11:55 AM\nDan, nnow that gitlab-runner works, it is for me ;)\nChristian Felder11:55 AM\nhandling ``isDeaultGateway`` properly in podman network create (currenlty it is hard-coded to false in NewHostLocalBridge) - I already created an issue #8483\nBrent Baude11:56 AM\nyup got that\nJA11:57 AM\nin a rootless-podman environment...\nMe11:57 AM\nCOPY between stages in multi-stage build seems to hash every file, even if neither of the previous stages changed, which slows down cached rebuilds\nPablo Greco11:57 AM\nNeed to go, $work meeting, thanks!\nafbjorklund11:58 AM\nAbout k3d: do have crio-in-podman running with minikube (even with podman v2)\nJA12:01 PM\na blog post with example config files for this example (running a rootless container with systemd) would be excellent...\nGuest 512:03 PM\nI agree with Joe!\nGreg Shomo (Northeastern)12:03 PM\nthank you all for your time && have a good one\nJoe Doss12:03 PM\nThanks folks\nChristian Felder12:03 PM\nThanks!\nUwe12:04 PM\nthanks, cu\nTom Sweeney12:08 PM\nJames Cassell if you're still on line, could you cut/paste the bluejeans chat into the bottom of the hackmd please?\nDitto anyone else who may still be here.\nMe12:12 PM\nyes, will do\n")))}ln.isMDXComponent=!0;const hn={},dn="Podman Community Meeting",un=[{value:"June 1, 2021 11:00 a.m. Eastern (UTC-4)",id:"june-1-2021-1100-am-eastern-utc-4",level:2},{value:"Attendees (24 total)",id:"attendees-24-total",level:3},{value:"Meeting Start: 11:03 a.m.",id:"meeting-start-1103-am",level:2},{value:"BlueJeans Recording",id:"bluejeans-recording",level:3},{value:"General Announcements",id:"general-announcements",level:2},{value:"Tom Sweeney",id:"tom-sweeney",level:3},{value:"Podman and TYE",id:"podman-and-tye",level:2},{value:"Tom Deseyn",id:"tom-deseyn",level:3},{value:"(3:00 in the video)",id:"300-in-the-video",level:4},{value:"Slides",id:"slides",level:4},{value:"Podman v3.2.0 Updates",id:"podman-v320-updates",level:2},{value:"Matt Heon",id:"matt-heon",level:3},{value:"(15:50 in the video)",id:"1550-in-the-video",level:4},{value:"Podman in Kubernetes",id:"podman-in-kubernetes",level:2},{value:"Urvashi Mohnani",id:"urvashi-mohnani",level:3},{value:"(20:18 in the video)",id:"2018-in-the-video",level:4},{value:"Podman Machine Updates",id:"podman-machine-updates",level:2},{value:"Brent Baude",id:"brent-baude",level:3},{value:"(32:00 in the video)",id:"3200-in-the-video",level:4},{value:"Slides",id:"slides-1",level:4},{value:"Questions?",id:"questions",level:2},{value:"(38:44) in the video)",id:"3844-in-the-video",level:4},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday August 3, 2021, 11:00 a.m. Eastern (UTC-4)",id:"next-meeting-tuesday-august-3-2021-1100-am-eastern-utc-4",level:2},{value:"Meeting End: 11:57 a.m. Eastern (UTC-4)",id:"meeting-end-1157-am-eastern-utc-4",level:3},{value:"BlueJeans Chat copy/paste:",id:"bluejeans-chat-copypaste",level:2}],mn={toc:un},cn="wrapper";function pn(e){let{components:t,...n}=e;return(0,ce.kt)(cn,(0,Q.Z)({},mn,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting"},"Podman Community Meeting"),(0,ce.kt)("h2",{id:"june-1-2021-1100-am-eastern-utc-4"},"June 1, 2021 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"attendees-24-total"},"Attendees (24 total)"),(0,ce.kt)("p",null,"Tom Sweeney, Brent Baude, Jhon Honce, Dan Walsh, Chris Evich, Urvashi Mohnani, Nalin Dahyabhai, Eduardo Santiago, Matt Heon, Ashley Cui, Paul Holzinger, Greg Shomo, Tom Deseyn, Andrew Slice, Anders Bj\xf6rklund, Shion Tanaka, Alex Litvak, Juanje Ojeda, Deepak Bhole, Eduardo Vega, Falsal Rzzzak, Juanje Ojeda, Omair Majid, Peter Hunt, Preethi Thomas, Uwe Reh"),(0,ce.kt)("h2",{id:"meeting-start-1103-am"},"Meeting Start: 11:03 a.m."),(0,ce.kt)("h3",{id:"bluejeans-recording"},"BlueJeans ",(0,ce.kt)("a",{parentName:"h3",href:"https://bluejeans.com/s/3fO@uV5g9KF"},"Recording")),(0,ce.kt)("h2",{id:"general-announcements"},"General Announcements"),(0,ce.kt)("h3",{id:"tom-sweeney"},"Tom Sweeney"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"No July Meeting due to holiday and vacations, we meet next on Tuesday August 3rd."),(0,ce.kt)("li",{parentName:"ul"},"The Podman IRC channel is moving. We've left the Freenode server and now the #podman channel lives on the Libera server.")),(0,ce.kt)("h2",{id:"podman-and-tye"},"Podman and TYE"),(0,ce.kt)("h3",{id:"tom-deseyn"},"Tom Deseyn"),(0,ce.kt)("h4",{id:"300-in-the-video"},"(3:00 in the video)"),(0,ce.kt)("h4",{id:"slides"},(0,ce.kt)("a",{parentName:"h4",href:"https://github.com/containers/podman.io/blob/main/community/meeting/notes/2021-06-01/tye_meets_podman.pdf"},"Slides")),(0,ce.kt)("p",null,"Tom is working for Red Hat on .NET. His team has been building and packaging .Net on Red Hat Enterprise Linux (RHEL) and OpenShift Container Platform (OCP) for about the past five years. Focus on cloud development. TYE is from Microsoft and is meant to ease development of .NET based applications. TYE was not originally working with Podman, but he worked with the Podman team to get it to work. That was delivered earlier this year. Many of these features were also needed by Docker Compose."),(0,ce.kt)("p",null,"Two use cases, Development and Deployment."),(0,ce.kt)("p",null,"Development"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Run several services",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},".Net applications"),(0,ce.kt)("li",{parentName:"ul"},"Containers",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"Let them find one another"))),(0,ce.kt)("li",{parentName:"ul"},"Dashboard"),(0,ce.kt)("li",{parentName:"ul"},"Debugging"),(0,ce.kt)("li",{parentName:"ul"},"Watch")))),(0,ce.kt)("p",null,"Deployment"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Containerize"),(0,ce.kt)("li",{parentName:"ul"},"Generate Kubernetes manifest"),(0,ce.kt)("li",{parentName:"ul"},"Service binding")),(0,ce.kt)("p",null,"Demo (7:00 in the video)"),(0,ce.kt)("p",null,"TYE has a command line interface. The ",(0,ce.kt)("inlineCode",{parentName:"p"},"tye run")," command will bring up a dashboard of services. He can then traverse through the services in the GUI."),(0,ce.kt)("p",null,"TYE started the applications and the containers for each service including the ports. Each service has a log that can be looked at and metrics from .NET within the GUI."),(0,ce.kt)("p",null,"This was all done via a yaml file that defined the services. Based on this, TYE launched the applications."),(0,ce.kt)("p",null,"(Demo End 11:35)"),(0,ce.kt)("p",null,"Tom showed a second slide."),(0,ce.kt)("p",null,"Blue boxes are containers, red boxes are regular applications running on the host."),(0,ce.kt)("p",null,"TYE allows you to connect to a running application and debug it."),(0,ce.kt)("p",null,"TYE started two containers. For both backend and frontend proxies uses the loopback provided by Podman. Now in .NET he can debug within the provided interface from .NET. Under the covers it's using Podman v3.0 as it was using Docker before."),(0,ce.kt)("p",null,"TYE is a single host tool for developers."),(0,ce.kt)("h2",{id:"podman-v320-updates"},"Podman v3.2.0 Updates"),(0,ce.kt)("h3",{id:"matt-heon"},"Matt Heon"),(0,ce.kt)("h4",{id:"1550-in-the-video"},"(15:50 in the video)"),(0,ce.kt)("p",null,"Currently on final RC, hoping to get final release today or in the next few days."),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/releases/tag/v3.2.0-rc3"},"Podman v3.2.0-rc3 Release Notes")),(0,ce.kt)("p",null,"Features:"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Docker compose is supported with rootless Podman."),(0,ce.kt)("li",{parentName:"ul"},"Rootless CNI networking should work on any architecture."),(0,ce.kt)("li",{parentName:"ul"},"Podman Machine commands to handle virtual machines, most useful for MacOS."),(0,ce.kt)("li",{parentName:"ul"},"Podman generate Kube updates"),(0,ce.kt)("li",{parentName:"ul"},"podman start --all now works"),(0,ce.kt)("li",{parentName:"ul"},"Changes made to allow Podman to work better in a container. Blog post incoming with details.")),(0,ce.kt)("h2",{id:"podman-in-kubernetes"},"Podman in Kubernetes"),(0,ce.kt)("h3",{id:"urvashi-mohnani"},"Urvashi Mohnani"),(0,ce.kt)("h4",{id:"2018-in-the-video"},"(20:18 in the video)"),(0,ce.kt)("p",null,"Demos for running Podman inside a Kubernetes cluster. Still slightly experimental."),(0,ce.kt)("p",null,"Urvashi has a local Kubernetes cluster up and is running CRI-O as her container runtime engine. Easiest way to run things is to have privileged set to true in the cluster and she ran a user set to 1000."),(0,ce.kt)("p",null,'She ran a simple Podman container inside of a Kubernetes container to do a "Hello" to sysout.'),(0,ce.kt)("p",null,"She then built within the Kubernetes container. Even though the Kubernetes container is privileged, the Podman container within is not and is using usernamespace."),(0,ce.kt)("p",null,"Now she showed running as an unprivileged Kubernetes container, and to do that you need to set selinux to permissive mode. That's necessary as the containers can't mount all the file systems that they need to run. You also need to mount the dev fuse device as that's needed for the overlayfs file system."),(0,ce.kt)("p",null,"She then ran a nonprivileged container within a nonprivileged Kubernetes containers. Showed doing builds, but errors can occur. Need to change ",(0,ce.kt)("inlineCode",{parentName:"p"},"--isolation")," to chroot in the ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman build")," command."),(0,ce.kt)("p",null,"Ran Podman in a unprivileged container, but the Podman container was run as root."),(0,ce.kt)("p",null,"You can also run Podman service on your host and leave a socket entry to your container. This is done with a volume mount of the socket. You can then run ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman --remote")," command against that socket."),(0,ce.kt)("p",null,"If you use CRI-O as your runtime engine, you can add a user and a node annotation to your runtime. But it is experimental at the moment in Kubernetes and CRI-O. However, that tells CRI-O to create your container within your usernamespace."),(0,ce.kt)("p",null,"A blog coming out for running Podman in Kubernetes and it will become part of the official documentation."),(0,ce.kt)("h2",{id:"podman-machine-updates"},"Podman Machine Updates"),(0,ce.kt)("h3",{id:"brent-baude"},"Brent Baude"),(0,ce.kt)("h4",{id:"3200-in-the-video"},"(32:00 in the video)"),(0,ce.kt)("h4",{id:"slides-1"},(0,ce.kt)("a",{parentName:"h4",href:"https://github.com/containers/podman.io/blob/main/community/meeting/notes/2021-06-01/podman_machine.pdf"},"Slides")),(0,ce.kt)("p",null,"Why run Podman Machine on Linux rather than run it on the host? It makes sense from a MacOS. Would be good where you wanted to run containers and wanted to have some level of separation. Also good for testing on a Linux machine before moving it to Windows or Mac. Could also be good to see if Podman works with other Linux Operating Systems other than your native system."),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"What's in development?",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"Working custom images for x86_64 Linux and MacOS and aarch64 Linux and aarch MacOS"),(0,ce.kt)("li",{parentName:"ul"},"Port forwarding on hot"),(0,ce.kt)("li",{parentName:"ul"},"Some buggy code that needs testing"))),(0,ce.kt)("li",{parentName:"ul"},"Remaining obstacles",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"Merge development code"),(0,ce.kt)("li",{parentName:"ul"},"Packaging for both Linux and Brew"),(0,ce.kt)("li",{parentName:"ul"},"aarch64 support for FCOS is pending (will lead with x86_64)"),(0,ce.kt)("li",{parentName:"ul"},"Upstream merge of qemu support for M1"))),(0,ce.kt)("li",{parentName:"ul"},"Looking forward",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"Need a reasonably performant sollution for mounting from host"),(0,ce.kt)("li",{parentName:"ul"},"Work with FCOS team to reduce size of base image.")))),(0,ce.kt)("p",null,"It makes sense that you'd run Linux on MacOS to create a container, but why do so on Linux? Possibly to test different archtectures, to maintain a level of separation between the host and the container, or running a separate Linux distribution. Good for proof of concept testing to make sure the container will run on Windows or Mac in the machine."),(0,ce.kt)("h2",{id:"questions"},"Questions?"),(0,ce.kt)("h4",{id:"3844-in-the-video"},"(38:44) in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"More general discussions during the meeting for a more general discussion? If you have an idea that you'd like discussed, talk to Tom Sweeney to setup a meeting with folks. Might do IRC meetings too for a set time.")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Kubernetes on Podman? Running Podman on Kubernetes now (see Urvashi's demo above). Using CRI-O in Podman basically. It would be nice to have a Kublet that queries Podman.")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Can you sign an image in Kubernetes then use that in Kubernetes? We have simple signing in Podman with GPG, but Kubernetes doesn't understand this."))),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("p",null,"Topic suggestion: Using Podman to sign images in k8s and then using signed images in k8s ? (Focus on GPG signing.)"),(0,ce.kt)("h2",{id:"next-meeting-tuesday-august-3-2021-1100-am-eastern-utc-4"},"Next Meeting: Tuesday August 3, 2021, 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"meeting-end-1157-am-eastern-utc-4"},"Meeting End: 11:57 a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"bluejeans-chat-copypaste"},"BlueJeans Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Me10:56 AM\nPlease sign in https://hackmd.io/fc1zraYdS0-klJ2KJcfC7w?edit\nbaude11:01 AM\nyou have to unmute me\nit says you muted me\nMatt Heon11:23 AM\nhttps://github.com/containers/podman/releases/tag/v3.2.0-rc3\n(These are marked as preliminary but they're almost-final - just a few more changes planned)\nFaisal Razzak11:33 AM\nWill we have documentation for podman inside k8s ?\nAlex Litvak11:33 AM\npodman in lxc?\nMatt Heon11:35 AM\nAFAIK LXC is usually run rootless, which is probably going to be problematic\nLikely can be convinced to work but it's going to take effort\n@Faisal the intent is for the blog to be the documentation - we're going to host a copy on the website and keep updating it as things change\nAlex Litvak11:36 AM\nI will give it a shot and report but most of mine lxcs are privileged\nMatt Heon11:36 AM\nAh, that should be a lot easier\nMay have to add /dev/fuse to get fuse-overlayfs working\nFaisal Razzak11:48 AM\nTopic: Using podman to sign images in k8s and then using signed images in k8s ?\nI want to focus on GPG signing and not notary\nMe11:51 AM\n Fun Fact: A chef's tall hat (officially known as a \"toque\") is traditionally made with 100 pleats, meant to represent the 100 ways to cook an egg.\nFaisal Razzak11:52 AM\nThe effort to integrate podman with codesign or any other interface. Are these meetings public or can I participate ?\nFaisal Razzak11:55 AM\nok, I will\nI have background in code signing using GPG and PKCS11 interfaces\nUwe Reh11:56 AM\nby\n")))}pn.isMDXComponent=!0;const gn={},yn="Podman Community Cabal Meeting Notes",kn=[{value:"September 16, 2021 11:00 a.m. Eastern",id:"september-16-2021-1100-am-eastern",level:2},{value:"September 16, 2021 Topics",id:"september-16-2021-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"Build an Image with a Template File (0:42 in video)",id:"build-an-image-with-a-template-file-042-in-video",level:4},{value:"Podman Desktop (1:30 in video)",id:"podman-desktop-130-in-video",level:4},{value:"Podman machine volume mounts (39:10 in video)",id:"podman-machine-volume-mounts-3910-in-video",level:4},{value:"Open discussion (50:20 in video)",id:"open-discussion-5020-in-video",level:4},{value:"Next Meeting: Thursday October 21, 2021 10:00 a.m. EDT (UTC-4)",id:"next-meeting-thursday-october-21-2021-1000-am-edt-utc-4",level:3},{value:"Possible Topics:",id:"possible-topics",level:3}],wn={toc:kn},fn="wrapper";function bn(e){let{components:t,...n}=e;return(0,ce.kt)(fn,(0,Q.Z)({},wn,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("p",null,"One-hour meeting on the third Thursday of every month at 10:00 a.m. US/Eastern (UTC-4) to deep dive into topics on the agenda. Please add your name at the end of the topic so we know who the topic owner is.\nMeeting ID: ",(0,ce.kt)("a",{parentName:"p",href:"https://meet.google.com/ieq-pxhy-jbh"},"https://meet.google.com/ieq-pxhy-jbh")),(0,ce.kt)("p",null,"Try out ",(0,ce.kt)("a",{parentName:"p",href:"https://www.worldtimebuddy.com/?pl=1&lid=5,0&h=5&date=9/16/2021%7C3&hf=1"},"WorldTimeBuddy")),(0,ce.kt)("p",null,"Attendees: Tom Sweeney, Brent Baude, Christopher Fergeau, Chris Evich, Matej Vasek, Mehul Arora, Miloslav Trmac, Nalin Dahyabhai, Scott McCarty, Urvashi Mohnani, Eduardo Santiago, Guillaume Rose, Hugh Campbell (Riot Games in a personal capacity), Dan Walsh, Anders Bj\xf6rklund, Ashley Cui, Matt Heon, Paul Holzinger, Praveen Kumar, Gerard Braad, Giuseppe Scrivano, Lokesh Mandvekar, Kerry Zamore"),(0,ce.kt)("h2",{id:"september-16-2021-1100-am-eastern"},"September 16, 2021 11:00 a.m. Eastern"),(0,ce.kt)("h2",{id:"september-16-2021-topics"},"September 16, 2021 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Podman Desktop"),(0,ce.kt)("li",{parentName:"ol"},"Podman machine volume mounts"),(0,ce.kt)("li",{parentName:"ol"},"Open Discussion")),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://drive.google.com/file/d/1kCm-AK0Gqpk5Eua3m26agzxIp8NLR73x/view?usp=drive_web"},"Recording")),(0,ce.kt)("p",null,"Meeting start:10:04 a.m. Thursday, September 16, 2021"),(0,ce.kt)("h4",{id:"build-an-image-with-a-template-file-042-in-video"},"Build an Image with a Template File (0:42 in video)"),(0,ce.kt)("p",null,"Topic for next month from: ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/stellarpower"},"https://github.com/stellarpower"),"\nProposal here: ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/buildah/issues/3479"},"https://github.com/containers/buildah/issues/3479")),(0,ce.kt)("h4",{id:"podman-desktop-130-in-video"},"Podman Desktop (1:30 in video)"),(0,ce.kt)("p",null,"The topic has gotten very hot over the past few weeks. People want some form of desktop presence. The big focus is on stop/start and status of things running. The maintainers wanted to solicit the community to find out what they think. If we just do what Docker does, then it might not be enough. We want to make it better if possible."),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/issues/11494"},"https://github.com/containers/podman/issues/11494")," - Discussion in play online."),(0,ce.kt)("p",null,"Dan would like Podman to remain as a CLI tool, with the Desktop as an optional wrapper that could be used."),(0,ce.kt)("p",null,"Gerard - people want a desktop application that integrates well and can be considered a first-class citizen. In addition to start/stop/status, also reinitialization. Will it be a tray application or something that supplements your view?"),(0,ce.kt)("p",null,"Dan - we're hearing that compose doesn't work on Mac due to the socket not being set up. Do we want to expose registry.conf and how to handle the sockets."),(0,ce.kt)("p",null,"What is the initial goal? Is it a windows tray application, but that might be very information-dense with many containers. Want to be able to query logs on a container."),(0,ce.kt)("p",null,"Brent's take is that knowing what users want will help us make decisions and that's part of our current process."),(0,ce.kt)("p",null,"Gerard - you have to watch the scale, so there may not be a single solution. So we need to identify what it looks like at the start."),(0,ce.kt)("p",null,"Scott would like to ensure functionality. He'd like to be able to run docker compose and it would just work. He also wants to be able to serve a super user along with a novice user."),(0,ce.kt)("p",null,"Dan sees the desktop as managing connections. The podman that runs on a mac, is podman remote. Cockpit might be a player in this space when you're trying to look at the containers. One of our pain points on the mac was figuring out how to connect to your linux server. Most of that was solved with podman machine. So that's why he sees this as more of a management system."),(0,ce.kt)("p",null,"In the future, we might have podman machine that could handle different VM types (Ubuntu, RHEL, SUSE) either local or remote to the system."),(0,ce.kt)("p",null,"Anders with docker machine you could have many machines going at once, but with Docker desktop has only one machine running in the background. He anticipates the machine concept in Podman will be almost hidden, something most users wouldn't have to be aware of."),(0,ce.kt)("p",null,"In chat, Gerard noted: Podman Dekstop might not be the right name, as the desktop (local VM) is just a small part of the puzzle. The key point seems the connectivity and view/status of these connections."),(0,ce.kt)("p",null,"Anders thinks there might be one desktop to handle the machines, and another to handle the containers."),(0,ce.kt)("p",null,"Brent asked about brew in the enterprise as we've gotten some push back from folks on its use."),(0,ce.kt)("p",null,"Gerard doesn't think it will be much of a concern, but Dan noted that some enterprise customers are blocking the use."),(0,ce.kt)("p",null,'We will package in brew, the question outstanding is whether or not to provide another "more trusted" place to get a hold of the podman and/or desktop software. This would be used by enterprise customers who need to load only software with more verification than brew provides.'),(0,ce.kt)("p",null,"Hugh struggles with keeping his folks from running with root in containers. If he could get Podman Desktop to be like 80% of what Docker Desktop does. It would help people understand that more container tech than just Docker. At Riot, they want to get stuff done as quickly as possible, so it needs to be easy/fast."),(0,ce.kt)("p",null,"For Riot, the Docker announcement caught them by surprise."),(0,ce.kt)("p",null,"Is not running root in a container the most important point of interest? Hugh would like it to be there, at very least made the people aware of the badness of running as root as they started to do that. Perhaps some kind of slider to select root/non-root, eg. setting the compatibility level (security settings?)."),(0,ce.kt)("p",null,"Dan can't envision why you'd need root inside most containers in a game devel environment. He thinks they might not be aware of security."),(0,ce.kt)("p",null,"Will write up a Product Specification document for what Podman will provide."),(0,ce.kt)("p",null,"For the tray, Brent wants to know if \u201cshift\u201d is the only way to provide it. Gerard create a tray app in go but ran into a lack of options while developing. So it held them back from being integrated with the system."),(0,ce.kt)("p",null,"Their issue with not using a native application, then the product wasn't as crisp-looking and deeply integrated with the OS. Eg. Minishift tried to use Golang with a library from lantern, but this lead to issues around integration. ",(0,ce.kt)("a",{parentName:"p",href:"https://www.electronjs.org/"},"Electron")," is a development environment that creates desktop applications in JavaScript and web pages. you can you CSS to make the look and feel just right. The output is usable in Linux, Mac, and Windows. GitHub Desktop, VSCode, Discord, and the Slack desktop app are based on Electron for instance. The advantage might be that some of the Cockpit components might be (re)used."),(0,ce.kt)("h4",{id:"podman-machine-volume-mounts-3910-in-video"},"Podman machine volume mounts (39:10 in video)"),(0,ce.kt)("p",null,"For mac volumes, no native support. Using a reverse mount with ssh to the host. Matt Heon would like to get to using a flag to the mount from the machine command. He would like to get something out quickly."),(0,ce.kt)("p",null,"His target would be native support in about a year (Fall 2022)."),(0,ce.kt)("p",null,"Anders has a use case where a home directory can be mounted on a root directory in the VM, but you need to add a prefix. Anders ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/pull/11454"},"PR")),(0,ce.kt)("p",null,"Does Docker Desktop do what Podman should do? Per what Matt has seen, it does, but he's not sure about the performance issues. However, that's probably the same or similar issue in Docker and Podman."),(0,ce.kt)("p",null,"Podman remote client will need to be a lot smarter than it is now. Anders PR is a quick startup solution, but further work will be needed from there."),(0,ce.kt)("p",null,"Some of the stuff that Anders has seen in Desktop, is a little less secure than he thinks it should be."),(0,ce.kt)("p",null,"SSHfs is what Gerard has used and it seems to have worked well for his environment. Something that Matt is looking into using."),(0,ce.kt)("p",null,"Dan doesn't think we want mounting storage for an image from the mac to the VM."),(0,ce.kt)("p",null,"The advantage of using ssh, it's ubiquitous."),(0,ce.kt)("p",null,"The first pass should be using SSHfs."),(0,ce.kt)("h4",{id:"open-discussion-5020-in-video"},"Open discussion (50:20 in video)"),(0,ce.kt)("p",null,"1.) What's the WSL2 status?"),(0,ce.kt)("p",null,"Brent said there's a document or a script to make it less painful. Dan noted that the Podman team is working with Microsoft. Gerard would like to see a document. Brent noted it should be here very soon, but the person working on it is not part of Red Hat, not in the meeting, and he doesn't want to promise things."),(0,ce.kt)("p",null,"2.) Cost of Podman Desktop?"),(0,ce.kt)("p",null,"We're targeting free open-source."),(0,ce.kt)("p",null,"3.) What is ETA for the Desktop?"),(0,ce.kt)("p",null,"Brent hopes to solve the volume, needs M1 support for qemu. Those need to be done first, then we would look at Desktop. If nodejs, we'll need help or will have to learn it."),(0,ce.kt)("p",null,"We need to have an initial release by January 1, 2022. Then build from there. A full-bodied release later in 2022."),(0,ce.kt)("p",null,"4.) Has anyone run into Podman Machine Build is a lot slower than Docker."),(0,ce.kt)("p",null,"Matt has a link to someone reporting the issue."),(0,ce.kt)("h3",{id:"next-meeting-thursday-october-21-2021-1000-am-edt-utc-4"},"Next Meeting: Thursday October 21, 2021 10:00 a.m. EDT (UTC-4)"),(0,ce.kt)("h3",{id:"possible-topics"},"Possible Topics:"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Build an Image with a Template File"),(0,ce.kt)("li",{parentName:"ol"},"How to handle weekly releases of Desktop, circleCI, appveyor? Desktop builds (like Electron based), install package generation, or signing on macOS required more than the usual offers that are available.")),(0,ce.kt)("p",null,"Raw BlueJeans:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"You10:01 AM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nHugh Campbell10:02 AM\nHi everyone\nPraveen Kumar10:02 AM\nHello everyone\nGerard Braad10:03 AM\n@Praveen if you have connection issuesyou can also ping me on Slack if more is needed\nDaniel Walsh10:03 AM\nAgenda doc: https://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nGerard Braad10:06 AM\nSome form:\n * status indication (VM)\n * controls (start, stop)\nPraveen Kumar10:06 AM\nneed to rejoin, not able to hear anything :(\nGerard Braad10:13 AM\nThis is actually the same I wanna know ;-)\nGerard Braad10:15 AM\nThis means a easy switch between configurations\nand a springboard to a developer prompt for this\nGerard Braad10:17 AM\n^^ @dan @scott ^^\nGerard Braad10:20 AM\nPodman Dekstop might not be right name, as the desktop (local VM) is just a small part of the puzzle. The key point seems the connecitivity and view/status of these conections\nScott McCarty10:22 AM\nBRB\nGerard Braad10:23 AM\nthe VM is just another endpoint/another podman you can connect to.\nthe tray and/or app might have very different tasks. the application (dialogs) will show the details of the connection and the containers\nwhile the tray might show the lifecycle management and the possible connections\nHugh Campbell10:27 AM\nWe use brew here at Riot with our Macs and brew is a good solution but knowing developers here - it doesn't have to be an exact 1:1 but if 80% of Podman Desktop for Mac can be like Docker Desktop for Mac it's would help make transition so much easier\nGerard Braad10:28 AM\n^^ :+1 right. but I believe for Brew and Choco there is a docker-desktop and docker-cli package, right?\nHugh Campbell10:28 AM\nI believe so but don't quote me on that\nGerard Braad10:30 AM\nI believe on mac you have the two kinds of users; those that want a dmg/pkg, and those that want brew\nBrent Baude10:30 AM\ncorrect\nGerard Braad10:30 AM\nand on Windows you start to see the same with wanting and .exe msi or using choco inst\nAnders F Bj\xf6rklund10:30 AM\nI dunno, I wanted rpm and port :-)\nGerard Braad10:30 AM\n;-)\nGerard Braad10:31 AM\nis that PNAELV ?\nGerard Braad10:34 AM\nPretty much like the Firewall/Internet Security slider in Windows :-)\nsetting a 'compatibility level'\nAnders F Bj\xf6rklund10:39 AM\nhere is my quick last night poc for doing a cross-platform (Qt) systray in a cross-platform language (C++):\nhttps://github.com/afbjorklund/podman-systray\nso far it has the icon :-)\nHugh Campbell10:39 AM\nVSCode\nGerard Braad10:40 AM\n^^ VS Code is developeed using electron\nErik Bernoth10:40 AM\nSlack and Discord might be written in Electron, iirc\nHugh Campbell10:41 AM\nI believe they are as well for Mac\nGerard Braad10:43 AM\n@Dan the advatnage of Electron is that the Cockpit components can most likely can be reused\nGerard Braad10:44 AM\n^^^ can I add this reference to the doc?\n@Tom\nYou10:45 AM\nGerard, please and thank you!\nAnders F Bj\xf6rklund10:48 AM\nhttps://github.com/containers/podman/pull/11454\nYou10:48 AM\nty Anders!\nHugh Campbell10:49 AM\nNative would be awesome but 80-85% of what is there currently in Docker Desktop for Podman Desktop would be great for my devs\nAnders F Bj\xf6rklund10:54 AM\na lot of interesting things happening with \"macOS subsystem for Linux\" (lima)\nmight be on par with WSL, although unofficial (Apple never supports other OS)\nGerard Braad11:00 AM\n@Tom https://github.com/gbraad\nMehul Arora11:03 AM\nyes, it is\nHugh Campbell11:04 AM\nThanks everyone!\nKherry Zamore11:05 AM\nthanks\nieq-pxhy-jbh\n")))}bn.isMDXComponent=!0;const vn={},Mn="Podman Community Meeting Notes",In=[{value:"December 7, 2021 11:00 a.m. Eastern (UTC-5)",id:"december-7-2021-1100-am-eastern-utc-5",level:2},{value:"Attendees (18 total)",id:"attendees-18-total",level:3},{value:"Meeting Start: 11:03 a.m.",id:"meeting-start-1103-am",level:2},{value:"BlueJeans Recording",id:"bluejeans-recording",level:3},{value:"Netavark Status",id:"netavark-status",level:2},{value:"Matt Heon",id:"matt-heon",level:3},{value:"(1:52 in the video)",id:"152-in-the-video",level:4},{value:"Podman on Windows Demo",id:"podman-on-windows-demo",level:2},{value:"Jason Greene via Tom Sweeney",id:"jason-greene-via-tom-sweeney",level:3},{value:"(10:12 in the video)",id:"1012-in-the-video",level:4},{value:"Meeting Announcement",id:"meeting-announcement",level:2},{value:"Open Forum/Questions?",id:"open-forumquestions",level:2},{value:"(26:00) in the video)",id:"2600-in-the-video",level:4},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday February 1, 2021, 11:00 a.m. Eastern (UTC-5)",id:"next-meeting-tuesday-february-1-2021-1100-am-eastern-utc-5",level:2},{value:"Next Cabal Meeting: Thursday December 16, 2021, 11:00 a.m. Eastern (UTC-5)",id:"next-cabal-meeting-thursday-december-16-2021-1100-am-eastern-utc-5",level:2},{value:"Meeting End: 11:37 a.m. Eastern (UTC-5)",id:"meeting-end-1137-am-eastern-utc-5",level:3},{value:"BlueJeans Chat copy/paste:",id:"bluejeans-chat-copypaste",level:2}],An={toc:In},Tn="wrapper";function Sn(e){let{components:t,...n}=e;return(0,ce.kt)(Tn,(0,Q.Z)({},An,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting-notes"},"Podman Community Meeting Notes"),(0,ce.kt)("h2",{id:"december-7-2021-1100-am-eastern-utc-5"},"December 7, 2021 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"attendees-18-total"},"Attendees (18 total)"),(0,ce.kt)("p",null,"Tom Sweeney, Jhon Honce, Chris Evich, Urvashi Mohnani, Matt Heon, Chris Evich, Anders Bj\xf6rklund, Ashley Cui, Aditya Rajan, Rudolf Vesely, Shion Tanaka, Eduardo Santiago, Valentin Rothberg, Paul Holzinger, Nalin Dahyabhai, Martin Jackson, Preethi Thomas, Ionut Stoica"),(0,ce.kt)("h2",{id:"meeting-start-1103-am"},"Meeting Start: 11:03 a.m."),(0,ce.kt)("h3",{id:"bluejeans-recording"},"BlueJeans ",(0,ce.kt)("a",{parentName:"h3",href:"https://youtu.be/WUk_ZzVThd8"},"Recording")),(0,ce.kt)("h2",{id:"netavark-status"},"Netavark Status"),(0,ce.kt)("h3",{id:"matt-heon"},"Matt Heon"),(0,ce.kt)("h4",{id:"152-in-the-video"},"(1:52 in the video)"),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/netavark"},"netavark")),(0,ce.kt)("p",null,"Dumping the network stack for a new one in Podman 4.0, one that we will own and control. Netavark is mostly working for IPv4 and a firewall driver is close to being completed."),(0,ce.kt)("p",null,"Podman with netavark GitHub repo: ",(0,ce.kt)("a",{parentName:"p",href:"https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman-next/"},"https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman-next/")),(0,ce.kt)("p",null,"Looking to replece DNS Server within Podman too with this change. The goal is to have a container with as many networks as you'd want. Testers are very welcomed. Bug reports to the netavark for network issues, against Podman in it's GitHub if more Podman related."),(0,ce.kt)("h2",{id:"podman-on-windows-demo"},"Podman on Windows Demo"),(0,ce.kt)("h3",{id:"jason-greene-via-tom-sweeney"},"Jason Greene via Tom Sweeney"),(0,ce.kt)("h4",{id:"1012-in-the-video"},"(10:12 in the video)"),(0,ce.kt)("p",null,"(We had trouble with the video sharing, Tom Sweeney narrated badly...)"),(0,ce.kt)("p",null,"Jason's first video showed how to run Podman on a Windows machine using WSL. It basically has the same look, feel as the macOS variant does. Jason talked about the architecutre under the covers and things he wants to improve upon. The direct ",(0,ce.kt)("a",{parentName:"p",href:"https://youtu.be/KIGeWpd91Z0"},"Video")," can be found on YouTube along with Jason's Update ",(0,ce.kt)("a",{parentName:"p",href:"https://youtu.be/ub2m15yW-fg"},"Video")," which was not shown in the meeting. The update shows his progress and how Podman can be installed on a Windows machine that doesn't have WSL."),(0,ce.kt)("p",null,"The quality is much better there than in the meetings recording."),(0,ce.kt)("h2",{id:"meeting-announcement"},"Meeting Announcement"),(0,ce.kt)("p",null,"Going to hold this meeting every other month on the first Tuesday of the month starting in Feburary (even numbered months). The Cabal meeting will remain a monthly meeting on the third Thursday of each month."),(0,ce.kt)("h2",{id:"open-forumquestions"},"Open Forum/Questions?"),(0,ce.kt)("h4",{id:"2600-in-the-video"},"(26:00) in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Podman on Fedora32 on Windows doesn't go easy.\nMatt thinks this is a systemd issue and more invesigation is needed.")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Ionut Stoica is working on a project to add tools for front end work. ",(0,ce.kt)("a",{parentName:"p",href:"https://iongion.github.io/podman-desktop-companion/"},"https://iongion.github.io/podman-desktop-companion/")," It's kind of Cockpit like. Hopes to add more in the future. Looking at Windows and mac, but needs to work on compilation issues. Easier on the Mac, but needs to use Lima. Will check in with Jason Greene"))),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("p",null,"None specified."),(0,ce.kt)("h2",{id:"next-meeting-tuesday-february-1-2021-1100-am-eastern-utc-5"},"Next Meeting: Tuesday February 1, 2021, 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h2",{id:"next-cabal-meeting-thursday-december-16-2021-1100-am-eastern-utc-5"},"Next Cabal Meeting: Thursday December 16, 2021, 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"meeting-end-1137-am-eastern-utc-5"},"Meeting End: 11:37 a.m. Eastern (UTC-5)"),(0,ce.kt)("h2",{id:"bluejeans-chat-copypaste"},"BlueJeans Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Me10:53 AM\nPlease sign in https://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nMatt Heon11:06 AM\nhttps://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman-next/\nMatt Heon11:08 AM\nhttps://github.com/containers/netavark\nMe11:09 AM\nDid I share anything?\nMe11:25 AM\nOh good, I can see people talking, but I can't hear anything\nPavel11:26 AM\nI'm trying to run Podman on Fedora35 WS and it doesn't go easy: the home area concept conflicts with podman storge conf\nChris Evich11:26 AM\nTom, if you're talking we can't hear you :(\nPavel11:27 AM\nUser's home is not static - it is mounted dynamically\nMe11:27 AM\nI've lost my audio, I can't hear, trying to get it bak.\nChristian Felder11:27 AM\nI think Marin Jackson's Audio isn't working either\n(Martin Jackson) - sorry typo\niongion11:32 AM\nhttps://iongion.github.io/podman-desktop-companion/\niongion11:33 AM\nhttps://github.com/iongion/podman-desktop-companion\nMe11:35 AM\ntsweeney@redhat.com\niongion11:37 AM\nIonut Stoica\n")))}Sn.isMDXComponent=!0;const Cn={},Nn="Podman Community Cabal Meeting Notes",Dn=[{value:"March 17, 2022 11:00 a.m. Eastern",id:"march-17-2022-1100-am-eastern",level:2},{value:"March 17, 2022 Topics",id:"march-17-2022-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"/etc/hosts in containers - (1:30 in video) - Paul Holzinger",id:"etchosts-in-containers---130-in-video---paul-holzinger",level:3},{value:"Mac OS Volume Mounts - (28:40 in video) - Brent Baude",id:"mac-os-volume-mounts---2840-in-video---brent-baude",level:3},{value:"Podman pod create - What happens when all containers stop... - (37:12 in the video) - Dan Walsh",id:"podman-pod-create---what-happens-when-all-containers-stop---3712-in-the-video---dan-walsh",level:3},{value:"Open discussion (45:50 in video)",id:"open-discussion-4550-in-video",level:4},{value:"Next Meeting: Thursday April 21, 2022 11:00 a.m. EDT (UTC-5)",id:"next-meeting-thursday-april-21-2022-1100-am-edt-utc-5",level:3},{value:"Next Community Meeting: Tuesday April 5, 2022 11:00 a.m. EDT (UTC-5)",id:"next-community-meeting-tuesday-april-5-2022-1100-am-edt-utc-5",level:3},{value:"Possible Topics:",id:"possible-topics",level:3}],Pn={toc:Dn},xn="wrapper";function Bn(e){let{components:t,...n}=e;return(0,ce.kt)(xn,(0,Q.Z)({},Pn,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("p",null,"Attendees: Tom Sweeney, Aditya Rajan, Matt Heon, Brent Baude, Ashley Cui, Chris Evich, Giuseppe Scrivano, Nalin Dahyabhai, Paul Holzinger, Anders Bj\xf6rklund, Dan Walsh, Valentin Rothberg, Jhon Honce, Miloslav Trma\u010d, Charlie Doern, Lokesh Mandvekar, Eduardo Santiago, Christian Felder, Flavian Missi, Lance Lovette, Martin Jackson, Oleg Bulatov, Preethi Thomas"),(0,ce.kt)("h2",{id:"march-17-2022-1100-am-eastern"},"March 17, 2022 11:00 a.m. Eastern"),(0,ce.kt)("h2",{id:"march-17-2022-topics"},"March 17, 2022 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"/etc/hosts in containers - Paul Holzinger"),(0,ce.kt)("li",{parentName:"ol"},"Mac OS Volume Mounts - Brent Baude"),(0,ce.kt)("li",{parentName:"ol"},"Podman pod create - Exit when containers exit? - Dan Walsh")),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://youtu.be/wvENxqMjuLI"},"Recording")),(0,ce.kt)("p",null,"Meeting start 11:02 a.m. Thursday March 17, 2022"),(0,ce.kt)("h3",{id:"etchosts-in-containers---130-in-video---paul-holzinger"},"/etc/hosts in containers - (1:30 in video) - Paul Holzinger"),(0,ce.kt)("p",null,"We don't currently support network connect/disonnect with /etc/host getting updated."),(0,ce.kt)("p",null,"If we generate an /etc/hosts in the container, we use the entries from the host if there are none in the container."),(0,ce.kt)("p",null,"For slirp4netns we use the contaienr host name."),(0,ce.kt)("p",null,"When we have several entries for the bridge network case, should we use the first, or all, or somehow pick/choose? Matt thinks we should use all that don't have duplicates. If we encounter a duplicate, we should take the first one found and ignore the rest. So a user entry should trump all, and the rest should be in priority order."),(0,ce.kt)("p",null,"For pods, you must add an entry for each container. When the container is stopped, it has to remove this entry."),(0,ce.kt)("p",null,"Make sure hosts.containers.internal is only added. Matt asked if we could do something other than 127.0.0.1 for the localhost value. Paul noted that's not the behavior some people expect. So Paul thinks we could use the public IP of the container."),(0,ce.kt)("p",null,"Dan noted that some people want a no-host option, in which case we'll use the values found in the image."),(0,ce.kt)("p",null,"There's a potential information leak if we use the entries from the hosts /etc/hosts in the container as we'd add the host\u2019s IP to the containers version of the file."),(0,ce.kt)("p",null,"We should allow users to disable host.containers.internal in the containers.conf."),(0,ce.kt)("p",null,"The problem Lance is running into is he's running many containers in the network. He's hoping to configure the /etc/hosts in the container at run time rather than build time. He wants to ensure that each container has a different IP for the same first name. So the /etc/hosts should be different per container."),(0,ce.kt)("p",null,"He'd like a way to have a different /etc/hosts file per container. Issue on ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/aardvark-dns/issues/82"},"GitHub"),"."),(0,ce.kt)("p",null,"Lance is seeing containers sharing the info. We do that for containers in a shared network namespace or containers in a Pod."),(0,ce.kt)("h3",{id:"mac-os-volume-mounts---2840-in-video---brent-baude"},"Mac OS Volume Mounts - (28:40 in video) - Brent Baude"),(0,ce.kt)("p",null,"Brent is working with Anders, and they're trying to get their heads around the feature. Currently, if you need to add one, you need to remove your machine and add it, which is not optimal."),(0,ce.kt)("p",null,"One thought was to add the user\u2019s mount in macOS, so there'd be a direct path. Like $HOME to $HOME. This is what Docker is doing and Anders thinks this is what people expect. It also allows for other mounts to be used. You may need to reboot, but you don't have to delete the user."),(0,ce.kt)("p",null,"It should be configurable in containers.conf so people can change it as wanted."),(0,ce.kt)("p",null,"This should be in Podman v4.1 if things go right."),(0,ce.kt)("p",null,"Lima is doing read-only by default. Dan thinks we should add a ",(0,ce.kt)("inlineCode",{parentName:"p"},":ro")," option that can be added to allow this functionality."),(0,ce.kt)("h3",{id:"podman-pod-create---what-happens-when-all-containers-stop---3712-in-the-video---dan-walsh"},"Podman pod create - What happens when all containers stop... - (37:12 in the video) - Dan Walsh"),(0,ce.kt)("p",null,"An issue came up this week where someone was running a pod and when what they thought was the primary container exited, the pod continued running, and they didn't expect that. Dan would like to see an option that would tell Podman what to do when a container exits that is running inside of a pod."),(0,ce.kt)("p",null,"There are three possible options:"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Ignore - the container exit (current default), the pod keeps running."),(0,ce.kt)("li",{parentName:"ol"},"Close - if any container exits, then the pod exits"),(0,ce.kt)("li",{parentName:"ol"},"Restart - if the container exits, the pod would restart it. Similar to systemd. It should be overrideable per container.")),(0,ce.kt)("p",null,"Dan would like comments/thoughts? A thought that the restart policy might not work in systemd. Valentin thinks that if the last container exits, then the pod should as well."),(0,ce.kt)("p",null,"Matt thinks we don't need the option, rather, we should just stop the pod when the last container stops, as Valentin noted. We currently have the restart option for a container, so if someone wanted to ensure the pod stayed up, they could use that restart option."),(0,ce.kt)("p",null,"Valentin thinks we need to allow a pod to start without containers and then add containers to it. So we shouldn't stop the pod if it hasn't had a container inside of it."),(0,ce.kt)("p",null,"On further reflection, Dan thinks the ignore might not be a useful case. Dan thinks if we change the default to keep the pod up unless there are no longer any containers within, then we won't need to add the options. Cleanup would need to change to verify that there aren't any containers running, and if not, then kill the pod."),(0,ce.kt)("p",null,"Lance has noted catatonit orphans and wonders if this might be related. Will post a bug if he can ID a pattern."),(0,ce.kt)("h4",{id:"open-discussion-4550-in-video"},"Open discussion (45:50 in video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Podman v4.0 updates. - Brent Baude\nPodman v4.0 has been going well, especially given the new content. We are now focusing on things that need to be added. A number of CI, memory, and other internal to the build systems things to add in the near term. That will be good as we'll be able to work on bugs as they arise. The Red Hat team has a bug list max, and we just hit that, so we'll be focusing on that over the next week or two."),(0,ce.kt)("p",{parentName:"li"},"For features, work is ongoing for cosign. Jhon will be working on Homebrew improvements. Urvashi is working on a YAML to Kubernetes integration. Matt is working on Docker compose v2. So far, that's going very well. Also, a number of blog posts."),(0,ce.kt)("p",{parentName:"li"},"The new features mentioned will be in v4.1 and v4.2. Podman v4.1 will be out roughly in late April 2022."),(0,ce.kt)("p",{parentName:"li"},"Virtio-fs is being worked on with qemu, which should then be useable on Planet 9 and mac. This will allow multiple UIDs to be used on a Mac once complete. That's probably a longer-term project."),(0,ce.kt)("p",{parentName:"li"},"Work is ongoing within Red Hat for a Desktop](",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/desktop"},"https://github.com/containers/desktop"),")"))),(0,ce.kt)("h3",{id:"next-meeting-thursday-april-21-2022-1100-am-edt-utc-5"},"Next Meeting: Thursday April 21, 2022 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h3",{id:"next-community-meeting-tuesday-april-5-2022-1100-am-edt-utc-5"},"Next Community Meeting: Tuesday April 5, 2022 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h3",{id:"possible-topics"},"Possible Topics:"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"None")),(0,ce.kt)("p",null,"Meeting finished 11:56"),(0,ce.kt)("p",null,"Raw Meeting Chat:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"\nDaniel Walsh\n10:57 AM\nhttps://www.redhat.com/sysadmin/podman-transfer-container-images-without-registry\nYou\n11:00 AM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nLance Lovette\n11:22 AM\nhttps://github.com/containers/aardvark-dns/issues/82\nAshley Cui\n11:54 AM\nhttps://github.com/containers/desktop\n")))}Bn.isMDXComponent=!0;const En={},Wn="Podman Community Cabal Meeting Notes",jn=[{value:"July 21, 2022 11:00 a.m. Eastern",id:"july-21-2022-1100-am-eastern",level:2},{value:"July 21, 2022 Topics",id:"july-21-2022-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"Man Page Clean Up - (1:12 in video) - Ed Santiago",id:"man-page-clean-up---112-in-video---ed-santiago",level:3},{value:"Podman Desktop Update - (11:12 in video) - Stevan Le Meur && Florent Benoit",id:"podman-desktop-update---1112-in-video---stevan-le-meur--florent-benoit",level:3},{value:"crun Update - Dan Walsh and Giuseppe Scrivano (18:55 in video)",id:"crun-update---dan-walsh-and-giuseppe-scrivano-1855-in-video",level:3},{value:"Open discussion (29:18 in video)",id:"open-discussion-2918-in-video",level:4},{value:"Next Meeting: Thursday August 18, 2022 11:00 a.m. EDT (UTC-5)",id:"next-meeting-thursday-august-18-2022-1100-am-edt-utc-5",level:3},{value:"August 18, 2022 Topics",id:"august-18-2022-topics",level:2},{value:"Next Community Meeting: Tuesday August 2, 2022 11:00 a.m. EDT (UTC-5)",id:"next-community-meeting-tuesday-august-2-2022-1100-am-edt-utc-5",level:3},{value:"Possible Topics:",id:"possible-topics",level:3}],Ln={toc:jn},Hn="wrapper";function Rn(e){let{components:t,...n}=e;return(0,ce.kt)(Hn,(0,Q.Z)({},Ln,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("p",null,"Attendees: Matt Heon, Nalin Dahyabhai, Paul Holzinger, Karthik Elango, Charlie Doern, Lokesh Mandvekar, Niall Crowe, Dan Walsh, Valentin Rothberg, Miloslav Trmac, Mohan Bodu, Florent Benoit, Stevan Le Meur, Eduardo Santiago, Giuseppe Scrivano, Aditya Rajan, Urvashi Mohnani, Preethi Thomas, Jake Correnti, Ashley Cui"),(0,ce.kt)("h2",{id:"july-21-2022-1100-am-eastern"},"July 21, 2022 11:00 a.m. Eastern"),(0,ce.kt)("h2",{id:"july-21-2022-topics"},"July 21, 2022 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Man Page Clean Up - Ed Santiago"),(0,ce.kt)("li",{parentName:"ol"},"An update on Podman Desktop - Stevan Le Meur && Florent Benoit"),(0,ce.kt)("li",{parentName:"ol"},"Possible Topics: new OCI Runtimes? WASM for example. Also Podman support for zstd and gzip format at the same time.")),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://youtu.be/aV6RYlF9Ocs"},"Recording")),(0,ce.kt)("p",null,"Meeting start 11:02 a.m. Thursday July 21, 2022"),(0,ce.kt)("h3",{id:"man-page-clean-up---112-in-video---ed-santiago"},"Man Page Clean Up - (1:12 in video) - Ed Santiago"),(0,ce.kt)("p",null,"Ed has found a number of duplicate pages in the man pages. Has considered moving them from md format to rst. Ed is asking for help. Does anyone want to convert to rst? Or are there other options?"),(0,ce.kt)("p",null,"Currently there's a way to changes a small number of md to md.in files. Can we leverage that? Some of the interesting challenge with this is we leverage ReadTheDocs to publish the man pages automatically. Further investigation is needed in this space. If we can just use the md.in files and get those into the ReadTheDocs, that might be doable. The thing that needs to be checked if the pages would disappear from the GitHub site."),(0,ce.kt)("p",null,"So more looking needs to be done in how GitHub handles the markdown resolution. Dan thinks we should go forward with the change. This will allow coders to do an update in one place for an option that is used by more than one command."),(0,ce.kt)("h3",{id:"podman-desktop-update---1112-in-video---stevan-le-meur--florent-benoit"},"Podman Desktop Update - (11:12 in video) - Stevan Le Meur && Florent Benoit"),(0,ce.kt)("p",null,"0.0.5 Released:"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Onboarding sequence (to initialize and/or start podman machine)"),(0,ce.kt)("li",{parentName:"ul"},"Revamp UI for containers, images"),(0,ce.kt)("li",{parentName:"ul"},"Windows: Installation of podman + update of podman"),(0,ce.kt)("li",{parentName:"ul"},"Proxies for linux/macos but not yet windows (will work with Podman 4.2)"),(0,ce.kt)("li",{parentName:"ul"},"Help page")),(0,ce.kt)("p",null,"Early Adopter Program: Accessible from ",(0,ce.kt)("a",{parentName:"p",href:"https://podman-desktop.io/"},"podman-desktop.io")),(0,ce.kt)("p",null,"Stevan showed how the new search functionality is working on the desktop. Help system allows one to contact the developers with questions."),(0,ce.kt)("p",null,"For Windows, they are waiting for Podman v4.2 due to proxy issues on Windows. More work underway, and looking for contributors."),(0,ce.kt)("p",null,"They are asking users to join the early adopter program, which is linked from the top of the web page. They especially would like to find users for the program, not just developers."),(0,ce.kt)("h3",{id:"crun-update---dan-walsh-and-giuseppe-scrivano-1855-in-video"},"crun Update - Dan Walsh and Giuseppe Scrivano (18:55 in video)"),(0,ce.kt)("p",null,"Latest crun ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/crun/releases/tag/1.5"},"release"),", has changes for Wasmedge 0.10 support. This is not shipped by default. Free to try it out right now, and they're looking for users to test with. They hope to find people to play with this functionality. This will help to enhance the oci runtimes so you could run different runtimes more easily, such as Wasm. Possibly this could be used for Java or Javascript. The next version of crun in Fedora will have this subpackage, but it won't be enabled. Need to get packages for Wasm into Fedora yet. Krun, similar to Kata containers with full KVM separataion. It's lighter and missing features that Kata has. Should be able to do ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman --run krun")," to enable. Lokesh and Dan talked aobut the packaging for krun and Podman. Dan thinks we'll have a number of packages over time. For more ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/crun/blob/main/docs/wasm-wasi-example.md"},"information")),(0,ce.kt)("h4",{id:"open-discussion-2918-in-video"},"Open discussion (29:18 in video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Pushing both images on podman push. This comes into play when you're pushing partial images. If we move to this, which uses zstd instead of gzip, it could potentialy break Docker and other container engine compatibility. The thought is to give users a number of conversion formats that could be used when pushing images. This may require two images to be pushed at the same time. Likely a containers.conf setting to select compression algorithm or to allow multiple pushes at once. Valentin had thought that when selecting an image from a manifest or an oci index, many clients pick the first one. So existing clients would cointinue to work. If we want to do the cstandard search, we'd have to traverse the full list first. Very early design discussions are going on. He expects cost to be minimal as traversing the manifest list is much smaller than the images on the repository. So gzip would still be in play to keep other container engines happy, but newer versions could start pushing this new zstd format. Once we have a prototype, this will be opened up to OCI for further review. We could then create PR's in other container engines such as Docker. No current design document, but one will be added to the discussion section for Podman on GitHub")),(0,ce.kt)("h3",{id:"next-meeting-thursday-august-18-2022-1100-am-edt-utc-5"},"Next Meeting: Thursday August 18, 2022 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h2",{id:"august-18-2022-topics"},"August 18, 2022 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"None Discussed")),(0,ce.kt)("h3",{id:"next-community-meeting-tuesday-august-2-2022-1100-am-edt-utc-5"},"Next Community Meeting: Tuesday August 2, 2022 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h3",{id:"possible-topics"},"Possible Topics:"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"None discussed")),(0,ce.kt)("p",null,"Meeting finished 11:45 a.m."),(0,ce.kt)("p",null,"Raw Meeting Chat:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"You11:01 AM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nEd Santiago11:03 AM\nhttps://github.com/containers/podman/pull/14931\nAditya Rajan11:21 AM\nhttps://github.com/containers/crun/releases/tag/1.5\nAditya Rajan11:31 AM\nhttps://github.com/containers/crun/blob/main/docs/wasm-wasi-example.md\nPreethi Thomas11:43 AM\nlol\nvoluntell\n")))}Rn.isMDXComponent=!0;const On={},Jn="Podman Community Meeting Notes",Fn=[{value:"December 6, 2022 11:00 a.m. Eastern (UTC-5)",id:"december-6-2022-1100-am-eastern-utc-5",level:2},{value:"Attendees (16 total)",id:"attendees-16-total",level:3},{value:"Meeting Start: 11:02 a.m. EST",id:"meeting-start-1102-am-est",level:2},{value:"BlueJeans Recording",id:"bluejeans-recording",level:3},{value:"MinIO Demo",id:"minio-demo",level:2},{value:"Will Dinyes - MinIO",id:"will-dinyes---minio",level:3},{value:"(1:12 in the video)",id:"112-in-the-video",level:4},{value:"Slides",id:"slides",level:4},{value:"Demo (7:18 in the video)",id:"demo-718-in-the-video",level:4},{value:"Embedding inside an AutoSD Image",id:"embedding-inside-an-autosd-image",level:2},{value:"Ygal Blum - Red Hat",id:"ygal-blum---red-hat",level:3},{value:"(16:26 in the video)",id:"1626-in-the-video",level:4},{value:"Slides",id:"slides-1",level:4},{value:"Demo (22:45 in the video)",id:"demo-2245-in-the-video",level:4},{value:"Open Forum/Questions?",id:"open-forumquestions",level:2},{value:"(33:34 in the video)",id:"3334-in-the-video",level:4},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday February 7, 2022, 11:00 a.m. Eastern (UTC-5)",id:"next-meeting-tuesday-february-7-2022-1100-am-eastern-utc-5",level:2},{value:"Next Cabal Meeting: Thursday December 15, 2022, 11:00 a.m. Eastern (UTC-5)",id:"next-cabal-meeting-thursday-december-15-2022-1100-am-eastern-utc-5",level:2},{value:"Meeting End: 11:46 a.m. Eastern (UTC-5)",id:"meeting-end-1146-am-eastern-utc-5",level:3},{value:"BlueJeans Chat copy/paste:",id:"bluejeans-chat-copypaste",level:2}],Gn={toc:Fn},Yn="wrapper";function Un(e){let{components:t,...a}=e;return(0,ce.kt)(Yn,(0,Q.Z)({},Gn,a,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting-notes"},"Podman Community Meeting Notes"),(0,ce.kt)("h2",{id:"december-6-2022-1100-am-eastern-utc-5"},"December 6, 2022 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"attendees-16-total"},"Attendees (16 total)"),(0,ce.kt)("p",null,"Tom Sweeney, Will Dinyes, Ygal Blum, Chris Evich, Ashley Cui, Paul Holzinger, Nalin Dahyabhai, Giuseppe Scrivano, Preethi Thomas, Matt Heon, Miloslav Trmac, Urvashi Mohnani, Mohan Bodu, Ed Santiago, Martin Jackson, Lance L, Florent Benoit, Brent Baude"),(0,ce.kt)("h2",{id:"meeting-start-1102-am-est"},"Meeting Start: 11:02 a.m. EST"),(0,ce.kt)("h3",{id:"bluejeans-recording"},"BlueJeans ",(0,ce.kt)("a",{parentName:"h3",href:"https://www.youtube.com/watch?v=GZNazm39wEo"},"Recording")),(0,ce.kt)("h2",{id:"minio-demo"},"MinIO Demo"),(0,ce.kt)("h3",{id:"will-dinyes---minio"},"Will Dinyes - MinIO"),(0,ce.kt)("h4",{id:"112-in-the-video"},"(1:12 in the video)"),(0,ce.kt)("h4",{id:"slides"},(0,ce.kt)("a",{target:"_blank",href:n(31976).Z},"Slides")),(0,ce.kt)("p",null,"MinIO\u2019s Interest in Podman is to have a platform to run test cases for their courses."),(0,ce.kt)("p",null,"MinIO is an S3 compatible API, the de facto standard for Object storage"),(0,ce.kt)("p",null,"MinIO includes Single Sign On, Object Locking, Encryption & Tamper-proof, Lambda Compute, Protects against code and bit rot protection, and Server Side Bucket Replication."),(0,ce.kt)("p",null,"It's a small server and can be installed just about anywhere."),(0,ce.kt)("p",null,"Lots of use cases.\nBig Data/Machine Learning\nHDFS replacements\nHigh-Performance Data lake/warehouse infrastructure\nCloud Native applications"),(0,ce.kt)("p",null,"You can move your data without being locked into a particular platform."),(0,ce.kt)("p",null,"He uses Podman and MinIO for the development environment and for quick stand-ups. MinIO is open-source and free to use. He can containerize MinIO for even further portability."),(0,ce.kt)("h4",{id:"demo-718-in-the-video"},"Demo (7:18 in the video)"),(0,ce.kt)("p",null,"Ran Podman on a Mac. MinIO needs to attach to actual storage. He ran 'podman machine init -v /tmp/data:/Minio/data' followed by 'podman machine start'"),(0,ce.kt)("p",null,"He can now change the data in MinIO after running a large ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman run")," command."),(0,ce.kt)("p",null,"It pulled down an image from quay.io, and it brought up the MinIO console. It showed data for his content that he was using elsewhere. All very easily and quickly."),(0,ce.kt)("p",null,"Runs on less than 100 MB and can be easily migrated to the cloud."),(0,ce.kt)("p",null,"Potential use cases? Could it be used for a backup situation? Yes, it fits this scenario well for S3 backups. If S3 is being used already, MinIO can actually be dropped in as a replacement. You can then back up to any cloud that you want."),(0,ce.kt)("h2",{id:"embedding-inside-an-autosd-image"},"Embedding inside an AutoSD Image"),(0,ce.kt)("h3",{id:"ygal-blum---red-hat"},"Ygal Blum - Red Hat"),(0,ce.kt)("h4",{id:"1626-in-the-video"},"(16:26 in the video)"),(0,ce.kt)("h4",{id:"slides-1"},(0,ce.kt)("a",{target:"_blank",href:n(18064).Z},"Slides")),(0,ce.kt)("p",null,'Taking "Build once RUn anywhere to the Edge"\nWorks on the Ecosystem Engineering and works on Red Hat team looking to envision how to run containers on automobiles.'),(0,ce.kt)("p",null,"Build Once, Run Anywhere\nCoined by Sun Microsystems\nAbility to write Java code once and run it anywhere\nExpanded by the use of Container Images"),(0,ce.kt)("p",null,"Two Base Elements\nContainer Image\nRunning Instructions"),(0,ce.kt)("p",null,"The instructions format may vary:\nCommand line arguments\nDocker-Compose file\nKubernetes YAML"),(0,ce.kt)("p",null,"Using ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman kube play"),", users can reuse K8S YAML file"),(0,ce.kt)("p",null,"Podman is daemonless, who will monitor the container when it stops? systemd is use. Tools like ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman generate systemd"),', soon "Quadlet" to facilitate this.'),(0,ce.kt)("p",null,"OSBuild is a tool for composing O/S images, it allows embedding files and enabling of services in the image. You can compose an image for an edge device using it."),(0,ce.kt)("h4",{id:"demo-2245-in-the-video"},"Demo (22:45 in the video)"),(0,ce.kt)("p",null,"Showed simulation for the engine and radio. When the engine goes in reverse, the volume decreased for the radio. The volume goes up on acceleration, and then up/down on channel changes."),(0,ce.kt)("p",null,"Applied a yaml file to an openshift cluster. Created a volume and an application, then applied the engine and radio using their yaml files."),(0,ce.kt)("p",null,"It shows an easy way to run Podman or Kubernetes using the same YAML file."),(0,ce.kt)("p",null,"The ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman kube play")," command will ignore things it doesn't understand and works well with using/running things in the Kurbernetes space."),(0,ce.kt)("p",null,"He used that command to get the engine, radio up in Podman, with the same messages shown. So you can reuse Kubernetes Yaml in Podman, which is especially helpful in a test environment when you don't want to use up a lot of CPU time/space."),(0,ce.kt)("h2",{id:"open-forumquestions"},"Open Forum/Questions?"),(0,ce.kt)("h4",{id:"3334-in-the-video"},"(33:34 in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Quadlet will that be in Podman? Yes, in Podman v4.4, and set for RHEL 8.8/9.2 is current plans but still under consideration. Martin has been looking at quadlet lately and has been impressed by it so far.")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"blog.podman.io - new blog site that was demo'd, including a couple of new articles. Lot's of link tidying up to do, and need to port older blogs.")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Matt noted that Podman v4.3 is done now. Podman v4.4 RC in mid to late January 2023."))),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"None suggested")),(0,ce.kt)("h2",{id:"next-meeting-tuesday-february-7-2022-1100-am-eastern-utc-5"},"Next Meeting: Tuesday February 7, 2022, 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h2",{id:"next-cabal-meeting-thursday-december-15-2022-1100-am-eastern-utc-5"},"Next Cabal Meeting: Thursday December 15, 2022, 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"meeting-end-1146-am-eastern-utc-5"},"Meeting End: 11:46 a.m. Eastern (UTC-5)"),(0,ce.kt)("h2",{id:"bluejeans-chat-copypaste"},"BlueJeans Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Brent Baude11:39 AM\nhttps://blog.podman.io/\n")))}Un.isMDXComponent=!0;const qn={},zn="Podman Community Meeting Notes",Vn=[{value:"April 4, 2023 11:00 a.m. Eastern (UTC-5)",id:"april-4-2023-1100-am-eastern-utc-5",level:2},{value:"Attendees (17 total)",id:"attendees-17-total",level:3},{value:"Meeting Start: 11:03 a.m. EST",id:"meeting-start-1103-am-est",level:2},{value:"Video Recording",id:"video-recording",level:3},{value:"Netavark Plugins",id:"netavark-plugins",level:2},{value:"Paul Holzinger",id:"paul-holzinger",level:3},{value:"(1:30 in the video)",id:"130-in-the-video",level:4},{value:"Demo (1:45 in the video)",id:"demo-145-in-the-video",level:4},{value:"Podman Machine OS Demo",id:"podman-machine-os-demo",level:2},{value:"Ashley Cui",id:"ashley-cui",level:3},{value:"(9:07 in the video)",id:"907-in-the-video",level:4},{value:"Demo - (9:14 in the video)",id:"demo---914-in-the-video",level:3},{value:"Podman Database Update",id:"podman-database-update",level:2},{value:"Matt Heon",id:"matt-heon",level:3},{value:"(19:18 in the video)",id:"1918-in-the-video",level:4},{value:"Open Forum/Questions?",id:"open-forumquestions",level:2},{value:"(23:45 in the video)",id:"2345-in-the-video",level:4},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday, June 6, 2023, 11:00 a.m. Eastern (UTC-4)",id:"next-meeting-tuesday-june-6-2023-1100-am-eastern-utc-4",level:2},{value:"Next Cabal Meeting: Thursday, April 20, 2023, 11:00 a.m. Eastern (UTC-4)",id:"next-cabal-meeting-thursday-april-20-2023-1100-am-eastern-utc-4",level:2},{value:"Meeting End: 11:33 a.m. Eastern (UTC-4)",id:"meeting-end-1133-am-eastern-utc-4",level:3},{value:"Google Meet Chat copy/paste:",id:"google-meet-chat-copypaste",level:2},{value:"Raw Google Meet Transcription",id:"raw-google-meet-transcription",level:2}],Kn={toc:Vn},Qn="wrapper";function Zn(e){let{components:t,...n}=e;return(0,ce.kt)(Qn,(0,Q.Z)({},Kn,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting-notes"},"Podman Community Meeting Notes"),(0,ce.kt)("h2",{id:"april-4-2023-1100-am-eastern-utc-5"},"April 4, 2023 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"attendees-17-total"},"Attendees (17 total)"),(0,ce.kt)("p",null,"Ashley Cui, Brent Baude, Christopher Evich, Daniel Walsh, Ed Haynes, Ed Santiago Munoz, fpoirotte, Giuseppe Scrivano, Jake Correnti, Mark Russell, Matt Heon, Mohan Boddu, Nalin Dahyabhai, Paul Holzinger, Tom Sweeney, Urvashi Mohnani, Valentin Rothberg"),(0,ce.kt)("h2",{id:"meeting-start-1103-am-est"},"Meeting Start: 11:03 a.m. EST"),(0,ce.kt)("h3",{id:"video-recording"},"Video ",(0,ce.kt)("a",{parentName:"h3",href:"https://youtu.be/B1OynYGBHz8"},"Recording")),(0,ce.kt)("h2",{id:"netavark-plugins"},"Netavark Plugins"),(0,ce.kt)("h3",{id:"paul-holzinger"},"Paul Holzinger"),(0,ce.kt)("h4",{id:"130-in-the-video"},"(1:30 in the video)"),(0,ce.kt)("h4",{id:"demo-145-in-the-video"},"Demo (1:45 in the video)"),(0,ce.kt)("p",null,"The next Netavark will introduce plug-in support for the network. Paul showed a Rust plugin and ran through the code. He copied it to /usr/local/netavark. Now when he does podman info, it shows the plugin. He then did ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman network create --driver host-device-plugin --interface-name test1 test1"),", and it created the ",(0,ce.kt)("inlineCode",{parentName:"p"},"test1")," network."),(0,ce.kt)("p",null,"You can code what you want, and he's provided a simple Rust interface. To use, you need to define a create and teardown function in your plugin."),(0,ce.kt)("p",null,"You can then do a ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman network inspect test1")," to show the characteristics of the plugin."),(0,ce.kt)("p",null,"The goal is to allow CNI plugins to be modified into Netavark plugins using this ability in the future."),(0,ce.kt)("h2",{id:"podman-machine-os-demo"},"Podman Machine OS Demo"),(0,ce.kt)("h3",{id:"ashley-cui"},"Ashley Cui"),(0,ce.kt)("h4",{id:"907-in-the-video"},"(9:07 in the video)"),(0,ce.kt)("p",null,"A new suite of commands in ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman machine")," lets you build a container image and add packages into your VM on the Mac."),(0,ce.kt)("h3",{id:"demo---914-in-the-video"},"Demo - (9:14 in the video)"),(0,ce.kt)("p",null,"She created a machine. Then showed a Containerfile with RHCOS to build an image using a regular ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman build")," command."),(0,ce.kt)("p",null,"She then used apply from the image to the machine, and it bumped the Podman version on the machine, which took effect after the machine was rebooted."),(0,ce.kt)("p",null,"Useful for folks that want to try different versions of Podman in the machine, especially useful for testing. You only need to know about Containerfile information, rather than the VM's interfaces."),(0,ce.kt)("p",null,"It supports pulling the images from anywhere. So you could push an image to a registry, then multiple users could pull the image and get the same image at each one.."),(0,ce.kt)("p",null,"Brent thought of two use cases. One to run the latest Podman in the machine, great for development. Also useful for non-native arch builds in the machine."),(0,ce.kt)("p",null,"Matt asked about OS reversion and whether updates would happen automatically. Ashley said it should, but she's still testing the scenarios."),(0,ce.kt)("h2",{id:"podman-database-update"},"Podman Database Update"),(0,ce.kt)("h3",{id:"matt-heon"},"Matt Heon"),(0,ce.kt)("h4",{id:"1918-in-the-video"},"(19:18 in the video)"),(0,ce.kt)("p",null,"An update that should be invisible, but just as a heads up. The database system is currently BoltDB and we thought it did what we needed. However, a number of data corruption issues with BoltDB have arisen lately, and not a lot of support from the providers."),(0,ce.kt)("p",null,"The Podman team decided that it was no longer safe to use BoltDB, nor support it. So a new SQLlite interface is being used. In Podman v4.5, it will be available for use, but will not be the default. Likely that in Podman v4.6 it will be the default."),(0,ce.kt)("p",null,"We expect better stability, better performance, especially in large reads of images."),(0,ce.kt)("p",null,"Most people won't care about this for the near future. We will announce BoltDB deprecation and then provide scripts to change over later on."),(0,ce.kt)("h2",{id:"open-forumquestions"},"Open Forum/Questions?"),(0,ce.kt)("h4",{id:"2345-in-the-video"},"(23:45 in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"When is Podman v4.5 coming out?\nIdealy late next week, RC1 came out yesterday, and the final version late next week with a couple of RCs before the final.")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Next version of Podman in RHEL will be Podman v4.6 in RHEL 8.9/9.3. Podman v4.4.1 will be in RHEL 8.8/9.2."))),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Quadlet demo."),(0,ce.kt)("li",{parentName:"ol"},"Podman v4.5 Demo - Matt"),(0,ce.kt)("li",{parentName:"ol"},"QM quadlet - Dan"),(0,ce.kt)("li",{parentName:"ol"},"Podman Desktop v1.0 - Stevan Le Meur")),(0,ce.kt)("h2",{id:"next-meeting-tuesday-june-6-2023-1100-am-eastern-utc-4"},"Next Meeting: Tuesday, June 6, 2023, 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"next-cabal-meeting-thursday-april-20-2023-1100-am-eastern-utc-4"},"Next Cabal Meeting: Thursday, April 20, 2023, 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"meeting-end-1133-am-eastern-utc-4"},"Meeting End: 11:33 a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"google-meet-chat-copypaste"},"Google Meet Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"https://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nYou11:04\u202fAM\nIf you have not signed in, please do so in hackmd: https://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nBrent Baude11:10\u202fAM\nthis is awesome\nPaul Holzinger11:12\u202fAM\nnetavark plugins PR: https://github.com/containers/netavark/pull/509\nneeds someone to review and merge :)\nMatt Heon11:13\u202fAM\nI'm on it. After lunch at least.\n")),(0,ce.kt)("h2",{id:"raw-google-meet-transcription"},"Raw Google Meet Transcription"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"ieq-pxhy-jbh (2023-04-04 11:02 GMT-4) - Transcript\nAttendees\nAshley Cui, Brent Baude, Christopher Evich, Daniel Walsh, Ed Haynes, Ed Santiago Munoz, fpoirotte, Giuseppe Scrivano, Jake Correnti, Mark Russell, Matt Heon, Mohan Boddu, Nalin Dahyabhai, Paul Holzinger, Tom Sweeney, Urvashi Mohnani, Valentin Rothberg\nTranscript\nThis editable transcript was computer generated and might contain errors. People can also change the text after it was created.\nTom Sweeney: Hello everybody. Welcome to the Clubman community meeting today is Tuesday, April 4, 2023. Just as a reminder, we are. We have this meeting every other month on the even numbered months, we talked about all things podman or containers with any kind of demo or discussions along those lines. Topics are driven by people sending me stuff for me asking people or people coming along and or sometimes within our groups being asked to set something here. And again, anything for pop, man, build a Scorpio or any of their Well, probably be helpful if I actually shared my screen as well.\nTom Sweeney: Build our Scorpio and related projects, I'll be taking meeting notes today within the hack. MD, If you see something that put in that's incorrect or you want to add a link or something to that, please feel free to do so. And then for today, we will be talking about net of our plugins with Paul Holzinger. Then Ashley Q, Ashley will be doing a five man, machine OS demonstration for us. And then that will be talking about podman updates for to the database that we're working on right now coming out soon. And then we'll be talking about topics for next meeting And/or. Any open discussions that you want to have So, with all that, I'm going to stop presenting and I'm going to hand it over to Paul.\nPaul Holzinger: Okay. I am going to share the screen.\nPaul Holzinger: so, none of our plugins is for a way to Manage certain extra wishes which you want in your network setup. So with C&i where you could customize a lot, you could write your own plugins and network only supported Bridge. Make VLAN and no IPV then.\nPaul Holzinger: that's, That's good, but not enough for some users. So, with the next version we gonna introduce plug-in support and network, And I'm going to show very quick. I have a small example. Written in. Rust.\nPaul Holzinger: It's so the concept is pretty simple, you're plugging can create a network config. Then it needs to do. set up, which is just, Like, set up would be. Creating an interface in a container namespace and connecting it to the host. And you can do pretty much what you want. That's whatever you call. And tear down should pretty much. Be the inverse of setup. So we moved in the face again. And yeah, that's that's pretty much it. That I can. I can link to PR afterwards where there's a documentation holder. And convict chase and looks and how it works. Pretty much. And with that, I have a simple.\nPaul Holzinger: Simple plugin here. Host device plugin. I Copied to the. User local like never Mark directory, which can be configured and containers.com. And now, if I have to. Portman info. I should see. On the network that it detected. The plugin here. and that means I should be able to do a simple portman network create Driver. And then host device plugin. And the host device. Plugin is example, is just very simple one that Most host interface into the container, and if you stop the container, we move the interface back to the host.\nPaul Holzinger: And that there's a new option. I will editor in something.\nPaul Holzinger: Interface Name and I create already created an interface like on my host. I have a test one. And then I give a network name. Also test one so I can show the interface. Just one. And if, you know, run a container, Apartment run. Network test One. Alpine. And take a look. Test one must moved in. And if I show again, it's back. So if I Run this in the background pretty quick. Just to show that. It was really moved 10 seconds. Let's see the interface is gone.\n00:05:00\nPaul Holzinger: If we made this moment,\nPaul Holzinger: no, no I'm just yeah now the container stopped it's big so,\nPaul Holzinger: Let's just a very simple example. You can. Code, whatever you want in there. And I provided a simple rust interface. To automatically take care of. the so it's a it's a external binary you have A sub command for create, for setup for teardown. And if you use the Small rust binding. It will take care of the setup and stuff and then you just Let me see if I can increase the size. Yes.\nPaul Holzinger: like the that's the pretty much what you need in your plugin and you import You import the trade? And then, you must define. a create function, a setup function, which gets the like the path for the network and Yeah, this settings like the third like the network config I can. it's You get order in for you, you can put in a network config and do whatever you're like. So if you do the\nPaul Holzinger: Network inspect.\nPaul Holzinger: So this kind of information your your plugin sees as well. And then you can decide what you want to do. And if you use the - subnet option and stuff, you have the top nets in here like like you are used to, if you Inspect, the normal network, like you have all all the information. And with that, I'm done if there are any questions, please ask them now. Or later.\nDaniel Walsh: You see people modifying CNI plugins to work with us? The goal.\nPaul Holzinger: That's that's the goal. So because we are gonna deprecate, CNI at like remove it. At some point, we are going to remove the roof to the support and to have a way for some people who are currently having their own custom work. They need to Adapt to to this new one or use a standard driver or there are many ways to set up network of even without that you can use a custom network namespace path. But with this it's pretty simple because the setup and teardown is is built into portman right in into the container life cycle with all having to manage anything as\nPaul Holzinger: and advantage to the scene icon and instead I integrated the support into Portman network Create as well. So you know we've seen eye plugins custom stuff, you need to manage your CONFIGS on there and place it in the right direction. With that, you're just network create and\nPaul Holzinger: Hey, Google.\nDaniel Walsh: Very nice.\nTom Sweeney: Any other questions?\nTom Sweeney: Right, thanks Paul. Look great. Ashley Potman Machine West, demo\nAshley Cui: Yeah, I'm gonna share my screen. I demo this already and the container plumbing days but I'm going to show it again for those who aren't that conference but basically we have a new command in podmachine called Padme Machine OS, apply or It's a suite of commands applies. The only one in there at the current moment but what it allows you to do is Ontrador Cora Space Systems which is the default OS for Padre, Machine on Mac and Linux it allows you to take a container image and\nAshley Cui: Add packages based on or build a container image from like a container file and an ad packages into your VM, through rpmos tree,\u2026\nTom Sweeney: Off.\nAshley Cui: which is the package manager for Fedora chorus. So I'm just going to play my demo over here. So I'm going to start a\u2026\n00:10:00\nTom Sweeney: because,\nAshley Cui: where I'm going to make a new podman machine and parts of these. Are sped up for four times sake but it's all like yeah. Anyway,\nAshley Cui: And then I'm going to start the machine that I just created so this is just like kind of your vanilla machine. Nothing special inside of it, just your default pond machine. And then, so I'm going to check the podman version and outside the machine. Is the server is, or the server inside the machine is 441, and then the client outside the machine is 4.5. And then. So now I have this container file, it's kind of a standard container file from, but it has Fedora Cross as the base image and what what I'm doing is I'm running rpmos tree and updating containers or podman and it's friends to the most latest upstream version on main and also removing a bunch of stuff. um, and so I'm going to use this container file and build an image.\nAshley Cui: And also tag it correctly. I assume\nAshley Cui: and then, so it's gonna this is just a standard podman build like there's nothing special in a regular podium builds command\nAshley Cui: And so now we have this image that we just built. in our, Local storage.\nAshley Cui: And then again, checking the cloud inversion inside the VM, it's 441 outside, it's 4.5. And now I'm going to do a pod machine osupply to the and specify the image that I just built and it should apply it to the default POD machine. You can use if your pottery machine is, you know, name something else. You can use that as a second argument and it will apply it to that machine. And then I for Is to take effect, you have to reboot your machine.\nAshley Cui: And then now if you take a look at diversion inside of the VM, the pod machine, it's upgraded to 4.5 dev so you can see. So this feature is like particularly useful for people who want to experiment with different packages and versions of podium inside the the pod inside the machine. So I guess like For example, like the desktop team uses this or can use this if they want the latest upstream version of podman inside of their pod machine to like, tests and stuff. And again like it allows users to customize the machine in a familiar way so you don't have to go and build new VMs and learn like VM tooling you can you can use what you know which is like container files and building images in order to customize and put whatever you need inside of the VM.\nAshley Cui: By by just building images and using problems, you know, a supply. So that's that's basically the demo if anybody has any questions.\nDaniel Walsh: Showed you updated from container storage inside of the machine. That was So could it could I call could I do that with a registry?\nAshley Cui: Yes.\nAshley Cui: Yes. So it supports anything that like podcast supports it, anything that like Scopia supports, you can pull it from a registry, you can pull it from local. You can do a bunch of stuff. Yeah.\nDaniel Walsh: So if I if I was a company I wanted to do this I could push to a right. I could push it update to a registry and then every one of my users on all the different machines automatically. Do they have do that machine update from a registry and everybody would get the same version. Correct.\nAshley Cui: Yes, absolutely. Yeah.\nDaniel Walsh: Cool.\nBrent Baude: I'll just add that. I think there were two use cases in mind. When we went through this design, and Ashley showed the one where we can run the Latest pod man inside the machine, which is great for development and testing. The other one we've had in in mind is the folks that are wanting to do various multi-arch, or non-native arts. Builds or runs or testing, where they need some commute package to be on there. Which does not come as a default. So this is a easy way to plop those on real quick and be able to do whatever it is. You you had in mind.\n00:15:00\nDaniel Walsh: so, two weeks from now with new Core or West comes out. And gets updated what happens? Then\nBrent Baude: What?\nDaniel Walsh: We have to rerun the apply is. Rebuilt with rebuild. And then do we really apply, right?\nBrent Baude: Are you wanting to revert or\u2026\nDaniel Walsh: now, I'm just saying so I've added I guess there's an example.\nBrent Baude: do you want to get done?\nDaniel Walsh: There's a question out on One of the issues, someone wanted installed QM user. You know, that's 390 and\u2026\nBrent Baude: Yep.\nDaniel Walsh: so they install it, they go through this procedure, they install it. And we're running for OS 37 and 37.1 comes out. Now they want to update,\u2026\nBrent Baude: Sure.\nDaniel Walsh: they're gonna have to go through this procedure again to\nBrent Baude: If they no longer require the 390 packages, they could just simply take, take the update. or they could just execute a rebuild, which would in the container file would have from you\u2026\nDaniel Walsh: Okay.\nBrent Baude: with latest which would mean the new version that the door chorus just made, so then A simple rebuild would be enough to do it and and ideally users would be doing a stop of CI. Type things or off of github actions. Where if a repo changes, it would just automatically build and that way they consume, and then it wouldn't be on the user's shoulders to do that manual. Work.\nMatt Heon: Question. If I were to decide to switch back from my custom OS supply, to say Standard F cost, the stable train, does that put me back on automatic updates or am I going to have to do something to get back on automatically updating?\nAshley Cui: So I'm working on the current OS revert. The way that it works right now is it should I put you back on automatic updates? Because I think the automatic update driver is called like Syncotti and that if it detects that you're on a regular stream of fedora, then it should automatically update from what I've seen. Not 100% sure, but from my testing, but it just depends on like what your base was before I believe.\nTom Sweeney: Any other questions for Ashley?\nBrent Baude: This is going to end when you the one of the things that takes a little getting used to here is we'd very much have had a feeder in Fedora chorus. But now this pivot you have to think of your OS as a container image. And then those all those things we've learned about being an image, maintenance applies,\nTom Sweeney: Pretty. I'm hearing anything else at this point, so I think I'm going to turn it over to Matt for the podman database update.\nMatt Heon: All right, so this is in updates on some internal things on podman that you should not have to care about but unfortunately, you may have to with the coming future. Uh, so podman has a back-end database and if you're just upon an user not developer you probably have no knowledge of this because it's used purely for internal things. We used to store the state of containers and figuration containers, things like that. Um and this was previously in something called Bolt DB, which is a native glen better database, very simple and we thought that it did everything we needed. However, over the last year, so we've become aware of an increasing number of reports of data corruption with both dB to the poor. I wouldn't call it common, but if you are to shut your computer down on expectantly, while Bolt is doing something, there is apparently a fairly good chance that you're going to end up with an unusual database.\n00:20:00\nMatt Heon: Which means all your containers are gone, basically, requires complete recreate. So we've been looking into this for a while now and we came to the conclusion that it was not really safe to continue using Bull TB. It was unmaintained, there was basically no error handling. There was no path to data recovery and it didn't seem like it would be reasonably possible to create or to fix it rather. So that it did not corrupt itself. So we have investigated alternative database solutions and we now have an alternative database driver written up that uses SQLite instead. So right now, this is just gonna be a tech preview thing that is going to come out with the next partner and release Pod Man. Four, five of the next couple weeks and it's not going to be default for now it's just for people who want to opt into testing it at some point in the future. Probably Paul man for six we're going to see about making it the default for new installations.\nMatt Heon: existing insulations, will continue to use both DB And at some point in the further off future, we will investigate removing multi-b completely. And basically, having only SQLite and again, primary things you can expect from this transition. One stability Pod, man will stop eating its own database in cases of unexpected power loss. That's obviously, plus two performance in some operations, especially read operations. If you have large wise of containers and you're doing something like a podman PS, you can expect a significant performance boost. And three long term stability, we feel that SQLite has a much more vibrant and large community than volt dB does and as such there's a lot more potential future growth there in terms of performance, in terms of stability.\nMatt Heon: Potentially features but we're probably not using those. It's going to be a very simple database driver still. So generally speaking, you probably should not have to care about this for this foreseeable future, but at some point in the future, we are going to be announcing a the deprecation and removable DB And when we do that, we will have steps for you to take to get on the new SQLite driver if you haven't already and you probably won't have to. Because again, new installations will be switched over to SQLite. Won't before that And that is a general summary of what to expect with our move to seek lights. Why we're doing it? What to expect\nTom Sweeney: like,\nMatt Heon: Any questions?\nTom Sweeney: Very quiet bunch today.\nTom Sweeney: Right, I'm not hearing any questions for that. So I think we'll do is go on to the open form and questions that just ask. Are there any general questions or comments that you want to make?\nDaniel Walsh: I'll guess I'll ask a question that I potentially know the answer to One is pardman Ford, our five coming out.\nMatt Heon: Ideally next week late next week, we have rc1 just came out yesterday.\nTom Sweeney: Five.\nMatt Heon: I'm expecting an rc2 later this week potentially an rc3 early. Next week. If we feel, we need it and then a final late next week.\nDaniel Walsh: Okay, and I guess the other question would be what versions are gonna be showing up in the next version of Rella?\nMatt Heon: What are five will not be one of those. We're expecting our next major. Drop into Rel /. Centos stream is going to be for six, which will probably be more of a late summer type of time frame.\nDaniel Walsh: So, I, I would follow that. So right now, apartment 4.4 that one, I think, is that, right? Tom is gonna be in real 902 in Raleigh.8.\nDaniel Walsh: As I asked loaded questions.\n00:25:00\nMatt Heon: Yeah, we're expecting a 4.6 in nine three and eight nine, I believe. And yeah. Generally speaking, we're going to continue on the same sort of cadence, we had before retargeting for ish, releases per year pot man. And two of those will end up in Ralph from here on out.\nTom Sweeney: And whatever. It's worth the 441, which will be in podman 8892 will be released. sometime in early May\nTom Sweeney: and then the fourth sixth version will be able to sometime in January. I want to say no February. Getting dates.\nDaniel Walsh: Hey.\nTom Sweeney: Yeah, did somebody popping? but the question,\nTom Sweeney: Or comment.\nTom Sweeney: Okay. Also, while we're here, anybody have any Topics Suggestions For the next meeting in June 6, we have one for a quadlet demo already.\nMatt Heon: Will probe that would not be a bad time to show off podman 4-5. We're still firming some things up right now. So we couldn't really don't want today but we should have a good summary of what's in four or five by the next meeting.\nTom Sweeney: But anybody else or any other questions otherwise we're going to quite a bit early today but that's not a bad thing.\nTom Sweeney: Okay, then we'll just I'll just remind for the next meetings. We are having a meeting on Tuesday, June 6th for the Quad Man community meeting which again is the demo, kind of meetings, and our next cabal meeting for the community will be on Thursday, April 20th, which is two weeks from this Thursday, I believe. And those meetings are used mostly for design. Kind of work for plugin or any technical discussions related to the to the code base. Pretty much. And we're always happy to have comments or suggestions or topics for other. One of those, please be afraid to send me an email directly or put stuff up in the discuss discussion forums that we have on Github for providing. And unless anybody has anything else I'm going to End the recording.\nTom Sweeney: Okay, recordings done. Anybody wants anything off offline other than Hi? Jake. Good to see you again.\nJake Correnti: Everyone's good to see you.\nDaniel Walsh: Hey, Jake. And yeah at that time Tom I probably do a QM, the qmse Linux thing that I've done internally so I can do that for the next. To explain how we're using Quad LED Auto.\nTom Sweeney: For the next demo or for the community meeting. Okay.\nDaniel Walsh: Yeah. Next next community meeting\nTom Sweeney: That.\nDaniel Walsh: and hopefully, we can get an update from five main desktop at that point since they'll be just about to go 1.0 What's the date of that?\nTom Sweeney: Not know, actually, do you know?\nAshley Cui: Many 22nd.\nDaniel Walsh: What's the date of the next cabal? I mean, the next Emma.\nTom Sweeney: Yeah, well, the next ball is April 20th. The next community meeting is June 6th.\nDaniel Walsh: Yeah, so we could have them fell just release 1.0 so he probably should have them back into a demonstration.\nTom Sweeney: I'll check with stuff on.\nTom Sweeney: Right. I'm gonna Close up the meeting. I'm not hearing anything else, folks. Enjoy your lunch dinner breakfast. Whatever. Take care.\nEd Santiago Munoz: Let's work everybody.\nMohan Boddu: Thank you.\nMeeting ended after 00:30:00 \ud83d\udc4b\n")))}Zn.isMDXComponent=!0;const _n={},Xn="Podman Community Meeting",$n=[{value:"February 2, 2021 11:00 a.m. Eastern (UTC-5)",id:"february-2-2021-1100-am-eastern-utc-5",level:2},{value:"Attendees (49 total)",id:"attendees-49-total",level:3},{value:"Meeting Start: 11:03 a.m.",id:"meeting-start-1103-am",level:2},{value:"BlueJeans Recording",id:"bluejeans-recording",level:3},{value:"Podman v3.0 Overview",id:"podman-v30-overview",level:2},{value:"Matt Heon",id:"matt-heon",level:3},{value:"(1:50 in the video)",id:"150-in-the-video",level:4},{value:"Breaking changes.",id:"breaking-changes",level:4},{value:"Demo",id:"demo",level:4},{value:"Podman with Docker Compose Demo",id:"podman-with-docker-compose-demo",level:2},{value:"Brent Baude",id:"brent-baude",level:3},{value:"(11:20 in the video)",id:"1120-in-the-video",level:4},{value:"Misc Demos",id:"misc-demos",level:2},{value:"Tom Sweeney",id:"tom-sweeney",level:3},{value:"(18:10 in the video)",id:"1810-in-the-video",level:4},{value:"GitHub Discussions",id:"github-discussions",level:2},{value:"Questions?",id:"questions",level:2},{value:"(24:50 in the video)",id:"2450-in-the-video",level:4},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday March 2, 2021, 11:00 a.m. Eastern (UTC-5)",id:"next-meeting-tuesday-march-2-2021-1100-am-eastern-utc-5",level:2},{value:"Meeting End: 11:51 a.m. Eastern (UTC-5)",id:"meeting-end-1151-am-eastern-utc-5",level:3},{value:"BlueJeans Chat copy/paste:",id:"bluejeans-chat-copypaste",level:2}],ea={toc:$n},ta="wrapper";function na(e){let{components:t,...n}=e;return(0,ce.kt)(ta,(0,Q.Z)({},ea,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting"},"Podman Community Meeting"),(0,ce.kt)("h2",{id:"february-2-2021-1100-am-eastern-utc-5"},"February 2, 2021 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"attendees-49-total"},"Attendees (49 total)"),(0,ce.kt)("p",null,"Tom Sweeney, Brent Baude, Jhon Honce, Dan Walsh, Chris Evich, Lokesh Mandvekar, Urvashi Mohnani, Nalin Dahyabhai, Eduardo Santiago, Valentin Rothberg, Giuseppe Scrivano, Miloslav Trmac, Parker Van Roy, Preethi Thomas, JJ Asghar, Hendrik Haddorp, Dan Walsh, Eric The IT Guy, Ashley Cui, Greg Shomo, Lee Whitty, Anders Bj\xf6rklund, Jacob Lindgren, Christian Felder, Alex Litvak, Paul Holzinger, Rodrique Heron"),(0,ce.kt)("h2",{id:"meeting-start-1103-am"},"Meeting Start: 11:03 a.m."),(0,ce.kt)("h3",{id:"bluejeans-recording"},"BlueJeans ",(0,ce.kt)("a",{parentName:"h3",href:"https://bluejeans.com/s/UNt8jSU7IH2"},"Recording")),(0,ce.kt)("h2",{id:"podman-v30-overview"},"Podman v3.0 Overview"),(0,ce.kt)("h3",{id:"matt-heon"},"Matt Heon"),(0,ce.kt)("h4",{id:"150-in-the-video"},"(1:50 in the video)"),(0,ce.kt)("p",null,"Podman 3.0 will be the largest ever. Expecting an RC3 later this week, 3.0 final by Wednesday of next week. Docker Compose support is a large one, along with podman rename. Copy support for remote clieantadded for copying in and out of containers using the http API. A number of network changes added by Paul Holzinger such as network reload, network ls, network create, and more. Networks now have ID's and labels. Podman checkpoint now supports with previous and checkpoint. Full details ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/RELEASE_NOTES.md"},"here"),"."),(0,ce.kt)("h4",{id:"breaking-changes"},"Breaking changes."),(0,ce.kt)("p",null,"Shortnames for CI now prompts for which image you want by default. This is only on a TTY, will not break any scripts. A security feature. In the future if shortnames are set to strict in Podman, scripts will break too, but you will be able set an alias. More info ",(0,ce.kt)("a",{parentName:"p",href:"https://www.redhat.com/sysadmin/container-image-short-names"},"here"),"."),(0,ce.kt)("p",null,"The podman load command no longer accepts a NAME","[:TAG]",", this was incompatible with Docker prior."),(0,ce.kt)("p",null,"The legacy Varlink API has been removed."),(0,ce.kt)("h4",{id:"demo"},"Demo"),(0,ce.kt)("p",null,"Matt started the demo (8:00 in the video):"),(0,ce.kt)("p",null,"Showed how to rename a container. The functionality works on rootful and rootless."),(0,ce.kt)("p",null,"Release notes for v3.0:",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/RELEASE_NOTES.md"},"here")),(0,ce.kt)("h2",{id:"podman-with-docker-compose-demo"},"Podman with Docker Compose Demo"),(0,ce.kt)("h3",{id:"brent-baude"},"Brent Baude"),(0,ce.kt)("h4",{id:"1120-in-the-video"},"(11:20 in the video)"),(0,ce.kt)("p",null,'A number of folks told us they had not moved to Podman from Docker due to a lack of "podman compose".'),(0,ce.kt)("p",null,"Docker-compose is a tool that talks to the docker.sock or podman.sock talking Docker API"),(0,ce.kt)("p",null,"Podman-compose is a wrapper around podman that translates docker-compose yaml files into podman commands."),(0,ce.kt)("p",null,"Now Docker-compose will just talk to podman.sock now."),(0,ce.kt)("p",null,"Brent did demo (13:42 in the video):"),(0,ce.kt)("p",null,"Using a yaml from Docker directly."),(0,ce.kt)("p",null,'"Not terribly exciting, it just does what it does."'),(0,ce.kt)("p",null,"We've had requests for Docker compoese and changes. The initial goal is to make it work rootful with Podman. it does so now. We've had requests for rootless which is feasible, but more work is necessary. It is only rootful for v3.0."),(0,ce.kt)("p",null,"Docker Compose articles:"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("a",{parentName:"li",href:"https://www.redhat.com/sysadmin/podman-docker-compose"},"https://www.redhat.com/sysadmin/podman-docker-compose")),(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("a",{parentName:"li",href:"https://www.redhat.com/sysadmin/compose-kubernetes-podman"},"https://www.redhat.com/sysadmin/compose-kubernetes-podman"))),(0,ce.kt)("p",null,"That second article is where Podman is heading."),(0,ce.kt)("h2",{id:"misc-demos"},"Misc Demos"),(0,ce.kt)("h3",{id:"tom-sweeney"},"Tom Sweeney"),(0,ce.kt)("h4",{id:"1810-in-the-video"},"(18:10 in the video)"),(0,ce.kt)("p",null,"Tom ran a demo to show some small new addtions that might have been lost in the shuffle. He showed the new ",(0,ce.kt)("inlineCode",{parentName:"p"},"--from")," and ",(0,ce.kt)("inlineCode",{parentName:"p"},"--stdin")," options for the ",(0,ce.kt)("inlineCode",{parentName:"p"},"buildah bud")," and ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman build")," commands, plus the new ",(0,ce.kt)("inlineCode",{parentName:"p"},"--list-tags")," option for the ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman search")," command."),(0,ce.kt)("p",null,"Demo Started (18:30 in the video)"),(0,ce.kt)("h2",{id:"github-discussions"},"GitHub Discussions"),(0,ce.kt)("p",null,"Podman has turned on the GitHub Discussions platform for the use of the community. Ask any questions you want there, make announcements of interest, or just drop in and say hi! It's under the \"Discussions\" link on the top of Podman's GitHub page, or directly at: ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/discussions"},"https://github.com/containers/podman/discussions")),(0,ce.kt)("h2",{id:"questions"},"Questions?"),(0,ce.kt)("h4",{id:"2450-in-the-video"},"(24:50 in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"When will v3.0 be available. Next week upstream, should be available in Fedora shortly after that. Hoping to have it in Ubuntu or Debian a bet after that. Centos streams soon after we release and in RHEL 8.4 which is scheduled sometime at the end of May."),(0,ce.kt)("p",{parentName:"li"},"Goal is to make things seamless as possible.")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Red Hat team is working on stabilization changes in the next few weeks. Focus on Mac developments. We think we're feature complete with Docker with the Podman v3.0 release. Work going on for refactoring Podman to hopefully decrease the size of the Podman library. Work continues on getting along with Kubernetest")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Static binaries will be added for v3.0, as there have been some breakage with the nixpackage. Chris has just added a fix for the nix issue.")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Containers Plumbing Conferene coming up in March, March 9 and 10 for four hours each day. Sign up here: ",(0,ce.kt)("a",{parentName:"p",href:"https://containerplumbing.org/"},"https://containerplumbing.org/"))),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Difference between Podman Compose and Docker Compose. Podman compose was written by the community which Dan believes was used to wrap docker yaml files and translate them to direct Podman commands.")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Can you elaborate on the issue with renaming infra-containers ? Matt did something quickly and it has some limitations that will be removed in v3.1. But should work fine for v3.0.")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"New Podman discussions on GitHub: ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/discussions"},"https://github.com/containers/podman/discussions"))),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Journald support. We thought it was working fine with k8s file system. Should be fixed completey in v3.1.")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Brent asked for any missing features that have not been added to GitHub. Anders talked about next generation of boot2docker/boot2podman (and docker-machine/podman-machine), see ",(0,ce.kt)("a",{parentName:"p",href:"https://boot2podman.github.io/"},"https://boot2podman.github.io/")," for details.")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Dan pointed out that we've moved our default run time library from runc to crun. We should still support both."))),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("h2",{id:"next-meeting-tuesday-march-2-2021-1100-am-eastern-utc-5"},"Next Meeting: Tuesday March 2, 2021, 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("p",null,"Setting goal to make April meeting in the evening East Coast, 8 to 10 pm."),(0,ce.kt)("h3",{id:"meeting-end-1151-am-eastern-utc-5"},"Meeting End: 11:51 a.m. Eastern (UTC-5)"),(0,ce.kt)("h2",{id:"bluejeans-chat-copypaste"},"BlueJeans Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"SETTINGS\nEVERYONEDIRECT MESSAGES\nMe10:47 AM\nPlease Sign in using the meeting notes and/or add questions at the end for the Q&A\nhttps://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nRodrique Heron11:00 AM\nwill this be recorded?\nawesome\nValentin Rothberg11:09 AM\nMore on short-name aliasing here: https://www.redhat.com/sysadmin/container-image-short-names\nChristian Felder11:12 AM\ndoes podman rename work with rootless as well?\nthanks\nMatt Heon11:13 AM\nFYI, release notes for 3.0 live at https://github.com/containers/podman/blob/main/RELEASE_NOTES.md\nExpect a few more bugfixes to trickle in before final release\nEdward Haynes11:13 AM\nis it called Podman Compose?\nDaniel (rhatdan) Walsh11:13 AM\nNo that is a different thing.\nEdward Haynes11:13 AM\nok\nDaniel (rhatdan) Walsh11:14 AM\nDocker-compose is a tool that talks to the docker.sock or podman.sock talking Docker API\nPodman-compose is a wrapper around podman that translates docker-compose yaml files into podman commands.\nEdward Haynes11:14 AM\nSo Docker-compose will just talk to podman.sock now\nDaniel (rhatdan) Walsh11:14 AM\nyes\nEdward Haynes11:14 AM\ngotcha\nDaniel (rhatdan) Walsh11:15 AM\nAs well as docker-py.\nJacob Lindgren11:18 AM\nboring is good!\nScott McCarty11:18 AM\nVery nice!\nEdward Haynes11:18 AM\nWe don't want things TOO boring or we'd all be out of a job\nBrent Baude11:22 AM\nre: docker-compose, here are a couple of articles ...\nhttps://www.redhat.com/sysadmin/podman-docker-compose\nhttps://www.redhat.com/sysadmin/compose-kubernetes-podman\nthe latter is really a glimpse into where Podman is heading.\nJacob Lindgren11:23 AM\noh i like this. I used skopeo inspect for this before.\nBrent Baude11:25 AM\ncool, i missed tht one dan/tom\nGShomo (Northeastern)11:27 AM\nwhich distribution/releases can expect to see podman-3.0 ?\nMatt Heon11:28 AM\n@GShomo Fedora should see it quickly. We actually disabled autobuilds for Ubuntu/Debian/CentOS in OBS, though\nWe will reenable them once we have verified the release is stable\nOBS doesn't have a real process for verifying the builds are functional so we sometimes end up shipping broken packages\nAnd we'd like to avoid this\nLokesh Mandvekar11:31 AM\n@gshomo: if you can spare some resources, newer packages will be available quicker on the testing project. See: https://podman.io/getting-started/installation#installing-development-versions-of-podman\nChristian Felder11:35 AM\non our own OBS appliance we've two projects, stable and testing, and we first build in testing and our CI does something once the package has been built in testing, at the moment for our rpm packages just installing them... But basically you could run several steps afterwards in your CI if you want to ingetrate OBS into your release pipeline\nValentin Rothberg11:36 AM\nhttps://containerplumbing.org/\nGShomo (Northeastern)11:36 AM\ncan you elaborate on the issue with renaming infra-containers ?\nAnders Bj\xf6rklund11:38 AM\n\"Registration will open on February 1, 2021.\"\nMatt Heon11:40 AM\n@GShomo - I did things the quick way, instead of the right way, to get things landed in time for 3.0\nI will have this fixed for 3.1\nIt's a silly limitation from my doing things quickly :-)\nAlex Litvak11:41 AM\nwhat are the changes for journald support?\nGShomo (Northeastern)11:41 AM\nthank you !\nAlex Litvak11:44 AM\nthank you\nLudovic Cavajani11:44 AM\nThanks !\nMe11:45 AM\nFun Fact: In 1976 an LA secretary named Jannene Swift officially married a 50 pound rock in a ceremony witnessed by more than 20 people. Perhaps the first \"Pet Rock\"?\nJJ Asghar11:47 AM\nfyi: https://containerplumbing.org/register seems to say it's going to open on the 1st.... :'(\nChristian Felder11:48 AM\nI had to adjust some kernel settings in the past when I started some more containers (around 40)... - user.max_inotify_instances, fs.inotify.max_user_watches\nwould be nice to have some guidelines on that settings, although this might be not a podman only issiue...\nDevin Parrish11:49 AM\nThanks!\nJames Cassell11:49 AM\nwhere do we find recordings of this and past meetings?\n(Tom Sweeney responded verbally, podman.io under https://podman.io/community/meeting/. A link on each set of notes.)\nChristian Felder11:49 AM\nOk. I'll open an issue\nThanks\nJames Cassell11:50 AM\nthanks\nLokesh Mandvekar11:50 AM\nChristian Felder: RE: OBS, I'll be working on a change which will allow building debian packages from the rpm spec files, (thanks to Neal Gompa) ..maybe migrate that to upstream repos as well\n")))}na.isMDXComponent=!0;const aa={},oa="Podman Community Cabal Meeting",ia=[{value:"July 15, 2021 10:00 a.m. Eastern (UTC-4)",id:"july-15-2021-1000-am-eastern-utc-4",level:2},{value:"Attendees (24 total)",id:"attendees-24-total",level:3},{value:"Meeting Start: 10:05 a.m.",id:"meeting-start-1005-am",level:2},{value:"Video Recording (You'll need to request access to view, we'll try to change that for the next meeting.)",id:"video-recording-youll-need-to-request-access-to-view-well-try-to-change-that-for-the-next-meeting",level:3},{value:"Copy an image from container storage to another container storage",id:"copy-an-image-from-container-storage-to-another-container-storage",level:3},{value:"(9:50 in the video)",id:"950-in-the-video",level:4},{value:"New Features for podman play kube",id:"new-features-for-podman-play-kube",level:3},{value:"(27:25 in the video)",id:"2725-in-the-video",level:4},{value:"Discussion with Training Team",id:"discussion-with-training-team",level:3},{value:"(44:45 in the video)",id:"4445-in-the-video",level:4},{value:"Open discussion",id:"open-discussion",level:3},{value:"(48:55 in the video)",id:"4855-in-the-video",level:4},{value:"Next Meeting: Thursday August 19, 2021 10:00 a.m. EDT (UTC-4)",id:"next-meeting-thursday-august-19-2021-1000-am-edt-utc-4",level:3},{value:"Meeting End: 10:56 a.m. Eastern (UTC-4)",id:"meeting-end-1056-am-eastern-utc-4",level:3}],sa={toc:ia},ra="wrapper";function la(e){let{components:t,...n}=e;return(0,ce.kt)(ra,(0,Q.Z)({},sa,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting"},"Podman Community Cabal Meeting"),(0,ce.kt)("h2",{id:"july-15-2021-1000-am-eastern-utc-4"},"July 15, 2021 10:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"attendees-24-total"},"Attendees (24 total)"),(0,ce.kt)("p",null,"Matt Heon, Mehul Arora, Miloslav Trmac, Nalin Dahyabhai, Paul Holzinger, Pavel Sosin, Reinhard Tartier, Urvashi Mohnani, Valentin Rothberg, Tom Sweeney, Anders Bjorklund, Ashley Cui, Brent Baude, Charlie Doern, Chris Evich, Dan Walsh, Ed Haynes, Ed Santiago, Erik Bernoth, Lokesh Mandvekar."),(0,ce.kt)("h2",{id:"meeting-start-1005-am"},"Meeting Start: 10:05 a.m."),(0,ce.kt)("h3",{id:"video-recording-youll-need-to-request-access-to-view-well-try-to-change-that-for-the-next-meeting"},"Video ",(0,ce.kt)("a",{parentName:"h3",href:"https://drive.google.com/file/d/1hdLMicPfI9NA_MEuGaHGtyIgw6v28Ojg/view"},"Recording")," (You'll need to request access to view, we'll try to change that for the next meeting.)"),(0,ce.kt)("p",null,"Started out with general discussion of the meetings purpose going forward. We then went around and did introduction of each of the attendees."),(0,ce.kt)("h3",{id:"copy-an-image-from-container-storage-to-another-container-storage"},"Copy an image from container storage to another container storage"),(0,ce.kt)("h4",{id:"950-in-the-video"},"(9:50 in the video)"),(0,ce.kt)("p",null,(0,ce.kt)("inlineCode",{parentName:"p"},"podman image scp")," - Ed Santiago wanted an easy way to move stuff from container storage to container storage. Charlie Doern originally created a PR and after discussion, a number of options were discussed (see ",(0,ce.kt)("a",{parentName:"p",href:"./Podman_Image_SCP.pdf"},"slides"),")"),(0,ce.kt)("p",null,"Two thoughts are towards sticking with ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman image scp"),". This is doable now with bash scripting, but Dan would like it as a part of command line interface."),(0,ce.kt)("p",null,"Why use \"colon colon\"? To keep it away from the ssh protocol, we're using it as a key to note it's a ssh remote call. Whereas a single colon would be looked at as a transport."),(0,ce.kt)("p",null,'Erik noted he liked the feature. You don\'t need to set up registries for different users. He is concerned it might be confusing to new users. He would set aside "save" and "load" to backup types of commands.'),(0,ce.kt)("p",null,"The goal is to not tranform the image, it should be exactly the same before and after. Including multi-layer images. If the target has some of the layers already in place, you might want only copy the layers that don't exist."),(0,ce.kt)("p",null,'We might look at "git pull" and "git push" for possible examples.'),(0,ce.kt)("p",null,"This would allow copying from one machine to another."),(0,ce.kt)("p",null,'Should we use "scp" to "cp" or "copy". Anders saw a lot of bike shedding with scp versus cp in Kurbernetes. Something to consider. We started with "scp" as it does use ssh under the covers and clues the user in.'),(0,ce.kt)("p",null,'Should we use "scp://" and be another transport. The problem with that is it would require another service.'),(0,ce.kt)("h3",{id:"new-features-for-podman-play-kube"},"New Features for ",(0,ce.kt)("inlineCode",{parentName:"h3"},"podman play kube")),(0,ce.kt)("h4",{id:"2725-in-the-video"},"(27:25 in the video)"),(0,ce.kt)("p",null,"The play kube command has been growing due to user command. Customers have been using yamls, find something isn't yet covered, and so we've added commands to satisfy the need."),(0,ce.kt)("p",null,"It would be good to get input from the community about what futher work is needed to ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman play kube"),". If you have ideas, please open a discussion"),(0,ce.kt)("p",null,"Dan wonders if we could look at the functionality of Docker Compose and then ingrain them into 'podman play kube'. A number of use cases have been found in yaml files used for OpenShift."),(0,ce.kt)("p",null,"Looking atwo things: Be able to build similar to how Docker Compose does based on Docker files."),(0,ce.kt)("p",null,"Init containers that would be run after a pod infra container. They would do init/setup jobs, then the rest of the pods would kick off. This is a standard feature in Kubernetes."),(0,ce.kt)("p",null,"Any further ideas: Erik thinks this is a key feature and many are using composed. Play kube is very valuable as it moves things into kubernetes easily. We could potentially ask someone from OKD or other discussion groups."),(0,ce.kt)("p",null,"Currently play kube and systemd don't play well together, so that would be a nice addition if it can. Valentin discussed the current status."),(0,ce.kt)("p",null,"We currently don't have a ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman play kube stop"),", would that be good? Erik was asked if this would be useful. Erik thinks it would be good."),(0,ce.kt)("p",null,"Podman's goal isn't to compete against Kubernetes, but to allow users to move to a single host environment."),(0,ce.kt)("h3",{id:"discussion-with-training-team"},"Discussion with Training Team"),(0,ce.kt)("h4",{id:"4445-in-the-video"},"(44:45 in the video)"),(0,ce.kt)("p",null,"Doing training and ran into issue and couldn't debug it. Issue raised with ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/issues/10482"},"https://github.com/containers/podman/issues/10482")),(0,ce.kt)("p",null,"Perhaps we could invite someone from the training team to discuss how the training can be improved/worked on. Dan thinks it might be just due to the time necessary to develop the training. May be do it in a container."),(0,ce.kt)("h3",{id:"open-discussion"},"Open discussion"),(0,ce.kt)("h4",{id:"4855-in-the-video"},"(48:55 in the video)"),(0,ce.kt)("p",null,"Brent asked if people move on IRC to libera. Most have. Lokesh noted the IRC channel is using Matrix. ",(0,ce.kt)("a",{parentName:"p",href:"https://kparal.wordpress.com/2021/06/01/connecting-to-libera-chat-through-matrix/"},"https://kparal.wordpress.com/2021/06/01/connecting-to-libera-chat-through-matrix/")),(0,ce.kt)("p",null,'Cabal meetings purpose "What\'s the future of Podman" type of discussions.'),(0,ce.kt)("h3",{id:"next-meeting-thursday-august-19-2021-1000-am-edt-utc-4"},"Next Meeting: Thursday August 19, 2021 10:00 a.m. EDT (UTC-4)"),(0,ce.kt)("h3",{id:"meeting-end-1056-am-eastern-utc-4"},"Meeting End: 10:56 a.m. Eastern (UTC-4)"))}la.isMDXComponent=!0;const ha={},da="Podman Community Meeting",ua=[{value:"October 5, 2021 11:00 a.m. Eastern (UTC-4)",id:"october-5-2021-1100-am-eastern-utc-4",level:2},{value:"Attendees (23 total)",id:"attendees-23-total",level:3},{value:"Meeting Start: 11:03 a.m.",id:"meeting-start-1103-am",level:2},{value:"BlueJeans Recording",id:"bluejeans-recording",level:3},{value:"Podman on M1 Mac Status",id:"podman-on-m1-mac-status",level:2},{value:"Ashley Cui",id:"ashley-cui",level:3},{value:"(6:30 in the video)",id:"630-in-the-video",level:4},{value:"DIY Networking in rootless containers",id:"diy-networking-in-rootless-containers",level:2},{value:"Paul Holzinger",id:"paul-holzinger",level:3},{value:"(10:09 in the video)",id:"1009-in-the-video",level:4},{value:"Podman Security Bench",id:"podman-security-bench",level:2},{value:"Dan Walsh",id:"dan-walsh",level:3},{value:"(24:00 in the video) 27",id:"2400-in-the-video-27",level:4},{value:"Podman v3.4 Announcement",id:"podman-v34-announcement",level:2},{value:"Matt Heon",id:"matt-heon",level:3},{value:"(29:45 in the video)",id:"2945-in-the-video",level:4},{value:"Support \u2013format tables in ps output",id:"support-format-tables-in-ps-output",level:2},{value:"Jhon Honce",id:"jhon-honce",level:3},{value:"(35:40 in the video)",id:"3540-in-the-video",level:4},{value:"Podman build \u2013platform lists",id:"podman-build-platform-lists",level:2},{value:"Nalin Dahyabhai",id:"nalin-dahyabhai",level:3},{value:"(37:44 in the video)",id:"3744-in-the-video",level:4},{value:"Volume Demos",id:"volume-demos",level:2},{value:"Aditya Rajan",id:"aditya-rajan",level:3},{value:"(44:16 in the video)",id:"4416-in-the-video",level:4},{value:"Open Forum/Questions?",id:"open-forumquestions",level:2},{value:"(51:10) in the video) 55",id:"5110-in-the-video-55",level:4},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday November 2, 2021, 11:00 a.m. Eastern (UTC-4)",id:"next-meeting-tuesday-november-2-2021-1100-am-eastern-utc-4",level:2},{value:"Next Cabal Meeting: Thursday October 21, 2021, 10:00 a.m. Eastern (UTC-4)",id:"next-cabal-meeting-thursday-october-21-2021-1000-am-eastern-utc-4",level:2},{value:"Meeting End: 11:59 a.m. Eastern (UTC-4)",id:"meeting-end-1159-am-eastern-utc-4",level:3},{value:"BlueJeans Chat copy/paste:",id:"bluejeans-chat-copypaste",level:2}],ma={toc:ua},ca="wrapper";function pa(e){let{components:t,...n}=e;return(0,ce.kt)(ca,(0,Q.Z)({},ma,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting"},"Podman Community Meeting"),(0,ce.kt)("h2",{id:"october-5-2021-1100-am-eastern-utc-4"},"October 5, 2021 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"attendees-23-total"},"Attendees (23 total)"),(0,ce.kt)("p",null,"Tom Sweeney, Jhon Honce, Dan Walsh, Chris Evich, Urvashi Mohnani, Nalin Dahyabhai, Eduardo Santiago, Matt Heon, Paul Holzinger, Erik Bernoth, Chris Evich, Scott McCarty, Anders Bj\xf6rklund, Lokesh Mandvekar, Valentin Rothberg, Guillaume Rose, Rudolf Vesely, Ashley Cui, Brent Baude, Shion Tanaka, Marcin Skarbek, Aditya Rajan, Giuseppe Scrivan, Rudolf Vesely"),(0,ce.kt)("h2",{id:"meeting-start-1103-am"},"Meeting Start: 11:03 a.m."),(0,ce.kt)("h3",{id:"bluejeans-recording"},"BlueJeans ",(0,ce.kt)("a",{parentName:"h3",href:"https://bluejeans.com/s/X3NY6qgSlKQ"},"Recording")),(0,ce.kt)("h2",{id:"podman-on-m1-mac-status"},"Podman on M1 Mac Status"),(0,ce.kt)("h3",{id:"ashley-cui"},"Ashley Cui"),(0,ce.kt)("h4",{id:"630-in-the-video"},"(6:30 in the video)"),(0,ce.kt)("p",null,"Patch for M1 in qemu upstream, but not merged. However, it is available on homebrew at the moment. If you install qemu using homebrew, you can use Podman correctly."),(0,ce.kt)("p",null,"Demo (started at 7:30)"),(0,ce.kt)("p",null,"What works on an Intel Mac should now work on an M1. Now working on volumes and also trying to get a GUI together. Looking at putting together a window-bar."),(0,ce.kt)("h2",{id:"diy-networking-in-rootless-containers"},"DIY Networking in rootless containers"),(0,ce.kt)("h3",{id:"paul-holzinger"},"Paul Holzinger"),(0,ce.kt)("h4",{id:"1009-in-the-video"},"(10:09 in the video)"),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://podman.io/community/meeting/notes/2021-10-05/Podman-Rootless-Networking.pdf"},"Slides")),(0,ce.kt)("p",null,"Talking rootless network without extra privileges.\nProxy into rootless is done via Slirp4netns. It uses this stack to tap into the interface in the container namespace. Supports port forwarding."),(0,ce.kt)("p",null,"A few settings are used for rootless users. Can use allow_host_loopback to reach the 10.0.2.2 loopback. Off by default as it's a security hole."),(0,ce.kt)("p",null,"You can also enable_ipv6 and specify the port_handler."),(0,ce.kt)("p",null,"Rootless CNI networking uses an extra network namespace to execute the CNI plugins. Only works for bridge networks. Inter container communication works out of the box. The IP address assigned to the container is not reachable from the host network namespace. You need to use port forwarding."),(0,ce.kt)("p",null,"DIY Networking. You can set up your own interfaces, but first, you need to create network interfaces on the host, which requires root priv. Once done, Podman can talk to them using ",(0,ce.kt)("inlineCode",{parentName:"p"},"--network=none")," option with the ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman container init")," command."),(0,ce.kt)("p",null,"Rudolf to work with Paul to update the tutorial and possibly do a demo next time."),(0,ce.kt)("h2",{id:"podman-security-bench"},"Podman Security Bench"),(0,ce.kt)("h3",{id:"dan-walsh"},"Dan Walsh"),(0,ce.kt)("h4",{id:"2400-in-the-video-27"},"(24:00 in the video) 27"),(0,ce.kt)("p",null,"Based on the security bench from Docker. Doesn't yet have all the same functionality."),(0,ce.kt)("p",null,"Demo (Started at 24:54)"),(0,ce.kt)("p",null,"It needs to run at root, not yet available on rootless."),(0,ce.kt)("p",null,"CLI does a whole bunch of security checks. At the end, it gives you a security score. It shows where you're having trouble with each of the checks. It's now available upstream."),(0,ce.kt)("p",null,"Dan would like to get it to run in rootless mode and look at containers.conf. Would love community help."),(0,ce.kt)("h2",{id:"podman-v34-announcement"},"Podman v3.4 Announcement"),(0,ce.kt)("h3",{id:"matt-heon"},"Matt Heon"),(0,ce.kt)("h4",{id:"2945-in-the-video"},"(29:45 in the video)"),(0,ce.kt)("p",null,"New 3.4 release that came out last week. We are switching focus on v4.0. Network working, pointing at January 2022 release. There will not be a 3.5.0 in between."),(0,ce.kt)("p",null,"In 3.4, changes to Podman play and generate cube. Init containers are now available to run in a pod."),(0,ce.kt)("p",null,"We can now build images with ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman play kube"),". This makes it act more like ",(0,ce.kt)("inlineCode",{parentName:"p"},"docker compose"),". You can use a Containerfile to build an image with this command."),(0,ce.kt)("p",null,"Yaml file can now tear down pod or pods with the ",(0,ce.kt)("inlineCode",{parentName:"p"},"--down")," command, plus a number of new pod related commands. See the ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/RELEASE_NOTES.md"},"release notes")," for more info."),(0,ce.kt)("h2",{id:"support-format-tables-in-ps-output"},"Support \u2013format tables in ps output"),(0,ce.kt)("h3",{id:"jhon-honce"},"Jhon Honce"),(0,ce.kt)("h4",{id:"3540-in-the-video"},"(35:40 in the video)"),(0,ce.kt)("p",null,"Podman uses golang tab writer and formatter for all the commands."),(0,ce.kt)("p",null,"Demo (started at 36:00)"),(0,ce.kt)("p",null,"Showed a number of different ways to remove headings, so you can now use table to show which fields you want."),(0,ce.kt)("h2",{id:"podman-build-platform-lists"},"Podman build \u2013platform lists"),(0,ce.kt)("h3",{id:"nalin-dahyabhai"},"Nalin Dahyabhai"),(0,ce.kt)("h4",{id:"3744-in-the-video"},"(37:44 in the video)"),(0,ce.kt)("p",null,"The ",(0,ce.kt)("inlineCode",{parentName:"p"},"--platform")," option in the ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman build")," command to specify other platforms."),(0,ce.kt)("p",null,"DEMO 37:47 in demo."),(0,ce.kt)("p",null,"The ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman build")," command now takes multiple values for its ",(0,ce.kt)("inlineCode",{parentName:"p"},"--platform")," option. The platform option lets you build for machines other than what you are currently running Podman on."),(0,ce.kt)("p",null,"The ",(0,ce.kt)("inlineCode",{parentName:"p"},"--manifest")," target is used too. Allow you to build a manifest list and then add the image to the list. A number of cleanups have been done on internal libraries to make this work."),(0,ce.kt)("p",null,'When building multiple architectures in one build, the "STEP" output in the build will show which architecture.'),(0,ce.kt)("p",null,"The ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman manifest list")," command will show the multiple platforms used."),(0,ce.kt)("h2",{id:"volume-demos"},"Volume Demos"),(0,ce.kt)("h3",{id:"aditya-rajan"},"Aditya Rajan"),(0,ce.kt)("h4",{id:"4416-in-the-video"},"(44:16 in the video)"),(0,ce.kt)("p",null,"Demo (Started at 44:27)"),(0,ce.kt)("p",null,"First demonstrated adding an overlay over rootfs. Exported alpine and created dir for rootfs and tarred it out to a directory. So tried running with ",(0,ce.kt)("inlineCode",{parentName:"p"},"--rootfs rootfs/:0")," and created a file in the container. On the host, the file is not there."),(0,ce.kt)("p",null,"A new option for volumes to create overlay over Podman's volume. It created the test volume. Again made a file and found it was created on the container but not on the host due to the ",(0,ce.kt)("inlineCode",{parentName:"p"},":0")," specification."),(0,ce.kt)("p",null,"These are temp volumes and last only as long as the container lasts and you can't commit the data."),(0,ce.kt)("h2",{id:"open-forumquestions"},"Open Forum/Questions?"),(0,ce.kt)("h4",{id:"5110-in-the-video-55"},"(51:10) in the video) 55"),(0,ce.kt)("p",null,"Are there any plans for an arm-on-intel/intel-on-arm for Podman machine? Not at this time, but we are willing to see if there's enough push for that. Nalin asked if you could run using a multi-platform build maybe? Brent will note it for possible futures. If the community wants to do it, we'd be happy to merge it, but not currently in the plan by the maintainers to do it themselves."),(0,ce.kt)("p",null,"Will Podman support OpenZFS? Willing to take a PR."),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"DIY Networking Part II")),(0,ce.kt)("h2",{id:"next-meeting-tuesday-november-2-2021-1100-am-eastern-utc-4"},"Next Meeting: Tuesday November 2, 2021, 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"next-cabal-meeting-thursday-october-21-2021-1000-am-eastern-utc-4"},"Next Cabal Meeting: Thursday October 21, 2021, 10:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"meeting-end-1159-am-eastern-utc-4"},"Meeting End: 11:59 a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"bluejeans-chat-copypaste"},"BlueJeans Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Lokesh Mandvekar10:58 AM\ned, is this the right link ?\nMe11:00 AM\nPlease sign in on the meeting notes: https://hackmd.io/fc1zraYdS0-klJ2KJcfC7w?both\nAditya11:02 AM\nwe can hear you dan\nDan Walsh11:03 AM\nGret\nGreat\nLokesh Mandvekar11:09 AM\ndo people wanna try switching to google meet if everyone's having problems?\nErik Bernoth11:10 AM\nGood idea Lokesh\nAnders Bj\xf6rklund11:11 AM\nCan you run amd64 containers on the arm64, like OOTB ?\nMatt Heon11:12 AM\nWe were discussing that, and I think the answer is not OOTB but it only requires one package to be installed\nErik Bernoth11:12 AM\nDan\u2018s screenshots seems to work. Paul, can you also try for a sec?\nAnders Bj\xf6rklund11:13 AM\nSounds good! I guess it is not related the to the VM itself, but user qemu\nMatt Heon11:15 AM\nThe perf is a little questionable, because it's nested virt, and the inner virt is also virtualizing the architecture\nBut it is definitely doable\nAnders Bj\xf6rklund11:16 AM\noh, it's like 10x slower (at least)\nbut sometimes useful\nDan Walsh11:18 AM\nPaul I can set these fields in containers.conf correct?\nAditya11:21 AM\n@tom i can go next switched to chromium\nPaul Holzinger11:27 AM\nhave to drop now, bye\nAnders Bj\xf6rklund11:46 AM\nWas there any update on volumes in podman machine ?\nbaude11:47 AM\nno updates\nAnders Bj\xf6rklund11:47 AM\n:-)\nbaude11:48 AM\nwe are making progress on the whole thing, but it is a slow march\nAnders Bj\xf6rklund11:48 AM\nlima is taking this samba detour\nMarcin Skarbek11:49 AM\nOpenZFS started working on the user/mount nanespaces support with LXC in mind, but that could be interesting in rootless context https://github.com/openzfs/zfs/pull/12263\nShion Tanaka11:54 AM\nAre there any plans for an arm-on-Intel/Intel-on-arm for the Podman machine?\nbaude11:54 AM\nno\nShion Tanaka11:54 AM\nOk, thanks\nAnders Bj\xf6rklund11:55 AM\nyou can use podman-on-fedora-on-lima, if you want to run cross-arch VM\n")))}pa.isMDXComponent=!0;const ga={},ya="Podman Community Cabal Meeting Notes",ka=[{value:"December 16, 2021 11:00 a.m. Eastern",id:"december-16-2021-1100-am-eastern",level:2},{value:"December 16, 2021 Topics",id:"december-16-2021-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"Lima (0:35 in video) - Anders, Matt",id:"lima-035-in-video---anders-matt",level:3},{value:"Detect default network backend (40:40 in video) - Paul, Matt",id:"detect-default-network-backend-4040-in-video---paul-matt",level:3},{value:"Open discussion ( 50:10 in video)",id:"open-discussion--5010-in-video",level:4},{value:"Next Meeting: Thursday January 20, 2022 11:00 a.m. EDT (UTC-5)",id:"next-meeting-thursday-january-20-2022-1100-am-edt-utc-5",level:3},{value:"Possible Topics:",id:"possible-topics",level:3}],wa={toc:ka},fa="wrapper";function ba(e){let{components:t,...n}=e;return(0,ce.kt)(fa,(0,Q.Z)({},wa,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("p",null,"Attendees: Tom Sweeney, Aditya Rajan, Matt Heon, Brent Baude, Ashley Cui, Chris Evich, Preethi Thomas, Urvashi Mohnani, Eduardo Santiago, Giuseppe Scrivano, Nalin Dahyabhai, Paul Holzinger, Anders Bj\xf6rklund, Dan Walsh, Valentin Rothberg, Flavian Missi, Jhon Honce, Lorenzo M. Catucci, Miloslav Trmac, Scott McCarty"),(0,ce.kt)("h2",{id:"december-16-2021-1100-am-eastern"},"December 16, 2021 11:00 a.m. Eastern"),(0,ce.kt)("h2",{id:"december-16-2021-topics"},"December 16, 2021 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Lima - Anders, Matt"),(0,ce.kt)("li",{parentName:"ol"},"How to detect default network backend (CNI or netavark) - Paul, Matt")),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://www.youtube.com/watch?v=f4dXfsFmDck"},"Recording")),(0,ce.kt)("p",null,"Meeting start 11:02 a.m. Thursday, December 16, 2021"),(0,ce.kt)("h3",{id:"lima-035-in-video---anders-matt"},"Lima (0:35 in video) - Anders, Matt"),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://github.com/lima-vm/sshocker"},"Lima")),(0,ce.kt)("p",null,"Podman machine is a way to launch virtual machines, mostly on OSX, to run Podman containers from. Issues with Volumes. Thinking about replacing the back end of podman machine with Lima."),(0,ce.kt)("p",null,"Brent thinks it might not be a good match as there are some tech issues. For instance, he couldn't find anything related to ignition. It's a competing cloud-init tool and it doesn't play well with qemu. It also pulls in containerd code. The YAML support is tailored to containerd."),(0,ce.kt)("p",null,"On the Lima project page, motivation is to promote containerd. Rancher has debranded and used Lima in the background on Mac. The big hurdle is ignition."),(0,ce.kt)("p",null,"Benefits of Lima: Volumes and port forwarding. Possible to use the same solution without abandoning all of the drivers. We could potentially borrow solutions, as the backend is qemu for lima. Lima uses ssh for forwarding, so different solutions for the back end. Potentially could use Fedora in addition to CoreOS."),(0,ce.kt)("p",null,"Currently, we can't use Fedora due to ignition. Cloud-init doesn't install there by default, but we could install it. Brent found it in Fedora 35, though, so it might not be there in prior versions."),(0,ce.kt)("p",null,"Anders made some sample YAML files","*"," for Fedora 35. Lima works as podman machine does. The difference between Lima and podman machine now is volume support. Anders has a PR for providing sshfs volume support for podman machine."),(0,ce.kt)("p",null,"*"," Examples for lima: ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/afbjorklund/fedora-lima"},"https://github.com/afbjorklund/fedora-lima")),(0,ce.kt)("p",null,"To get parity with Lima/Docker in podman machine, we'd need to get Ander's ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/pull/12584"},"sshfs PR")," (and ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/pull/11454"},"virtfs PR"),") merged."),(0,ce.kt)("p",null,"Dan likes the ssh solution. We might be able to do virtfs later."),(0,ce.kt)("p",null,"Brent's concern with Lima is managing mounts as the containers go up and down. It might be problematic. The volume work for podman machine won't be able to use the current mount code, we need to do something in podman start."),(0,ce.kt)("p",null,'We might get push back as this wouldn\'t be the Docker behavior. We are trying to make the volume handling on Mac to be as simple as possible for the end-user. Anders thinks we might be able to have an "advanced users" solution that would allow for configuration; otherwise, you\'d get a default "easy" setup. A number of possible solutions were bantered about.'),(0,ce.kt)("p",null,"Big advantage, Lima can support all distros except CoreOS. Podman machine could theoretically do that via cloud-init, but an engineering effort."),(0,ce.kt)("p",null,"Currently using qemu to launch machines, Lima is a layer on ssh. It is very similar to what docker machine was a while back. It doesn't support ignition. The upside is we could more easily run on Ubuntu and other distros. You might not be able to run the container on a variety of distros. Rancher nerdctl and Lima are both trying to get into this space."),(0,ce.kt)("p",null,"We most likely could get volumes into podman machine than getting Lima into it. We could potentially wire Lima in later."),(0,ce.kt)("p",null,"Scott talks about value creation. Would Rancher/Suse collaboration help? The other side is what the customer would get from using Lima vs. podman machine?"),(0,ce.kt)("p",null,"Most of the solutions don't think sshfs is a good long-term solution but a stepping stone."),(0,ce.kt)("p",null,"Dan is leaning towards doing what we're doing with sshfs. This will be at least the short term solution, will evaluate further for a longterm"),(0,ce.kt)("h3",{id:"detect-default-network-backend-4040-in-video---paul-matt"},"Detect default network backend (40:40 in video) - Paul, Matt"),(0,ce.kt)("p",null,"For Podman 4.0, how to detect default network backend (CNI or netavark)"),(0,ce.kt)("p",null,(0,ce.kt)("strong",{parentName:"p"},"Requirement:")," existing installs should continue to use CNI, new installs use netavark."),(0,ce.kt)("p",null,"Working on netavark and want to install it, but with the current cni, it could cause breaking changes."),(0,ce.kt)("p",null,"On the first startup, we could check for images and containers. If none, switch to netavark."),(0,ce.kt)("p",null,"You can't use CNI and netavark in parallel, or things will go awry. For new or clean installs, it should be fine."),(0,ce.kt)("p",null,"To switch, change the setting in network.conf to netavark. By default, it's an empty value."),(0,ce.kt)("p",null,'Should we add a "nag" for people using CNI to bump up? Will we be getting bug reports on it? Matt thinks long-term, it would be good to support CNI. Matt would like to throw an error when trying to run IPv6 on CNI to let them know they\'re on netavark. We need to be careful not to overload the user with suggestions.'),(0,ce.kt)("p",null,"We need to get documentation together telling folks how to convert from CNI to netavark. Probably will need some kind of reset procedure."),(0,ce.kt)("h4",{id:"open-discussion--5010-in-video"},"Open discussion ( 50:10 in video)"),(0,ce.kt)("p",null,"No further discussion"),(0,ce.kt)("h3",{id:"next-meeting-thursday-january-20-2022-1100-am-edt-utc-5"},"Next Meeting: Thursday January 20, 2022 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h3",{id:"possible-topics"},"Possible Topics:"),(0,ce.kt)("p",null,"None set."),(0,ce.kt)("p",null,"Raw Meeting Chat:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"You11:00 AM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nYou11:03 AM\nPlease sign in: https://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nAditya Rajan11:13 AM\nhttps://github.com/qemu/qemu/blob/master/docs/specs/fw_cfg.txt\n-fw_cfg\nBrent Baude11:14 AM\n$ rpm -qa | grep cloud\nfedora-release-identity-cloud-35-33.noarch\nfedora-release-cloud-35-33.noarch\ncloud-init-20.4-7.fc35.noarch\ncloud-utils-growpart-0.31-9.fc35.noarch\nChristopher Evich11:16 AM\nya, I just double-checked too, my bad.\nAshley Cui11:20 AM\nhttps://github.com/containers/podman/pull/12584\nYou11:21 AM\nTY AC!\nAshley Cui11:21 AM\nand i guess this too: https://github.com/containers/podman/pull/11454\nValentin Rothberg11:24 AM\nbrb\nieq-pxhy-jbh\n")))}ba.isMDXComponent=!0;const va={},Ma="Podman Community Meeting",Ia=[{value:"April 5, 2022 11:00 a.m. Eastern (UTC-5)",id:"april-5-2022-1100-am-eastern-utc-5",level:2},{value:"Attendees (17 total)",id:"attendees-17-total",level:3},{value:"Meeting Start: 11:02 a.m. EST",id:"meeting-start-1102-am-est",level:2},{value:"BlueJeans Recording",id:"bluejeans-recording",level:3},{value:"Docker Compose v2 and Podman v4.0.2 update",id:"docker-compose-v2-and-podman-v402-update",level:2},{value:"Matt Heon",id:"matt-heon",level:3},{value:"(1:39 in the video)",id:"139-in-the-video",level:4},{value:"Ubuntu 22.04 LTS and Stopping Kubic support",id:"ubuntu-2204-lts-and-stopping-kubic-support",level:2},{value:"Lokesh Mandvekar",id:"lokesh-mandvekar",level:3},{value:"(6:14 in the video)",id:"614-in-the-video",level:4},{value:"Podman Desktop Update",id:"podman-desktop-update",level:2},{value:"Ashley Cui",id:"ashley-cui",level:3},{value:"(14:30 in the video)",id:"1430-in-the-video",level:4},{value:"Podman Volume Mounts on Mac Demo",id:"podman-volume-mounts-on-mac-demo",level:2},{value:"Brent Baude",id:"brent-baude",level:3},{value:"(18:45 in the video)",id:"1845-in-the-video",level:4},{value:"Open Forum/Questions?",id:"open-forumquestions",level:2},{value:"(22:46 in the video)",id:"2246-in-the-video",level:4},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday June 7, 2021, 11:00 a.m. Eastern (UTC-5)",id:"next-meeting-tuesday-june-7-2021-1100-am-eastern-utc-5",level:2},{value:"Next Cabal Meeting: Thursday April 21, 2021, 11:00 a.m. Eastern (UTC-5)",id:"next-cabal-meeting-thursday-april-21-2021-1100-am-eastern-utc-5",level:2},{value:"Meeting End: 11:27 a.m. Eastern (UTC-5)",id:"meeting-end-1127-am-eastern-utc-5",level:3},{value:"BlueJeans Chat copy/paste:",id:"bluejeans-chat-copypaste",level:2}],Aa={toc:Ia},Ta="wrapper";function Sa(e){let{components:t,...n}=e;return(0,ce.kt)(Ta,(0,Q.Z)({},Aa,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting"},"Podman Community Meeting"),(0,ce.kt)("h2",{id:"april-5-2022-1100-am-eastern-utc-5"},"April 5, 2022 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"attendees-17-total"},"Attendees (17 total)"),(0,ce.kt)("p",null,"Tom Sweeney, Jhon Honce, Chris Evich, Matt Heon, Chris Evich, Ashley Cui, Eduardo Santiago, Valentin Rothberg, Paul Holzinger, Nalin Dahyabhai, Giuseppe Scrivano, Preethi Thomas, Lokesh Mandvekar, Niall Crowe"),(0,ce.kt)("h2",{id:"meeting-start-1102-am-est"},"Meeting Start: 11:02 a.m. EST"),(0,ce.kt)("h3",{id:"bluejeans-recording"},"BlueJeans ",(0,ce.kt)("a",{parentName:"h3",href:"https://t.co/FUPhuBAE7l"},"Recording")),(0,ce.kt)("h2",{id:"docker-compose-v2-and-podman-v402-update"},"Docker Compose v2 and Podman v4.0.2 update"),(0,ce.kt)("h3",{id:"matt-heon"},"Matt Heon"),(0,ce.kt)("h4",{id:"139-in-the-video"},"(1:39 in the video)"),(0,ce.kt)("p",null,"Compose v2 just came out and will be supported in Podman v4.1 or higher. (Currently upstream). Matt shared ",(0,ce.kt)("a",{parentName:"p",href:"https://asciinema.org/a/onBRxqPs9bpyvbbdeJOYXHvj5"},"Demo"),". It showed two running web servers that were brought up and then down. It was cleaned up as appropriately and Compose v2 is working rather well at this point."),(0,ce.kt)("p",null,"Just released Podman 4.0.3, including a minor CVE fix. No plan for 4.0.4 yet, but we will likely go to 4.1 next. Also cutting a 3.4.5 for distributions that want to stay in Podman 3."),(0,ce.kt)("h2",{id:"ubuntu-2204-lts-and-stopping-kubic-support"},"Ubuntu 22.04 LTS and Stopping Kubic support"),(0,ce.kt)("h3",{id:"lokesh-mandvekar"},"Lokesh Mandvekar"),(0,ce.kt)("h4",{id:"614-in-the-video"},"(6:14 in the video)"),(0,ce.kt)("p",null,"First LTS release with Podman, Skopeo and Buildah in the default repositories. Podman 3.4. Buildah 1.23, and Skopeo 1.4."),(0,ce.kt)("p",null,"If you're using packages from the Kubic repos, you should uninstall those before upgrading Ubuntu to 22.04 LTS and use packages from the default repositories going forward."),(0,ce.kt)("p",null,"Announcement on podman.io: ",(0,ce.kt)("a",{parentName:"p",href:"https://podman.io/blogs/2022/04/05/ubuntu-2204-lts-kubic.html"},"https://podman.io/blogs/2022/04/05/ubuntu-2204-lts-kubic.html")),(0,ce.kt)("h2",{id:"podman-desktop-update"},"Podman Desktop Update"),(0,ce.kt)("h3",{id:"ashley-cui"},"Ashley Cui"),(0,ce.kt)("h4",{id:"1430-in-the-video"},"(14:30 in the video)"),(0,ce.kt)("p",null,"Abandoned the UI built with swift for another UI. We're working with another group that is more web ui oriented."),(0,ce.kt)("p",null,"Showed how to manage a podman machine in theory, but it is broken at the moment. You can create containers from a Dockerfile or a Containerfile or an image. Once created, the image shows in the GUI, then you can create the container from the image."),(0,ce.kt)("p",null,"This GUI does a lot more than the previous. The old one worked with podman machines mostly, this one deals with images and containers too. The new GUI is also expandable, lots of work ongoing."),(0,ce.kt)("p",null,"https://github/containers/Desktop is the project. Happy to have contributors."),(0,ce.kt)("h2",{id:"podman-volume-mounts-on-mac-demo"},"Podman Volume Mounts on Mac Demo"),(0,ce.kt)("h3",{id:"brent-baude"},"Brent Baude"),(0,ce.kt)("h4",{id:"1845-in-the-video"},"(18:45 in the video)"),(0,ce.kt)("p",null,"Demo"),(0,ce.kt)("p",null,"Shows how to get a volume mount on a mac. He started a machine prior. The ",(0,ce.kt)("inlineCode",{parentName:"p"},"-v")," option with the init command sets up the volume."),(0,ce.kt)("p",null,"Many thanks to Anders Bj\xf6rklund for the work on the volumes on the mac."),(0,ce.kt)("h2",{id:"open-forumquestions"},"Open Forum/Questions?"),(0,ce.kt)("h4",{id:"2246-in-the-video"},"(22:46 in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"What happens with std out/in with journald? Logs, stderr and stdout in the journal? If you're running journald logging, the output doesn't get into the host journal. Could you volume map /dev/log into the container from the log to make sure it gets in the hosts journal. (10:54 in the video)")),(0,ce.kt)("p",null,"Matt thinks systemd should be run into the container to help make that work. Valentin thinks you should see the output of journalctl. He's not sure if journalctl will do that by default. Further discussions to happen in Discord/IRC."),(0,ce.kt)("ol",{start:2},(0,ce.kt)("li",{parentName:"ol"},"Brent said that 4.1 should bring some notable enhancements including a ",(0,ce.kt)("inlineCode",{parentName:"li"},"podman inspect")," command, liveness probes, and more.")),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Podman on Windows Demo/Update - Jason Green")),(0,ce.kt)("h2",{id:"next-meeting-tuesday-june-7-2021-1100-am-eastern-utc-5"},"Next Meeting: Tuesday June 7, 2021, 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h2",{id:"next-cabal-meeting-thursday-april-21-2021-1100-am-eastern-utc-5"},"Next Cabal Meeting: Thursday April 21, 2021, 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"meeting-end-1127-am-eastern-utc-5"},"Meeting End: 11:27 a.m. Eastern (UTC-5)"),(0,ce.kt)("h2",{id:"bluejeans-chat-copypaste"},"BlueJeans Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Me11:01 AM\nPlease Sign in at: https://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nMatthew Heon11:04 AM\nhttps://asciinema.org/a/onBRxqPs9bpyvbbdeJOYXHvj5\nValentin Rothberg11:18 AM\n@Lance, can you run the following commands to test?\n1) podman run --name=test --replace ubi8 echo Hello World!\n2) journalctl --user -b CONTAINER_NAME=test\nAshley Cui11:21 AM\nhttps://github.com/containers/desktop\n")))}Sa.isMDXComponent=!0;const Ca={},Na="Podman Community Meeting",Da=[{value:"August 2, 2022 11:00 a.m. Eastern (UTC-5)",id:"august-2-2022-1100-am-eastern-utc-5",level:2},{value:"Attendees ( total)",id:"attendees--total",level:3},{value:"Meeting Start: 11:02 a.m. EST",id:"meeting-start-1102-am-est",level:2},{value:"BlueJeans Recording",id:"bluejeans-recording",level:3},{value:"Fetchit Demo",id:"fetchit-demo",level:2},{value:"Sally O'Malley/Ryan Cook",id:"sally-omalleyryan-cook",level:3},{value:"(1:40 in the video)",id:"140-in-the-video",level:4},{value:"Moving pods and containers to Kubernetes cluster with 'podman kube apply'",id:"moving-pods-and-containers-to-kubernetes-cluster-with-podman-kube-apply",level:2},{value:"Urvashi Mohnani",id:"urvashi-mohnani",level:3},{value:"(27:38 in the video)",id:"2738-in-the-video",level:4},{value:"Podman Desktop Updates",id:"podman-desktop-updates",level:2},{value:"Florent Benoit & Stevan Le Meur",id:"florent-benoit--stevan-le-meur",level:3},{value:"(37:10 in the video)",id:"3710-in-the-video",level:4},{value:"Open Forum/Questions?",id:"open-forumquestions",level:2},{value:"(47:35 in the video)",id:"4735-in-the-video",level:4},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday, October 4, 2022, 11:00 a.m. Eastern (UTC-4)",id:"next-meeting-tuesday-october-4-2022-1100-am-eastern-utc-4",level:2},{value:"Next Cabal Meeting: Thursday, September 15, 2022, 11:00 a.m. Eastern (UTC-4)",id:"next-cabal-meeting-thursday-september-15-2022-1100-am-eastern-utc-4",level:2},{value:"Meeting End: 11:54 a.m. Eastern (UTC-4)",id:"meeting-end-1154-am-eastern-utc-4",level:3},{value:"BlueJeans Chat copy/paste:",id:"bluejeans-chat-copypaste",level:2}],Pa={toc:Da},xa="wrapper";function Ba(e){let{components:t,...n}=e;return(0,ce.kt)(xa,(0,Q.Z)({},Pa,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting"},"Podman Community Meeting"),(0,ce.kt)("h2",{id:"august-2-2022-1100-am-eastern-utc-5"},"August 2, 2022 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"attendees--total"},"Attendees ( total)"),(0,ce.kt)("p",null,"Tom Sweeney, Chris Evich, Ashley Cui, Valentin Rothberg, Paul Holzinger, Nalin Dahyabhai, Giuseppe Scrivano, Preethi Thomas, Lokesh Mandvekar, Niall Crowe, Charlie Doern, Dan Walsh, Jake Correnti, Aditya Rajan, Karthik Elango, Mark Russell, Miloslav Trmac, Stevan Le Meur, Sally O'Malley, Ryan Cook, Urvashi Mohnani, Mohan Boddu, Florent Benoit, Martin Jackson, Mohan Bodu, Stephen Adams, Joseph Sawaya"),(0,ce.kt)("h2",{id:"meeting-start-1102-am-est"},"Meeting Start: 11:02 a.m. EST"),(0,ce.kt)("h3",{id:"bluejeans-recording"},"BlueJeans ",(0,ce.kt)("a",{parentName:"h3",href:"https://youtu.be/Ee-boJpjSvA"},"Recording")),(0,ce.kt)("h2",{id:"fetchit-demo"},"Fetchit Demo"),(0,ce.kt)("h3",{id:"sally-omalleyryan-cook"},"Sally O'Malley/Ryan Cook"),(0,ce.kt)("h4",{id:"140-in-the-video"},"(1:40 in the video)"),(0,ce.kt)("p",null,"(Slides)","[./Fetchit_demo.pdf]"),(0,ce.kt)("p",null,"Fetchit allows managing container deployments at scale. The repo is ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/fetchit"},"here")),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"GitOps driven deployment"),(0,ce.kt)("li",{parentName:"ul"},"Host interacts directly with Git rather than through an intermediary"),(0,ce.kt)("li",{parentName:"ul"},"Podman Go bindings"),(0,ce.kt)("li",{parentName:"ul"},"Not Kubernetes dependent"),(0,ce.kt)("li",{parentName:"ul"},"Lift and shift hardware")),(0,ce.kt)("p",null,"Podman's Go bindings helped a lot in creating containers and doing related operations."),(0,ce.kt)("p",null,"How does Fetchit Happen?"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Pull in git/image assets"),(0,ce.kt)("li",{parentName:"ul"},"Cron based scheduling"),(0,ce.kt)("li",{parentName:"ul"},"Podman socket"),(0,ce.kt)("li",{parentName:"ul"},"Dynamic reload of Fetchit configuration")),(0,ce.kt)("p",null,"The Podman socket allows for either root or user access."),(0,ce.kt)("p",null,"Fetchit helps to solve resource-constrained environments."),(0,ce.kt)("p",null,"Fetchit runs in a Podman container, can run systemd, ansible, filetransfer, and other options."),(0,ce.kt)("p",null,"Configuration reload allows to reload the configuration and uses Podman's prune command to clean up cruft."),(0,ce.kt)("p",null,"What's next for Fetchit?"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"GitSign to verify commits"),(0,ce.kt)("li",{parentName:"ul"},"Image verification cosign or similar solution"),(0,ce.kt)("li",{parentName:"ul"},"Ansible-pull")),(0,ce.kt)("p",null,"Dan noted that sigstore functionality will be baked into Podman v4.2 and Fetchit should be able to used it for signature verification."),(0,ce.kt)("p",null,"Demos (12:40 in the video)"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Scale up"),(0,ce.kt)("li",{parentName:"ul"},"Podman Kube + Clean up"),(0,ce.kt)("li",{parentName:"ul"},"Podman systemd")),(0,ce.kt)("p",null,"Showed the Fetchit config file, launched an RHEL 8 instance on Amazon, and kept it tiny. Added Podman install instructions and launched 10 instances at once. All systems up, and no touching necessary from Ryan. This runs the commands on each node, and they go to the git location to get their instructions."),(0,ce.kt)("p",null,"Sally then demo'd running Fetchit as a user server as non-root. It showed the containers spinning up, doing their work, and then cleaning themselves up afterward."),(0,ce.kt)("p",null,"The second demo is for the fetchit kube play method. It looks for a Yaml file in a Git repo, and Fetchit will grab them. It created containers and pods and started up Nginx. After prune runs, the images will be cleaned up."),(0,ce.kt)("p",null,"They need to be careful to not reinvent Kubernets or Ansible."),(0,ce.kt)("h2",{id:"moving-pods-and-containers-to-kubernetes-cluster-with-podman-kube-apply"},"Moving pods and containers to Kubernetes cluster with 'podman kube apply'"),(0,ce.kt)("h3",{id:"urvashi-mohnani"},"Urvashi Mohnani"),(0,ce.kt)("h4",{id:"2738-in-the-video"},"(27:38 in the video)"),(0,ce.kt)("p",null,"New command ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman kube apply"),". Currently, there's a ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman kube generate")," command that lets you create your kube yaml based on your pods, containers, etc. The apply command enables you to deploy a kube yaml to a Kubernetes cluster when a kubeconfig file is given."),(0,ce.kt)("p",null,"Urvashi then showed how it all worked in the demo."),(0,ce.kt)("p",null,"Demo (28:20 in the video)"),(0,ce.kt)("p",null,"Generated kube mypod and the did ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman kube apply")),(0,ce.kt)("p",null,"Created a new namespace and generated a new service file and applied it. She then showed the services, and it showed the pod was created."),(0,ce.kt)("p",null,"Kubeconfig file can hold info for multiple clusters."),(0,ce.kt)("h2",{id:"podman-desktop-updates"},"Podman Desktop Updates"),(0,ce.kt)("h3",{id:"florent-benoit--stevan-le-meur"},"Florent Benoit & Stevan Le Meur"),(0,ce.kt)("h4",{id:"3710-in-the-video"},"(37:10 in the video)"),(0,ce.kt)("p",null,"Podman Desktop latest new features:"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("p",{parentName:"li"},"Onboarding sequence (home page), detects if podman runs and ability to start it")),(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("p",{parentName:"li"},"Registry Support")),(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("p",{parentName:"li"},"Proxy configuration")),(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("p",{parentName:"li"},"Revamped UI for containers and images")),(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("p",{parentName:"li"},"Windows: Install of podman + Podman Desktop")),(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("p",{parentName:"li"},"Help page"),(0,ce.kt)("p",{parentName:"li"},"0.0.6 will be released along with Podman 4.2\nDemo video: ",(0,ce.kt)("a",{parentName:"p",href:"https://www.youtube.com/watch?v=br8b6DUHpD8"},"https://www.youtube.com/watch?v=br8b6DUHpD8")))),(0,ce.kt)("p",null,"Demo (40:10 in the video)"),(0,ce.kt)("p",null,"Early Adopter Program:\nAsking users to join the early adopter program, which is linked from the top of podman-desktop.io web page. Especially looking for users interesting into providing feedback and getting involved on shaping up the tool."),(0,ce.kt)("p",null,"Links:"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"github.com/containers/podman-desktop"),(0,ce.kt)("li",{parentName:"ul"},"podman-desktop.io")),(0,ce.kt)("h2",{id:"open-forumquestions"},"Open Forum/Questions?"),(0,ce.kt)("h4",{id:"4735-in-the-video"},"(47:35 in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Protections on prune in Fetchit? If you're worried about losing, you can run in an drun manually instead. The 'podman prune' does images not volume. Fetchit would only prune a volume if not images/containers used it."),(0,ce.kt)("li",{parentName:"ol"},"4.2 rc3 going out soon, v4.2 on Fedora on Aug 15.")),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Podman on Mac installer.")),(0,ce.kt)("h2",{id:"next-meeting-tuesday-october-4-2022-1100-am-eastern-utc-4"},"Next Meeting: Tuesday, October 4, 2022, 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"next-cabal-meeting-thursday-september-15-2022-1100-am-eastern-utc-4"},"Next Cabal Meeting: Thursday, September 15, 2022, 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"meeting-end-1154-am-eastern-utc-4"},"Meeting End: 11:54 a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"bluejeans-chat-copypaste"},"BlueJeans Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Me10:57 AM\nPlease sign in here: https://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nMe11:00 AM\nPlease sign in here: https://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nMe11:02 AM\nhttps://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nValentin Rothberg11:02 AM\nGood to see you Sally and Ryan!\nMark Russell11:04 AM\nyay Fetchit!\nAdi11:19 AM\n@ryan: So cool. Is the process running cron which checks for consistency with repo running on each instance or just running on the controlling host ?\nDaniel (rhatdan) Walsh11:20 AM\nIt is running on each node. There is no controlling node, all nodes are going to git location and getting their instructions.\nRyan Cook11:24 AM\nDan nailed it. All nodes operate independently\nAdi11:26 AM\nAh i see nice !!! all nodes independent and git as single source of truth\nAdi11:30 AM\n@ryan: if kube is implemented is it under consideration to distribute replica of pods across nodes ? If yes I think a central API server would be needed\nSally O'Malley11:31 AM\nwe (fetchit) also closely watching this kube-apply - we'll be adding this function to fetchit - to combine w/ a minimal k8s env such as microshift\nMiloslav Trmac11:40 AM\nEither it\u2019s a personal cluster, in which case the user has a kubeconfig, or it is an enterprise shared one, in which case login can get complex (OpenID via a browser) and we probably don\u2019t want to deal with that.\nAdi11:41 AM\n@miloslav yes i meant the same\nPreethi Thomas11:47 AM\nlol\nAdi11:49 AM\n@miloslav: also if its prod or stage cluster the workload is directly moving from podman to cluster which might become issue\nRyan Cook11:54 AM\nthank you all!\nStevan Le Meur11:54 AM\nthanks all!\nFlorent Benoit11:55 AM\nthanks, bye\nMe11:55 AM\n")))}Ba.isMDXComponent=!0;const Ea={},Wa="Podman Community Cabal Meeting Notes",ja=[{value:"Jauary 19, 2023 11:00 a.m. Eastern",id:"jauary-19-2023-1100-am-eastern",level:2},{value:"January 19, 2023 Topics",id:"january-19-2023-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"Podman v4.4 Update - (0:50 in the video) - Matt Heon",id:"podman-v44-update---050-in-the-video---matt-heon",level:3},{value:"Autoclosing issues in GitHub - (2:54 in the video) - Ed Santiago",id:"autoclosing-issues-in-github---254-in-the-video---ed-santiago",level:3},{value:"Time-to-merge-tool using AI - (26:12 in the video) - Aakanksha Duggal",id:"time-to-merge-tool-using-ai---2612-in-the-video---aakanksha-duggal",level:3},{value:"Open discussion (52:42 in the video)",id:"open-discussion-5242-in-the-video",level:4},{value:"Next Meeting: Thursday, February 16, 2023, 11:00 a.m. EDT (UTC-5)",id:"next-meeting-thursday-february-16-2023-1100-am-edt-utc-5",level:3},{value:"Possible Topics",id:"possible-topics",level:2},{value:"Next Community Meeting: Tuesday, February 7, 2023 11:00 a.m. EDT (UTC-5)",id:"next-community-meeting-tuesday-february-7-2023-1100-am-edt-utc-5",level:3},{value:"Possible Topics:",id:"possible-topics-1",level:3}],La={toc:ja},Ha="wrapper";function Ra(e){let{components:t,...a}=e;return(0,ce.kt)(Ha,(0,Q.Z)({},La,a,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("p",null,"Attendees: Matt Heon, Dan Walsh, Nalin Dahyabhai, Paul Holzinger, Lokesh Mandvekar, Valentin Rothberg, Eduardo Santiago, Giuseppe Scrivano, Aditya Rajan, Preethi Thomas, Ashley Cui, Stevan Le Meur, Jeremy Buseman, Aakanksha Duggal, Brent Baude, Christopher Evich, Leon N, Thomas Gonzales, Urvashi Mohnani, Lance Lovette, Martin Jackson"),(0,ce.kt)("h2",{id:"jauary-19-2023-1100-am-eastern"},"Jauary 19, 2023 11:00 a.m. Eastern"),(0,ce.kt)("h2",{id:"january-19-2023-topics"},"January 19, 2023 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Podman v4.4 Update - Matt Heon")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Autoclosing issues - Ed Santiago\nA. ",(0,ce.kt)("a",{parentName:"p",href:"https://issues.redhat.com/browse/RUN-1721"},"https://issues.redhat.com/browse/RUN-1721"))),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Time-to-merge-tool using AI - Aakanksha Duggal\nA. ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/redhat-et/time-to-merge-tool"},"website"),"\nB. contact : ",(0,ce.kt)("a",{parentName:"p",href:"mailto:aduggal@redhat.com"},"aduggal@redhat.com")))),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://youtu.be/YCi6KuC9ESw"},"Recording")),(0,ce.kt)("p",null,"Meeting start 11:02 a.m. Thursday, January 19, 2023"),(0,ce.kt)("h3",{id:"podman-v44-update---050-in-the-video---matt-heon"},"Podman v4.4 Update - (0:50 in the video) - Matt Heon"),(0,ce.kt)("p",null,"No release notes yet, working on them for the next RC. Podman v4.4 RC2 out recently, RC3 soon with release notes. Final a week or so later. It will include Quadlet support."),(0,ce.kt)("h3",{id:"autoclosing-issues-in-github---254-in-the-video---ed-santiago"},"Autoclosing issues in GitHub - (2:54 in the video) - Ed Santiago"),(0,ce.kt)("p",null,"Ed doesn't think we should be autoclosing issues with any of the tools. Ed proposes a possible jetsam tag which would be used to mark a potential issue to close. Issue noted ",(0,ce.kt)("a",{parentName:"p",href:"https://issues.redhat.com/browse/RUN-1721"},"here"),' - "podman: spike create EOL policies for issues and PRs". Valentin concurs.'),(0,ce.kt)("p",null,"If Dan sees an issue go stale after 30 days without any activity, he removes them. The ones that are getting removed are generally lower priority that the community hasn't picked up."),(0,ce.kt)("p",null,"Ed is thinking about making a table to note inactive issues and wonders if it would be of help."),(0,ce.kt)("p",null,"Dan thinks the table is good for features so that we can review those with a person before it gets closed."),(0,ce.kt)("p",null,"Valentin thinks that, in general, humans should make the decision to close an issue, not a bot."),(0,ce.kt)("p",null,"Not a lot of support for autoclosing, so Ed is abandoning the idea."),(0,ce.kt)("p",null,"Paul and Brent would like to lock closed PRs or Issues after 30 days."),(0,ce.kt)("p",null,"Chris said GitHub actions might be useable to resort issues into categories like look at this now. For instance this ",(0,ce.kt)("a",{parentName:"p",href:"https://gist.github.com/rh-container-bot/f505b6fb78db279855862e035629f8aa#file-images-md"},"bot")),(0,ce.kt)("p",null,"Paul is concerned about older versions of Podman that issues are getting reported against and the time necessary to do fix them."),(0,ce.kt)("p",null,"Valentin wants to be careful with these and not just dismiss them as they might also be upstream."),(0,ce.kt)("h3",{id:"time-to-merge-tool-using-ai---2612-in-the-video---aakanksha-duggal"},"Time-to-merge-tool using AI - (26:12 in the video) - Aakanksha Duggal"),(0,ce.kt)("p",null,(0,ce.kt)("a",{target:"_blank",href:n(87903).Z},"Slides"),"\n",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/redhat-et/time-to-merge-tool"},"Project on GitHub")),(0,ce.kt)("p",null,"AI4CI - Open Source AIOps toolkit"),(0,ce.kt)("p",null,"Lack of metrics for Open Source data."),(0,ce.kt)("p",null,"The AI4CI supports CI/CD and software dev process"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Data Collection"),(0,ce.kt)("li",{parentName:"ul"},"Metrics"),(0,ce.kt)("li",{parentName:"ul"},"ML Services"),(0,ce.kt)("li",{parentName:"ul"},"Open source AIOps template")),(0,ce.kt)("p",null,"The tool measures the time to merge a PR into the GitHub Project. Can be used to id bottlenectks. Historical data of issues, commits and PRs."),(0,ce.kt)("p",null,"It gives new contributors an estimate of how long a PR will take to go through the process.."),(0,ce.kt)("p",null,"It Collects Data - Features - Model Building - Training Actions - Make predictions."),(0,ce.kt)("p",null,"Gives project features."),(0,ce.kt)("p",null,"Models service is done by GitHub actions."),(0,ce.kt)("p",null,"The Workflow can be started two ways in training and inference mode."),(0,ce.kt)("p",null,"It trains for each individual repository. Used currently by openshift, ansible, and others."),(0,ce.kt)("p",null,"It requires an action.yaml file and a few other files."),(0,ce.kt)("p",null,"Demo - (36:24 in the video)"),(0,ce.kt)("p",null,"Aakanksh showed her repo and walked through the files that need to be put into place within the GitHub workflows."),(0,ce.kt)("p",null,'Once setup, you can go to "Actions" and click on the training.'),(0,ce.kt)("p",null,"There is also an ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/AICoE/elyra-aidevsecops-tutorial/issues/532#issuecomment-1347919300"},"autoclose")),(0,ce.kt)("h4",{id:"open-discussion-5242-in-the-video"},"Open discussion (52:42 in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Podman v4.4 RC2 errors\nMartin Jackson noted an issue with CNI errors on Podman 4.4 RC2. ",(0,ce.kt)("a",{parentName:"li",href:"https://bodhi.fedoraproject.org/updates/FEDORA-2023-a0f754c701"},"Issues"))),(0,ce.kt)("h3",{id:"next-meeting-thursday-february-16-2023-1100-am-edt-utc-5"},"Next Meeting: Thursday, February 16, 2023, 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h2",{id:"possible-topics"},"Possible Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"None discussed.")),(0,ce.kt)("h3",{id:"next-community-meeting-tuesday-february-7-2023-1100-am-edt-utc-5"},"Next Community Meeting: Tuesday, February 7, 2023 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h3",{id:"possible-topics-1"},"Possible Topics:"),(0,ce.kt)("p",null,"Meeting finished 11:59 a.m."),(0,ce.kt)("p",null,"Raw Meeting Chat:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"You11:00\u202fAM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nLokesh Mandvekar11:04\u202fAM\nv4.4.0-rc2 will be available in updates-testing soon https://bodhi.fedoraproject.org/updates/?packages=podman\nYou11:05\u202fAM\nhttps://issues.redhat.com/browse/RUN-1721\nMiloslav Trmac11:10\u202fAM\nI think it\u2019s fair to close stale issues on which we can take no action - bugs with information required to debug not provided, PRs (for features we don\u2019t otherwise care about) where the submitter has gone away.\nFor things that were determined to be real bugs or real features we might want, we just don\u2019t have capacity for, I can\u2019t see any benefit to closing them that couldn\u2019t just as well be obtained by sorting by recent updates, and ignoring the older ones.\nChristopher Evich11:22\u202fAM\ne.g. https://gist.github.com/rh-container-bot/f505b6fb78db279855862e035629f8aa#file-images-md\nChristopher Evich11:25\u202fAM\nmarkdown-table posted by 'exuanbo/actions-deploy-gist' github-action.\nMiloslav Trmac11:26\u202fAM\nIf we are overworked, one option is to just do less; another is to farm out some of the effort to other people. In that sense, asking reporters to reproduce on mainline might be a good tradeoff? OTOH it could very well cost us important bugs that would not reach us.\nBrent Baude11:27\u202fAM\nPaul is tugging on a good thread here ... can we get a separate cabal to talk about ubuntu?\nYou11:29\u202fAM\nAakanksha's project: https://github.com/redhat-et/time-to-merge-tool\nYou11:35\u202fAM\nI suspect Preethi is enthralled....\nYou11:42\u202fAM\nCan you ignore a particular user's PRs? I'm thinking dependabot/bot users who would potentially mess up the curve for most \"real\" people.\nYou11:51\u202fAM\nAakanksha, can you ping me by email so I can have you email address please?\nAakanksha Duggal11:52\u202fAM\nhttps://github.com/AICoE/elyra-aidevsecops-tutorial/issues/532#issuecomment-1347919300\nMiloslav Trmac11:54\u202fAM\nIs the ML model interpretable, i.e. can it give us insight into causes / correlations?\nAakanksha Duggal11:54\u202fAM\n@miloslav - not yet, but something we plan to look into.\nPreethi Thomas11:55\u202fAM\nThanks Aakansha for presenting\nLokesh Mandvekar11:56\u202fAM\nhttps://bodhi.fedoraproject.org/updates/FEDORA-2023-a0f754c701\nChristopher Evich11:57\u202fAM\nYa, thanks Aakansha, it's a really neat way to use AI/ML.\nAakanksha Duggal11:57\u202fAM\nThank you for having me. Please feel free to contact me if needed. :)\nieq-pxhy-jbh\n")))}Ra.isMDXComponent=!0;const Oa={},Ja="Podman Community Cabal Meeting Notes",Fa=[{value:"April 20, 2023 11:00 a.m. Eastern",id:"april-20-2023-1100-am-eastern",level:2},{value:"April 20, 2023 Topics",id:"april-20-2023-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"Possible Podman 5 features (1:14 in the video) - Dan Walsh - 1",id:"possible-podman-5-features-114-in-the-video---dan-walsh---1",level:3},{value:"Bug Week (54:51 in the video) - Matt Heon",id:"bug-week-5451-in-the-video---matt-heon",level:3},{value:"Open discussion (49:00 in the video)",id:"open-discussion-4900-in-the-video",level:4},{value:"Next Meeting: Thursday, May 18, 2023, 11:00 a.m. EDT (UTC-5)",id:"next-meeting-thursday-may-18-2023-1100-am-edt-utc-5",level:3},{value:"Possible Topics",id:"possible-topics",level:2},{value:"Next Community Meeting: Tuesday, June 6, 2023, 11:00 a.m. EDT (UTC-5)",id:"next-community-meeting-tuesday-june-6-2023-1100-am-edt-utc-5",level:3},{value:"Possible Topics:",id:"possible-topics-1",level:3}],Ga={toc:Fa},Ya="wrapper";function Ua(e){let{components:t,...n}=e;return(0,ce.kt)(Ya,(0,Q.Z)({},Ga,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("p",null,"Attendees: Matt Heon, Paul Holzinger, Lokesh Mandvekar, Valentin Rothberg, Eduardo Santiago, Giuseppe Scrivano, Preethi Thomas, Ashley Cui, Brent Baude, Chris Evich, Urvashi Mohnani, Martin Jackson, Mohan Boddu, Dan Walsh, Anders Bjorklund, Shion Tanaka, Stevan Le Meur,"),(0,ce.kt)("h2",{id:"april-20-2023-1100-am-eastern"},"April 20, 2023 11:00 a.m. Eastern"),(0,ce.kt)("h2",{id:"april-20-2023-topics"},"April 20, 2023 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Possible Podman 5 features - Dan Walsh/All\n","*","SQLite"),(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"hyperV"),(0,ce.kt)("li",{parentName:"ul"},"Mac Native Virt"),(0,ce.kt)("li",{parentName:"ul"},"Drop CNI"),(0,ce.kt)("li",{parentName:"ul"},"Drop Cgroup V1"),(0,ce.kt)("li",{parentName:"ul"},"ZSTD By default"),(0,ce.kt)("li",{parentName:"ul"},"podman build -> build farm support"),(0,ce.kt)("li",{parentName:"ul"},'(refactor podman machine) <-- not "feature" but ...'),(0,ce.kt)("li",{parentName:"ul"},"making manifest lists by default"),(0,ce.kt)("li",{parentName:"ul"},"Use OCI images for podman machine",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"podman <-> podman machine versioning ..."))),(0,ce.kt)("li",{parentName:"ul"},"assimilate podman machine services"))),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Bug week reminder/participation invitation - Matt Heon"))),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://youtu.be/_NnWUqyaBmw"},"Recording")),(0,ce.kt)("p",null,"Meeting started at 11:02 a.m. Thursday, April 20, 2023"),(0,ce.kt)("h3",{id:"possible-podman-5-features-114-in-the-video---dan-walsh---1"},"Possible Podman 5 features (1:14 in the video) - Dan Walsh - 1"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"SQLite - Works underway."),(0,ce.kt)("li",{parentName:"ul"},'hyperV - Up for testing. Talk to Brent about the "decoder ring"'),(0,ce.kt)("li",{parentName:"ul"},"Mac Native Virt - doing qemu not on Mac, Apple is making qemu less attractive for multi-arch, so we're looking at Mac native virtualization and working on it today, targeting Podman v4.6."),(0,ce.kt)("li",{parentName:"ul"},"Drop CNI - Looking at dropping the CNI network. Currently, Netavark is the default for the latest. We are looking at dropping CNI as of RHEL 10. If we don't, then the RHEL team will need to support it for ten years or so from when RHEL 10 is released. Matt thinks the code cleanup is the most significant benefit."),(0,ce.kt)("li",{parentName:"ul"},"Drop Cgroup V1 - Similar to dropping CNI and more important to Dan as systemd is about to drop support for cgroup v1. We are looking at Podman v5.0 for this too. We need to be sure that we don't mess up partners such as Ubuntu LTS. Another thing to watch for is Chromebook users use a Debian base, and that might be problematic too. Anders pointed out that his Ubuntu 22.04 has systemd/cgroups v2"),(0,ce.kt)("li",{parentName:"ul"},"ZSTD By default - using the ZSTD compression algorithm instead of gzip. Older versions of Docker don't support ZSTD, so that's a bit of a concern. The thought is to let the user pick or push to versions of the image. A lot quicker downloads with ZSTD over gzip. A problem with pushing two images, people may have to pay for storing or pushing multiple images. The thought is to default to ZSTD and allow users to configure back to gzip in their containers.conf file. The compression happens only during push/pull. The format of the image on disk or in the registry remains the same. Brent would like to get buy-in from Quay, but they won't likely step up until we, or someone else, starts using ZSTD more frequently. The Moby shipped with Fedora now uses ZSTD."),(0,ce.kt)("li",{parentName:"ul"},"podman build -> build farm support - Nalin is working on this to allow building of an image for multiple architectures. Nalin is making it a very easy to specify with podman build command line options. You wouldn't need to deal with manifests nor have any need to deal with a second VM running another architecture, it would just work. It will build natively, not in emulation mode. Under development at the moment."),(0,ce.kt)("li",{parentName:"ul"},'(refactor podman machine) <-- not "feature" but ... - After the Apple hypervisor work is complete, some refactoring of the podman machine might be a good thing to do for speed. This might be done earlier than Podman v5. Dan also noted that we\'re thinking about moving podman machine to a separate repo. We might draw more interest in contributing if we did move it.'),(0,ce.kt)("li",{parentName:"ul"},"making manifest lists by default - when you pull an image to a system, by default, you don't always get a list. If you have a multi-arch image, this can be a problem. Looking into being able to pull manifest lists down so multi-arch images could be better supported. The thinking is to turn this on by default in Podman v5 and then allow users to opt out of it. Matt is concerned that someone might get angry as manifest lists (JSON file) will show up that haven't been there before. Brent suggests we hide the lists as much as possible."),(0,ce.kt)("li",{parentName:"ul"},"Use OCI images for podman machine"),(0,ce.kt)("li",{parentName:"ul"},"podman <-> podman machine versioning ... This allows you to enforce that the version of the client dictates the version of the guest podman machine. That way you run only the version that is supported in your environment. This also helps the development team by not needing to supporting multi version combinations."),(0,ce.kt)("li",{parentName:"ul"},"assimalate podman machine services - for running a podman machine depending on the hypervisor and the Operating System, it is required to have a number of services running due to a number of microservices. The talk is to move it all under one potentially."),(0,ce.kt)("li",{parentName:"ul"},"Anders talked about some storage ideas (",(0,ce.kt)("inlineCode",{parentName:"li"},"ipfs://"),") that had been kicked around in the past and is wondering if any work has gone on that. It would allow layers to be split across multiple files. This would be in c/storage. Matt thinks\n",(0,ce.kt)("a",{parentName:"li",href:"https://archive.fosdem.org/2022/schedule/event/container_ipfs_image/"},"https://archive.fosdem.org/2022/schedule/event/container_ipfs_image/"))),(0,ce.kt)("h3",{id:"bug-week-5451-in-the-video---matt-heon"},"Bug Week (54:51 in the video) - Matt Heon"),(0,ce.kt)("p",null,"Podman/Buildah teams are doing a bug fix week next week. We're encouraging people to help or point out bugs important to you. Then stability releases after that. So afterward, we'd be at Podman v4.5.1."),(0,ce.kt)("h4",{id:"open-discussion-4900-in-the-video"},"Open discussion (49:00 in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Martin was asking about Quadlet and was it going from tech preview to fully supported. Martin uses Quadlet and is really liking it. He thinks it's one of the best features in Podman. Dan noted we've gotten a lot of nice feedback, but now we need to get the word out. As we move to edge devices, Quadlet will be more critical."),(0,ce.kt)("li",{parentName:"ol"},"Dan talked about Valentin's thought to never break on upgrade to a new version. For Dan it's more about pushing the envelope, otherwise you get old code. Dan has broken things in the past to secure code. Dan believes both viewpoints are valid. Matt suggests that we might support a v4.0 Podman for a while longer, but that would only have bug fixes, not new enhancements.")),(0,ce.kt)("h3",{id:"next-meeting-thursday-may-18-2023-1100-am-edt-utc-5"},"Next Meeting: Thursday, May 18, 2023, 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h2",{id:"possible-topics"},"Possible Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"containersh - Dan Walsh"),(0,ce.kt)("li",{parentName:"ol"},"Storage - allow layers to be split across multiple files. - Anders Bjorklund")),(0,ce.kt)("h3",{id:"next-community-meeting-tuesday-june-6-2023-1100-am-edt-utc-5"},"Next Community Meeting: Tuesday, June 6, 2023, 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h3",{id:"possible-topics-1"},"Possible Topics:"),(0,ce.kt)("p",null,"None Discussed"),(0,ce.kt)("p",null,"Meeting finished 11:58 a.m."),(0,ce.kt)("p",null,"Raw Meeting Chat:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"You11:02\u202fAM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nYou11:05\u202fAM\nPlease sign in or add to the meeting notes: https://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nAnders F Bj\xf6rklund11:17\u202fAM\nmy Ubuntu 22.04 has systemd/cgroups v2\nBrent Baude11:22\u202fAM\nty Anders\nBrent Baude11:51\u202fAM\ni need to drop as well\nAnders F Bj\xf6rklund11:51\u202fAM\nhttps://archive.fosdem.org/2022/schedule/event/container_ipfs_image/\nieq-pxhy-jbh\n\n")),(0,ce.kt)("p",null,"Raw Transcript"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"ieq-pxhy-jbh (2023-04-20 17:03 GMT+2) - Transcript\nAttendees\nAnders F Bj\xf6rklund, Ashley Cui, Brent Baude, Christopher Evich, Daniel Walsh, Ed Santiago Munoz, Lokesh Mandvekar, Martin Jackson, Matt Heon, Mohan Boddu, Paul Holzinger, Preethi Thomas, Shion Tanaka, Stevan Le Meur, Tom Sweeney, Tom Sweeney's Presentation, Valentin Rothberg\nTranscript\nThis editable transcript was computer generated and might contain errors. People can also change the text after it was created.\nTom Sweeney: Have and there it is. Welcome everybody. This is April 20th 2023. This is the Podman Community cabal meeting for this meeting. We usually talk about design issues or thoughts for Pod, man. And today we have a good slate of stuff for Pod Man, 50 features, which is coming up. Container essay, and then also talk about Bug Week. So We have a hack MD going, I've put a link into the comments here for Google meet. Please go ahead and add your comments since there is we go along or if I'm going to try and take notes and if I mess up, please go ahead and correct me or add links as appropriate. So giving all that I have Dan walshill first with possible pod, man, 5 features and\nDaniel Walsh: Okay, can you put up the\nDaniel Walsh: You put up the feet, the slide or\u2026\nTom Sweeney: Yeah.\nDaniel Walsh: whatever. thing, everybody slides, shining it shining into\nDaniel Walsh: Okay. so, I view Major releases in two ways, and balance is going to be pushing back on this. So it could get entertainment entertaining a little bit. I view a major release as being A milestone of marketing more than just being, you know, having it like In the real world when relate. Well, nine well-10 comes out. It's not only a chance to say we have new functionality but it's also a chance for marketing. You know, isn't it great that we move this far ahead? So I'd like to, you know, over the years when we had different versions of Pod Man, Come Out. It was not only we didn't do it just for breaking changes but we also did it so much from marketing. So I think with podman 2 came out, we added\nDaniel Walsh: We moved. I think we that was the first time we added in the new API and FOD, Man, 3 came out. We added appointment, three came out, we had a new API and pod, man. 4 came out, We added, You know, some of the pipe, my machine functionality and other things like that. So when we look at now, it's been well. This is probably planned for the end of the year early next year. So it's gonna be two years since Pod, Man Full came out at that point. So the question I have is what, what did the long-range things that we'd like to see in a marketing event for five man. Five on a second thing is, is when we come up with the major release, it gives us a chance to change the defaults in such a way that potentially, they could break break people. And obviously that's something that we want to avoid.\nDaniel Walsh: If at all possible but sometimes it's it's necessary in order to move forward. So things I threw down for ideas for podman 5 and again, these don't have to wait for apartment five. They're just major things that are going on in the Pod, Man world right now.\nDaniel Walsh: That I I see moving forward and I just threw down a few ideas right now this for those. That don't know, there is a pod man, internal database right now is based on multi B and it's felt by the maintainers of the database that it was important to force to support ability. We saw a lot of corruptions happening and multi B and we felt that the upstream for both DB was not as responsive or not as active as we'd like. And so we wanted to switch to something a little more stable which was ask you a light. And so that's actually in Part-man 405 right now, you can actually test With.\nDaniel Walsh: SQLite. But I'm at apartment 5, we'd switch. The default to SQL Light. Obviously upgrades would continue in both DB, but if you did a restart reset, then you switched SQLite There's also a big effort for the lots and lots of uses on Windows cannot support.\nDaniel Walsh: Wsl. Usually it's something inside the company that says, they don't like wsl or whatever reason it is and they've asked us to support five main machine for Native virtualization. So on Windows, the first version of that is going to be Hyper-V, which is being heavily worked on right now. When Brent is there? Is that available at all right? Now for testing\n00:05:00\nBrent Baude: It's actually done.\nBrent Baude: There's some official stuff that needs to go into fossa and ignition. But and some nits to smooth over in podman. but, Yeah, you just need the secret decoder ring. For me to get the image.\nDaniel Walsh: Yeah. And I don't I mean again this you know probably obviously is going to come out probably in four six might be you know just you won't need the Dakota ring to turn it on at that point or but it's it's something that we want to again market that we have new architecture. Just are not new virtualization support.\nBrent Baude: Yep.\nDaniel Walsh: Secondarily to that is on the max right now. We support qemu for running our podman machines. And there's been a lot of requests for sporting that native virtualization. Mac apples actually, making it much more attractive or\nDaniel Walsh: Making c** you much less attractive as a solution based on some of this stuff they're doing for support of multi-atch building. So that's sort of driving us towards native virtualization Plus, we believe that we can get better performance by using Verdeo of SD instead of playing nine for volume mounting into the containers. This is something the darker currently supports. So we will be doing some time in the next six months or so we moving, or adding support for native Mac. Virtualization anything you want to say on that Brent.\nBrent Baude: Started working on it today, hope to have it done for four six.\nDaniel Walsh: Okay. The next one is, now we start to get into system controvers. So, not only three above would necessarily be breaking changes.\nDaniel Walsh: The next one would be potentially more controversial, which would be to drop CNI support right now. We if you run containers, With pod man. The default that you get on a fresh installed pod, man is neta back for networking stack. We currently also continue to support CNI, but the idea would be, Can we get rid of the CNI code? Can we get rid of the support headache of CNI? And really, this to me, is more guided towards a real 10 type release thing and that\nDaniel Walsh: when we sign up for new version of podman releases on a particular rail, we're signing up for 10 years of support. So the question is, Do we want to support? CNI 12 years from now on top of Pod, Man. Now, obviously, we can never break. We can't break REL support on Level Eight Row 9. So CNI support. But can we start to get rid of it by default? and I think that, Mainly for people on here that ends up being somewhat of a time sink. For a matte and Paul.\nDaniel Walsh: Hopefully would start to disappear as we move forward and more people use it, but it would clean up the code base to get rid of C and I altogether out of it. Any comments by Matt Paul on that.\nDaniel Walsh: Yeah, I mean the one benefit also of saying we're dropping CNI is that it can convince people to switch over to Netovac easier than feeling like they're gonna get it supported for? Forever.\nMartin Jackson: That.\nMartin Jackson: There.\nDaniel Walsh: The next one is also similar and probably more to me, more important. Is that we right now, I believe system D is about to drop support for C groups, V1, Um, so that I think, I don't know if it's Fedora 38, if there are 39 is no longer going to support sea Groups, B to be one. So can we start to look at dropping support for cigarettes for you, one for our tool chain. So I think the primary tool there would be like Seron and run c start to think about it as well as I'm not sure how much We do in Pod man for that, but it's probably they're certain flags. That would have to be start to be removed since then. All I can make sense in the cedar must be two worlds. Um, and again, I think that's just for long range support. right now, from a rel,\n00:10:00\nDaniel Walsh: point of view around 9:00 defaults to see groups V2 relate on the single three one but rallied is going into\nDaniel Walsh: Support mode. I think, either, I think in either the next release of the one after is going to be in full support mode so that We shouldn't be. Adding new features to see them to be one or in that dying out. Anybody want to comment on that?\nBrent Baude: I do proposed timing. of the podman 5, I think would have A big influence on that particular topic. I actually really like this idea.\nBrent Baude: There's some distribution benefits to this.\nBrent Baude: But I think one of the things we'll have to do is if we did it today, we'd be cutting off. The two lts's of Ubuntu, right? Is that correct? Is a mantu gone to see groups, we too. They might happen to know.\nChristopher Evich: I think the latest one is.\nAnders F Bj\xf6rklund: I think 22.\nBrent Baude: Okay. Yeah, so it's just something to contemplate as Who we lose? If we do that and but otherwise, I'm completely comfortable with this.\nChristopher Evich: But the old ubuntu's, the old lts a bunches, they just won't update. Right. They they're going to just keep running the older apartment. Should.\nBrent Baude: Yeah, it was sort being unaware that their V2 now so is our V2 lts.\nValentin Rothberg: No.\nBrent Baude: That's what we need.\nValentin Rothberg: I also think that who's is using V1 still. So, if we Cut, or if we would drop.\nDaniel Walsh: Christopher.\nMartin Jackson: A lot of Chromebook users are on old Debians\u2026\nBrent Baude: So, maybe\nMartin Jackson: because of the Chromebook Chromebook default virtualization scheme and I think they might be stuck to.\nBrent Baude: So, Dan sounds like, maybe we need to Kind of understand what everyone else is V2 plans. Sort of look like But again. we could theoretically, just Do it and\nBrent Baude: deal with the consequences.\nDaniel Walsh: Yeah.\nPaul Holzinger: I one question.\nDaniel Walsh: so,\nPaul Holzinger: how much C group code is actually important because isn't most of it done by the runtimes,\nMatt Heon: There's a fair bit of complexity involved in how we do system unit container and how we do the Pod C groups in particular Pod, resource limits involve a fair bit of, super one for C2 last, I checked those would be the big ones. I would say. It's not a huge amount of code, but it is, it is some of the most complicated code. If you've ever seen the code to set up our potsy groups, It's a horrifying massive. If statements\nDaniel Walsh: Yeah.\nBrent Baude: I like the idea. I'd sure like to keep kicking it around.\nDaniel Walsh: So the next one will get even more controversial, which is so we've been kicking around this idea of moving away from Jesus image format. to Zstd both have been supported for several years and\nMartin Jackson: it's\nDaniel Walsh: The spec. but, Docker did not release for over three years. So, Giuseppe had a pull request into Docker. Back in 2002 and that finally got merged and they released a version with it. In March. so, they had him released from March of twenty two, thousands of my 2023. The.\n00:15:00\nDaniel Walsh: We have women kicking around the idea of supporting what we've currently support both zsdd. And Jesus format for images. And it's been supported for many years. In Container D, Cryo and the rest of the world other than darker, And it's been in pod man. For I think every version of pod man, all the way back to one dot six. Maybe not 106. So which is or else seven?\nDaniel Walsh: The problem is that no one creates images with this format because Of Docker, not being able to support the older versions of darker, not being able to support it. we have ideas about potentially, Allowing you users to Check Pick which format they want to basically in containers duck off, pick which formats, that they want to push images to container registry with, and the options would be zstd gzip or a combination of both. So they could basically have but use it within have to pay the price of Pushing two versions of images to container registries and container registries, that would have to store.\nDaniel Walsh: Two versions of the same image. One compressed with each one of them and pod, man, and tools, based on Containers image would be smart enough to pick out the zestd one. If it existed. So, the benefits of their cost and benefits. And we stick with Gzip, we're stuck with the same format that we've been using for years, but old dark versions of darker support it And they can continue to use it. If we force everybody to go to Zstd then old versions of dark are don't support it but everybody in\nDaniel Walsh: The new versions of Pod Man. Not new versions of darker and all versions of our tool change. Get the benefits of better, better compression Quicker downloads in the case of Pod Man and Cryo and those tools they get you weight Grow quicker downloads since it's the pulling down individual files instead of entire images just a different false at a difference. The third option that combination of both has the Problem of you would have to if you're paying for the bandwidth of pushing images that you'd have to pay for additionals, content being pushed, as well as if you're paying for the cost of storing of images. Then you have to pay for both and we potentially could hear bad things from container. Registries who don't want, you know, who are paying the content paying to store both types of content. So,\nDaniel Walsh: the my proposal for Ralph's, for\nDaniel Walsh: Five would be to, we just switch the default to ZSTD thinking that to be a large enough install base of of dockers out there at that point and for people who don't want to use it, they could just simply change the containers that cost to point to Jesus want to to do both. And, but my fear is that we don't do this then. When Pod Man 6 comes up three years from now we're still going to be having this this debate. So you know can we push this forward?\nMatt Heon: I think risk here is a lot lower than the CNI. And what do you call it secrets? We want stuff because we're not dropping code.\nDaniel Walsh: Yeah. Also distributions can, if distributors want to ship a Canadian stock off, that stays the Gzip, then they have the full ability to do it, This just questioning what should be the default format? We go forward with at that point.\nDaniel Walsh: Any other comments?\nBrent Baude: Yeah. How does it? How does it work? In terms of you, you mentioned push but in terms of run or other actions, if, if the STD is the default, Are we saying, can you have a local container storage that has both formats?\nDaniel Walsh: So it's only I'm push and pull. So when it, when it gets put on to your desk, you don't have the format any longer. The big think of this is more pushing and\u2026\nBrent Baude: Okay.\nDaniel Walsh: this is the problem is if you've tried to pull one these images with an older version of Docker, you will fail. It'll come back with that saying,\u2026\n00:20:00\nBrent Baude: Okay, but\nDaniel Walsh: unsupported format.\nBrent Baude: But I think what you're saying is, there's, you know, both formats would still be perfectly usable. It's just be a swap.\nDaniel Walsh: Yes. Which means\u2026\nBrent Baude: So if container registries didn't\nDaniel Walsh: if I meant stats to push images, that can't be used by older versions of darker. That's that's with the dot, that's where we're gonna get. We're gonna get paid as being anti-unity or anti You know. Oci or something at that point.\nBrent Baude: So, I I would, I would be in favor of this. The one thing I would want some sort of commitment from Let's say somebody like Cui. That they would be there be a way to build. Zstd. On their end.\nBrent Baude: because, A lot of us. Use. Combinations of GITHUB and CUI. And auto building.\nDaniel Walsh: Yeah.\nBrent Baude: and one one, like one image, I can think of in particular is Fedora chorus has a\nBrent Baude: They have a image they use for building for coros. And that image is updated weekly. And it's four and a half gig. But I believe it's built, you know, hands off. So it'd be one of those. One of my questions would be If we if we switch, that would be, this would be more effective if if more people could take advantage of it,\nDaniel Walsh: Yeah, but to me to me that's this is where the check of the egg situation is sort of like the old before we force sea groups, V2. Like Oh no. One support secretly too. Why don't they support it? Because no one uses secret too. So, until we start pushing zsdd images. if you went to Cui and said, You know, will you build with CSD? They're like, well, no one uses the STD so it's sort of\nDaniel Walsh: yeah.\nValentin Rothberg: The problem with cstd is that it's in contrast to see Group C group. You fail immediately on the client. So the users. While with Csdd, it may be a silent change entirely transparent to the user. But when they pushed their images, some of their clients may break because they're still using older. so the let's say, The the error multiplication happens, much further. And much more transitively than for secret security.\nDaniel Walsh: Right.\nDaniel Walsh: Yeah. And I guess so that to follow, I mean, I would argue that we are We did this. When we started supporting OCI because older versions of darker, at the time didn't support OCI images. But at that time, Paul Man was brand new so it wasn't I guess people who would expect it to, Potentially cause more breakage than it would now.\nValentin Rothberg: But also, any any breakage can be negative marketing as well. As much as any major major version. I personally perceive major version bumps as all yet, another breaking change.\nDaniel Walsh: So we can't we can hold off on that one that argument to the end. Since that's the\nDaniel Walsh: I don't see that. I mean potentially we push both but then we're gonna get bad news, you know, by the fall but then we get bad. Press from people saying we're using up twice as much bandwidth twice, as much storage.\nDaniel Walsh: But maybe that's the value one but I don't think it valid one is. Oh, we'll just wait, Yes more before. Does anybody ever use a zdd because You know, at some point in the future, there's gonna be enough docker clients out there that Supporting an old ones and\u2026\nValentin Rothberg: Like, I think it should be a\nDaniel Walsh: I could hear you autos Old Ubuntu is an old. rails and all, well must bad shape, but\nAnders F Bj\xf6rklund: but I think,\nValentin Rothberg: I think it should be stepwise migration where, you know, since it's a containers, conflict can be configurable. So Fedora can go first and just Change the standard compression in only in Fedora to see standard without this being built-in, default, setting for Portman, which would then affect all other distributions as well. so, I think that there are ways to, you know, increase, The usage and\u2026\n00:25:00\nDaniel Walsh: Yeah.\nValentin Rothberg: the user-based step by step and not use the big hammer and switch or try to switch everybody at the same time. I think in Fedora, you know, this is probably at least in this immediate community an easier. Test that\nDaniel Walsh: It and in the movie that she and the Moby that ship by Fedora supports the format. So it's not if you live in a fedora pure environment, you're not going to be bit by this.\nDaniel Walsh: So I could go along with that. Just doing his containers.com and leave the standard. Leave it to fall to the STD for built into package, config into common. Yeah.\nBrent Baude: Yeah.\nDaniel Walsh: Okay.\nDaniel Walsh: I guess. Those that on the call right now, the next one is the concept of the build farm. And nalin. Did a demo of this? I don't know if that was an internal or external. a few weeks ago, the basic idea is as We're hearing more and more people who want to build. Images for multiple formats. So from multiple architectures, And a lot of people, it's a fairly complex. Tooling of fairly complex effort to build image for multiple architectures, especially if you're not building them with some kind of emulation mode. Um, So the the basic idea would be say you're on a Mac. You're saying, I'm too Mac and you're building.\nDaniel Walsh: I'm chips based images and then you want to build x86 image and you want to push both of those to a registry so that you create a new full buyer image and it's too architectures. While doing that is fairly complex and what? Nowlin is demonstrated with the tool. He called Build Farm was the ability to Do that automatically taking advantage of.\nDaniel Walsh: Connections. So now on you on the call,\nDaniel Walsh: Put you on the spot.\nTom Sweeney: Nobody's no way on pidgeot today.\nDaniel Walsh: That one's away on Pto. Okay? So the the basic idea would be to to you do a pod man. Build - platform equals am AMD, 64 comma. I'm calm or power and what would happen is odd, Man. Built Odd, Man client would look through its connection database to see if it has connections to the different architectures and then would launch the bills on the different architectures. So say you had set up three ssh connections to build service to be able to perform the builds on a remote system. Then it would pull the images back to the local system create a manifest list and actually assembly entire image and push it out to a registry. So it wouldn't be you wouldn't have to deal with manifest. You wouldn't have to deal with\nDaniel Walsh: Any any special needs for running multiple, you're sitting on a Mac and two and you had two VMs running two podium machines running one for X86 and one for on then if you build with a - platform I'm an x86 they would go out and to the two different VMs on the local Mac and would build the images and then reassemble them back on the default one and then push that to a registry. So that's what we're looking at for podman, builds farm support. And again, it's not looking at emulation mode. This is looking to build natively or On a native VM running an emulation mode, but as opposed then other basically allowing us to fully assemble those on it.\nDaniel Walsh: Any questions on that?\nAnders F Bj\xf6rklund: and I think that Bill Kit is doing this and I think the killer feature for Kubernetes was Windows containers, being able to build those remotely Because most of the Linux ones could be cross-compiled but not windows.\nDaniel Walsh: The problem across compilation, is, as well as twofold one, it's low, and it's potentially very buggy. I know that in the real world, Well, if you refuses to support cross compilation because it's just not this exact same as native. Now, certain architects, if you're building golang code, it's not as big a problem, but if you're building standard seat code, just to see libraries, I just felt to be way too risky to to support cross country.\n00:30:00\nAnders F Bj\xf6rklund: no, the equipment, this one was gold coat and I mean, and also You couldn't do workarounds if there was some across compilation issues but it's still a good feature. Of course, to be able to have remote bare metal, builders for performance reasons.\nDaniel Walsh: Yeah, yeah. And I'm like having what we're looking at here, Actually more of the client driven solution, then the server driven solutions so that you would just have to set up two two and more connection databases to different architectures and either run that VMs locally or remotely. It's just taking advantage of what basically what Pod man remote currently does to assemble these? I think build kid is more on the service side, so you'd have to have, you know, rely on a server. Being set up to do the multiatch builds. Um so anyways it's something that we'd like to get to match the functionality. That's in build kit now but take advantage of what we have with. Basically, the connection database empowerment.\nDaniel Walsh: So the next one, someone else put in.\nBrent Baude: Yeah, I can do that final comment.\nDaniel Walsh: So I'm gonna let that Yeah, you run the bathroom. All right, I'll be back.\nBrent Baude: Yep, final comment on the bit on that build farm though is I think there's a I've no objection with the feature. That's it's a good feature. I think also though there's A a couple of nuggets of gold on the topic of Cross architecture. Period. Throughout Potman.\nAnders F Bj\xf6rklund: and I think also now that build decks gone default that has kind of upped the competition if you\nBrent Baude: Yeah. So as I think about Batman Moore as a whole, I think there are several areas where architecture plays a role and\nBrent Baude: but, Starting with. My gripe about being able to pull the wrong architecture. And attempt to execute it.\nAnders F Bj\xf6rklund: It. Yeah but I mean there are some nice things like being able to use Kubernetes pod builders and stuff like that, that this could be a nice features to have also important.\nAnders F Bj\xf6rklund: I mean, with, with a root, let's capabilities and everything. You have a You have a whole dockering doctor, a customer to migrate. I think the life. Of course.\nBrent Baude: Indeed. Okay, so Timewise here. I'll try to be efficient. the first one was,\nBrent Baude: After that, apple hypervisor stuff is done.\nBrent Baude: Someone probably not me needs to sit down. and contemplate a refactoring of machine code, there's Plenty of duplication that can be removed. I think there's there's a couple of changes in how we do things that could be. Implemented such as factory or build type patterns.\nBrent Baude: And things along those lines. Again, that's not really a feature, it's not something that users would know about. So it could be It could be set as a goal for V5. Or it could just be done in four dot whatever. And no one be the wiser.\nDaniel Walsh: Fall. Yeah, On similar we have discussed potentially moving part man. Machine out of podman into it, separate repository whether we want to or not people are using pottery machine for uses other than just pod man. and so, it potentially could get if we moved it to a separate repo, then potentially you get more people to coming work on it as a separate project. So there are, there are thoughts going around that.\nBrent Baude: Agreed. I've been sort of asking questions around the team as many of them all know as to whether we should start. Making manifest lists more, integral to podman. So to me that's an open question. But but Dan wanted? wanted edge, sort of ideas that You know, are gonna push things a little bit and This might be one of those again, it involves. some compatibility issues as well as registry things, but I wonder if it's something we should start doing.\n00:35:00\nDaniel Walsh: Yep, for those that don't know when you pull an image right now. To a system by default. We don't have a minute. We don't necessarily pull down and manifest list with the difference between an image in a manifest list. Is that If you have a multi-atch image then you have a manifest list of defines the different arches that are in the image by default. Right? Now a very common era that we hit is people pull down a different architectures image. That becomes a default image and then if you go to run at image layer, say, Pull down Alpine for For arm and you're an x86-64. Now you go run the command. Just do a pod Man. Run commander later and you think that you're gonna re-pull a\nDaniel Walsh: X86 image and run that no you end up running the command on top of the image that you pull down. If we had a manifest list, then we could change the behavior so that if you did Pull an image for different architecture. You would get put into the manifest list, if you rent to run it and we could run the native, We pull the native one down or just have the native one available so moving to a manifest list by default again.\nDaniel Walsh: Because the world's moved pretty much when darker happened and over the last first, say eight years of container worlds. It was one architecture x86 with, you know, a tiny bit of different architectures in the world and I think over the because of what Apple has done and the rise of arm. Now we're seeing that there's two architectures out there you know better and you know if risky happens or there could be three architectures and so suddenly we'll work living in a world with Supporting multi arch should be the default as opposed to this one often. And that's what that's why I would like to see us move to manifest list as by default.\nBrent Baude: I think the last time that we talked about this, we sort of came to the conclusion that what we'd be talking about here is in rather than an opt-in. This would be an opt out. So that would be the big change is that we would just turn it on. And allow users to opt out of it. As a way to start. Getting people to use it. Kind of like SC Linux.\nBrent Baude: Anything anyone want to comment on this one or honesty, Linux?\nMatt Heon: How seriously is this going to Sorry?\nPaul Holzinger: I can.\nMatt Heon: Go go Ed.\nPaul Holzinger: No, I, I totally support the idea of having manifests because I never understood the current behavior that you just used to take from your native image and then all of the sudden, it's Like no use, I can understand what's happening here. So I I think that that makes much more sense.\nBrent Baude: I don't think they need to understand it either or should have to\nPaul Holzinger: It right, right? That's the thing. Like the current behavior never made sense to me. So,\nBrent Baude: Go ahead, Matt.\nMatt Heon: How seriously is this going to affect? Like I don't think we can change the way. Say Odd man Inspects works on images. Is this going to seriously affect my workflow? If I'm used to only using podman and spec podman history, all the image specific commands. My concern would be that suddenly I start getting different output because it's a manifest list, not an image and\nDaniel Walsh: I think it would just default to the unaid about this would allow us, I believe to always default to the native arch. So if you do a pod,\u2026\nBrent Baude: Correct.\nDaniel Walsh: man, if you do a pod man pulled - platform equals, And then you do a pod, man. Inspect Image. Without the dash dash equals it. You'd get the native format one as opposed to the one.\nMatt Heon: Okay. Yeah.\nDaniel Walsh: That's the goal and\u2026\nMatt Heon: I'm sure.\nDaniel Walsh: I'm making up since we haven't done this and I haven't experimented with it but that was that's the goal.\nBrent Baude: These are just ideas.\nMatt Heon: We're going to blow something up. We're going to make someone very angry because all of a sudden, they're making manifest list that they didn't know even were a thing. But I don't, I agree.\nDaniel Walsh: Yeah. Commitment.\nMatt Heon: That's a good idea and I don't think we can avoid us.\nBrent Baude: What did you say? We're gonna make users, make manifest lists.\n00:40:00\nDaniel Walsh: Right.\nDaniel Walsh: Those that don't know on this call, manufactless is just a JSON file on this. Yeah.\nBrent Baude: Yeah, and I would suggest that we make every bit of effort to hide that. There's a manifest list from people.\nDaniel Walsh: Yeah.\nBrent Baude: unless, People know about it and want to alter specifically the manifest list. I think there's a set of rules. We could kind of come up with that, that would allow for that. Okay, we best move on.\nBrent Baude: The the next one is around this podman machine and the OCI images. This is this is essentially where you can build your own images or we could distribute our images, or epcot's images via something like quick,\nBrent Baude: This is a pretty big advantage for us. It, it also has a few upsides, one of which I listed there, but\nBrent Baude: this is, this could be a potentially breaking visible change in the sense that we're changing how pot Padman machine gets its content So that's why I have it kind of associated with five, but I also the same time we'd be using this. My plan was that we would use this to enforce this. That the version of the client, dictates the version of the guest. And so, if you have a Mac and you're using pie man for eight, you're gonna or rather five, oh, you're gonna get a 50. You're gonna get a 50.\nBrent Baude: Guest operating environment. Inside the machine and if you're at five one, you'll get a five one. This eliminates, our problem of mismatched. Clients and servers so to speak. It's sort of a double whammy.\nDaniel Walsh: it also allows people to lock in, at a specific version, so as we, as we start to go out for\nDaniel Walsh: Enterprise customers. They're going to want to building for. You know. A specific version of the operating system. I want to build on that up that level of the operating system so they can Guarantee that this will work with the podmin for six version of odd men. For instance of say that is five five seven and they want their service are all at five three. Then they can log in and build on a five, three based image.\nBrent Baude: Yeah.\nDaniel Walsh: Test.\nAnders F Bj\xf6rklund: And what is the, what is the difference between this and having a URL for the image?\nBrent Baude: It's the the image is, is different on there. So For example. Today, we pull down a few cow for qmu. In and\u2026\nAnders F Bj\xf6rklund: Yeah.\nBrent Baude: so in the future, we would pull down an OCI image.\nBrent Baude: Not a cute girl.\nAnders F Bj\xf6rklund: Right. But I mean, if you wanted to fix the version, you could do that by providing a custom image to direct. But this would make it easier to host.\nBrent Baude: Yeah, we're\nAnders F Bj\xf6rklund: It doesn't.\nBrent Baude: It would, but we're desperately trying to stay out of the developing our own fedora chorus and having to do things outside of what Fedora chorus, the team offers.\nAnders F Bj\xf6rklund: That was just wondering if there was a benefit if you had a Web server serving images. Today, if there was a benefit of moving it to OCI images in a registry instead.\nBrent Baude: And yeah, I don't know. but the tagging of the, you know, the tagging ability there and how image, registries are organized are Quite beneficial.\nAnders F Bj\xf6rklund: Yeah, and I guess you don't have to maintain two different types of servers would be. A benefit to some.\nBrent Baude: Something like that. Yep.\nDaniel Walsh: You know.\nChristopher Evich: The city and Cdns aspect. This one.\nDaniel Walsh: Right. We'd like to get to a world where all software shipped fear. Image. It's basically image repositories which Are whether they're coming as containers or operating systems.\n00:45:00\nAnders F Bj\xf6rklund: Or packages. Yeah. Yeah.\nBrent Baude: Okay? And the last one you guys have for those that are on the team, you've heard me kick this topic around recently and it's Probably appropriate for for V5 since it theoretically is a change that users would be impacted by. But essentially right now for running Padman machine depending on the hypervisor and the operating system being used, we have to have various services. running, whether it would be traffic forwarding, whether it would be for vsoc, listening, Whether it might be for Vert. Iowa Fest. And so on.\nBrent Baude: VF Kit would be another one. so, we've talked about whether we should continue to have these microservices and try to continue to manage them as such or whether we assimilate. Into a single service with Microservices underneath it. So that's an idea.\nDaniel Walsh: Any comments on any of this, anybody else have ideas of what they would like to see us have in padman 5.\nDaniel Walsh: Good everybody.\nAnders F Bj\xf6rklund: And dance, some of those storage ideas.\nMartin Jackson: It is.\nDaniel Walsh: Go Anders.\nAnders F Bj\xf6rklund: Yeah, so and there was some talk about like IPF storage and similar. I compared to peer storage and so on. I was wondering if any of that is coming to containers image and therefore podman.\nAnders F Bj\xf6rklund: So that you could both split up your your layers into smaller files and then distribute those files. With our peer-to-peer type of registry.\nDaniel Walsh: I guess Valentin or Miller's life, if you thought about that or Giuseppe.\nAnders F Bj\xf6rklund: And also talk on Foster. I might\nMatt Heon: We have none of those people on the call. Dan Unfortunately, Valentin actively early. So I think it's a I think it's a good idea.\nDaniel Walsh: Um, yeah. Yeah, and just The Anders, could we put that in for discussion on the next Meetup? The next one of these, That seems like a decent conversation.\nAnders F Bj\xf6rklund: Yes.\nDaniel Walsh: I'll also move container shell. To the next discussion for those that don't. I've had two meetings in the last week with different customers who are looking to control users on a service. So the idea would be potentially to allow us to customize their environment. Basically imagine logging into a system, getting stuck into a, A container. And that's what I just calling a container shelf and now, but we don't have time for that. Martin, you get to talk my talk.\nMartin Jackson: Okay, sure. I was wondering, you know, with the, the kind of marketing aspect of the major rep whether Quadlet would get promoted from, you know, kind of experimental tech preview to, you know, fully supported and, and get some more marketing around it.\nDaniel Walsh: Yeah yes definitely. Although sometimes we do that that's more of a real thing than a necessarily.\nMartin Jackson: Yeah.\nDaniel Walsh: Yeah you know but yeah definitely quadlet would be police fully supported at that time, matter fact, container shell would be Also looking at extending quadlet to allow use users to define quadlets for users. As opposed to quadrant for system services. So that's\nPaul Holzinger: Speaking. And speaking for upstream, I would say Quadlet is fully supported like we five bucks, we fix bucks. People come in with ideas. So\nMartin Jackson: Oh, I'm using the heck out of quadlet and I love it. You know, I I it is it is one of the coolest things to happen in the pod, man, ecosystem, you know, in my mind like ever, I've got it running game servers, I've got it, running my automatic ripping machine and since we're being recorded, I'm not going to incriminate myself, but, you know, I love it.\n00:50:00\nDaniel Walsh: Good. we got no, we've gotten a lot of nice feedback and now now the idea is to get more of the word out to get People blogging people, it's showing, I would love to have people start to distribute quadlets and saying, This is how I run this service underneath, you know, system D. And as we move to a judge devices, I think quadlet is critical.\nMartin Jackson: I I totally agree with that thought.\nDaniel Walsh: And it's really, really simple. So that's what I think. That's what everybody likes about it.\nDaniel Walsh: So it's Valentin left. We don't have to so valentin's. I'll I'll be the devil's advocate and make myself Valentin. Now he without you is that we never break anybody, he wants He wanted to talk about\nDaniel Walsh: Sort of. Leanestabolus's idea that you never break an application by updating the kernel and i we could argue back and forth, obviously don't want to break people but we also don't want to be Carrying old crafty code for forever. So the for me, it's more about pushing the envelope. So, my concern is that when you don't, Break anybody? You end up with the same code that you had in 2012. So for instance, I pushed updates that have broken people to make things more secure, because some the false picked by darker war were bad. So my concern when we say we never break anybody is that we get stuck.\nDaniel Walsh: You know, just doing stuff the same way as we have for the last 10 years even though they're a better ways like Zstd for storing images and you know, and we have a even secretary too. It's like we get stuck. As he was three one forever. So sort of the Fedora mattress mantra is what I like which is okay. Let's push people to its these these new changes and some people are going to drag drag behind and we try to keep them as happy as possible. But we need to push the the technologies and I think this is partly why Docker was in a relief for three years is because they get stuck in this. And those quandary. So but I agree that both arguments are valid and you know, since a lot of the people in this call are supporting rel for 10 years, we're going to be stuck supporting this stuff for\nDaniel Walsh: You know many many years but I think we can push the upstream a little bit faster to take advantage of new technologies as they come along.\nMatt Heon: It would be an easier sell if we Publicly maintained long-term support branches of V4 for a longer time. I think our upstream position is that V4 is going to go out of support the very moment that V5 comes out. We do have to support it for REL for a while, but that's not really an upstream thing. So maybe we could formally announce upstream support of some degree for a long-term fee for branch just to keep people. Overall, we do the breaking change v5 thing.\nDaniel Walsh: Yeah. But people have to understand that they won't be getting new features. So if on the floor, yeah. Okay,\u2026\nMartin Jackson: I mean I think I think people kind of get that they wouldn't be getting new features with that kind of thing.\nDaniel Walsh: for example.\nMartin Jackson: But In.\nAnders F Bj\xf6rklund: I'm not sure if you seen the Ubuntu support for podman people want a stable version and the latest version at the same time in Debian, stable release. But but I viewed apartments support is not so much kernel, it's more like Python. So you would have Python 2 and I thought that were like Be around forever and then you have a Python 3 that you try to push to people and no one will take it.\nDaniel Walsh: Right. I know it took it until Fedora basically turned off by then too, right? So\nAnders F Bj\xf6rklund: Yeah. And that in a decade past or something. That's your\nTom Sweeney: And just looking at the clock I'm gonna push a little bit to wrap us up here. Matt that you want to say anything about the demo or on bookfix week before you head out.\nMatt Heon: Sure, I can keep this quick. So the Pod Man Core team is going to be doing a bug week for the next week. Not just the podman team builder and Scorpio and everyone else should be involved as well. But as part of this, we are encouraging. Anyone who wants to fix bugs or have bug fixed, please focus. And let us know that you can see or something high priority or even better. Please comment on a book and say I'd like to work on this next week and we will get it assigned to you or try and get a prioritized. And the goal is to guys make books we can fix over the next week and then do some stability releases week after\n00:55:00\nDaniel Walsh: Yeah. So what we work on the next week will be in five man four or five dot one. This is the goal. To put more.\nMatt Heon: Yeah, we'll do a\nChristopher Evich: It might be might be worth putting that invitation out on the mailing list.\nMatt Heon: Yeah, I can send an email.\nTom Sweeney: Okay, great. That word running out of clocks. So I am going to just announce real quickly that we're having our next meeting on May 18th for the Cabal and then June 6th for the community meeting. And I'd like to thank you all for being here. Today, I'm gonna hang up on the recorder.\nTom Sweeney: No recording. Anybody want to say anything other than let's go to lunch?\nTom Sweeney: Or dinner, depending on where you're at.\nTom Sweeney: Right folks, that's it. Thank you so much. Bye.\nAnders F Bj\xf6rklund: Yeah, bye.\nMeeting ended after 00:56:50 \ud83d\udc4b\n\n")))}Ua.isMDXComponent=!0;const qa={},za="Podman Community Meeting",Va=[{value:"March 2, 2021 11:00 a.m. Eastern (UTC-5)",id:"march-2-2021-1100-am-eastern-utc-5",level:2},{value:"Attendees (35 total)",id:"attendees-35-total",level:3},{value:"Meeting Start: 11:03 a.m.",id:"meeting-start-1103-am",level:2},{value:"BlueJeans Recording",id:"bluejeans-recording",level:3},{value:"Multi-arch capabilities in Podman and Buildah",id:"multi-arch-capabilities-in-podman-and-buildah",level:2},{value:"Dan Walsh",id:"dan-walsh",level:3},{value:"(1:44 in the video)",id:"144-in-the-video",level:4},{value:"podman-py roadmap",id:"podman-py-roadmap",level:2},{value:"Jhon Honce",id:"jhon-honce",level:3},{value:"(13:45 in the video)",id:"1345-in-the-video",level:4},{value:"Podman Packages on Kubic",id:"podman-packages-on-kubic",level:2},{value:"Lokesh Mandvekar",id:"lokesh-mandvekar",level:3},{value:"(23:06 in the video)",id:"2306-in-the-video",level:4},{value:"krunvm demonstration",id:"krunvm-demonstration",level:2},{value:"Sergio Lopez",id:"sergio-lopez",level:3},{value:"(28:35 in the video)",id:"2835-in-the-video",level:4},{value:"Tent demonstration",id:"tent-demonstration",level:2},{value:"Farhan Chowdury",id:"farhan-chowdury",level:3},{value:"(40:56 in the video)",id:"4056-in-the-video",level:4},{value:"Containers Plumbing Conference -",id:"containers-plumbing-conference--",level:2},{value:"Questions?",id:"questions",level:2},{value:"(51:20) in the video)",id:"5120-in-the-video",level:4},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday April 6, 2021, 8:00 p.m. Eastern (UTC-4)",id:"next-meeting-tuesday-april-6-2021-800-pm-eastern-utc-4",level:2},{value:"Meeting End: 12:01 p.m. Eastern (UTC-5)",id:"meeting-end-1201-pm-eastern-utc-5",level:3},{value:"Fun Fact:",id:"fun-fact",level:2},{value:"BlueJeans Chat copy/paste:",id:"bluejeans-chat-copypaste",level:2}],Ka={toc:Va},Qa="wrapper";function Za(e){let{components:t,...n}=e;return(0,ce.kt)(Qa,(0,Q.Z)({},Ka,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting"},"Podman Community Meeting"),(0,ce.kt)("h2",{id:"march-2-2021-1100-am-eastern-utc-5"},"March 2, 2021 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"attendees-35-total"},"Attendees (35 total)"),(0,ce.kt)("p",null,"Tom Sweeney, Brent Baude, Jhon Honce, Dan Walsh, Chris Evich, Lokesh Mandvekar, Urvashi Mohnani, Nalin Dahyabhai, Eduardo Santiago, Valentin Rothberg, Giuseppe Scrivano, Miloslav Trmac, Parker Van Roy, Preethi Thomas, Neal Gompa, Matt Heon, Greg Shomo, Dan Walsh, Mayur Shetty, Ed Haynes, Juanje Ojeda, Ashley Cui, Christian Felder, Paul Holzinger, Shion Tanaka, Alex Litvak, Divyansh Kamboj, Marcin Skarbek, Sergio Lopez, James Cassell"),(0,ce.kt)("h2",{id:"meeting-start-1103-am"},"Meeting Start: 11:03 a.m."),(0,ce.kt)("h3",{id:"bluejeans-recording"},"BlueJeans ",(0,ce.kt)("a",{parentName:"h3",href:"https://bluejeans.com/s/w9MNLQGTmf3"},"Recording")),(0,ce.kt)("h2",{id:"multi-arch-capabilities-in-podman-and-buildah"},"Multi-arch capabilities in Podman and Buildah"),(0,ce.kt)("h3",{id:"dan-walsh"},"Dan Walsh"),(0,ce.kt)("h4",{id:"144-in-the-video"},"(1:44 in the video)"),(0,ce.kt)("p",null,"Dan started with a demo on multi-arch. Highlited qemu-user-static which is required to be installed. It allows a Linux kernel to run multi-arch under qemu."),(0,ce.kt)("p",null,"He showed ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman build --pull --manifest myimage /tmp/test")," this created a manifest image with a link to the one he's creating."),(0,ce.kt)("p",null,"Then he specified an arch of arm64 ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman build --pull --manifest myimage --arch arm64 /tmp/test")," and then s390 ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman build --pull --manifest myimage --arch s390 /tmp/test")," and it pulled that architecture version of the image all while being on an x86 machine."),(0,ce.kt)("p",null,(0,ce.kt)("inlineCode",{parentName:"p"},"podman manifest inspect myimage")," shows it has 3 different images as part of it."),(0,ce.kt)("p",null,"Let's you build and manipulate multi-arch images locally or through the tool. It's a new feature as of Podman v3.0."),(0,ce.kt)("p",null,"Linux kernel is smart enough to run it under the right architecture due to qemu and a runtime binary loader. Applicable on X86 on a Raspberry Pi."),(0,ce.kt)("p",null,"Used UBI for the demo, careful doing in Fedora as it can take a long time, especially in comparision to RHEL."),(0,ce.kt)("p",null,"Neal asked if you could build it for multi arch and then push without having to do push by hand for each. Dan pointed out that's what the manifest flag is pointed towards. Currently in ",(0,ce.kt)("inlineCode",{parentName:"p"},"buildah bud"),", ",(0,ce.kt)("inlineCode",{parentName:"p"},"buildah commit")," and ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman build"),". That's all in Podman v3.0 and Buildah v1.19.6"),(0,ce.kt)("h2",{id:"podman-py-roadmap"},"podman-py roadmap"),(0,ce.kt)("h3",{id:"jhon-honce"},"Jhon Honce"),(0,ce.kt)("h4",{id:"1345-in-the-video"},"(13:45 in the video)"),(0,ce.kt)("p",null,"Jhon gave a road map of where we're going."),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("a",{parentName:"li",href:"https://github.com/containers/podman-py"},"https://github.com/containers/podman-py")," - Repository\n\u2022 ",(0,ce.kt)("a",{parentName:"li",href:"https://docker-py.readthedocs.io/en/stable/"},"https://docker-py.readthedocs.io/en/stable/")," - Document\n\u2022 ",(0,ce.kt)("a",{parentName:"li",href:"https://github.com/containers/podman-py/pull/53"},"https://github.com/containers/podman-py/pull/53")," - Committed PR1\n\u2022 ",(0,ce.kt)("a",{parentName:"li",href:"https://github.com/containers/podman-py/pull/55"},"https://github.com/containers/podman-py/pull/55")," - In flight PR2")),(0,ce.kt)("p",null,"Stubbed out ssh adapter, but not much code yet. If you want to drive pods, you'll be able to do so via calls to libpod from Pyton. Want to emulate success of the Podman API and hope to replicate it for Python too in this project. Will publish to python py (Jhon verify). Targeting Python 3.6 and Podman 3."),(0,ce.kt)("p",null,"What's different than using docker-py?\nYou have script that works with pod. docker-py won't give you access to pods, podman-py will. So you'll be able to move docker-py script and then add pod manipulation to it."),(0,ce.kt)("p",null,'How does libpod go work from python?\npodman-py communicates with Podman service via RESTful API between python and libpod go code. The URL\'s will in essence have "/libpod" embedded within.'),(0,ce.kt)("p",null,"Will unprivileged access be allowed?\nYes, Using systemctl --user configuration."),(0,ce.kt)("p",null,"Brent showed doc with more info: ",(0,ce.kt)("a",{parentName:"p",href:"https://podman.readthedocs.io/en/latest/_static/api.html"},"https://podman.readthedocs.io/en/latest/_static/api.html")),(0,ce.kt)("h2",{id:"podman-packages-on-kubic"},"Podman Packages on Kubic"),(0,ce.kt)("h3",{id:"lokesh-mandvekar"},"Lokesh Mandvekar"),(0,ce.kt)("h4",{id:"2306-in-the-video"},"(23:06 in the video)"),(0,ce.kt)("p",null,"Applies to debian, ubuntu and raspberry. Posted a link:\n",(0,ce.kt)("a",{parentName:"p",href:"https://podman.io/blogs/2021/03/02/podman-support-for-older-distros.html"},"https://podman.io/blogs/2021/03/02/podman-support-for-older-distros.html")),(0,ce.kt)("p",null,"Podman v3.0 won't be supported on older variants of these distributions."),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"CentOS 8 Kubic repo will be supported only as long as CentOS 8 itself is alive.")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"CentOS Stream Kubic repo will keep going, though I highly recommend you use the packages from the default repos as they are often fairly current and are known to have passed RHEL's gating tests.")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"For Debian 11, I will not enable the Kubic repo as Debian 11 will have podman included in the default repos itself.")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"For Ubuntu, I will enable packages for Ubuntu 21.04 and 21.10 when they release. But, the 22.04 LTS release which is more than a year into the future will have podman in the base repos itself, so the plan for now is to not enable the Kubic repo for 22.04."))),(0,ce.kt)("p",null,"If support is needed for older variants, Lokesh will need volunteers to help with that."),(0,ce.kt)("p",null,"Packaging on official repo's."),(0,ce.kt)("p",null,"Neal suggests turning off Debian Testing and Next/Unstable, he suggests turning them off now for releases that won't be supported."),(0,ce.kt)("p",null,"Neal might be able to help with support with Ubuntu LTS in the Kubic repo in some instances."),(0,ce.kt)("h2",{id:"krunvm-demonstration"},"krunvm demonstration"),(0,ce.kt)("h3",{id:"sergio-lopez"},"Sergio Lopez"),(0,ce.kt)("h4",{id:"2835-in-the-video"},"(28:35 in the video)"),(0,ce.kt)("p",null,"Dynamic library that enables other programs to easily gain virtulization-based isolation capabilities with a minimum foot print."),(0,ce.kt)("p",null,"Sources"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("a",{parentName:"li",href:"https://github.com/containers/libkrun"},"https://github.com/containers/libkrun")),(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("a",{parentName:"li",href:"https://github.com/containers/krunvm"},"https://github.com/containers/krunvm"))),(0,ce.kt)("p",null,"COPR repo for Fedora"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("a",{parentName:"li",href:"https://copr.fedorainfracloud.org/coprs/slp/krunvm/"},"https://copr.fedorainfracloud.org/coprs/slp/krunvm/"))),(0,ce.kt)("p",null,"Included in openSUSE Virtualization project"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("a",{parentName:"li",href:"https://build.opensuse.org/package/show/Virtualization/krunvm"},"https://build.opensuse.org/package/show/Virtualization/krunvm"))),(0,ce.kt)("p",null,"Homebrew Tap for macOS/arm64 (M1-based devices)"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("a",{parentName:"li",href:"https://github.com/slp/homebrew-krun"},"https://github.com/slp/homebrew-krun"))),(0,ce.kt)("p",null,"Demo started (29:43)"),(0,ce.kt)("p",null,"On ARM Mac, used ",(0,ce.kt)("inlineCode",{parentName:"p"},"krunvm create fedora"),".\n",(0,ce.kt)("inlineCode",{parentName:"p"},"krunvm start fedora-podman")),(0,ce.kt)("p",null,"Changed containers.conf on his linux machine and can now run the container on his Linux box."),(0,ce.kt)("p",null,"He then used the podman remote service ",(0,ce.kt)("inlineCode",{parentName:"p"},"krunvm changevm fedora-podman -p 55555:55555 -p 8080:80")),(0,ce.kt)("p",null,"Then from the container\n'podman --log-level info system service -t -o tcp::55555'"),(0,ce.kt)("p",null,"He was then able to run podman commands on the mac in the minivm."),(0,ce.kt)("p",null,"Questions:\nCan you share the host filesystem with the minivm?\nYes, using krunvm."),(0,ce.kt)("p",null,"Does krunvm support Intel Mac?\nIt does not support Intel Mac currently."),(0,ce.kt)("p",null,"Do you plan to put libkrunvm in brew proper?\nHe does, but needs to rework the PR implementing virtio-fs attributes support in Buildah. After that's complete, he's going to try to get it accepted in brew."),(0,ce.kt)("p",null,"Dan discussed that the Podman Mac effort is to do brew install podman and then ask if you want a vm to run it on. Krunvm might be a part of that solution. End goal to just do ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman run ...")),(0,ce.kt)("h2",{id:"tent-demonstration"},"Tent demonstration"),(0,ce.kt)("h3",{id:"farhan-chowdury"},"Farhan Chowdury"),(0,ce.kt)("h4",{id:"4056-in-the-video"},"(40:56 in the video)"),(0,ce.kt)("p",null,"Tent a development only dependency manager"),(0,ce.kt)("p",null,"Solves:\nCumbersome install process\nUnavailability in a certain platform\nConflicts between multiple versions."),(0,ce.kt)("p",null,"Demo (42:10)"),(0,ce.kt)("p",null,"Showed ",(0,ce.kt)("inlineCode",{parentName:"p"},"tent start mysql")),(0,ce.kt)("p",null,"It created a mysql server on the system. He set up a sql server in the container. Now the server can be used as if mysql was installed on the system."),(0,ce.kt)("p",null,"With tent you can stop/start your services."),(0,ce.kt)("p",null,"Future Plans:\nFix Bugs\nAdd More services\nRefactor the code base\nImprove ovall user experience."),(0,ce.kt)("p",null,"Is there a way to run systemd now? No.\nDoes this run as root or rootless? It runs as rootless only at this point."),(0,ce.kt)("p",null,"Link to the slides - ",(0,ce.kt)("a",{parentName:"p",href:"https://docs.google.com/presentation/d/1BRQET4UkPyPBrhSpJuFoYzLYZe1CfLI6bmhzlEcmWcY/edit?usp=sharing"},"https://docs.google.com/presentation/d/1BRQET4UkPyPBrhSpJuFoYzLYZe1CfLI6bmhzlEcmWcY/edit?usp=sharing"),"\nLink to the repo - ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/fhsinchy/tent"},"https://github.com/fhsinchy/tent")),(0,ce.kt)("h2",{id:"containers-plumbing-conference--"},"Containers Plumbing Conference -"),(0,ce.kt)("p",null,"March 9/10, 9:30 a.m. to 2:00 p.m. Eastern (UTC -4) Free to attend, register here: ",(0,ce.kt)("a",{parentName:"p",href:"https://containerplumbing.org/"},"https://containerplumbing.org/")),(0,ce.kt)("h2",{id:"questions"},"Questions?"),(0,ce.kt)("h4",{id:"5120-in-the-video"},"(51:20) in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Go module issue discovered by Farhan. go.mod target for Podman is requiring a full name. Matt Heon noted it is fixed in Podman v3.0.2."),(0,ce.kt)("li",{parentName:"ol"},"How to tell which version of Buildah is in Podman? Yes in ",(0,ce.kt)("inlineCode",{parentName:"li"},"podman info"),", also included in API headers for /version endpoint")),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("h2",{id:"next-meeting-tuesday-april-6-2021-800-pm-eastern-utc-4"},"Next Meeting: Tuesday April 6, 2021, 8:00 p.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"meeting-end-1201-pm-eastern-utc-5"},"Meeting End: 12:01 p.m. Eastern (UTC-5)"),(0,ce.kt)("h2",{id:"fun-fact"},"Fun Fact:"),(0,ce.kt)("p",null,'The initial name for the Ford Mustang, "Mustang" was rejected initially as the tie in for the name was the WWII P-51 Mustang fighter plane. The designer, John Najjar, re-pitched the name "Mustang" later, but this time with a tie in to Horses. The second pitch was accepted.'),(0,ce.kt)("h2",{id:"bluejeans-chat-copypaste"},"BlueJeans Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Me10:53 AM\nPlease sign in and ask questions in hackmd: https://hackmd.io/fc1zraYdS0-klJ2KJcfC7w?both\nNeal Gompa11:00 AM\nhey all! :D\nSergio Lopez Pascual11:05 AM\nI'm here :-)\nNeal Gompa11:06 AM\nyay, multiarch through qemu :D\nJames Cassell11:10 AM\n3.0 also broke rootless overlay mounts...\nMatt Heon11:10 AM\nEh? Is there a bug for that?\nFirst I've heard of this\nJames Cassell11:11 AM\nI didn't see one in podman, but asked in #podman this morning... maybe it exists in buildah, searching now.\nJuanje Ojeda11:13 AM\nWe use this (with Buildah) quite a lot at the project CKI. We build a lot of multi-arch images.\nWe love it :-)\nMatt Heon11:14 AM\n@James - if you can't find one on Buildah please open a new one\njhonce11:17 AM\nhttps://github.com/containers/podman-py\njhonce11:21 AM\n\u2022 https://docker-py.readthedocs.io/en/stable/\n\u2022 https://github.com/containers/podman-py/pull/53\n\u2022 https://github.com/containers/podman-py/pull/55\nBrent Baude11:24 AM\nhttps://podman.readthedocs.io/en/latest/_static/api.html\n^^ i think this sort of illuminates what Jhon is saying\nnote compat buckets\nLokesh Mandvekar11:26 AM\nhttps://podman.io/blogs/2021/03/02/podman-support-for-older-distros.html\nBrent Baude11:26 AM\nalso noteworthy, your milage may vary using docker-py rootless\nJames Cassell11:34 AM\nWSL2 for Mac?\nLudo C.11:38 AM\nis there is a way to share host filesystem with the mini vm ?\nShion Tanaka11:39 AM\nDoes krunvm support Intel Mac?\nLudo C.11:41 AM\nthat's great, thanks\nAshley Cui11:42 AM\nOh I'm here\nMe11:42 AM\nyeah!\nLudo C.11:44 AM\nI find it great for Linux to have a better isolation, I will definitely try it out\nBrent Baude11:46 AM\n@sergio, do you plan to put libkrun in brew proper?\nSergio Lopez Pascual11:50 AM\n@brent I do. I need to rework the PR implementing virtio-fs attributes support in buildah, but afterwards I'll try to get libkrun/krunvm accepted.\nChristian Felder11:50 AM\nis there a way to generate systemd services for your tents?\ndo you use the current user running the containers or how do you distinguish root-/-less?\nChristian Felder11:52 AM\nthanks\njhonce11:53 AM\nCool stuff!\nNeal Gompa11:53 AM\nnice!\nBrent Baude11:55 AM\n@sergio, can you stick behind so you and I can talk a little\nSergio Lopez Pascual11:55 AM\n@brent sure\nNeal Gompa11:56 AM\nanyway folks, thanks for all this\nShion Tanaka11:56 AM\n@sergio Thanks for the answer about Intel Mac!\nNeal Gompa11:56 AM\nI gotta go now!\nbut thanks :D\nLokesh Mandvekar11:56 AM\nthanks Neal\nNeal Gompa11:57 AM\nLokesh, we should talk offline at some point about the Kubic stuff\nLokesh Mandvekar11:57 AM\nsure thing!\nGreg Shomo (NU)11:59 AM\nhttps://containerplumbing.org/schedule\nDan Walsh11:59 AM\nhttps://containerplumbing.org/\nLudo C.11:59 AM\nI'm in :)\nBrent Baude12:00 PM\ndan, please stick around\nMe12:00 PM\nFun Fact: The initial name for the Ford Mustang, \"Mustang\" was rejected initially as the tie in for the name was the WWII P-51 Mustang fighter plane. The designer, John Najjar, re-pitched the name \"Mustang\" later, but this time with a tie in to Horses. The second pitch was accepted.\nChristian Felder12:01 PM\nThanks. Have a nice day. Bye\nEd Santiago12:01 PM\nthank you! nice work!\nLudo C.12:01 PM\nThanks, bye !\nMarcin12:03 PM\nIs switching runc/curn with krunvm to run each container in separate vm wouldn't be better than using single vm and run podman on it?\nGreg Shomo (NU)12:10 PM\nthank you, everyone, for your time && have a good one !\nMe12:14 PM\n@Matt Heon, I opened the buildah bug for broken rootless overlay mounts since podman 3.0 and buildah 1.19 https://github.com/containers/buildah/issues/3051\nSergio Lopez Pascual12:18 PM\nhttps://github.com/containers/libkrun/blob/main/examples/chroot_vm.c\n\n")))}Za.isMDXComponent=!0;const _a={},Xa="Podman Community Meeting",$a=[{value:"August 3, 2021 11:00 a.m. Eastern (UTC-4)",id:"august-3-2021-1100-am-eastern-utc-4",level:2},{value:"Attendees (22 total)",id:"attendees-22-total",level:3},{value:"Meeting Start: 11:03 a.m.",id:"meeting-start-1103-am",level:2},{value:"BlueJeans Recording",id:"bluejeans-recording",level:3},{value:"General Announcements",id:"general-announcements",level:2},{value:"Tom Sweeney",id:"tom-sweeney",level:3},{value:"Demo: podman run --requires",id:"demo-podman-run---requires",level:2},{value:"Matt Heon",id:"matt-heon",level:3},{value:"(2:30 in the video)",id:"230-in-the-video",level:4},{value:"Demo: podman image scp",id:"demo-podman-image-scp",level:2},{value:"Charlie Doern",id:"charlie-doern",level:3},{value:"(6:57 in the video)",id:"657-in-the-video",level:4},{value:"Rootless Docker Compose Status",id:"rootless-docker-compose-status",level:2},{value:"Paul Holzinger",id:"paul-holzinger",level:3},{value:"(17:20 in the video)",id:"1720-in-the-video",level:4},{value:"Demo: podman secrets --env",id:"demo-podman-secrets---env",level:2},{value:"Ashley Cui",id:"ashley-cui",level:3},{value:"(22:34 in the video)",id:"2234-in-the-video",level:4},{value:"Demos:",id:"demos",level:2},{value:"Rootless Podman with rootless overlay",id:"rootless-podman-with-rootless-overlay",level:3},{value:"podman run --group-add",id:"podman-run---group-add",level:3},{value:"podman /etc/hosts, host.containers.internal support",id:"podman-etchosts-hostcontainersinternal-support",level:3},{value:"Dan Walsh",id:"dan-walsh",level:3},{value:"(25:40 in the video)",id:"2540-in-the-video",level:4},{value:"Rootless podman with rootless overlay",id:"rootless-podman-with-rootless-overlay-1",level:5},{value:"podman run group-add",id:"podman-run-group-add",level:5},{value:"podman /etc/hosts, host.containers.internal support",id:"podman-etchosts-hostcontainersinternal-support-1",level:5},{value:"Questions?",id:"questions",level:2},{value:"(35:10) in the video)",id:"3510-in-the-video",level:4},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday September 7, 2021, 11:00 a.m. Eastern (UTC-4)",id:"next-meeting-tuesday-september-7-2021-1100-am-eastern-utc-4",level:2},{value:"Next Cabal Meeting: Thursday August 19, 2021, 10:00 a.m. Eastern (UTC-4)",id:"next-cabal-meeting-thursday-august-19-2021-1000-am-eastern-utc-4",level:2},{value:"Meeting End: 11:43 a.m. Eastern (UTC-4)",id:"meeting-end-1143-am-eastern-utc-4",level:3},{value:"BlueJeans Chat copy/paste:",id:"bluejeans-chat-copypaste",level:2}],eo={toc:$a},to="wrapper";function no(e){let{components:t,...n}=e;return(0,ce.kt)(to,(0,Q.Z)({},eo,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting"},"Podman Community Meeting"),(0,ce.kt)("h2",{id:"august-3-2021-1100-am-eastern-utc-4"},"August 3, 2021 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"attendees-22-total"},"Attendees (22 total)"),(0,ce.kt)("p",null,"Tom Sweeney, Brent Baude, Jhon Honce, Dan Walsh, Chris Evich, Urvashi Mohnani, Nalin Dahyabhai, Eduardo Santiago, Matt Heon, Ashley Cui, Paul Holzinger, Erik Bernoth, Charlie Doern, Chris Evich, Greg Shomo, Scott McCarty, Anders Bj\xf6rklund, Lokesh Mandvekar"),(0,ce.kt)("h2",{id:"meeting-start-1103-am"},"Meeting Start: 11:03 a.m."),(0,ce.kt)("h3",{id:"bluejeans-recording"},"BlueJeans ",(0,ce.kt)("a",{parentName:"h3",href:"https://bluejeans.com/s/KyZqj8gBg1E"},"Recording")),(0,ce.kt)("h2",{id:"general-announcements"},"General Announcements"),(0,ce.kt)("h3",{id:"tom-sweeney"},"Tom Sweeney"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Twitter Handles: ",(0,ce.kt)("a",{parentName:"li",href:"https://twitter.com/Podman_io"},"@Podman_io"),", ",(0,ce.kt)("a",{parentName:"li",href:"https://twitter.com/Buildah_io"},"@Buildah_io"))),(0,ce.kt)("h2",{id:"demo-podman-run---requires"},"Demo: ",(0,ce.kt)("inlineCode",{parentName:"h2"},"podman run --requires")),(0,ce.kt)("h3",{id:"matt-heon"},"Matt Heon"),(0,ce.kt)("h4",{id:"230-in-the-video"},"(2:30 in the video)"),(0,ce.kt)("p",null,"Demo (started at 2:40)"),(0,ce.kt)("p",null,"Containers can now start other related containers. This has been available prior, but now you can specify it yourself starting in Podman v3.3.0"),(0,ce.kt)("p",null,"Add requires flag to ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman run")," command and specify another container (test1) and it started that container when (test2) started."),(0,ce.kt)("p",null,"This only works for starting, it does not apply to stop. You can't rm one container without rm'ing the other."),(0,ce.kt)("p",null,"Asciinema of demo can be found at ",(0,ce.kt)("a",{parentName:"p",href:"https://asciinema.org/a/EBeup6xO8UDeGYYbPEYxxP3xN"},"here"),"."),(0,ce.kt)("h2",{id:"demo-podman-image-scp"},"Demo: ",(0,ce.kt)("inlineCode",{parentName:"h2"},"podman image scp")),(0,ce.kt)("h3",{id:"charlie-doern"},"Charlie Doern"),(0,ce.kt)("h4",{id:"657-in-the-video"},"(6:57 in the video)"),(0,ce.kt)("p",null,"Use scp within the ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman image")," command to copy the image to a remote machine. It can also be used to copy from a remote host to another remote host."),(0,ce.kt)("p",null,"Demo (started at 7:30)"),(0,ce.kt)("p",null,"Showed the scp in action to the machine fed."),(0,ce.kt)("p",null,"He then showed how to pull an image from a remote machine and loading it onto the local machine. It allows copying to or from. This can also work from remote to remote."),(0,ce.kt)("p",null,"Being able to copy from root to local is something that's not working now, but being worked."),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://asciinema.org/a/RuOweVQ7g4elLSyiPVS09uAxk"},"First asciinema demo")),(0,ce.kt)("p",null,"Charlie then showed how to use ssh like targets, and then showed an invalid connection."),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://asciinema.org/a/9pinVx16gUjlrdLN5ZEmoR6SZ"},"Second asciinema demo")),(0,ce.kt)("p",null,"The double colon is needed for parsing, the code knows you're not using a tag. Should help with the readablity too."),(0,ce.kt)("h2",{id:"rootless-docker-compose-status"},"Rootless Docker Compose Status"),(0,ce.kt)("h3",{id:"paul-holzinger"},"Paul Holzinger"),(0,ce.kt)("h4",{id:"1720-in-the-video"},"(17:20 in the video)"),(0,ce.kt)("p",null,"Paul showed a series of Docker Compose commands that created a wordpress window. When connecting to a port, a rootless used can not use port 80, so port 8080 had to be specified."),(0,ce.kt)("p",null,"Start and enable the podman user socket:\n",(0,ce.kt)("inlineCode",{parentName:"p"},"systemctl --user enable --now podman.socket")),(0,ce.kt)("p",null,"Export the ",(0,ce.kt)("inlineCode",{parentName:"p"},"DOCKER_HOST")," environment variable to make sure docker-compose connects to the right socket:\n",(0,ce.kt)("inlineCode",{parentName:"p"},"export DOCKER_HOST=unix://$XDG_RUNTIME_DIR/podman/podman.sock")),(0,ce.kt)("p",null,"Run docker-compose up in a directory with a docker-compose.yaml file.\nThe docker-compose.yaml file used in the video:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"version: '3.7'\nservices:\n db:\n image: mysql:8.0.19\n command: '--default-authentication-plugin=mysql_native_password'\n volumes:\n - db_data:/var/lib/mysql\n restart: always\n environment:\n - MYSQL_ROOT_PASSWORD=somewordpress\n - MYSQL_DATABASE=wordpress\n - MYSQL_USER=wordpress\n - MYSQL_PASSWORD=wordpress\n expose:\n - 3306\n - 33060\n wordpress:\n image: wordpress:latest\n ports:\n - 8080:80\n restart: always\n environment:\n - WORDPRESS_DB_HOST=db\n - WORDPRESS_DB_USER=wordpress\n - WORDPRESS_DB_PASSWORD=wordpress\n - WORDPRESS_DB_NAME=wordpress\nvolumes:\n db_data:\n")),(0,ce.kt)("p",null,"Make sure to use a port of 1024 or higher. Rootless users are not allowed to bind ports below 1024 by default. Now run ",(0,ce.kt)("inlineCode",{parentName:"p"},"docker-compose up -d"),"."),(0,ce.kt)("p",null,"To connect with curl to a running rootles container directly via ip, you need the ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman unshare --rootless-cni")," command and then it will work."),(0,ce.kt)("h2",{id:"demo-podman-secrets---env"},"Demo: ",(0,ce.kt)("inlineCode",{parentName:"h2"},"podman secrets --env")),(0,ce.kt)("h3",{id:"ashley-cui"},"Ashley Cui"),(0,ce.kt)("h4",{id:"2234-in-the-video"},"(22:34 in the video)"),(0,ce.kt)("p",null,"Demo (started at 22:40)"),(0,ce.kt)("p",null,"You can change uid, gid and mode of the secret. She created an envvar and then was able to use it. With the env option, you can get to the variable's value. It's created during creation time of the container. You can use the secret as an environment variable inside of the container. If you update the envar locally, it won't be shared."),(0,ce.kt)("p",null,"The secret won't be saved to the image, it is only in the container. The value of the environment variable is saved within the container when the container is created rather than when it ran."),(0,ce.kt)("h2",{id:"demos"},"Demos:"),(0,ce.kt)("h3",{id:"rootless-podman-with-rootless-overlay"},"Rootless Podman with rootless overlay"),(0,ce.kt)("h3",{id:"podman-run---group-add"},(0,ce.kt)("inlineCode",{parentName:"h3"},"podman run --group-add")),(0,ce.kt)("h3",{id:"podman-etchosts-hostcontainersinternal-support"},"podman /etc/hosts, host.containers.internal support"),(0,ce.kt)("h3",{id:"dan-walsh"},"Dan Walsh"),(0,ce.kt)("h4",{id:"2540-in-the-video"},"(25:40 in the video)"),(0,ce.kt)("p",null,"Demo (started at 25:57)"),(0,ce.kt)("h5",{id:"rootless-podman-with-rootless-overlay-1"},"Rootless podman with rootless overlay"),(0,ce.kt)("p",null,'Showed how to use overlay, which is helpful as fuse-overlayfs has a lot of overhead. This is a big "quiet" feature that people probably won\'t notice.'),(0,ce.kt)("h5",{id:"podman-run-group-add"},"podman run group-add"),(0,ce.kt)("p",null,"Issues arised with suplemental group ids. If you created a container and tried to look at a directory with these gids, you'd get an access error."),(0,ce.kt)("p",null,"How to share the content then? By default, containers drop all groups before you run them as a security precaution. When a rootless container is run, the groups are dropped for security reasons. Now you can add the groups you need with ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman run --group-add=keep-groups")," which copies the groups from the host into the container, but giving access only within the container."),(0,ce.kt)("h5",{id:"podman-etchosts-hostcontainersinternal-support-1"},"podman /etc/hosts, host.containers.internal support"),(0,ce.kt)("p",null,"A new flag, host.containers.internal, allows you to set up an entry in /etc/hosts that gives you the ip address of the host within the containers in the /etc/hosts file in the container."),(0,ce.kt)("h2",{id:"questions"},"Questions?"),(0,ce.kt)("h4",{id:"3510-in-the-video"},"(35:10) in the video)"),(0,ce.kt)("p",null,"No questions or topics. Tom asked Matt to talk about Podman v3.3."),(0,ce.kt)("p",null,"Podman v3.3 rc1 early release no release notes yet. Final realease in mid to late August. Main branch is now at Podman 4.0. Podman 4.0 to be out at in Fedora 35 at the earliest."),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("h2",{id:"next-meeting-tuesday-september-7-2021-1100-am-eastern-utc-4"},"Next Meeting: Tuesday September 7, 2021, 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"next-cabal-meeting-thursday-august-19-2021-1000-am-eastern-utc-4"},"Next Cabal Meeting: Thursday August 19, 2021, 10:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"meeting-end-1143-am-eastern-utc-4"},"Meeting End: 11:43 a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"bluejeans-chat-copypaste"},"BlueJeans Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Tom Sweeney 10:58\nWelcome! Please sign in on HackMD: https://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\n\nbaude 11:10 AM\n@mheon, does that work in pods?\n\nMatt Heon 11:14 AM\nYep. Works on any container, in or out of a pod\n\nGreg Shomo (NU) 11:42 AM\ngood to see everyeon && have a good one !\n\nErik Bernoth 11:58 AM\nI'm out, see you next time!\n\nLokesh Mandvekar 12:04 PM\nI gott bounce, later...\n")))}no.isMDXComponent=!0;const ao={},oo="Podman Community Cabal Notes",io=[{value:"October 21, 2021 11:00 a.m. Eastern",id:"october-21-2021-1100-am-eastern",level:2},{value:"October 21, 2021 Topics",id:"october-21-2021-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"Podman System Monitor for Mac ( 1:30 in video)",id:"podman-system-monitor-for-mac--130-in-video",level:3},{value:"Podman netavark - Brent Baude (18:15 in video)",id:"podman-netavark---brent-baude-1815-in-video",level:3},{value:"quadlet - Alex Larsson(25:41 in video)",id:"quadlet---alex-larsson2541-in-video",level:3},{value:"ARM Testing Thoughts - Urvashi/Preethi (40:31 in video)",id:"arm-testing-thoughts---urvashipreethi-4031-in-video",level:3},{value:"CI testing for Podman Docs if stored in a separate repo - Tom (42:37 in video)",id:"ci-testing-for-podman-docs-if-stored-in-a-separate-repo---tom-4237-in-video",level:3},{value:"Open discussion (49:26 in video)",id:"open-discussion-4926-in-video",level:4},{value:"Next Meeting: Thursday November 18, 2021 11:00 a.m. EDT (UTC-5)",id:"next-meeting-thursday-november-18-2021-1100-am-edt-utc-5",level:3},{value:"Possible Topics:",id:"possible-topics",level:3}],so={toc:io},ro="wrapper";function lo(e){let{components:t,...n}=e;return(0,ce.kt)(ro,(0,Q.Z)({},so,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-notes"},"Podman Community Cabal Notes"),(0,ce.kt)("p",null,"Attendees: Tom Sweeney, Matt Heon, Brent Baude, Ashley Cui, Alex Larsson, Preethi Thomas, Urvashi Mohnani, Marcin Skarbek, Eduardo Santiago, Giuseppe Scrivano, Nalin Dahyabhai, Paul Holzinger, Anders Bj\xf6rklund, Dan Mack, Dan Walsh, Holger Gantikow, Leon N, Marcin Skarbek, Mehul Arora, Max, Paul Holzinger."),(0,ce.kt)("h2",{id:"october-21-2021-1100-am-eastern"},"October 21, 2021 11:00 a.m. Eastern"),(0,ce.kt)("h2",{id:"october-21-2021-topics"},"October 21, 2021 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Netavark - Matt Heon and Brent Baude"),(0,ce.kt)("li",{parentName:"ol"},"Podman System Monitor for MAC - Ashley Cui and Brent Baude"),(0,ce.kt)("li",{parentName:"ol"},"quadlet - Alex Larsson"),(0,ce.kt)("li",{parentName:"ol"},"ARM Testing Thoughts - Preethi Thomas and Urvashi Mohnani"),(0,ce.kt)("li",{parentName:"ol"},"CI testing for Podman Docs if stored on a separate repo - Tom Sweeney")),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://drive.google.com/drive/folders/1pDCsZFj0yDobe4OxPqAzitECGL6O0KMY"},"Recording"),"\nMeeting start: 10:04 a.m. Thursday, October 21, 2021"),(0,ce.kt)("h3",{id:"podman-system-monitor-for-mac--130-in-video"},"Podman System Monitor for Mac ( 1:30 in video)"),(0,ce.kt)("p",null,"Ashley showed mockups of a number of possible screens for Mac GUI. She mocked up an update, and this is not decided upon yet. This will control the VM on the Mac that Podman runs in."),(0,ce.kt)("p",null,"She is thinking about having a link between this and the cockpit. This is just to manage the VM, not containers. The Gui would launch Cockpit in a browser, and then you could do container commands from the cockpit web interface."),(0,ce.kt)("p",null,"It will be built for Mac look/feel. Linux and Windows designs are still up in the air."),(0,ce.kt)("p",null,"Brent asked if anything was missing, no bites."),(0,ce.kt)("p",null,"There is not yet an ssh button, but it could be added."),(0,ce.kt)("p",null,"We've been talking about socket mapping from the VM into the host. She is leaning towards having an option to do so on start. A Boolean to leak a socket, and it would leak the default socket that Podman would define. A message would be sent to output noting the socket use."),(0,ce.kt)("p",null,"An issue currently with password passing is being worked on. Possibly create a link and then pass the password. Something like: ",(0,ce.kt)("a",{parentName:"p",href:"https://getcockpit.com/documentation/api/cockpit"},"https://getcockpit.com/documentation/api/cockpit"),". We are also looking into volume mount PRs."),(0,ce.kt)("h3",{id:"podman-netavark---brent-baude-1815-in-video"},"Podman netavark - Brent Baude (18:15 in video)"),(0,ce.kt)("p",null,"Rust implementation to replace CNI networking. A bunch of work was done, but not yet in Podman's GitHub. Looking at designing from the ground up to capture what was there, add user requests, and make it faster overall. About six weeks into development. In RUST ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/netavark"},"https://github.com/containers/netavark"),"."),(0,ce.kt)("p",null,"Will this handle VPN? No plans at present, a good thought, but currently focusing on basics. Working on firewall at the moment."),(0,ce.kt)("p",null,"passt (plug a simple socket transport) link for information from Marcin: ",(0,ce.kt)("a",{parentName:"p",href:"https://passt.top/passt/about/"},"https://passt.top/passt/about/")),(0,ce.kt)("p",null,"RUST being used for this, thoughts were binary size, speed, availability of libraries."),(0,ce.kt)("h3",{id:"quadlet---alex-larsson2541-in-video"},"quadlet - Alex Larsson(25:41 in video)"),(0,ce.kt)("p",null,"quadlet is a pun on kubelet. It's a systemd generator for things like fstab1. This has a customer systemd unit file. The project lives at: ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/quadlet/"},"https://github.com/containers/quadlet/")),(0,ce.kt)("p",null,"Demo: (26:28 in video)"),(0,ce.kt)("p",null,"Easier for a system administrator to maintain and use. Uses crun and split cgroup. It always has /dev/init, standardized names, integrates with sdnotify, journald, and various security setups."),(0,ce.kt)("p",null,"The code is a C project that is living here:"),(0,ce.kt)("p",null,"Can/should this be part of Podman? Dan thinks it could be a subproject of Podman that comes as part and parcel. There is podman-systemd-generate, which is great for advanced users; quadlet is suitable for users with less systemd experience."),(0,ce.kt)("p",null,"It's a way to specify how a system runs. Dan would like to see auto-updates happen in containers via quadlet."),(0,ce.kt)("p",null,"Blog post with more information: ",(0,ce.kt)("a",{parentName:"p",href:"https://blogs.gnome.org/alexl/2021/10/12/quadlet-an-easier-way-to-run-system-containers/"},"https://blogs.gnome.org/alexl/2021/10/12/quadlet-an-easier-way-to-run-system-containers/")),(0,ce.kt)("p",null,"A question on what could or could not be in the init file. So if you create a foo.container, it would create a foo.service for instance."),(0,ce.kt)("h3",{id:"arm-testing-thoughts---urvashipreethi-4031-in-video"},"ARM Testing Thoughts - Urvashi/Preethi (40:31 in video)"),(0,ce.kt)("p",null,"We're looking into testing for upstream for ARM, and we\u2019d like to do it when a PR is opened. We're looking for suggestions. Does anyone have pointers to this? Any experience in setting up ARM support for the CI? Cirrus which were' using now, only uses GCP, but ARM is not supported there."),(0,ce.kt)("h3",{id:"ci-testing-for-podman-docs-if-stored-in-a-separate-repo---tom-4237-in-video"},"CI testing for Podman Docs if stored in a separate repo - Tom (42:37 in video)"),(0,ce.kt)("p",null,"We are thinking about moving the Podman man pages to a new repo. This way to lessen the barrier of entry for folks who have small man page changes or are more doc focused and not heavy GitHub users. i.e. test requirements, signing requirements, git knowledge, etc."),(0,ce.kt)("p",null,"Dan's concern is if you have a new option, you'd break bot CI's on both projects unless you did the PR's simultaneously."),(0,ce.kt)("p",null,"Web UI might be used for the docs. But still, have a convention."),(0,ce.kt)("p",null,"Dan/Valentin against moving the man pages, as it would create more work for users."),(0,ce.kt)("p",null,"Signing might not be required for docs. Brent thought there was a way to avoid the DCO from the web browser as you were already signed in. I.e., auto-sign in if you were coming in from the web."),(0,ce.kt)("h4",{id:"open-discussion-4926-in-video"},"Open discussion (49:26 in video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},'Is there value in categorizing content in the blogs that have been posted? Would a Yahoo like categorization of "how-tos", networking, macs, container-in-container, etc. It would be nice to have a categorization of topics in links.')),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Would like to add a ZFS driver without having to rebuild Podman. Something that is pluggable. Docker has something like this now."))),(0,ce.kt)("h3",{id:"next-meeting-thursday-november-18-2021-1100-am-edt-utc-5"},"Next Meeting: Thursday November 18, 2021 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h3",{id:"possible-topics"},"Possible Topics:"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Podman.io redesign - Mairin")),(0,ce.kt)("p",null,"Raw BlueJeans:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},'Leon N\n9:53 AM\nHey Hi, Good Morning\nSorry No mic at my end\nYou\n10:00 AM\nPlease sign in at the Attendees section in hackmd, https://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nYou\n10:05 AM\nhackmd: https://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nAnders F Bj\xf6rklund\n10:11 AM\ndid you have a "ssh" button ?\nAnders F Bj\xf6rklund\n10:13 AM\notherwise the only fancy thing I added to the Qt PoC was showing the OS version of the VM\nAshley Cui\n10:14 AM\nAnders: Good idea! I think I can fit that in the currently running info\nLeon N\n10:20 AM\nIs there any API that could generate a one-time link or something?\nfor cockpit I mean\nAnders F Bj\xf6rklund\n10:20 AM\nsure thing, just at the office again\nwill find a room :-)\nLeon N\n10:21 AM\nSomething like https://getcockpit.com/documentation/api/cockpit\nAnders F Bj\xf6rklund\n10:22 AM\ndo you guys miss your shared cubicles\nnoice cancelling just go listen in\nBrent Baude\n10:22 AM\nhttps://github.com/containers/netavark\nMarcin Skarbek\n10:24 AM\nRegarding networking, I have found recently passta - https://passt.top/passt/about/\nMax \n10:24 AM\nany plans to include VPN stacks? Was recently asking about Wireguard on the mailing list\nMarcin Skarbek\n10:25 AM\nInteresting idea that looks promising\nMax \n10:26 AM\ncheers\nMarcin Skarbek\n10:26 AM\nWireguard at least at start\nWould be very appreciated\nAlexander Larsson\n10:27 AM\nAny particular reason for picking rust?\nBrent Baude\n10:27 AM\nbinary size, speed, availability of creates (libraries)\nMatt Heon\n10:27 AM\nAnd we wanted to :-)\nAnders F Bj\xf6rklund\n10:28 AM\nstand out from the container crowd ?\n(which seems to be mostly go)\nAlexander Larsson\n10:38 AM\nhttps://blogs.gnome.org/alexl/2021/10/12/quadlet-an-easier-way-to-run-system-containers/\nAnders F Bj\xf6rklund\n10:46 AM\nI earlier suggested Raspberry Pi (for ARM), bu t only works if you run it "on-prem" (on desk)\nLeon N\n10:50 AM\nI\'m not sure but is the team looking for something like this?\nhttps://developer.arm.com/solutions/infrastructure/developer-resources/ci-cd\n\nSome people do run those arm clusters too but yeah like Anders said its on-prem\nAnders F Bj\xf6rklund\n10:51 AM\nOtherwise we had lots of fun with Equnix Metal and the bare metal arm servers\nUrvashi Mohnani\n10:52 AM\nThanks, will take a look\nAlexander Larsson\n10:54 AM\nFlatpak got donated huge arm servers from cncf. Might want to ask them.\nMax \n10:54 AM\nwould be helpful\nMehul Arora\n10:54 AM\ndefinitely worth\nBrent Baude\n10:55 AM\n@tom ? -> https://github.com/scottrigby/dco-gh-ui\nAlexander Larsson\n10:56 AM\ngotta go\nMehul Arora\n10:56 AM\ndid anyone check the new theme i suggested for the docs?\noh so should i open a PR for that?\nokay yeah ill do that\nAnders F Bj\xf6rklund\n11:00 AM\nWould CSI be an option ?\nMarcin Skarbek\n11:00 AM\nok\nDan Mack\n11:00 AM\nthanks all\nieq-pxhy-jbh\n')))}lo.isMDXComponent=!0;const ho={},uo="Podman Community Cabal Meeting Notes",mo=[{value:"January 20, 2022 11:00 a.m. Eastern",id:"january-20-2022-1100-am-eastern",level:2},{value:"January 20, 2022 Topics",id:"january-20-2022-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"Volume Storage on a Mac (1:15 in video) - Brent/Ashley",id:"volume-storage-on-a-mac-115-in-video---brentashley",level:3},{value:"New Network Rollout (13:01 in video) - Paul/Matt",id:"new-network-rollout-1301-in-video---paulmatt",level:3},{value:"Podman v4.0 Rollout (32:52 in video) - Matt/Brent",id:"podman-v40-rollout-3252-in-video---mattbrent",level:3},{value:"Podman TUI (https://github.com/navidys/podman-tui) (38:11 in video) - Navid",id:"podman-tui-httpsgithubcomnavidyspodman-tui-3811-in-video---navid",level:3},{value:"Open discussion (44:57 in video)",id:"open-discussion-4457-in-video",level:4},{value:"Next Meeting: Thursday February 17, 2022 11:00 a.m. EDT (UTC-5)",id:"next-meeting-thursday-february-17-2022-1100-am-edt-utc-5",level:3},{value:"Possible Topics:",id:"possible-topics",level:3}],co={toc:mo},po="wrapper";function go(e){let{components:t,...n}=e;return(0,ce.kt)(po,(0,Q.Z)({},co,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("p",null,"Attendees: Tom Sweeney, Aditya Rajan, Matt Heon, Brent Baude, Ashley Cui, Chris Evich, Christian Felder, Urvashi Mohnani, Eduardo Santiago, Giuseppe Scrivano, Nalin Dahyabhai, Paul Holzinger, Anders Bj\xf6rklund, Dan Walsh, Valentin Rothberg, Jhon Honce, Chris Evich, Miloslav Trmac, Reinhard Tarter, Eric Van Norman, Castedo Ellerman, Charlie Doern, Urvashi Mohnani, Lokesh Mandvekar, Navid Yaghoobi, Marcin Skarbek"),(0,ce.kt)("h2",{id:"january-20-2022-1100-am-eastern"},"January 20, 2022 11:00 a.m. Eastern"),(0,ce.kt)("h2",{id:"january-20-2022-topics"},"January 20, 2022 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Volume Storage on a Mac - Brent/Ashley"),(0,ce.kt)("li",{parentName:"ol"},"New Network Rollout - Paul/Matt"),(0,ce.kt)("li",{parentName:"ol"},"Podman v4.0 Rollout - Matt/Brent"),(0,ce.kt)("li",{parentName:"ol"},"Podman TUI (",(0,ce.kt)("a",{parentName:"li",href:"https://github.com/navidys/podman-tui"},"https://github.com/navidys/podman-tui"),") - Navid")),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://www.youtube.com/watch?v=bwhDnwYyiJY&t=2729s"},"Recording")),(0,ce.kt)("p",null,"Meeting start 11:02 a.m. Thursday January 20, 2022"),(0,ce.kt)("h3",{id:"volume-storage-on-a-mac-115-in-video---brentashley"},"Volume Storage on a Mac (1:15 in video) - Brent/Ashley"),(0,ce.kt)("p",null,"Just a chat on how to handle storage for the Mac, especially since Anders is present. Docker has an advantage due ot the daemon to be able to handle the volumes. When containers closes, the daemon can umount if necessary."),(0,ce.kt)("p",null,"Asking for opinions on the direction we should take here."),(0,ce.kt)("p",null,"Compared to Docker machine to Podman, VM mounts are totally unrelated to container mounts in Docker machine. VM mounts stays for an entire session, not umounted when the container goes away. Problems trying to mount high level directories such as ",(0,ce.kt)("inlineCode",{parentName:"p"},"/")," or ",(0,ce.kt)("inlineCode",{parentName:"p"},"/tmp"),"."),(0,ce.kt)("p",null,"Note: currently mounts are defined when machine is ",(0,ce.kt)("em",{parentName:"p"},"created")," (not started), so needs to be deleted to change mounts"),(0,ce.kt)("p",null,"In podman machine, we use the user core, so you don't get into trouble unless there's a user \"core\" on the host. We could then just set the root of the container to the homedir of the user on the VM."),(0,ce.kt)("p",null,"Have to make sure the volume provided is not outside of the home dir."),(0,ce.kt)("p",null,"We need to chase this down further, and the thought is to support mounting from homedir only."),(0,ce.kt)("p",null,"Some previous discussions in ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/issues/8016"},"https://github.com/containers/podman/issues/8016")),(0,ce.kt)("p",null,"The virtfs implementation was in ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/pull/11454"},"https://github.com/containers/podman/pull/11454")),(0,ce.kt)("h3",{id:"new-network-rollout-1301-in-video---paulmatt"},"New Network Rollout (13:01 in video) - Paul/Matt"),(0,ce.kt)("p",null,"Lots of chatter on IRC about netavark and aardvark. It\u2019s the new network stack that's being put together for Podman v4.0. It will replace the CNI plugins."),(0,ce.kt)("p",null,"This will allow more complex networks, as has been requested in the past. This new stack will do what CNI currently does, plus the requested functionality. It's called netavark and is written in rust. It works like the current network stack as far as the user sees. It's working well for CNI but is missing DHCP on mac VLAN. IPv6 is better than the prior offering and is faster. Believe we can optimize further. DNS resolution is handled by aardvark and replaces DNS mask and DNS name."),(0,ce.kt)("p",null,"Many of the use cases that could not be done in Podman in the past but in Docker will be enabled. If you're running Podman v3.","*"," and you upgrade to Podman v4.0, your network will be CNI by default. If you're running a Podman v4.0 and no storage is around, then it will default to netavark. An entry in containers.conf will be settable to allow choosing between CNI and netavark."),(0,ce.kt)("p",null,"DNS resolution has not been used by default in CNI but will be turned on for netavark."),(0,ce.kt)("p",null,"Reinhard asked from a packager\u2019s perspective, what considerations do they need to take into account? We tried to set the network stack up such that nothing should be required for packaging. You will have to package netavark and aardvark, but you shouldn't need any configuration manipulation."),(0,ce.kt)("p",null,"There are database changes such that if you create a container in Podman v4.0, it won't be usable in Podman v3.0 space. The database is internal to Podman."),(0,ce.kt)("p",null,"Also there's a subid tag in the Makefile that should be turned on for Podman v3.0. It brings in libsubuid via shadow-utils."),(0,ce.kt)("p",null,"Also, it is suggested to use ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman --remote")," instead of ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman-remote"),"."),(0,ce.kt)("p",null,"For those interested in the network, please test! Reach out and talk to the Podman maintainers. Please used Podman v4.0 RC2 and later."),(0,ce.kt)("h3",{id:"podman-v40-rollout-3252-in-video---mattbrent"},"Podman v4.0 Rollout (32:52 in video) - Matt/Brent"),(0,ce.kt)("p",null,"Database changes and network changes. A number of API changes that will break things."),(0,ce.kt)("p",null,"THe API has been migrated. The more interesting things is doing things on a Mac. Podman v3.0 will not work with Podman v4.0 and vice versa. Podman v4.0 is sloted for Fedora 36, due in May (Dan thinks). We don't have forward/backward compatibility."),(0,ce.kt)("p",null,"RHCOS will have Fedora 35, but with Podman v4.0 not included. We are working with the RHCOS team to smooth this out."),(0,ce.kt)("p",null,"There have been 459 commits into Podman v4.0, about twice as many as Podman v3.4. Lots of changes, we'd love to get people trying it earlier before final release."),(0,ce.kt)("h3",{id:"podman-tui-httpsgithubcomnavidyspodman-tui-3811-in-video---navid"},"Podman TUI (",(0,ce.kt)("a",{parentName:"h3",href:"https://github.com/navidys/podman-tui"},"https://github.com/navidys/podman-tui"),") (38:11 in video) - Navid"),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://github.com/navidys/podman-tui"},"https://github.com/navidys/podman-tui")),(0,ce.kt)("p",null,"Terminal User Interface for Podman."),(0,ce.kt)("p",null,"Demo - (38:40 in video)\nNavid gave a demo showing pods, containers, images. Many of the commands are available to use. Can't exec into a container yet. Uses the Go bindings from Podman. Shows events, disk usage."),(0,ce.kt)("p",null,"It's 100% Go."),(0,ce.kt)("h4",{id:"open-discussion-4457-in-video"},"Open discussion (44:57 in video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Castedo writing a guide on ",(0,ce.kt)("a",{parentName:"li",href:"https://cnest.readthedocs.org"},"cnest.readthedocs.org"),". He's put together scripts and explanation on how to use Podman. Aimed at new to Podman/containers folks. Part of his work was to look at Toolbox, but looked for a simpler solution by using just Buildah and Podman with a little glue. He's packaged this up. Wonders if for his intial work, if it makes sense to have a Toolbox type tool or guides that are aimed at first-time users.")),(0,ce.kt)("p",null,"He wanted to share only a bit of his directory in his containers and worked through things like that."),(0,ce.kt)("p",null,"The rootless offering was very useful in his case, and he did virtual python environments in a rootless container."),(0,ce.kt)("ol",{start:2},(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Anders asked if podman compose is compatible. It's a separate project from Podman run by others, but the Podman maintainers monitor it. Podman compose doesn't use the API but execs Podman under the covers. The podman compose project has revived over the past six months in popularity after looking like it was dead over the summer.")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Will Podman v3.0 be removed from distros once Podman v4.0 comes out? That's a distro decision. In Debian Podman, v3 and v4 will not be coinstallable. They could choose to install older versions on their own, but the stable versions of Debian will have their specific version. Branches on Podman with a ",(0,ce.kt)("inlineCode",{parentName:"p"},"-rhel")," ending tag are backports for older versions. Usable for long-term support of older versions. RHEL even releases such as RHEL 8.6 are supported for two years."))),(0,ce.kt)("h3",{id:"next-meeting-thursday-february-17-2022-1100-am-edt-utc-5"},"Next Meeting: Thursday February 17, 2022 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h3",{id:"possible-topics"},"Possible Topics:"),(0,ce.kt)("p",null,"None suggested."),(0,ce.kt)("p",null,"Meeting finished 12:02"),(0,ce.kt)("p",null,"Raw Meeting Chat:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},'You10:59 AM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nReinhard Tartler11:00 AM\nthanks for adding me!\nYou11:01 AM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nYou11:03 AM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nReinhard Tartler11:04 AM\nthanks for thinking of me, nothing from me, I\'m most intereted in the podman 4.0 rollout from a packager\'s perspective\nLokesh Mandvekar11:09 AM\nHello Reinhard, fwiw, I plan to not build 4.0 on the Kubic repos, just in case 4.0 takes a while to land on debian and ubuntu\nChristopher Evich11:10 AM\nremember aardvark and netavark too\nLokesh Mandvekar11:10 AM\nalso, would be nice to look at debian packaging for: https://github.com/containers/netavark and https://github.com/containers/aardvark-dns\nyup\nValentin Rothberg11:10 AM\nWho\'s rejecting the user from entering?\nChristopher Evich11:11 AM\nthose of us trying to chat :(\nLokesh Mandvekar11:11 AM\nreally?\nchatting interferes with letting the user in?\nChristopher Evich11:11 AM\n picks default "deny" choice :(\nLokesh Mandvekar11:11 AM\nthat\'s weird\nValentin Rothberg11:11 AM\nPlease be careful to click on "admit" :)\nYou11:11 AM\nI think keyboard focus timimg\nLokesh Mandvekar11:11 AM\nohh\nChristopher Evich11:11 AM\nbad GUI design\nYou11:12 AM\nMarcin, sorry about the rejects, we\'d some gmeet gui issues.\nChristian F11:14 AM\ncan\'t you mount on the VM in below a well-defined path. /home e.g. ends up with /podman-mounts/home ?\nAnders F Bj\xf6rklund11:20 AM\nit is possible to mount host /home under /mnt/home or something, think docker-machine used like /hosthome.\nbut normally host uses /Users and machine uses /home, so then there is no conflict\nChristian F11:22 AM\nconsidering DHCP on Macvlan: it would be nice if the systemd unit file for the CNI DHCP daemon would be shipped with podman (may disabled by default, but a systemctl enable --now should be enough)\nBrent Baude11:30 AM\n@Christian, this IS something we are considering. And also of note, the CNI packages will not change.\nReinhard Tartler11:31 AM\nit was requested here: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1000521 -- happy to close it :-)\nValentin Rothberg11:31 AM\n`podman --remote`\nJhon Honce11:32 AM\npodman-remote is a smaller binary if that is a concern\nAnders F Bj\xf6rklund11:33 AM\nthe documentation in minikube and lima currently use "podman-remote", but then again it also uses podman2 so is lost anyway\nI guess podman4 will delete the podman3 packages, so same story again\nAnders F Bj\xf6rklund11:39 AM\nmaybe it would be easier to always run podman --remote, also on mac. oh well.\nBrent Baude11:42 AM\ncolor me impressed!\n@anders, it wont build\nAnders F Bj\xf6rklund11:43 AM\nI guess that would actually be "podman-remote --remote" that is run on the Mac\nAditya Rajan11:44 AM\n@Navid So cool !!! Could you share repo link plz\nEd Santiago11:44 AM\nVery impressive indeed\nChristian F11:45 AM\n:+1:\nBrent Baude11:47 AM\ncould adi,paul, and matt stick behind\nE. Castedo Ellerman11:53 AM\ncnest.readthedocs.org\nNavid Yaghoobi11:53 AM\nhttps://github.com/navidys/podman-tui\nValentin Rothberg11:59 AM\n-rhel suffixed branches\nChristian F12:00 PM\nwill there be different module streams in RHEL for podman 3 vs 4?\nMatt Heon12:03 PM\nYes\nWell\nieq-pxhy-jbh\n')))}go.isMDXComponent=!0;const yo={},ko="Podman Community Cabal Meeting Notes",wo=[{value:"April 21, 2022 11:00 a.m. Eastern",id:"april-21-2022-1100-am-eastern",level:2},{value:"April 21, 2022 Topics",id:"april-21-2022-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"Podman Contribution Methods Discussion - (1:00 in video) - Brent Baude",id:"podman-contribution-methods-discussion---100-in-video---brent-baude",level:3},{value:"Open discussion (53:37 in video)",id:"open-discussion-5337-in-video",level:4},{value:"Next Meeting: Thursday May 16, 2022 11:00 a.m. EDT (UTC-5)",id:"next-meeting-thursday-may-16-2022-1100-am-edt-utc-5",level:3},{value:"Next Community Meeting: Tuesday June 7, 2022 11:00 a.m. EDT (UTC-5)",id:"next-community-meeting-tuesday-june-7-2022-1100-am-edt-utc-5",level:3},{value:"Possible Topics:",id:"possible-topics",level:3}],fo={toc:wo},bo="wrapper";function vo(e){let{components:t,...n}=e;return(0,ce.kt)(bo,(0,Q.Z)({},fo,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("p",null,"Attendees: Tom Sweeney, Aditya Rajan, Matt Heon, Brent Baude, Ashley Cui, Chris Evich, Giuseppe Scrivano, Nalin Dahyabhai, Paul Holzinger, Anders Bj\xf6rklund, Dan Walsh, Valentin Rothberg, Jhon Honce, Miloslav Trma\u010d, Charlie Doern, Lokesh Mandvekar, Eduardo Santiago, Mohan Boddu, Chris Evich, Flavian Missi, Niall Crowe, Preethi Thomas, Anders Bjorklund, Lance Lovette, Scott McCarty"),(0,ce.kt)("h2",{id:"april-21-2022-1100-am-eastern"},"April 21, 2022 11:00 a.m. Eastern"),(0,ce.kt)("h2",{id:"april-21-2022-topics"},"April 21, 2022 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Podman Contribution Methods Discussion - Brent Baude - (1:00 in video)")),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://youtu.be/DP3FAGWn48s"},"Recording")),(0,ce.kt)("p",null,"Meeting start 11:02 a.m. Thursday April 21, 2022"),(0,ce.kt)("h3",{id:"podman-contribution-methods-discussion---100-in-video---brent-baude"},"Podman Contribution Methods Discussion - (1:00 in video) - Brent Baude"),(0,ce.kt)("p",null,"Brent talked about the number of hours that the maintainers have been grinding out lately. He's concerned that the maintainers aren't keeping up with the Pull Requests that are coming in from internal to Red Hat and, more so, externally."),(0,ce.kt)("p",null,"For instance, we have not been timely in reviewing Anders code as of late. Brent is asking for input from people for any potential solutions."),(0,ce.kt)("p",null,"Matt doesn't want to completely remove the Code Review process; he wants to ensure maintenance will be as painless as possible. He thinks a core set of maintainers should review code before merging. He thinks that perhaps we could use lint to help. He recognizes there's a problem but wants to limit how easy it is to get stuff in."),(0,ce.kt)("p",null,"We seem to have a cycle where maintainers lose sight of the need to stay on top of it until nudged. The problem has become due to the expansion of the size and complexity of the project, making it harder to know everything easily."),(0,ce.kt)("p",null,"Valentin thinks there are two goals. Make merges easier and also to expand the number of maintainers. In other projects, they leave more work to the contributors by using bots to bounce PRs if they don't have a pass a lint process per instance."),(0,ce.kt)("p",null,"Valentin thinks that we're doing pretty good in comparison to other-sized projects. Time is becoming an issue in some of our projects, such as ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/image"},"containers/image")," where PRs are lagging due to a lack of maintainers/review."),(0,ce.kt)("p",null,"Miloslav has seen other projects assign particular reviewers to a review and doesn't know if that's something Podman could do. Dan thinks we couldn't do that via a bot, but perhaps we could use a process as the Linux kernel does."),(0,ce.kt)("p",null,"Chris pointed out that an advantage of the kernel is it's modular, and Podman is becoming monolithic. Perhaps we can break it out into pieces. That would also be useful in developing unit tests."),(0,ce.kt)("p",null,"Matt has asked others to help with the Triage of issues, and since then, he has found that Valentin and Paul have kept that down quickly."),(0,ce.kt)("p",null,"Valentin wonders if we're not getting to issues promptly or, for that matter, PRs."),(0,ce.kt)("p",null,"Matt thinks we're falling off the radar for issues. If an issue will take a long time to fix, it gets shuffled off. Ditto PRs that are 500 lines or more. People have a hard time getting to it, then it slips off the queue."),(0,ce.kt)("p",null,"Mohan wonders if we can ask contributors to add tags to help with initial triaging."),(0,ce.kt)("p",null,"We have two classes of issues with PR. Some are done by developers, and others are a fix for a quick typo and then get hung up on CI. They tend not to undertake it."),(0,ce.kt)("p",null,"Anders said in another ",(0,ce.kt)("a",{parentName:"p",href:"https://minikube.sigs.k8s.io/community/"},"project")," they have weekly triage meetings where they use a ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/google/triage-party"},"tool")," to classify issues. But there too, after being classified, it doesn't seem to help get it solved faster."),(0,ce.kt)("p",null,"Study - 26\nBrent showed an ",(0,ce.kt)("a",{parentName:"p",href:"https://linearb.io/blog/the-pull-request-paradox-merge-faster-by-promoting-your-pr/"},"article")," on Pull requests. It showed that 50% of PRs were idle for 50% of their lifetime, and 33% were idle for 78% of their lifetime. The issue gets compounded when a rebase is necessary."),(0,ce.kt)("p",null,"Valentin points out that code review is as much of an art as writing code. Perhaps we can get faster reviewing things."),(0,ce.kt)("p",null,"Flavian has asked what the problems are that we face when getting through the backlog."),(0,ce.kt)("p",null,"Brent thinks the team could work on more feature work. Also, to spend more time on PRs for issues, but we're falling behind. When we have a new feature such as podman machine, a few people attend to that, and they stay away from other PRs."),(0,ce.kt)("p",null,"A number of PRs which are perfectly good to go, but they don't get reviewed due to time, and the contributors are less than happy with that."),(0,ce.kt)("p",null,"Brent also thinks we often create PRs that grow larger and larger rather than be done in building blocks."),(0,ce.kt)("p",null,"Dan thinks we've two problems. Handling issues. We address that by having a bug week when we get above 200 in number on GitHub. Even with the whole team on board, we're lucky to get it down into the 180 mark. A bit of a treadmill."),(0,ce.kt)("p",null,"The other side is when someone opens a PR, then people looking at issues often don't break off to look at the PRs that have come in."),(0,ce.kt)("p",null,"Chris noted that 45 minutes is the sweet spot for the CI completion to wrap up in. A recent review by a group of college students noted the heaviness of the CI process for contributors as being a bad mark. FOr instance, if you have a misplaced semi-colon, it can take hours to get notified. Unit tests run faster than integration tests, and system tests are faster than them. It would be good if the CI could focus on unit tests and then continue to integration tests only if the unit tests are happy. Ditto system tests."),(0,ce.kt)("p",null,"Jhon pointed out that once we spin-off to a cloud system for CI, you're really not doing a unit test per se. He also briefly talked about mock tests, and Miloslav noted that they're not always the ",(0,ce.kt)("a",{parentName:"p",href:"https://www.destroyallsoftware.com/screencasts/catalog/functional-core-imperative-shell"},"answer"),"."),(0,ce.kt)("p",null,"Chris thinks the CI we have will take a lot of effort to make faster without a lot of retooling other stuff."),(0,ce.kt)("p",null,"Anders asked if we run on VMs or containers, and we run on VMs, not really eating our own dog food. He thinks it would be more interesting to run at least some unit tests in containers."),(0,ce.kt)("p",null,"Valentin noted that code coverage only handles unit tests. He thinks it would be great to have CI revamped, but we'll need more meetings to do so."),(0,ce.kt)("p",null,'Urvashi thinks we need to come to a consensus on "How to code review.".'),(0,ce.kt)("p",null,"Brent doesn't like to have code design debates within the PR and would like to see more peer-to-peer reviews and/or mentoring reviews."),(0,ce.kt)("p",null,"Brent asked that everyone read the article he put together and would like people to come back and think about potential changes. Essentially, he just wants to have everyone on board in thinking there's a problem."),(0,ce.kt)("p",null,"Articles:\n",(0,ce.kt)("a",{parentName:"p",href:"https://linearb.io/blog/the-pull-request-paradox-merge-faster-by-promoting-your-pr/"},"https://linearb.io/blog/the-pull-request-paradox-merge-faster-by-promoting-your-pr/"),"\n",(0,ce.kt)("a",{parentName:"p",href:"https://www.destroyallsoftware.com/screencasts/catalog/functional-core-imperative-shell"},"https://www.destroyallsoftware.com/screencasts/catalog/functional-core-imperative-shell"),"\n",(0,ce.kt)("a",{parentName:"p",href:"https://www.pullrequest.com/blog/why-your-team-isnt-reviewing-pull-requests/"},"https://www.pullrequest.com/blog/why-your-team-isnt-reviewing-pull-requests/"),"\n",(0,ce.kt)("a",{parentName:"p",href:"https://www.morling.dev/blog/the-code-review-pyramid/"},"https://www.morling.dev/blog/the-code-review-pyramid/")),(0,ce.kt)("h4",{id:"open-discussion-5337-in-video"},"Open discussion (53:37 in video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Brent has created a 4.0.3 FCOS image in hand that he'd like people to try on the mac."),(0,ce.kt)("li",{parentName:"ol"},"Podman 4.1 RC should be released later today.")),(0,ce.kt)("h3",{id:"next-meeting-thursday-may-16-2022-1100-am-edt-utc-5"},"Next Meeting: Thursday May 16, 2022 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h3",{id:"next-community-meeting-tuesday-june-7-2022-1100-am-edt-utc-5"},"Next Community Meeting: Tuesday June 7, 2022 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h3",{id:"possible-topics"},"Possible Topics:"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"None")),(0,ce.kt)("p",null,"Meeting finished 11:58 a.m."),(0,ce.kt)("p",null,"Raw Meeting Chat:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"You11:00 AM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nYou11:01 AM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nYou11:05 AM\nUrvashi, can you send me a link to the doc in email plz?\nPreethi Thomas11:05 AM\nTom its both in the email and in gchat\nUrvashi Mohnani11:06 AM\nyup, sent it to aos-internal and its in our gchat room as well\nYou11:27 AM\nTY! UM\nFlavian Missi11:27 AM\nmaybe https://github.com/google/triage-party ?\nUrvashi Mohnani11:28 AM\nhttps://linearb.io/blog/the-pull-request-paradox-merge-faster-by-promoting-your-pr/\nlink to the article ^^\nAnders F Bj\xf6rklund11:29 AM\nRight, that is the tool\nhttps://minikube.sigs.k8s.io/community/\nYou11:32 AM\nAnders and Flavian, thx for the links, I've added them to the notes.\nMiloslav Trmac11:42 AM\n/me is on the anti-mocking side:\nhttps://www.destroyallsoftware.com/screencasts/catalog/functional-core-imperative-shell\n(CRI-O has mocks of c/storage and Podman and IMHO it\u2019s a _nightmare_, e.g. in some cases not testing the right code at all.)\nMiloslav Trmac11:46 AM\nAre there some easy wins like making the current \u201cmust include tests\u201d bot nudge users towards unit tests and discourage adding another shell script to system tests?\nPreethi Thomas11:47 AM\nhttps://www.pullrequest.com/blog/why-your-team-isnt-reviewing-pull-requests/\nBrent Baude11:48 AM\none thing our development tooling/environment needs is the ability to run the e2e tests locally but isolated ... hint: make locale2e-vagrant ...\nMatt Heon11:48 AM\nI think the no-new-tests-needed check might actually fail a PR if it only had unit tests\nIt checks the tests/ folder AFAIK\nUnit tests don't live in there\nPaul Holzinger11:48 AM\n@Matt no it also checks for _test.go\nValentin Rothberg11:50 AM\nHere's a link to the reviewing pyramid -> https://www.morling.dev/blog/the-code-review-pyramid/\nieq-pxhy-jbh\n")))}vo.isMDXComponent=!0;const Mo={},Io="Podman Community Cabal Meeting Notes",Ao=[{value:"September 15, 2022 11:00 a.m. Eastern",id:"september-15-2022-1100-am-eastern",level:2},{value:"September 15, 2022 Topics",id:"september-15-2022-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"Quadlet/Kubernetes yaml support - (0:50 in video) - Valentin Rothberg",id:"quadletkubernetes-yaml-support---050-in-video---valentin-rothberg",level:3},{value:"ZSTD Support - (18:29 in video) Dan Walsh",id:"zstd-support---1829-in-video-dan-walsh",level:3},{value:"Confidential Computing - (27:05 in video) Dan Walsh",id:"confidential-computing---2705-in-video-dan-walsh",level:3},{value:"Landlock Support - (31:13 in video) Dan Walsh",id:"landlock-support---3113-in-video-dan-walsh",level:3},{value:"Podman desktop packaging - (35:52 in video) Lokesh Mandvekar",id:"podman-desktop-packaging---3552-in-video-lokesh-mandvekar",level:3},{value:"Podman kube apply - (49:42 in video) Urvashi Mohnani",id:"podman-kube-apply---4942-in-video-urvashi-mohnani",level:3},{value:"Open discussion (58:21 in video)",id:"open-discussion-5821-in-video",level:4},{value:"Next Meeting: Thursday October 20, 2022 11:00 a.m. EDT (UTC-4)",id:"next-meeting-thursday-october-20-2022-1100-am-edt-utc-4",level:3},{value:"October 20, 2022 Topics",id:"october-20-2022-topics",level:2},{value:"Next Community Meeting: Tuesday October 4, 2022 11:00 a.m. EDT (UTC-4)",id:"next-community-meeting-tuesday-october-4-2022-1100-am-edt-utc-4",level:3},{value:"Possible Topics:",id:"possible-topics",level:3}],To={toc:Ao},So="wrapper";function Co(e){let{components:t,...n}=e;return(0,ce.kt)(So,(0,Q.Z)({},To,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("p",null,"Attendees: Matt Heon, Nalin Dahyabhai, Paul Holzinger, Charlie Doern, Lokesh Mandvekar, Niall Crowe, Dan Walsh, Valentin Rothberg, Miloslav Trmac, Mohan Bodu, Eduardo Santiago, Giuseppe Scrivano, Chris Evich, Aditya Rajan, Urvashi Mohnani, Preethi Thomas, Ashley Cui, Joseph Gooch, Reinhard Tartler, Sally O'Malley, Stevan Le Meur, Anders Bj\xf6rklund"),(0,ce.kt)("h2",{id:"september-15-2022-1100-am-eastern"},"September 15, 2022 11:00 a.m. Eastern"),(0,ce.kt)("h2",{id:"september-15-2022-topics"},"September 15, 2022 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Quadlet/Kubernetes.YAML support - Valentin Rothberg"),(0,ce.kt)("li",{parentName:"ol"},"ZSTD support update - Dan Walsh"),(0,ce.kt)("li",{parentName:"ol"},"Confidential Computing with Podman/crun/libkrun - Dan Walsh"),(0,ce.kt)("li",{parentName:"ol"},"Landlock support - Dan Walsh"),(0,ce.kt)("li",{parentName:"ol"},"Packaging for podman-desktop - Lokesh Mandvekar"),(0,ce.kt)("li",{parentName:"ol"},"Overview of kube apply - Urvashi Mohnani")),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://youtu.be/mAUUGASnmIk"},"Recording")),(0,ce.kt)("p",null,"Meeting start 11:02 a.m. Thursday October 4, 2022"),(0,ce.kt)("h3",{id:"quadletkubernetes-yaml-support---050-in-video---valentin-rothberg"},"Quadlet/Kubernetes yaml support - (0:50 in video) - Valentin Rothberg"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Boils down to podman systemd integration"),(0,ce.kt)("li",{parentName:"ul"},"Recently married systemd and kubenetes integration we have",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"escaping via systemd-escape and a yaml file"),(0,ce.kt)("li",{parentName:"ul"},"can give simple k8s yaml files to systemd"))),(0,ce.kt)("li",{parentName:"ul"},"quadlet is good for edge use cases, automotive",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"reallign quadlet with podman"),(0,ce.kt)("li",{parentName:"ul"},"future would be to move to a podman generate quadlet workflow instead of generate systemd")))),(0,ce.kt)("h3",{id:"zstd-support---1829-in-video-dan-walsh"},"ZSTD Support - (18:29 in video) Dan Walsh"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"We have support for this, can be specified in oci what compresion standard to use"),(0,ce.kt)("li",{parentName:"ul"},"everyone uses gzip, but zstd gives better compression"),(0,ce.kt)("li",{parentName:"ul"},"when only one file in an image has changed, when you go to pull the update it pulls down the whole image even thoug only one thing has changed"),(0,ce.kt)("li",{parentName:"ul"},"we have added support to podman to determine what has changed and only pull down those changes and not the whole image"),(0,ce.kt)("li",{parentName:"ul"},"have opened PRs to containerd and docker to support zstd format, they have bene merged but there is no official release"),(0,ce.kt)("li",{parentName:"ul"},"older versions of docker will be unhappy with the newer version of compression if we start pushing this everywhere"),(0,ce.kt)("li",{parentName:"ul"},"stuck in a state trying to figure out how we support older version of docker"),(0,ce.kt)("li",{parentName:"ul"},"suggestion is to push both versions, gzip and zstd, to the registry and they can be stored under the same name and manifest. But add an annotation/label to the image to identify which compression is used in the image",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"penalty will be pushing two images instead of just one to support both formats"),(0,ce.kt)("li",{parentName:"ul"},"if you know your environment will work with zstd no need to push both versions"),(0,ce.kt)("li",{parentName:"ul"},"for older container engines, recommendation would be to push with both formats"))),(0,ce.kt)("li",{parentName:"ul"},"proposal that is being worked on and we are making sure it works correctly"),(0,ce.kt)("li",{parentName:"ul"},"What is the endgame",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"when enough people are no longer on the older container engines we can push for zstd only (may take about 2 years to switch the standard to ZSTD)")))),(0,ce.kt)("h3",{id:"confidential-computing---2705-in-video-dan-walsh"},"Confidential Computing - (27:05 in video) Dan Walsh"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Needs to compress and encrypt the application"),(0,ce.kt)("li",{parentName:"ul"},"Encrypt the image and push it, but the image should have the same name"),(0,ce.kt)("li",{parentName:"ul"},"When you want to run the image in confidential mode, need to make sure you pull down the confidential image",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"the image manifest will differentiate which one is confidential and which is not"))),(0,ce.kt)("li",{parentName:"ul"},"Still debating what exactly this should be but will have an article out on this soon")),(0,ce.kt)("h3",{id:"landlock-support---3113-in-video-dan-walsh"},"Landlock Support - (31:13 in video) Dan Walsh"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"New security mechanism in the linux kernel"),(0,ce.kt)("li",{parentName:"ul"},"it allows you to specifiy certain paths to an application in such a way that only those paths are allowed to use the app"),(0,ce.kt)("li",{parentName:"ul"},"for example allows podman to say I am only going to write to /var/lib/containers and if it tries to write to any other location it will be blocked"),(0,ce.kt)("li",{parentName:"ul"},"want to use this to protect podman from itself"),(0,ce.kt)("li",{parentName:"ul"},"currently looking into it and researching what needs to be done"),(0,ce.kt)("li",{parentName:"ul"},"There is a PR open for getting this into the runtime spec",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("a",{parentName:"li",href:"https://github.com/opencontainers/runtime-spec/pull/1111"},"https://github.com/opencontainers/runtime-spec/pull/1111")))),(0,ce.kt)("li",{parentName:"ul"},"Will landlock work well with volumes? How difficult will it be to use landlock for container control?")),(0,ce.kt)("h3",{id:"podman-desktop-packaging---3552-in-video-lokesh-mandvekar"},"Podman desktop packaging - (35:52 in video) Lokesh Mandvekar"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Background reading: ",(0,ce.kt)("a",{parentName:"li",href:"https://github.com/containers/podman-desktop/issues/112"},"https://github.com/containers/podman-desktop/issues/112")),(0,ce.kt)("li",{parentName:"ul"},"Someone has done the packaging and it is avaiable on OBS"),(0,ce.kt)("li",{parentName:"ul"},"Ask is to support it on official fedora"),(0,ce.kt)("li",{parentName:"ul"},"Require to package electron (RH may not want to support this)"),(0,ce.kt)("li",{parentName:"ul"},'Goal is to be able to do "dnf install podman-desktop"'),(0,ce.kt)("li",{parentName:"ul"},"electron is embedded in podman-desktop and we are providing the package for brew on mac")),(0,ce.kt)("h3",{id:"podman-kube-apply---4942-in-video-urvashi-mohnani"},"Podman kube apply - (49:42 in video) Urvashi Mohnani"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"kube apply lets you deploy the generated kube yaml to a k8s cluster directly"),(0,ce.kt)("li",{parentName:"ul"},"need to pass the kubeconfig file so that correct key and certifactes can be gathered for authentication"),(0,ce.kt)("li",{parentName:"ul"},"use the k8s API endpoint to make the request to create the k8s resource"),(0,ce.kt)("li",{parentName:"ul"},"supported types are pods, volumes, and services",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"this can be extended as we add more support to podman generate kube"))),(0,ce.kt)("li",{parentName:"ul"},"Possible features, pass in a container or podname instead of a kube yaml to deploy to the k8s cluster"),(0,ce.kt)("li",{parentName:"ul"},"get the kube yaml for something already running in a k8s cluster")),(0,ce.kt)("h4",{id:"open-discussion-5821-in-video"},"Open discussion (58:21 in video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"None")),(0,ce.kt)("h3",{id:"next-meeting-thursday-october-20-2022-1100-am-edt-utc-4"},"Next Meeting: Thursday October 20, 2022 11:00 a.m. EDT (UTC-4)"),(0,ce.kt)("h2",{id:"october-20-2022-topics"},"October 20, 2022 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"None")),(0,ce.kt)("h3",{id:"next-community-meeting-tuesday-october-4-2022-1100-am-edt-utc-4"},"Next Community Meeting: Tuesday October 4, 2022 11:00 a.m. EDT (UTC-4)"),(0,ce.kt)("h3",{id:"possible-topics"},"Possible Topics:"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"None")),(0,ce.kt)("p",null,"Meeting finished 12:00 p.m."),(0,ce.kt)("p",null,"Raw Meeting Chat:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},'00:00:39.516,00:00:42.516\nUrvashi Mohnani: https://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\n\n00:01:17.367,00:01:20.367\nUrvashi Mohnani: https://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\n\n00:02:59.904,00:03:02.904\nUrvashi Mohnani: https://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\n\n00:04:28.274,00:04:31.274\nEd Santiago Munoz: Very choppy here too\n\n00:08:17.367,00:08:20.367\nValentin Rothberg: https://www.redhat.com/sysadmin/kubernetes-workloads-podman-systemd\n\n00:08:27.068,00:08:30.068\nUrvashi Mohnani: https://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\n\n00:12:28.550,00:12:31.550\nJoseph Gooch: static const char *supported_container_keys[] = {\n "ContainerName",\n "Image",\n "Environment",\n "Exec",\n "NoNewPrivileges",\n "DropCapability",\n "AddCapability",\n "RemapUsers",\n "RemapUidStart",\n "RemapGidStart",\n "RemapUidRanges",\n "RemapGidRanges",\n "Notify",\n "SocketActivated",\n "ExposeHostPort",\n "PublishPort",\n "KeepId",\n "User",\n "Group",\n "HostUser",\n "HostGroup",\n "Volume",\n "PodmanArgs",\n "Label",\n "Annotation",\n "RunInit",\n "VolatileTmp",\n "Timezone",\n NULL\n}\n\n00:12:40.612,00:12:43.612\nJoseph Gooch: Currently in quadlet ^^^\n\n00:14:00.468,00:14:03.468\nJoseph Gooch: https://github.com/containers/quadlet From the readme, the file formats and container setup docs are very readable (and exciting)\n\n00:16:00.536,00:16:03.536\nValentin Rothberg: Here\'s a doc: https://github.com/containers/podman/blob/main/docs/kubernetes_support.md\n\n00:16:52.968,00:16:55.968\nReinhard Tartler: I completely missed that documentation. I\'ll check whether it\'s included in the Debian package!\n\n00:18:20.409,00:18:23.409\nSally O\'Malley: Thanks, Valentin!\n\n00:18:33.328,00:18:36.328\nJoseph Gooch: Another comment on Quadlet - moving it towards golang, and introducing GoLang text templates would be pretty killer\n\n00:19:24.193,00:19:27.193\nValentin Rothberg: Thanks for the questions and feedback! Please reach out if you have any questions.\n\nFor updates, I suggest following this GitHub issue: https://github.com/containers/podman/issues/15686\n\n00:26:17.470,00:26:20.470\nSally O\'Malley: Is there a podman issue for the zstd support?\n\n00:27:16.513,00:27:19.513\nValentin Rothberg: @Sally: Podman already supports ZSTD but there is no issue (yet) for the idea of shipping an image in GZIP and ZSTD in a manifest list (or "image index" in OCI terminology)\n\n00:27:27.585,00:27:30.585\nSally O\'Malley: thanks, got it\n\n00:28:46.082,00:28:49.082\nAditya Rajan: OCI to Confidential Image https://github.com/virtee/oci2cw\n\n00:28:51.876,00:28:54.876\nFlorent Benoit: Is there support planned for SOCI as well https://github.com/awslabs/soci-snapshotter in Podman ?\n\n00:29:10.790,00:29:13.790\nUrvashi Mohnani: https://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\n\n00:33:33.010,00:33:36.010\nAditya Rajan: https://github.com/opencontainers/runtime-spec/pull/1111\n\n00:36:07.090,00:36:10.090\nLokesh Mandvekar: https://github.com/containers/podman-desktop/issues/112\n\n00:38:08.871,00:38:11.871\nChristopher Evich: For RHEL, people could use an EPEL package maybe?\n\n00:44:23.989,00:44:26.989\nFlorent Benoit: we\'re also on flathub https://flathub.org/apps/details/io.podman_desktop.PodmanDesktop\n\n00:53:20.887,00:53:23.887\nUrvashi Mohnani: https://asciinema.org/a/WCZc8x3NFkaH2v4OvlOny08Hn\n\n00:55:57.118,00:56:00.118\nAditya Rajan: Yes\n\n00:56:03.182,00:56:06.182\nAditya Rajan: kubectl edit deployment name\n\n00:57:30.545,00:57:33.545\nAditya Rajan: kubectl get -o yaml\n')))}Co.isMDXComponent=!0;const No={},Do="Podman Community Meeting notes",Po=[{value:"February 7, 2023, 11:00 a.m. Eastern (UTC-5)",id:"february-7-2023-1100-am-eastern-utc-5",level:2},{value:"Attendees (17 total)",id:"attendees-17-total",level:3},{value:"Meeting Start: 11:02 a.m. EST",id:"meeting-start-1102-am-est",level:2},{value:"BlueJeans Recording",id:"bluejeans-recording",level:3},{value:"Pasta in Podman Demo",id:"pasta-in-podman-demo",level:2},{value:"Stefano Brivio",id:"stefano-brivio",level:3},{value:"(1:48 in the video)",id:"148-in-the-video",level:4},{value:"Demo - (2:30 in the video)",id:"demo---230-in-the-video",level:4},{value:"Podman v4.4 Update",id:"podman-v44-update",level:2},{value:"Ashley Cui",id:"ashley-cui",level:3},{value:"(26:40 in the video)",id:"2640-in-the-video",level:4},{value:"Podman Desktop Update",id:"podman-desktop-update",level:2},{value:"Stevan Le Meur",id:"stevan-le-meur",level:3},{value:"(31:55 in the video)",id:"3155-in-the-video",level:4},{value:"Open Forum/Questions?",id:"open-forumquestions",level:2},{value:"(47:45 in the video)",id:"4745-in-the-video",level:4},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday, April 4, 2023, 11:00 a.m. Eastern (UTC-4)",id:"next-meeting-tuesday-april-4-2023-1100-am-eastern-utc-4",level:2},{value:"Next Cabal Meeting: Thursday, February 16, 2023, 11:00 a.m. Eastern (UTC-5)",id:"next-cabal-meeting-thursday-february-16-2023-1100-am-eastern-utc-5",level:2},{value:"Meeting End: 11:52 a.m. Eastern (UTC-5)",id:"meeting-end-1152-am-eastern-utc-5",level:3},{value:"BlueJeans Chat copy/paste:",id:"bluejeans-chat-copypaste",level:2}],xo={toc:Po},Bo="wrapper";function Eo(e){let{components:t,...n}=e;return(0,ce.kt)(Bo,(0,Q.Z)({},xo,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting-notes"},"Podman Community Meeting notes"),(0,ce.kt)("h2",{id:"february-7-2023-1100-am-eastern-utc-5"},"February 7, 2023, 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"attendees-17-total"},"Attendees (17 total)"),(0,ce.kt)("p",null,"Tom Sweeney, Chris Evich, Ashley Cui, Paul Holzinger, Nalin Dahyabhai, Giuseppe Scrivano, Preethi Thomas, Matt Heon, Urvashi Mohnani, Ed Santiago, Brent Baude, Stefano Brivio, Lokesh Mandvekarm, Greg Shomo, Anders Bj\xf6rklund, Mateo Brisi, Tom Lezotte, Stevan Le Meur, Mehdi Haghgoo, Martin Jackson"),(0,ce.kt)("h2",{id:"meeting-start-1102-am-est"},"Meeting Start: 11:02 a.m. EST"),(0,ce.kt)("h3",{id:"bluejeans-recording"},"BlueJeans ",(0,ce.kt)("a",{parentName:"h3",href:"https://youtu.be/qLhf-Ae4jvo"},"Recording")),(0,ce.kt)("h2",{id:"pasta-in-podman-demo"},"Pasta in Podman Demo"),(0,ce.kt)("h3",{id:"stefano-brivio"},"Stefano Brivio"),(0,ce.kt)("h4",{id:"148-in-the-video"},"(1:48 in the video)"),(0,ce.kt)("p",null,"What's Pasta? A tool that connects the network names space of the container to the host."),(0,ce.kt)("h4",{id:"demo---230-in-the-video"},"Demo - (2:30 in the video)"),(0,ce.kt)("p",null,"Creates a tap device that allows a quasi-native network connectivity to virtual machines in user mode without requiring any capabilities or privileges."),(0,ce.kt)("p",null,"Stefano showed two shells, one where he was running Pasta, the other slipr4netns. He then created a device using Pasta."),(0,ce.kt)("p",null,"Side note, Pasta shares a man page with passt (pasta (1))."),(0,ce.kt)("p",null,"He then ran an alpine container with --net=slirp4netns and then one with --net=pasta."),(0,ce.kt)("p",null,"The difference between them is the interface. Instead of tap0 from slipr4netns, it's enpp9s0."),(0,ce.kt)("p",null,"He then showed how you could change the addresses by using the ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman run")," command. The ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman-run (1)")," man page has a number of details. Search for ",(0,ce.kt)("inlineCode",{parentName:"p"},"pasta")," within it."),(0,ce.kt)("p",null,"Pasta gets the ipv6 addresses from the host, while sliprnetns gets a 10.0.2.100 type of address."),(0,ce.kt)("p",null,"Why choose Pasta over slirp4netns? 1. Performance 2. Smaller footprint 3. IPv6 support provided"),(0,ce.kt)("p",null,"He recommends setting the default for networking to Pasta from Slirp4netns."),(0,ce.kt)("p",null,"PR: ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/pull/16141"},"https://github.com/containers/podman/pull/16141"),"\nProject homepage: ",(0,ce.kt)("a",{parentName:"p",href:"https://passt.top/"},"https://passt.top/"),"\nasciinema demo (Podman and stand-alone): ",(0,ce.kt)("a",{parentName:"p",href:"https://passt.top/passt/about/#pasta_2"},"https://passt.top/passt/about/#pasta_2"),"\nMailing list, chat, bug tracker, weekly meetings: ",(0,ce.kt)("a",{parentName:"p",href:"https://passt.top/passt/about/#contribute"},"https://passt.top/passt/about/#contribute")),(0,ce.kt)("p",null,"What's the downside to switching the default to Pasta? Possibly user familiarability since Pasta is a newer project."),(0,ce.kt)("p",null,"Podman rootless network integration is still a WIP at this point. Once that's done, then Paul suggests it changes to the default after that."),(0,ce.kt)("p",null,"Dan would like to switch at the next full Fedora release, and he'd like it to soak for six months in Fedora before going to RHEL. Valentin thinks good timing for RHEL 10."),(0,ce.kt)("h2",{id:"podman-v44-update"},"Podman v4.4 Update"),(0,ce.kt)("h3",{id:"ashley-cui"},"Ashley Cui"),(0,ce.kt)("h4",{id:"2640-in-the-video"},"(26:40 in the video)"),(0,ce.kt)("p",null,"Around 125 user-facing changes, including features and bug fixes. We introduced Quadlet, a new systemd-related generator."),(0,ce.kt)("p",null,"A lot of new ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman kube")," features. CNI will be deprecated soon. Advising that Netavark be used instead, and that will be the default later."),(0,ce.kt)("p",null,"We're doing a Podman v4.4.1, probably tomorrow, to include the Quadlet man page, which was mistakenly left off, and a few bug fixes."),(0,ce.kt)("p",null,"Several performance changes were made in this release."),(0,ce.kt)("p",null,"We'll be doing a demo of Quadlet at an upcoming meeting."),(0,ce.kt)("p",null,"Podman v4.4.0 should be in Fedora by default in the next few days. We also had updates for Buildah, Skopeo, and other tools."),(0,ce.kt)("h2",{id:"podman-desktop-update"},"Podman Desktop Update"),(0,ce.kt)("h3",{id:"stevan-le-meur"},"Stevan Le Meur"),(0,ce.kt)("h4",{id:"3155-in-the-video"},"(31:55 in the video)"),(0,ce.kt)("p",null,'Started with Demo. Showed "Docker Socket Compatibility" message now on the main page.'),(0,ce.kt)("p",null,"There's also a new feedback button on the main page to share feedback directly with the team."),(0,ce.kt)("p",null,"When creating a new machine, you can customize its path."),(0,ce.kt)("p",null,"In the registries section, you can configure the ones that you have defined."),(0,ce.kt)("p",null,"In the proxy, you can toggle on/off the configuration."),(0,ce.kt)("p",null,"UI changes have improved the alignments through out for better readability."),(0,ce.kt)("p",null,"You can press the three dots icon within the pods to get further actions."),(0,ce.kt)("p",null,"You can select the namespace so you can deploy where you want to."),(0,ce.kt)("p",null,"Windows and Mac installations have been added to the GitHub page."),(0,ce.kt)("p",null,"New documentation to help with the transition from Docker to Podman Desktop."),(0,ce.kt)("p",null,"Showed a demo on creating two containers and pushing them into a Pod on OpenShift. He created an OpenShift cluster. He chose two containers and put them into a new pod. He then opened a browser and showed a webpage being run from within the pod. He later deployed it on the OpenShift cluster. Back on Podman Desktop, it showed the status of the pod on OpenShift."),(0,ce.kt)("h2",{id:"open-forumquestions"},"Open Forum/Questions?"),(0,ce.kt)("h4",{id:"4745-in-the-video"},"(47:45 in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Martin ran with the new Podman 4.4 and noticed a speed improvement. Folks were very happy with Quadlet to date. Dan thinks the speed improvement is due to Kubernetes not being part of the equation, about a 30% gain in CPU.")),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Quadlet demo.")),(0,ce.kt)("h2",{id:"next-meeting-tuesday-april-4-2023-1100-am-eastern-utc-4"},"Next Meeting: Tuesday, April 4, 2023, 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"next-cabal-meeting-thursday-february-16-2023-1100-am-eastern-utc-5"},"Next Cabal Meeting: Thursday, February 16, 2023, 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"meeting-end-1152-am-eastern-utc-5"},"Meeting End: 11:52 a.m. Eastern (UTC-5)"),(0,ce.kt)("h2",{id:"bluejeans-chat-copypaste"},"BlueJeans Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Me10:58 AM\nhttps://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nMe10:59 AM\nhttps://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nMe11:01 AM\nhttps://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nMehdi Haghgoo11:17 AM\nsorry I joined late. Is pasta a new container networking type?\nMe11:19 AM\nMehdi, I'll ask your question shortly.\nMehdi Haghgoo11:19 AM\nThanks\nBrent Baude11:21 AM\ni would also agree about switching it to become the default as well\nStefano Brivio11:21 AM\nhttps://github.com/containers/podman/pull/16141\nValentin Rothberg11:27 AM\nGood timing for RHEL 10\nBrent Baude11:28 AM\nimho, switching would be transparent to customers and it is feature complete, unlink the network stack for example\nStefano Brivio11:28 AM\nhttps://passt.top/\nCI-based demo: https://passt.top/passt/about/#pasta_2\nMailing list, chat, bug tracker, weekly meetings: https://passt.top/passt/about/#contribute\nStefano Brivio11:30 AM\nPull request, listing differences with slirp4netns: https://github.com/containers/podman/pull/16141\n(I'll add those to hackmd in a moment)\nMehdi Haghgoo11:31 AM\nIs quadlet a subcommand of podman?\nValentin Rothberg11:32 AM\nQuadlet docs: https://github.com/containers/podman/blob/main/docs/source/markdown/podman-systemd.unit.5.md\nMehdi Haghgoo11:36 AM\nCan one systemd unit file manage several containers? Or is it one to one?\nIn your screen of PD, why podman is not emulating /var/run/docker.sock? It was very handy\nValentin Rothberg11:36 AM\nIt's 1:1 for ordinary container and 1:N when using the Kubernetes integration.\nMehdi Haghgoo11:40 AM\nValentin, so can I migrate a docker-compose project to a systemd unit?\nValentin Rothberg11:43 AM\n@Mehdi: yes, that is a nice use case. Instead of using docker-compose, you can use Podman and systemd.\nMarkus Eisele11:44 AM\nIt might be BlueJeans blocking the port locally.\nStefano Brivio11:46 AM\nValentin, by the way, passt/pasta will be available in RHEL starting from 9.2 -- just for information, not advocating to switch the default \"too early\" :)\nMehdi Haghgoo11:47 AM\nThanks Valentin\nLokesh Mandvekar11:49 AM\ngotta drop, thanks all.. later..\nMehdi Haghgoo11:52 AM\nHow does PD remove the need for DOCKER_SOCK env var?\nGreg Shomo (Northeastern)11:52 AM\nthank you, everyone, for all the updates and glimpses into the future. much appreciated !\n")))}Eo.isMDXComponent=!0;const Wo={},jo="Podman Community Cabal Meeting Notes",Lo=[{value:"May 18, 2023 11:00 a.m. Eastern (UTC-5)",id:"may-18-2023-1100-am-eastern-utc-5",level:2},{value:"Attendees:",id:"attendees",level:3},{value:"May 18, 2023 Topics",id:"may-18-2023-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"containersh (1:25 in the video) - Dan Walsh",id:"containersh-125-in-the-video---dan-walsh",level:3},{value:"Storage - allow layers to be split across multiple files. (13:20 in the video) - Anders Bjorklund",id:"storage---allow-layers-to-be-split-across-multiple-files-1320-in-the-video---anders-bjorklund",level:3},{value:"podman.io demo - (21:58 in the video) - Ashley Cui - 20",id:"podmanio-demo---2158-in-the-video---ashley-cui---20",level:3},{value:"github.com/containers/appstore (29:45 in the video) - Dan Walsh",id:"githubcomcontainersappstore-2945-in-the-video---dan-walsh",level:3},{value:"Open discussion (42:00 in the video)",id:"open-discussion-4200-in-the-video",level:4},{value:"Next Meeting: Thursday, June 15, 2023, 11:00 a.m. EDT (UTC-5)",id:"next-meeting-thursday-june-15-2023-1100-am-edt-utc-5",level:3},{value:"Possible Topics",id:"possible-topics",level:2},{value:"Next Community Meeting: Tuesday, June 6, 2023, 11:00 a.m. EDT (UTC-5)",id:"next-community-meeting-tuesday-june-6-2023-1100-am-edt-utc-5",level:3},{value:"Possible Topics:",id:"possible-topics-1",level:3}],Ho={toc:Lo},Ro="wrapper";function Oo(e){let{components:t,...n}=e;return(0,ce.kt)(Ro,(0,Q.Z)({},Ho,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("h2",{id:"may-18-2023-1100-am-eastern-utc-5"},"May 18, 2023 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"attendees"},"Attendees:"),(0,ce.kt)("p",null,"Anders F Bj\xf6rklund, Ashley Cui, Ashley Cui's Presentation, Brent Baude, Christopher Evich, Daniel Walsh, Ed Santiago Munoz, Lance Lovette, Leon Nunes, Lokesh Mandvekar, Martin Jackson, Matt Heon, Mohan Boddu, Nalin Dahyabhai, Preethi Thomas, Reinhard Tartler, Tom Sweeney, Tom Sweeney's Presentation, Urvashi Mohnani, ykuksenko"),(0,ce.kt)("h2",{id:"may-18-2023-topics"},"May 18, 2023 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"containersh - Lokesh Mandvekar, Dan Walsh"),(0,ce.kt)("li",{parentName:"ol"},"Storage - allow layers to be split across multiple files. - Anders Bjorklund"),(0,ce.kt)("li",{parentName:"ol"},"podman.io - Comments/Discussion"),(0,ce.kt)("li",{parentName:"ol"},"github.com/containers/appstore - Dan Walsh")),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://youtu.be/GYrFHoYtXDA"},"Recording")),(0,ce.kt)("p",null,"Meeting start 11:02 a.m. Thursday, May 18, 2023"),(0,ce.kt)("h3",{id:"containersh-125-in-the-video---dan-walsh"},"containersh (1:25 in the video) - Dan Walsh"),(0,ce.kt)("p",null,"A shell account to allow an interjection into a shell. You'd interject which cgroup, image the user could have, and they would be assigned a container with those values. Useful in a government setting. It lets someone in with the appropriate privileges. Dan thinks it's a fairly small addition to Podman. The hardest part is a timing issue for execing the user environment. A bit of a race condition with the container. By using systemd, it will maintain the containers until the system goes down."),(0,ce.kt)("p",null,"One thing that Lokesh has noticed is the container isn't starting. We may need to see if the container doesn't start after some time. Then systemd will stop the container and possibly retry."),(0,ce.kt)("p",null,"This request came from security-oriented customers. They want the user to get on, but only to see pertinent data to them. They've used Selinux in the past, but an ls command in that environment might show them file names they shouldn't see. With a container, you can limit the scope of files they could see. Better feel than being able to see all, but get blocked from parts of it."),(0,ce.kt)("p",null,"This will be a command under Podman, so it will be under the github.com/containers/podman, not likely to be a separate project."),(0,ce.kt)("h3",{id:"storage---allow-layers-to-be-split-across-multiple-files-1320-in-the-video---anders-bjorklund"},"Storage - allow layers to be split across multiple files. (13:20 in the video) - Anders Bjorklund"),(0,ce.kt)("p",null,"Question from the previous Podman meeting, about support for ",(0,ce.kt)("inlineCode",{parentName:"p"},"ipfs://"),"."),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("a",{parentName:"li",href:"https://github.com/containerd/nerdctl/blob/main/docs/ipfs.md"},"https://github.com/containerd/nerdctl/blob/main/docs/ipfs.md")),(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("a",{parentName:"li",href:"https://github.com/containerd/stargz-snapshotter/blob/v0.10.0/docs/ipfs.md"},"https://github.com/containerd/stargz-snapshotter/blob/v0.10.0/docs/ipfs.md"))),(0,ce.kt)("p",null,"I think there was some Podman version of estargz, maybe it was zstd:chunked ?"),(0,ce.kt)("p",null,"Dan thinks we can handle this, but we need more work on the file system. Dan is for it, but would like Giuseppe Scrivano to take a look at it."),(0,ce.kt)("p",null,"THere was a change to containers/storage by an outside of Red Hat contributor, but it wasn't completed. There were problems with the fuse file system, and the folks working for Red Hat weren't able to prioritize tracking down the issue."),(0,ce.kt)("p",null,"Side note: here was the project mentioned briefly, which works in the kubernetes context for mirroring images from the registry ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/XenitAB/spegel"},"https://github.com/XenitAB/spegel")," (probably more for CRI-O)"),(0,ce.kt)("h3",{id:"podmanio-demo---2158-in-the-video---ashley-cui---20"},"podman.io demo - (21:58 in the video) - Ashley Cui - 20"),(0,ce.kt)("p",null,"Ashley showed the new website. Showing the options. It just went to v1.0 this week, in preparation of Red Hat Summit. The site is a combo of Podman Desktop and Podman, with the feel of Podman Desktop."),(0,ce.kt)("p",null,"You can download either the CLI or the Desktop from the page. It detects the OS you're on and gives you the right choice (Mac, Windows, etc)"),(0,ce.kt)("p",null,"Anders thought it might sense to not call it CLI, but perhaps Podman Engine. The download will have the engine to run, and CLI is part of that, but it could potentially be separate too."),(0,ce.kt)("p",null,"Ashley thinks more documentation here on this download page to clarify things."),(0,ce.kt)("p",null,"Happy to take contributors!"),(0,ce.kt)("h3",{id:"githubcomcontainersappstore-2945-in-the-video---dan-walsh"},"github.com/containers/appstore (29:45 in the video) - Dan Walsh"),(0,ce.kt)("p",null,'Just an idea, an area for examples on how to use different tools. Docker has "awesomecompose" to get compose examples. We\'ve been pinged for a site similar to that one.'),(0,ce.kt)("p",null,"We have created the github.com/containers/appstore and have opened it up to people to add their examples. I.e. how to run mariadb inside of Kubernetes. We'd probably want to eventually set up a CI/CD system to test the scripts that are submitted to make sure they don't break, or age out."),(0,ce.kt)("p",null,"Chris Evich thinks renovate can help with making sure the scripts are still viable."),(0,ce.kt)("p",null,"Mark Russel has a contact, George, who has been wanting to do this and has a collection he would like to drop stuff in."),(0,ce.kt)("p",null,"The problem this team in Red Hat has is were' container tool experts, not necessarily container creators/maintainers."),(0,ce.kt)("p",null,'Dan wants to make sure that the apps that are dropped will actually be useful for real-world environments. Not necessarily just "Hello World".'),(0,ce.kt)("p",null,"The issue is as priorities change, a contributor might not keep the app up to date. We'll need to be able to easily track the maintainer and the last time they updated the app, and also revision control. It would also be nice to be notified when an app that you grabbed gets updated later."),(0,ce.kt)("p",null,"Chris thinks this is possible via renovate."),(0,ce.kt)("p",null,"The project has been created. ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/appstore"},"https://github.com/containers/appstore")),(0,ce.kt)("p",null,"Dan was thinking about creating directories for quadlet and Kubernetes."),(0,ce.kt)("h4",{id:"open-discussion-4200-in-the-video"},"Open discussion (42:00 in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"When should you use pass-through versus journald should be used? Dan thinks pass-through is better aligned with systemd (Tom check). Across the board, Lance has defined journald for all, and wanted to know if Podman was trying to default to something else? Dan thinks it should not.")),(0,ce.kt)("p",null,"Pass-through will send to stdin/stdout via systemd. It was done to integrate better with the journal log driver. If you use pass-through, podman logs gets disabled, so it's like not logging. But you get better integration with the journal."),(0,ce.kt)("p",null,"If Podman goes away while being run with systemd, conmon will write to the logs."),(0,ce.kt)("h3",{id:"next-meeting-thursday-june-15-2023-1100-am-edt-utc-5"},"Next Meeting: Thursday, June 15, 2023, 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h2",{id:"possible-topics"},"Possible Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"ipfs integration into Podman - Anders Bj\xf6rklund to kick off"),(0,ce.kt)("li",{parentName:"ol"},"Mark Russell's contact George for appstore")),(0,ce.kt)("h3",{id:"next-community-meeting-tuesday-june-6-2023-1100-am-edt-utc-5"},"Next Community Meeting: Tuesday, June 6, 2023, 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h3",{id:"possible-topics-1"},"Possible Topics:"),(0,ce.kt)("p",null,"None Discussed"),(0,ce.kt)("p",null,"Meeting finished 11:52 a.m."),(0,ce.kt)("p",null,"Raw Meeting Chat:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Daniel Walsh10:59\u202fAM\nToday is a holiday in a lot of Europe. Ascension Thursday\nYou11:03\u202fAM\nMeeting Notes: https://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nPlease add or correct as we go along.\nDaniel Walsh11:42\u202fAM\nhttps://github.com/containers/appstore\n")),(0,ce.kt)("p",null,"Raw Google Meeting Transcript:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Tom Sweeney: Okay, the recording seems to be working at this point in time. So welcome everybody to the Quad man community the ball meeting. The meeting that we generally talk about future design decisions and topics along those lines. Rather than demos, the demos meetings are generally held during the community meetings, which will be coming up. In June, I think it's June second. We'll talk about that later on today. For today we've four topics lined up. We have talked about container sage being led by Dan and Lokesh, We have another topic about storage allowing lawyers to be split across multiple files and Anders thanks for joining today. I know it's a holiday and all where you're at\n\nTom Sweeney: And I thank you started at this point and then we'll be talking about Podman.io. We've got some very exciting, new changes going on there and there are more Maureen is going to be talking about and then Dan's gonna be talking about the App Store on the containers project so given all that. Oh and you know put a link to the Hack MD, I'll be taking notes during the meeting today in hackham day. If you have any I think that add that I've messed up or you want to add a link or anything like that. Go ahead, please do it. There. And I'm trying to check on. The moment here. Given all that. I'm going to start it off with general location. I'm not sure who's doing the talk. This one for the container sh Yeah, yes.\n\nDaniel Walsh: Yeah, I guess. Who I'm getting feedback.\n\nDaniel Walsh: Are the people getting it? All right, the Echo, one way. So I don't have any presentation on it right now. And Lokesh myself and some people from the SC, Linux team have been working. as a side project on the, an idea, what we calling Pod, Man Shell And what this basically is. Will be an enhancement to podman to allow. you to configure a shell account or login account with a shell of podman shell, which would automatically Inject a user into a. Container, when it lies into the system. So think of it like a hunting pot environment, What we're trying to do is to do it as\n\nDaniel Walsh: Part of, you know, just a link off of Pod man so it won't be a new executable and that we're all gonna be taking advantage of quadlet to define a user container for that user. So imagine you create a container, a quad that podman Sheldon, quad that\n\nDaniel Walsh: Not die container. I mean you define which image you want to use it to be injected into what Cgroups you want them to be controlled fine, with what volumes, you want to make available to the user inside of the environment. Then when the user logs onto the system, he would automatically get he or she would automatically get injected into the container and be locked down With that. The container would have any rights that you wanted to expose the user. The reason we, we've had a couple of government type\n\nDaniel Walsh: Customers that have come in and talked to us about how they would like to be able to use some container technology to actually control uses that allowing into the system. So, you can imagine a, You have a sort of a system with lots and lots of data on it when you, but you want to give a use either a shell account, so he gets onto the system and only able to see certain directories on the system. Another way another idea would be You want to set up sort of more like Toolbox where you would log on to a system and have an entire suite of tools available to you, that will be different than other users logging into the system onto the same system, but have, you know, constant data that you could use to do it?\n\nDaniel Walsh: So, I think it's a fairly small enhancements to pod to Odd, Man, and most functionality, we found the most of functionalities available. Now in the system, just by using system D to start up a service for the user. And then just basically getting a pyramid exact into the into the show into the container that you're going to create. One issue we're having right now is a timing issue in that. I think there's a bit of a race condition because really what we want to have happen is when the user ssh is into the box, this container gets started. For the session. And then I think, We haven't quite figured out how to wait for the shell. For the container to get up and running before you try to exact into it. So if part Man shell\n\n00:05:00\n\nDaniel Walsh: Execs in right away. Then the shell might, the container might not be up and running at the time. So it was a race condition, the beauty of using system need to manage these. The actual containerized service is that System D will keep track of all sessions. So if you logged into the system multiple times, Um then system legal maintain the service running until you log out of all sessions and then we kill off the container. So anyways, we've talked internally about this and this is the first time we're really talking about it externally. Does anybody have any questions?\n\nBrent Baude: Dan on the problem of the container starting, that the racy part could you define a basically a bogus Dependent container and\u2026\n\nDaniel Walsh: Yeah.\n\nBrent Baude: weight on that one.\n\nBrent Baude: so, it would be Essentially,\u2026\n\nDaniel Walsh: I think.\n\nBrent Baude: you'd wait on what you'd wait on one, but you're really just using it as a indicator for the other.\n\nDaniel Walsh: well, I think the problem is apartment Shell is gonna I think this I think when you log into the system, Lokesh you, you've experienced this, right? You talk about it.\n\nLokesh Mandvekar: Uh yeah. So what the one thing of notice was if I rerun the setup, I often end up with no such Container image. Sorry no such container.\n\nDaniel Walsh: Right.\n\nLokesh Mandvekar: So And I also see a bunch of SC Linux messages about non-existent keep yourself. So, I'll figure that.\n\nDaniel Walsh: Yeah, and I think what's happening is when you log into the box as you log in System D realizes you're creating a new session. It starts the session then starts the container, but simultaneously at podman cell is running. so, I think what we need to do is to have Quad man, Shelby smart enough to retry for some period of time. you know, basically do a fallback until the container is actually exists. would be the most saying, but only do it for, you know, 10 seconds or something, I don't as we might be something that we have to configure, but\n\nBrent Baude: We do that basically a back-off as well with other stuff\u2026\n\nDaniel Walsh: Right.\n\nBrent Baude: where you know, you try and 250 milliseconds and then 500 and then one second. Yep.\n\nDaniel Walsh: Good. I think I think we do that and then it's a container doesn't start for a certain amount of time then. You know, kill the shell and drop out. I think that. but,\n\nDaniel Walsh: Any any other comments questions? Thoughts.\n\nBrent Baude: What's the primary? You know, jumping up and down. User.\n\nBrent Baude: Use case, if you will.\n\nDaniel Walsh: so, the users that first brought this up or were basically, real heavy security people who wanted to A traditional use case for um, these type of customers is that they allow a user to get onto a system that has data, that's at multi-level, so top secret data, secret data, and they want to allow the user to get on to the system and then only able to view, say, secret data and\n\nDaniel Walsh: um, traditionally they've done this with Essie Linux, but the problem with SEO Linux is that if the user just does standard commands, like LS of an environment, he's likely just to get at or ABC generation on places that he shouldn't be looking at and so becomes very complex because I like to say is a essay Linux is complex because we give you in a view of everything in the universe and then\n\nDaniel Walsh: We basically say, You know, why you're looking, you know, basically SEO is gonna say why you're looking here, why you're looking it while you're looking here, and with containers, we give you a view of almost nothing of the operating system. And then we just start opening up windows to the up the operating system through volumes. And so becomes a lot easier for people to say, You know, okay, you can get on my system. But the only thing you can see is this directory on my system. And that becomes, That's a lot more human understandable than you get. On my system, you can see everything. And then I start to block you from looking at parts.\n\n00:10:00\n\nAnders F Bj\xf6rklund: I remember we had a FTP server and when we went to Not to the same option of ftps but to Sftp, then we then we ended up running shells where you previously were just sewing files. So so that that was the use case back in the day with a custom shell,\u2026\n\nDaniel Walsh: Right.\n\nAnders F Bj\xf6rklund: that only allowed you to visit certain directories and run certain commands. That sftp. So, that could be.\n\nDaniel Walsh: Yeah, right. I mean, 10 to 15 years ago, I talked about Doing some stuff with Etsy, Linux around guests. And next guest and I just used to talk about how you could You know, imagine like you asked Machine at a at a library where you come in and Basically, will allow you to Web browsing and\n\nDaniel Walsh: You know, going. Use the printers and things like that, we'll be really nice of that. Everything you did while you were in that web, browser was destroyed. When you logged out and that, that could be a use case for someone like this as well. Where you would, you just set up a container that Allows you to do whatever you want but as soon as you log out of the system, you know, the container gets destroyed. So imagine a container that's still in a dash dash RM. So, all the content was was cleaned up after you got out. So, If you did something stupid like do online banking and have secrets stored by the Web browser and at least it would be destroyed.\n\nDaniel Walsh: And I mean, there are decent amount of use cases for something like this. I believe,\n\nTom Sweeney: some more people can look at,\n\nDaniel Walsh: Not yet. Who are not we're not trying to make this as fully separate projects from Podmin. I think it's a I think it's an enhancement department, just another command that probably can use, so my goal would be to To write documentation in pod, Man, how to do it. And Just have the command put on a system so it'll be a pod man. Shell Which is probably in shell, it will just be a symbolic link to Bod man and Maybe it'll be a sub package but I don't want to get into a whole separate project for this. because again, it's just gonna This is just something that Pod man can do.\n\nDaniel Walsh: You just have to create the Quad button.\n\nTom Sweeney: Great. Any other questions or comments?\n\nDaniel Walsh: We sometimes call it Container Shell but I've been calling it podman Shelton more recently. So Hopefully in it when we get together and do demos, we can demo it in a few weeks.\n\nTom Sweeney: That be good a couple weeks away. Um all right, even that I and the time I think I'm going to hand it off to it on Anders for the storage talk.\n\nAnders F Bj\xf6rklund: Yeah. So we had a previous meeting where I'm also asking a question, but we didn't have time for any answer, so I guess I will just ask it again. It was really about two separate. Features one is called lazy pulling where you divide a big layer into I mean, without breaking compatibility. You can divide container layer into Sub. Files, so that you can start the container without pulling all of it until it's needed. And related to that was the other question of peer-to-peer distribution of images without having to always pull it from the central registration.\n\nAnders F Bj\xf6rklund: And I guess it's would be a question for containers image, or I mean, Portman would just use the storage.\n\nAnders F Bj\xf6rklund: Object. So there's some support about anything in container D. That's why I was asking if there's any like OCI work or if it's anything that could come to. Podman on those.\n\nDaniel Walsh: Yes. Um Giuseppe's, not here, not. I believe that this\n\nDaniel Walsh: We see if I can ping Giuseppe on this. Use around early, but I'm\n\nTom Sweeney: Yeah, thank you.\n\nDaniel Walsh: forgot.\n\nTom Sweeney: Son Holiday today.\n\nDaniel Walsh: The, I believe we have some, we can handle this. From what we don't have right now is you need a fuse file system to make this thing work.\n\n00:15:00\n\nAnders F Bj\xf6rklund: Yeah.\n\nDaniel Walsh: Because the basic idea is you go. To run an image and container storage would say the image exists. And then you go, now you read Use a bin foobar and as soon as you execute, you've been full bar. The. underlying fuse file system would reach out to the registry and say Okay I need use of infobar and then User been full power. Would pull down say it needs G loop C. You pull down to your love C. And Continue on through the entire stack. I know that the person who wrote that originally are someone worked with, it opened up, pull request to get features like that into container storage. But I don't think anybody ever finalized it by putting in, you know, somehow getting the\n\nDaniel Walsh: The underlying file system to do it. And my mind it would be best to enhance. Fuse. Overlay to Be able to handle it, but it's not something that anybody at Redhead is has worked on at this point. The reason we haven't really looked at it is because the latency problem, but I I think it is a reasonable issue. We've always referred to constant. So, try to avoid the latency where you'd have an application up and running. For a little bit and then also just go into a pause mode when it's downloading. gigabytes of state and\u2026\n\nAnders F Bj\xf6rklund: Right.\n\nDaniel Walsh: as opposed to downloading everything and then you don't have any latency.\n\nAnders F Bj\xf6rklund: Okay. Yeah. So\n\nDaniel Walsh: So I I would say I'm all for it. I'm all for us getting this into the upstream project. but rather than having I I'm not sure what the fuse file system that implements it, but if we get that fuse file system merged somehow into fuse overlay,\u2026\n\nAnders F Bj\xf6rklund: Yeah. Not.\n\nDaniel Walsh: I get it to be you mode if he was overly and we don't have two foul, two fuse file systems for supporting Someone desperate that things.\n\nAnders F Bj\xf6rklund: yeah, and not exactly sure how it's implemented in the snapshot directly as it's calling continuity, but it has this, you need a, You need a special tar format in order to handle these I mean division of the horrified.\n\nDaniel Walsh: but,\n\nAnders F Bj\xf6rklund: So That was us.\n\nDaniel Walsh: It's it's related. Is. I think it's\n\nAnders F Bj\xf6rklund: And I think we had, we had two different versions, right? We had one based on said standard and that compression and we had one based on the older work with the S tar. That, I'm not sure if it was Google or something. So, It seemed to be multiple implementations of the same idea. Being able to hack one tour streaming to It's seekable portions while keeping compression.\n\nDaniel Walsh: I'm going through Google's, all right. contain a storage to figure out who opened up the pull request, but looking for a star right now,\u2026\n\nAnders F Bj\xf6rklund: Yeah.\n\nDaniel Walsh: but It's all just.\n\nAnders F Bj\xf6rklund: now, I think we took there was some talk about it, like previous container plumbing, but not this one. So maybe like you say there are other concerns that are more important, so it's not the most desired feature\n\nDaniel Walsh: yeah, what yeah, I mean I don't I just don't think that\n\nDaniel Walsh: Yeah, I can't find who wrote it now. And do you remember anything about this?\n\nNalin Dahyabhai: I would have to go digging through it as soon as you.\n\nDaniel Walsh: Yeah. But yeah,\u2026\n\nAnders F Bj\xf6rklund: It was.\n\nDaniel Walsh: as I said,\u2026\n\nAnders F Bj\xf6rklund: It was a hero talking about it. So,\n\nDaniel Walsh: I'm you know, it's just hasn't come up as an interest for You know,\u2026\n\nAnders F Bj\xf6rklund: Okay.\n\nDaniel Walsh: that the developers at Red Hat at this point to, to support this and just mainly because of the fuse vial system problem and\u2026\n\nAnders F Bj\xf6rklund: Yeah. Yeah,\u2026\n\nDaniel Walsh: Now we haven't focused on. Yeah.\n\nAnders F Bj\xf6rklund: I run into some similar issues. What while trying to promote peer-to-peer pulling over images and that is You can easily. You can easily set it to allow the private network only, but most peer-to-peer systems are public by default, which means people are terrified. So when you, when you mention an appear to pair is like mentioning Dr. Hub, you tell that to the private really stupid people and\u2026\n\nDaniel Walsh: Right.\n\nAnders F Bj\xf6rklund: they go into defensive mode and then it's for lockdown and everything. but,\n\n00:20:00\n\nDaniel Walsh: Yeah. Similar. We've been talking about that for about eight eight or ten years now. So,\n\nDaniel Walsh: Nothing. Nothing is happened in that front. And sadly,\u2026\n\nAnders F Bj\xf6rklund: Yeah. So\n\nDaniel Walsh: we don't have the people who work in containers imager here, because they're on holiday\u2026\n\nAnders F Bj\xf6rklund: I, Yeah,\u2026\n\nDaniel Walsh: because yeah. So,\n\nAnders F Bj\xf6rklund: I'm also supposed to be on holidays and relate.\n\nAnders F Bj\xf6rklund: Yeah, that's right.\n\nDaniel Walsh: So we can put that. I mean, if you don't mind, we'll put that one on hold for what.\n\nAnders F Bj\xf6rklund: Yes, you can come back to it.\n\nDaniel Walsh: Let's talk about it.\n\nTom Sweeney: Up. Yeah.\n\nDaniel Walsh: Let's talk about it next month. When\n\nAnders F Bj\xf6rklund: yeah, I think Ipfs is quite experimental anyways, so you could probably do with some more maturing That there were also some like halfway solutions\u2026\n\nDaniel Walsh: Yeah.\n\nAnders F Bj\xf6rklund: where you would not hack up the layers, but you would distribute images from your peers. So you you would talk to your peers and then And then see if anyone close to you has the image before putting it from the registry. So, so,\u2026\n\nDaniel Walsh: Yeah.\n\nAnders F Bj\xf6rklund: there were some work, like\n\nDaniel Walsh: Yeah, that would be cool. I think the the issue and they might have with that is how signing and and could you verify the image and make sure it's the Because yeah,\u2026\n\nAnders F Bj\xf6rklund: That yeah, it can assume so private.\n\nDaniel Walsh: the field comes I asked for, you know, the fedora image and someone so I got a fedora image for you. Yeah, take this one. How do you trust it? No.\n\nAnders F Bj\xf6rklund: Yeah.\n\nTom Sweeney: Right, so we're compost bone, that one. So the next meeting then gets more folks here.\n\nAnders F Bj\xf6rklund: Yeah, fun.\n\nTom Sweeney: And thanks for bringing up Anders and keep me honest, I put it on to the possible topics for the next one. I had thought the next one that we're going to do was with Maureen Duffy's and I thought She's gonna be here. So I will just do a real quick talk about it based on what I've seen Ashley here. Ashley, do you want to talk about this or give a quick little\n\nAshley Cui: so, Sorry.\n\nTom Sweeney: Appointment.\n\nAshley Cui: um, I don't have anything prepared, but I guess. Take.\n\nDaniel Walsh: Just demonstrate the website.\n\nAshley Cui: Okay. Let's see.\n\nTom Sweeney: Nothing like putting you on the spot.\n\nAshley Cui: Let me see if I can share the tab for Partner and IL.\n\nTom Sweeney: And while she's doing that, I'll just say that it's gone to be 1.0 officially, as of this morning, we're getting it ready for the summit, for Brent, for next week. So it'll be announced there more officially. She can have. A sneak preview this week.\n\nAshley Cui: Um, so we have a new website Podmanio. It's been it's nice and shiny and it looks very very good but I guess it is brand new. So we haven't gone through, we're trying to go through and take a look at anything that is broken and so we've been kind of taking a look at it, we have a bunch of Links and Other Things. I don't know what else to say about it. Other than it looks really nice but I think there's still a little bit of work that we're doing but if you have some time, feel free to click through it and see what works, what you guys like and what you don't like. And we'll see what we can do about it, I guess.\n\nTom Sweeney: Yeah, and I'll just go ahead and add a little bit more, just basically, it's on Github, container spot. is the old site was if you had happened to Clone that site Prior Appointment.io, it's now point. Automan.io underscore old. So if you try and make an update there, go to the old site and not to the new site so you'll need to reclone if you've cloned prior and please just standard issues, if you have just use a standard issue process, If you find anything go at Adam there and Maureen's been very responsive there for the ones that we found and do know that we've got a couple more. Online in there right now that you need to chase down and hoping to clear those up with the next few days, but happy to get any kind of feedback there and even if it's, you know, This doesn't work so well or Hey, this looks great. At least have.\n\nDaniel Walsh: Like, click on Get started, actually.\n\nDaniel Walsh: Like I wait. Where's the one that title spell how to download because it's going to show. Is that this one?\n\nAshley Cui: so we don't it's just on the front page, we have a little download drop down, I actually Was working on. Hold on. Let me see.\n\nAshley Cui: Let's see.\n\nDaniel Walsh: Because one of the things we we have done is sort of. There's obviously there's podman desktop and then pod man. Main. And and this website is somewhat of a combination of the two.\n\n00:25:00\n\nAshley Cui: Yep.\n\nDaniel Walsh: Because I think general users are just going to look, how do I get Pod, Man on my Mac or How do I get Bod, Man on my Windows box?\n\nDaniel Walsh: For some like Pod man. I think the Linux, she's community is a little more savvy about how you probably gonna get a package on the addition. So, we wanted to make, you know, obvious places, they go to his apartment.io and Um, make it easy for you to find.\n\nAshley Cui: Actually worked on this this morning which is now there's a CLI option so you can download desktop and you can also get the CLI. And so it's kind of a combination, you know, if it tries to point you into the desktop direction, if you want the desktop stuff and then it also gives you option of looking for CLI stuff. Yeah.\n\nDaniel Walsh: And so if you were on a Mac, you would see one that says Downloaded for a Mac I would hope.\n\nAshley Cui: Yeah, so automatically detects what OS you're on, which is pretty cool.\n\nAnders F Bj\xf6rklund: Do you want to promote the podman engine name instead of Podma CLI, which could also relate to podman remote?\n\nAshley Cui: um, sure. I think it might be confusing for people who don't know the difference between podman engine and podman desktop I think CLI. Kind of makes it obvious that this is a CLI tool, but\n\nAnders F Bj\xf6rklund: But but what so, so the primary option is downloading Padman desktop. And then quadman CLI.\n\nAshley Cui: mm-hmm.\n\nAnders F Bj\xf6rklund: Would that be the podman remote for that desktop? Or would it be the one that includes the actual running up containers? Like the full partner?\n\nAshley Cui: I think. It's just podman itself for I guess for Linux.\n\nAnders F Bj\xf6rklund: So, Yeah.\n\nAshley Cui: It is the engine but for Mac and Windows, it would just be a CLI so I guess technically it is. I think we can like change this saying like installed engine using a package manager or something like that, but If that makes it more clear.\n\nAnders F Bj\xf6rklund: Tabs. I was just wondering if yeah, I was just wondering if the Like now Portman desktop has gotten all the\n\nAnders F Bj\xf6rklund: Advertisements, if you want to call it that or my life. So something similar happened to Docker. So I mean, it's only natural. They, they have some kind of product entry for. So, we have a product entry for the Docker desktop, and you have a product entry for the docker engine, which Dumps. You straight into the Linux distributions and how to install on your server type of thing.\n\nAnders F Bj\xf6rklund: something similar could be done for pod money if you want to separate the ones while having like the podmon desk focus here and then you could have like a separate Section for how you install podman on, on your Linux machine and how you run podman, not remotely. But have ironic locally. I mean like the old site if you want to call it back, how are you?\n\nAshley Cui: Yeah. I think we could put more documentation on this stuff.\n\nAshley Cui: And clarify it. Yeah.\n\nDaniel Walsh: Yeah, it's funny. I'm not crazy about the name engine because I don't think I don't think that's a No,\u2026\n\nAnders F Bj\xf6rklund: No, no.\n\nDaniel Walsh: no. You normal user term so It's Eli.\n\nAnders F Bj\xf6rklund: It's you know, now the whole desktop is just\n\nDaniel Walsh: Is I I would prefer to say probably five minutes for Linux, but we're we're starting to blank shed at this point.\n\nAnders F Bj\xf6rklund: Yeah. Okay.\n\nDaniel Walsh: So, yeah, he's least here Icon makes it a little bit clearer\u2026\n\nAnders F Bj\xf6rklund: So, I No,\u2026\n\nDaniel Walsh: but yeah.\n\nAnders F Bj\xf6rklund: no, those are definitely someone else's words and terms. So they are just,\u2026\n\nDaniel Walsh: Yeah.\n\nAnders F Bj\xf6rklund: they are just there to make the transition easier for people if you would start out. From scratch, we will not call it.\n\nDaniel Walsh: yeah, I use I use engine all the time but I'm not sure that you know,\u2026\n\nAnders F Bj\xf6rklund: I think that even the programs this Indian I\u2026\n\nDaniel Walsh: Joe engine is and yeah,\n\nAnders F Bj\xf6rklund: if you're on Portman version, it will tell you. It's and I think so.\n\nDaniel Walsh: Okay.\n\nDaniel Walsh: That's good.\n\nTom Sweeney: Right. Yeah it does look good. Actually thank you for doing well with that. Given how much time you have to prepare?\n\nDaniel Walsh: And if anybody from community wants to contribute, we'd love to have contributions. You don't have to be. Engineer to contribute to that website.\n\nTom Sweeney: Yes.\n\nDaniel Walsh: So this this is actually Just an idea. We haven't done much work on it yet, but\n\nDaniel Walsh: People have been asking us for examples of how to use. Different tools and darker has this thing called awesome compose. And a lot of people go to awesome compose to get darker composed examples so they can sort of take and then hack on. So, a few people have been paying us about. Could we have some kind of Site like that. And I think the obvious thing for\n\n00:30:00\n\nDaniel Walsh: For us to work on would be to first grade aside and then allow people to start to contribute, say either Kubernetes Yaml files or quadlets that people might want to experiment with. So the idea was to set up, get up containers slash App Store. And then steps to sub directories underneath it, where people could start opening up. Poor request to get their favorite. you know, variant on\n\nDaniel Walsh: You know, how they want to run their WordPress inside of a quadlet, or how they would run, you know? Base Inside of Kubernetes. Now what we want to have, if we start to build out this, we probably need to have some kind of cicd system where we would continuously test. All the quadlets and Yaml files that are available against, you know, a versions of Pod man, to make sure that they continue working and then If stuff becomes stale and old, then we have to get rid of it. I think the fair with something like this is, is one stuff gets old and crusty and I also worry about, if we had image that people are putting versions of images into their examples,\n\nDaniel Walsh: People start to pull down images that the two or three years out of date. And how do we do? So It's I think we've talked about this internally. Chris is pointed out that I think renovate can actually help us out a little bit with that secondary problem and that it could go through a win actually update. Of images or open, a pull request to update version of images. So,\n\nDaniel Walsh: I just opening up to have. Anybody have any ideas or thoughts on this?\n\nBrent Baude: I do. I spoke to someone that Mark Russell. Had. been speaking with, I think they actually know each other from canonical. And the gentleman's name is George.\n\nBrent Baude: I think it's George Castro. And George has been proposing to Mark that this exact concept. Minus quadlet. Needed to get done and was looking for a home. to put all of us, he evidently has oodles of the stuff already done. And I spoke with them about an hour and 15 minutes basically. He just, He wants to do what we've we're meeting and wants a spot. Put it. That somewhat associated with containers.\n\nBrent Baude: He was going to reach out the Tom to actually get on the schedule for today, but He must not have been able to, in the short order.\n\nBrent Baude: But I think the next thing it is just having come talk. About what his ideas and\u2026\n\nDaniel Walsh: See.\n\nBrent Baude: What? He's got already.\n\nBrent Baude: And he he's looking for us just like simple.\n\nBrent Baude: It there's some stuff he hasn't figured out like you know, container wise and there's some stuff that, you know, could go this way, could go that way. He's just looking for Tyree. And advice.\n\nDaniel Walsh: Yeah.\n\nDaniel Walsh: Then we can get chat GPT to just start generating these things for us.\n\nBrent Baude: well, I think the problem that this team has Is we are?\n\nBrent Baude: Container cools. Development. And that's fundamentally different than container service or container. Creation.\n\nDaniel Walsh: Right.\n\nBrent Baude: And We probably all have our little pet projects. I'm guessing none of us are my sequel. Experts or, you know, we can get nginx running but just enough to serve a file. so,\n\nDaniel Walsh: I can get in a patchy Web server up and curl to it, and that's about it.\n\nDaniel Walsh: And basically none of us are real good systems. Yeah, at least that's not I call function.\n\n00:35:00\n\nBrent Baude: Right. So again, at my vote, I'd like to the deeper dive with George and You know, spin them off and get gone.\n\nDaniel Walsh: Yeah.\n\nDaniel Walsh: I think.\n\nBrent Baude: And it sounds like yes,\u2026\n\nBrent Baude: time bit to this.\n\nDaniel Walsh: Yeah. It'd be nice\u2026\n\nDaniel Walsh: if someone went through all of awesome, awesome compose and Wrote equivalent applications and Kubernetes YAML files. And That could run with part men. I'm trying to make sure that they don't become a General Kubernetes Yaml drop site because it might be lots. And lots of stuff that podman can't handle. That's why I like the idea of Verifying that the applications would actually ride with, but man.\n\nBrent Baude: indeed and I I know fair amount of those Apps, if you will, that are in awesome and some of them don't do anything. That just like Hello World type stuff.\n\nDaniel Walsh: Right.\n\nBrent Baude: so I think ideally what you're looking for is Put your gunk in this volume and then make sure it gets mounted.\n\nDaniel Walsh: Right.\n\nChristopher Evich: I'm guessing. That probably. Writing tests for these things. It's going to be equal to if not harder than developing them in the first place. Especially the,\u2026\n\nDaniel Walsh: Yeah.\n\nChristopher Evich: what the, what that stuff. I mean if it's simple things like curling from URL, using my SQL client to connect to A I see how container with that. Kind of stuff can probably do, but I think more complex. Can get challenging.\n\nDaniel Walsh: Yeah. but I I just start a service and then a five minute inspected to make sure that you know, the the stuff that you thought was gonna be creative, got created, then\n\nChristopher Evich: Yeah.\n\nDaniel Walsh: again, when I'm hoping, is that, if we start getting these things and images start disappearing that week and easily clean out, Applications as sort of disappear from the base of the planet, right? People's priorities change and they're not going to necessarily maintain their own. Applications that get donated to the site.\n\nBrent Baude: There's there's also this question of You know, do you tag it? Like let's say you're gonna do You know, my sequel or something? Do you\n\nBrent Baude: You know. But there's a fair amount of variety that could occur whether you depend on. Building the image. My sequel image, Do you start at like the winter level and then all the way up? Or do you grab them and use my sequel? And then how does the the versioning work because if you if you go latest, then your subject to failures in which something inside the image changes, which, which puts ed into orbit,\n\nBrent Baude: Or you say tag it to a particular version and and now you know, you have to go update that at some point.\n\nDaniel Walsh: Yeah, I mean that's what also something we have to worry about with the Cicd system. Again we're all channeling it here because in those there's nothing more unstable than container registries as far as Cicd systems. So, You know, if if 75% of the time that Test suite. Blows up because it couldn't pull down and some random image and You know, we're never gonna get it successful Testro.\n\nBrent Baude: the other little, Treat here would be that also if I was a consumer of that. Stuff. I don't think I'd want something pointing to latest either.\n\nDaniel Walsh: Right.\n\nBrent Baude: but I would like to be notified when You know, a new image comes up. In case it was security.\n\nChristopher Evich: Renovate can run away. Runaway can handle that pretty elegantly. There's You can set up regular expressions. That can extract version numbers. And it'll And then basically give it a source of where those versions come from and it'll open up yours when it finds a new one. There's also a way you can do kind of a more generic thing. That's probably more user friendly. where you set up a regular expression that searches for a comment, a special comment that says You know, get the versions from the source, use this type of versioning and the other options like that. That's probably easier. Then it's just adding this stuff is just you know, somebody putting a comment into their Code. And Renovator pick it up automatically.\n\n00:40:00\n\nDaniel Walsh: So, it seems like I think I've already created the the website. Containers. App Store. Just make sure it's\n\nDaniel Walsh: It's nice and blank right now. Has a license in a one-line. Text.\n\nDaniel Walsh: I do that a week ago and then forgot about it.\n\nTom Sweeney: Can you add a link to the chat?\n\nDaniel Walsh: I will.\n\nDaniel Walsh: My goal was to create two subdirectories underneath. It one called Kubernetes and one called What?\n\nDaniel Walsh: Github will not let you create empty directories and then check them in. You have to put content in the directories and I didn't have any content and then, Some of the sparkly light went off. And I went chasing after. Whatever. That was so.\n\nTom Sweeney: Know, did you just drop a green beans? Each Just a real quick, read me.\n\nDaniel Walsh: Could I drop could I drop one?\n\nChristopher Evich: It put a dot and put a dot MP file in.\n\nTom Sweeney: Yeah. And in the directors you want to create just put a little readme at the top.\n\nDaniel Walsh: Law. Okay, that would have been nice. But now that I have this site up You can open up a pull request to do that.\n\nDaniel Walsh: Want to become Sawyer. I want you to paint my wall. White wash my fence.\n\nDaniel Walsh: I guess we can open up the general discussion at this point.\n\nTom Sweeney: There's any questions topics that anybody has?\n\nLance Lovette: I've got one.\n\nLance Lovette: so, I've been curious that the past through log driver, It's not really clear to me when I should or would want to use that as opposed to Journal D. or if Pod Man selects a default based on where it's running,\n\nLance Lovette: At the moment, I specified Journal. D explicitly and I'm wondering if As I went down this rabbit hole where Kanman takes standard by default, well, it takes standard air and marks it red in the logs and python logs, right? Everything to standard air. So everything that Python writes shows up. In red said, I went down this rabbit hole, figure that out, and then I change this law and I figured out the issue but I was like maybe I should be using pass through instead of journal D. So anybody have any Direction or guidelines on how to decide one or the other.\n\nDaniel Walsh: I take. I take the goal of pass through is that if you're running it underneath this as a systemd service, and pass through will allow you when you do a pod man system d status, you'll be able to see it right in the Be a system D, right? And then if you run journal, you'd have to use Pod, Man command or a journal to, you wouldn't see it as part of the outputs, the unit file. I believe it's what the difference is.\n\nLance Lovette: Well, you, I believe you do. I mean well, Because I'm doing Journal D, now. And that everything, you know, journal controlled at Jeff shows everything, it all gets tagged with the with the proper.\n\nDaniel Walsh: But are you doing it on the unit file or\u2026\n\nLance Lovette: Variables.\n\nDaniel Walsh: you're doing it of the container level?\n\nLance Lovette: Well, I both I run it in the like when I run it standalone, it's I use log driver. And then when you do make system D, it captures that.\n\nDaniel Walsh: But doesn't do it.\n\nLance Lovette: So so my container. Yeah.\n\nDaniel Walsh: Does it switch to pass through at that point?\n\nLance Lovette: No, I mean not. I'm Yeah,\u2026\n\nDaniel Walsh: It's the journal? Yeah. Yeah.\n\nLance Lovette: so across the board I especially specify Log Driver Journal, D, You know, does pod men do something under the covers like Oh hey, I'm a system D service. So let's use pass through. I can't say\n\nDaniel Walsh: No. No, it does it, I don't believe it does. Matt, The original version of Quadlet was attempting to do that. I believe and I think that's all been revoked, but\n\nLance Lovette: Because I don't know what Journal D. Or what system D. Does with outputs, like I have a dove into it enough to live like are they somewhat equivalent? Like if you're if you're using all generally driver, it's still sticking in the journal and if you do it through system D, it just attaches. Standard out to the journal, like I haven't really dug into that. So it may be equivalent. when it's running under system D, then it may be a, you\u2026\n\n00:45:00\n\nDaniel Walsh: Then. But that wouldn't make that would not make sense of that passed through.\n\nLance Lovette: one of the other\n\nDaniel Walsh: That I thought pass through just meant right to stand it out standard error and all inside a unifile. But I might be mistaken. Matt, do you know?\n\nMatt Heon: That is definitely the intention pass through is basically it will have CON monologue directly to standard out standard error and since Systemd is monitoring commodity will print it directly to the journal? The intention Giuseppe is the one who added it. So I don't want to speak for necessarily because I'm not a hundred percent of why it's there, but I believe the attention was better integration into what they call it better integration with podme and inside a System D unit in certain circumstances but I'm not completely aware of what those circumstances are. There's also happened in a much earlier time at the life of the journal log driver At that point we were not well integrated with basically the journal log driver was not logging to the same.\n\nMatt Heon: You get logs, but they wouldn't show up as the associated with the unit in question, I think that has been fixed since. So it might be that some of the reasons we're using it to have gone away, I will say it, certainly simpler than the Journalty log driver and probably a lot more performance.\n\nDaniel Walsh: Yeah, I think that one of the problems would pass through is that if you do a pod, man logs then you don't see it anymore, right?\n\nLance Lovette: All right, well, maybe I'll play around with it and\n\nDaniel Walsh: But the most most likely Lance what I would say is, if you like it, what? Journal D. I would stick with General Day and not just pass through because when that Would my only thing is is if I do a status of the unit file or journal control dash u of the unit file. Do I see the the data that's coming out of the container? You know,\u2026\n\nLance Lovette: Right, right? Because now I'm trying to think.\n\nDaniel Walsh: then I would if that works with journal journal, then that's, that, probably all you really care about. So, I would just\u2026\n\nLance Lovette: Right. Yeah,\u2026\n\nDaniel Walsh: because then part\n\nLance Lovette: because I guess I guess there's some interaction with Kanmon there. Yeah, I'm not sure\u2026\n\nDaniel Walsh: Yeah.\n\nLance Lovette: who exactly is tagging. Entries with all the variables that toddman attaches.\n\nDaniel Walsh: Could you basically when you run Pod, man as a When you run pod man inside of System, D unit file and podman goes away. What system D is watching is konmon\n\nDaniel Walsh: if cotton on outputs any standard out, a standard error, that's sort of what a traditional service would do. Instead of a system to unit, follow if Con Mohan is writing directly to the journal, Then, I'm not sure if you see that, you see the same behavior, as if it was right into, stand it out and standard error. That, that would be my question.\n\nLance Lovette: Right. Yeah, it's interesting. Yeah, I mean yeah, like I said, me at the moment I get I kind of got once I fixed the Python syslog thing. It's working the way I like it to. So All right,\u2026\n\nDaniel Walsh: Yeah. We're all about flexibility here, but\n\nLance Lovette: good. yeah, all those play with it and it probably is like I said journal D's been around a while so probably some of it's been Alleviated in the last couple of years. Thanks.\n\nDaniel Walsh: yeah.\n\nTom Sweeney: Okay, any other questions or discussions? And close to the end of the meeting.\n\nTom Sweeney: I'm not hearing anything, so I'm just going to give a quick reminder for our next meetings. Our next community meeting is on Tuesday, June 6th. So that's just around the corner a couple weeks from now right after holiday in the US and then our cabal meeting will be on June 15th. And both of those meetings will be at 11, a clock. June 15th is Thursday in the Community Institute Tuesday. And so, for puzzle topic, we already have two lined up. One is the IPSS integration that Anders was talking about earlier. And then also, some more talks about the App Store. If anybody has any other topics, please let me know. These are through the hacking, these scripts, we're hacking deep site or by saying me an email, so any other questions or comments before I turn off the recording here?\n\nTom Sweeney: Right, well then, thank you for coming today and turn off the recording.\n\nTom Sweeney: and it is stopped anything you want to say before without being recorded,\n\n00:50:00\n\nTom Sweeney: Silent group about. Let's go to lunch dinner. Enjoy the rest of my holiday. If you're in Europe. Right. All thanks.\n")))}Oo.isMDXComponent=!0;const Jo={},Fo="Podman Community Meeting Notes",Go=[{value:"June 6, 2023 11:00 a.m. Eastern (UTC-5)",id:"june-6-2023-1100-am-eastern-utc-5",level:2},{value:"Attendees ( 40 total)",id:"attendees--40-total",level:3},{value:"Topics",id:"topics",level:3},{value:"Meeting Start: 11:04 a.m. EDT",id:"meeting-start-1104-am-edt",level:2},{value:"Video Recording",id:"video-recording",level:3},{value:"ChRIS project running in Podman via Podman desktop",id:"chris-project-running-in-podman-via-podman-desktop",level:2},{value:"Jennings Zhang and Rudolph Pienaar",id:"jennings-zhang-and-rudolph-pienaar",level:3},{value:"(1:20 in the video)",id:"120-in-the-video",level:4},{value:"Podman Desktop v1.0 Update",id:"podman-desktop-v10-update",level:2},{value:"Stevan LeMeur",id:"stevan-lemeur",level:3},{value:"(30:25 in the video)",id:"3025-in-the-video",level:4},{value:"Podmansh Demo",id:"podmansh-demo",level:2},{value:"Lokesh Mandvekar",id:"lokesh-mandvekar",level:3},{value:"(41:29 in the video)",id:"4129-in-the-video",level:4},{value:"Podman v4.6 Demo",id:"podman-v46-demo",level:2},{value:"Matt Heon",id:"matt-heon",level:3},{value:"(44:47 in the video)",id:"4447-in-the-video",level:4},{value:"Open Forum/Questions?",id:"open-forumquestions",level:2},{value:"(50:06 in the video)",id:"5006-in-the-video",level:4},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday, August 1, 2023, 11:00 a.m. Eastern (UTC-4)",id:"next-meeting-tuesday-august-1-2023-1100-am-eastern-utc-4",level:2},{value:"Next Cabal Meeting: Thursday, June 15, 2023, 11:00 a.m. Eastern (UTC-4)",id:"next-cabal-meeting-thursday-june-15-2023-1100-am-eastern-utc-4",level:2},{value:"Meeting End: 11:59 a.m. Eastern (UTC-4)",id:"meeting-end-1159-am-eastern-utc-4",level:3},{value:"Google Meet Chat copy/paste:",id:"google-meet-chat-copypaste",level:2},{value:"Raw Google Meet Transcription",id:"raw-google-meet-transcription",level:2}],Yo={toc:Go},Uo="wrapper";function qo(e){let{components:t,...n}=e;return(0,ce.kt)(Uo,(0,Q.Z)({},Yo,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting-notes"},"Podman Community Meeting Notes"),(0,ce.kt)("h2",{id:"june-6-2023-1100-am-eastern-utc-5"},"June 6, 2023 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"attendees--40-total"},"Attendees ( 40 total)"),(0,ce.kt)("p",null,"Aditya Rajan, Ashley Cui, Banu Ahtam, Brent Baude, Chetan Giradkar, Christopher Evich, Ed Haynes, Ed Santiago Munoz, Gerry Seidman, gideon pinto, Hyuk Jin Yun, Jake Correnti, Jean-Francois Maury, Jennings, Jennings's Presentation, Lance Lovette, Leon Nunes, listener, Lokesh Mandvekar, Lokesh Mandvekar's Presentation, M\xe1ir\xedn Duffy, Mark Russell, Martin Jackson, Matt Heon, Miloslav Trmac, Mohan Boddu, Nalin Dahyabhai, Navaneeth krishna, Nezih Nieto Gutierrez, Paul Holzinger, Preethi Thomas, Rudolph Pienaar, sandip samal, Shion Tanaka (\u7530\u4e2d \u53f8\u6069), Stevan Le Meur, Stevan Le Meur's Presentation, Sungmin You, tasmiah chowdhury, Tim deBoer, Tim Rudenko, Tom Sweeney, Tom Sweeney's Presentation, Urvashi Mohnani"),(0,ce.kt)("h3",{id:"topics"},"Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"ChRIS project running in Podman via Podman desktop - Jennings Zhang and Rudolph Pienaar"),(0,ce.kt)("li",{parentName:"ol"},"Podman Desktop v1.0 Update - Stevan LeMeur"),(0,ce.kt)("li",{parentName:"ol"},"Podmansh Demo - Lokesh Mandvekar"),(0,ce.kt)("li",{parentName:"ol"},"Podman v4.5 Demo/Talk - Matt Heon")),(0,ce.kt)("h2",{id:"meeting-start-1104-am-edt"},"Meeting Start: 11:04 a.m. EDT"),(0,ce.kt)("h3",{id:"video-recording"},"Video ",(0,ce.kt)("a",{parentName:"h3",href:"https://www.youtube.com/watch?v=65pE8RhCK5w&t=116s"},"Recording")),(0,ce.kt)("h2",{id:"chris-project-running-in-podman-via-podman-desktop"},"ChRIS project running in Podman via Podman desktop"),(0,ce.kt)("h3",{id:"jennings-zhang-and-rudolph-pienaar"},"Jennings Zhang and Rudolph Pienaar"),(0,ce.kt)("h4",{id:"120-in-the-video"},"(1:20 in the video)"),(0,ce.kt)("p",null,"Demo (1:35 in the video)\nShowed a picture of a fetus in a Woman's uterus. Using a lot of niche software to put the project together. It uses a Hybrid Cloud Architecture. Jennings has been using Podman Desktop for working on the project. He's a project that has yaml files that can be used by POdman Desktop. When he uses a Kubernetes manifest, he uses a script to concatenate all of his yaml's into one, and replaces key values within the concatted Yaml, replacing the Podman socket with the value from Podman info. Then the Yaml is fed into Podman Desktop."),(0,ce.kt)("p",null,"It does take a minute or two to start due to init time, mostly database related."),(0,ce.kt)("p",null,"It creates a number of pods, including the ChRIS pod and a ChRIS UI. It also runs ChRISmatic to do a number of setup items. He showed the Pods in the Podman Desktop and then opened up the ChRIS UI."),(0,ce.kt)("p",null,"Within the UI he dispatches containers to Podman, and it goes ahead and runs it for him."),(0,ce.kt)("p",null,"The UI interface allows him to build a string to be sent to the Podman socket."),(0,ce.kt)("p",null,"The entire ChRIS system runs on Podman Desktop."),(0,ce.kt)("p",null,"Brent asked what Podman can do better for ChRIS. So he wants to make sure that containers can be locked down. He'd also like to be able to look into the CLI at the container level from Podman Desktop."),(0,ce.kt)("p",null,"A Yaml file is crafted to use as a file to run the project. That's key to them. The other thing of interest is how to deploy models of AI. There's a gulf between the Data Scientist and the Developer. They are working to shrink that gulf, and Podman is helping with that."),(0,ce.kt)("p",null,"Stevan liked seeing how Desktop is being used by the project."),(0,ce.kt)("p",null,"Jennings rolled back to an earlier version of ChRIS and showed how the Podman interface was used to run it."),(0,ce.kt)("p",null,"The old bash scripts were up to 4 or 5K lines long. The YAML pipelines to do a fetal brain study uses declarative Yaml which is easier to comprehend by both Data Scientist and the Developer."),(0,ce.kt)("p",null,"ChRIS uses OpenShift for its computing, but unfortunately, their server was down for maintenance."),(0,ce.kt)("p",null,"They went from Docker Compose to this setup. Docker Compose was easier due to it being insecure, so great for development. Changing to Podman, they had to deal with the socket rather than the daemon. There were also some initial problems with rootless."),(0,ce.kt)("p",null,"Also, the Kube commands didn't respawn as Kubernetes did, so he has to manually restart."),(0,ce.kt)("h2",{id:"podman-desktop-v10-update"},"Podman Desktop v1.0 Update"),(0,ce.kt)("h3",{id:"stevan-lemeur"},"Stevan LeMeur"),(0,ce.kt)("h4",{id:"3025-in-the-video"},"(30:25 in the video)"),(0,ce.kt)("p",null,"The last demo Stevan thought was a great use of Podman Desktop."),(0,ce.kt)("p",null,"Showed pod view and volume views. Took a container, ran it inside of a pod after creating the pod, then ran it locally with Podman. He was then able to create a new kind cluster, and pushed an image from there into the cluster. He then deployed the pod into the kind cluster."),(0,ce.kt)("p",null,"A new set of extensions have been added to v1.0, adding compatibility with Docker, Lima, Openshift Local, and Kind. You can also make use of Microshift."),(0,ce.kt)("p",null,"Podman Desktop is available and free now. You can get it from ",(0,ce.kt)("a",{parentName:"p",href:"https://podman.io"},"https://podman.io")," and ",(0,ce.kt)("a",{parentName:"p",href:"https://podman-desktop.io."},"https://podman-desktop.io.")," You can create issues and contribute on GitHub."),(0,ce.kt)("p",null,"Lots of positive feedback at Summit on Podman Desktop."),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://developers.redhat.com/articles/2023/05/23/podman-desktop-now-generally-available#why_use_podman_desktop"},"https://developers.redhat.com/articles/2023/05/23/podman-desktop-now-generally-available#why_use_podman_desktop"),"_"),(0,ce.kt)("h2",{id:"podmansh-demo"},"Podmansh Demo"),(0,ce.kt)("h3",{id:"lokesh-mandvekar"},"Lokesh Mandvekar"),(0,ce.kt)("h4",{id:"4129-in-the-video"},"(41:29 in the video)"),(0,ce.kt)("p",null,"podmanssh - used in conjunction with quadlet. He showed out to ssh into a demo user on a Fedora machine, and it brought him into RHEL. Open PR: ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/pull/18739"},"https://github.com/containers/podman/pull/18739")),(0,ce.kt)("h2",{id:"podman-v46-demo"},"Podman v4.6 Demo"),(0,ce.kt)("h3",{id:"matt-heon"},"Matt Heon"),(0,ce.kt)("h4",{id:"4447-in-the-video"},"(44:47 in the video)"),(0,ce.kt)("p",null,"4.6 and maybe 4.7 out this summer."),(0,ce.kt)("p",null,"4.6\nbug fixes, podman machine and qudalet updates. Sqlite as backend."),(0,ce.kt)("p",null,"Working on final pieces with Netavark,. For machine two new hypervisors in flight, hyperv in Wiendos, and native mac. Both a WIP at this time, but progress nicely. Needs to get into Fedora CoreOS. A lot of that code will potentially be in v4.6. IOfs working on Apple, relatively speedily."),(0,ce.kt)("p",null,"Working our documenting plans"),(0,ce.kt)("p",null,"Brent will be looking for testers, but it's not quite ready at the moment due to ignition work that's ongoing and also socket mapping which hasn't been completed."),(0,ce.kt)("h2",{id:"open-forumquestions"},"Open Forum/Questions?"),(0,ce.kt)("h4",{id:"5006-in-the-video"},"(50:06 in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Experimental storage getting moved forward how to make it happen. Brent needs to look into this further. Gerry said it's deployed and works, he thinks s some documentation needs to be added.")),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Quadlet Demo - Dan Walsh")),(0,ce.kt)("h2",{id:"next-meeting-tuesday-august-1-2023-1100-am-eastern-utc-4"},"Next Meeting: Tuesday, August 1, 2023, 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"next-cabal-meeting-thursday-june-15-2023-1100-am-eastern-utc-4"},"Next Cabal Meeting: Thursday, June 15, 2023, 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"meeting-end-1159-am-eastern-utc-4"},"Meeting End: 11:59 a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"google-meet-chat-copypaste"},"Google Meet Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"You11:05\u202fAM\nhttps://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nJean-Francois Maury11:16\u202fAM\nThat is awesome\nTim deBoer11:16\u202fAM\n+1\nStevan Le Meur11:26\u202fAM\nSuper cool!\nMark Russell11:26\u202fAM\ntook the words out of my mouth, Stevan!\nLokesh Mandvekar11:27\u202fAM\nquadlet demo might not happen today\ndan's not on the call\nStevan Le Meur11:28\u202fAM\nHave you tried OpenShift Local extension available with Podman Desktop?\nYou11:30\u202fAM\nYeah, no quadlet, Dan sent me a note just after we started.\nBrent Baude11:32\u202fAM\n@urvhashi, can you comment here?\nUrvashi Mohnani11:34\u202fAM\n@brent I stepped away for a min and missed this\nYou11:42\u202fAM\nLokesh, how long will your demo/talk be about?\nLokesh Mandvekar11:42\u202fAM\nmaybe 5 mins\nStevan Le Meur11:43\u202fAM\nhttps://developers.redhat.com/articles/2023/05/23/podman-desktop-now-generally-available#why_use_podman_desktop_\nMark Russell11:44\u202fAM\nawesome update\nBrent Baude11:48\u202fAM\nwe need to do 2\nStevan Le Meur11:54\u202fAM\nTOON of things happening in Podman community right now!!!\nMark Russell11:54\u202fAM\n+1\nPreethi Thomas11:55\u202fAM\n+1\nM\xe1ir\xedn Duffy11:55\u202fAM\n+999\nPreethi Thomas11:55\u202fAM\nlol\nStevan Le Meur11:55\u202fAM\nGet podman up and adopt a seal !!\nM\xe1ir\xedn Duffy11:58\u202fAM\nthanks Jennings and Rudolph for coming :) great preso!!!\nPreethi Thomas11:58\u202fAM\nGrreat stuff\nShion Tanaka (\u7530\u4e2d \u53f8\u6069)11:59\u202fAM\nthanks\nieq-pxhy-jbh\n")),(0,ce.kt)("h2",{id:"raw-google-meet-transcription"},"Raw Google Meet Transcription"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Tom Sweeney: The spinning cycles and It Looks Like It stopped. So I will welcome everybody. Today to the Podman Community Meeting Today. Thursday June 6th 2023.\nStevan Le Meur: Krishna.\nTom Sweeney: We have a large list of things to go through today. First thing that we're going to be looking at, is the Chris Project learning and podman via podman desktop from Jennings, Zinc, and Rudolph. Can you Allen? I hope I didn't butcher either of your names there for that one. Matt in, we'll be talking about the problem and 4.5, And then Dan Walsh if he's here, I'm not sure, there's kind of some question about whether or not to be able to make it today, we'll be doing a quadlet demo.\nTom Sweeney: And then the plug-in desktop, 1.0 update will be given my stuff on them here and then a portman sh demo will be given by Lokesh at the end. So we've got a pre-fold day, we will have time for questions if you have some and with all that I think I'm going to just all mine folks that we have a hack MD script, which I'll put a link to in the chat. If you I will be taking notes there. If you see that, I done something badly in the notes, please feel free to Ed and presenters. If you have links or such that you want to make sure that we have, the notes that will be posted later on the website. Please go ahead and add those to the hack. Empty. Yes we go on. So I'm going to stop presenting now and head it over to Jennings. It's gonna be talking about the curse projects.\nJennings: All right. Hi everyone.\nJennings: Alright, so my name is Jennings and I'm supervised by my Pi Rudolph Pienaar together. We're working on the Chris project at the Boston Children's Hospital. And our lab does a lot of research on fetal imaging and also newborn imaging where we use MRI to study very young patients. And so what you see on screen here is an example of what a fetus MRI looks like, while it's still in the pregnant mother seers. To do this kind of research. We need a lot of niche open source software because it's a very specialized division of medicine. And so,\nJennings: What we're working on the Chris project is helping to orchestrate the digital cyber infrastructure to actually be able to run these open source pipelines just to give a brief example of what one of these pipelines may be. We have a fetal MRI processing pipeline, which is going to take all of these multiple in Europe, images of varying quality. It's going to try to use some image processing. Algorithms such as masking and quality assessment to, finally be able to reconstruct these multiple in utero images into one high quality. Cropped volume. And what we can do, with these processed data, is we can try to quantify metrics of the brain. While it's developing in utero and this is what a fetal brain looks like. While it's still developing at 25 weeks of gestational age through 32, justational weeks of age,\nJennings: Using these open source tools. We are able to measure the growth of specific parts of the brain as well. And look at the trends as the pregnancy continues. And so the infrastructure that we have at the Boston Children's Hospital is, of course, we have these scanners. We also have open. Sorry. Not we have Some high performance computing centers. And we also have the office space where our researchers sit and what the crisp project does is it connects all of these things together. Uh, researchers can be at their desks looking at the Chris user interface, and they're able to dispatch computational jobs to both our internal high performance computing center. And we're also able to ship jobs out to our public clouds as well with the hybrid cloud architecture.\nJennings: And so that's a quick demo of or sorry. A quick introduction on what the Chris project is, something that I've been working on recently, is being able to run Chris on podman and especially using podman Desktop So, I'll jump it up.\nJennings: We have a github repository called Minicrisk Eights. And inside of here, we have several Kubernetes manifests aka Yamls and I also have a wrapper script called Minicris.sh. And what this wrapper script is going to do is it's going to bring together these animal files into something that can be consumed by podman desktop. Let's open up carbon and desktop.\nJennings: Alright, here it is. I don't have many containers running, I'm just going to delete the sky.\n00:05:00\nJennings: all right, when you want to run a Kubernetes, Manifest using Podman Desktop It Assets, a single Kubernetes file. I have my Kubernetes manifests organized as multiple Yaml files here. So this wrapper script called Mini Christ.sh is going to do two things. It's just going to simply concatenate all of my Yamls together, and it's also going to perform a said command to just replace some of the values. One key value that it needs to replace. We can take a quick look at it.\nJennings: Yeah, so the function that I'm going to run is going to call be called minicrescat All it's doing is it's going to be concatenating. All of my yaml files and then it's going to be performing a set operation on to these variables. And that's just going to replace the hard-coded podman socket address with what's actually going to be running on my system, obtained from the podman Info command. Let's try that.\nJennings: And it's just going to spit the yellow out to my standard out and I'll type it into a file. And now this file called Chris All-in-one by EML can be loaded into Podman Desktop.\nJennings: As it says here with podman desktop. This Play Queue. Command can take a few minutes to complete. And the reason why is because podman behind the scenes is going to be starting the defined services and deployment sequentially. It's also going to try running in its containers which does things like database initialization and that's going to take a little while Another functionality of my monolithic script over here. Is that it can monitor podmin for init containers. So\nJennings: that finished faster than I expected it to. I was going to say that we can look at what the unit containers are doing, but it seems like everything's up already, so let's just keep going. Yeah. So we can see we have a bunch of pods here we have. What's known as the Cube Pod? And that's our Chris backend. We have PF Khan, which is another Chris service that handles the compute that might be dispatched by Chris. We have the Chris UI which we'll take a look at later. That's our user interface. before we can take a look at Chris, I have a script called Prismatic Prismatic, which I can also run using podman, is going to initialize the Crist system with some information and that's going to create some users for testing purposes, and it's also going to\nJennings: Add some programs or what we call, Christopher's plugins to the crisp system. And you can see that this mini Crits.sh chrismatic subcommand is just a podman run alias and it's going to run a new container as part of the cubed pod.\nJennings: It's just going to run the charismatic command within the charismatic container. What that does is it reads a file called Prismatic.yaml to put a bunch of data into our Chris backend. And so what it's done here is it's created a super user called Chris and that's going to be a user that will log in as in a quick moment and it has registered a few simple programs for us to try running. To access the user interface. We can see that it's running over here on podman desktop. These logs say that it's running on port 3000 though. The port 3000 is mapped onto the host Port 8020, I believe yeah.\nJennings: So, let's take a look.\nJennings: This is the Chris user interface and from here, what we're able to do is you can click Login.\nJennings: And yeah. Great new analysis.\nJennings: In Chris, we have computational experiments organized as separate analyzes. And what I'm doing here is I'm going to create a new analysis with some uploaded data.\n00:10:00\nJennings: And now it's happening, is once I've uploaded the data into the Chris system, we can see it running in this Kris UI and I can choose to run more plugins here. When I choose to run a plugin such as this one of Click Add node, it's going to dispatch a container to podman and podman is going to run it. So if I'm lucky if I type Admin PS then it'll show the container running. I have to be kind of fast.\nJennings: I guess I lied about being the fast part.\nJennings: It always breaks during demos. I have no idea why this guy ran but this guy doesn't I'll just try it again.\nTom Sweeney: The demographic, strong.\nJennings: I'll just\nJennings: What was that? Yeah, they are.\nTom Sweeney: The demo gods are strong.\nJennings: I can do another quick explanation of what's happening here. And what's happening here is This user interface is pretty much. Helping me build a command line. string that is eventually going to be forwarded to the podman socket and so,\nJennings: This program that I'm trying to run called Simple DS. App is just a demonstration program. We have other programs as you've seen for imaging analysis and medical research. I'm just going to pass a command line parameter here, called Sleep length. 10 because I wanted to sleep for 10 seconds. Oh no, this guy failed.\nJennings: I feel like this one's also gonna fail, but yeah. Sadly, the demo gods have kicked us this time.\nJennings: Well, that's mostly what we have here. We have the entire care system running in Admin, Desktop any questions?\nBrent Baude: Yeah, I have a few.\nBrent Baude: I'm curious. Is there anything that podman could do? That would make this easier for you.\nJennings: Yeah. So Several things podman has pretty much innovated in the space of rootless containers and that's great because Chris is concerned about security and we need to make sure that these plugins aren't going to do anything malicious and if they do something malicious they can't break out of that. Container jail. a second thing is one of the key innovations of the Chris project itself, is that Chris plugins, unlike some other. Systems for computational research. Aims to be simple for developers. And I should be able to look at a terminal you here.\nJennings: I'm not sure if you guys are familiar with the App Trainer command app. Tanner is a another container runtime similar to Docker apartment. And friends. But this obtainer command could also just be a podman command and podman would be a great candidate for having people be able to run these analyzes on their own systems. Because oddman is rootless and or podman supports rootless mode.\nRudolph Pienaar: If I can just quickly jump in with a meta comma to observation here. So you guys all hear me is my mic coming through. So, one of the things we're trying to do here,\u2026\n00:15:00\nTom Sweeney: Yep, bottom plants.\nRudolph Pienaar: right? Is, you know, you're so in the Chris UI beginning of like this, this connected graph of designers, So that's kind of at the heart of what we're trying to make fun, you know, distribute, right? So you can, you can construct and arbitrary complex tree of computing. where each one of those nodes is, is obviously a container and because\nRudolph Pienaar: That's a Jennings show in the beginning. You can have multiple different computing stages as you're doing, one of the things we're trying to do is to be able to publish and bundle together, the value of that computing tree. Simply and easily, right? So you can, you can describe your entire compute as a simple yaml file. Which literally is just describes the tree of computing, your almost a directed basically graph.\nRudolph Pienaar: Mostly in research. What folks, end up, folks, end up doing right. Is they construct their workflows using bash? Scripts if they get to that level, And you know, as most of us know bash scripts are horrible to try and do anything with. And most of the coding there is is literally just coming, right? You know, it's all to do with data copying from one direction to another and stuff that all goes away in a system like this, you know, leveraging Crisps which sits above, you know, something like podman or Kubernetes, whatever the case may be, all of that goes away. Which we think is can be pretty useful for reproducible, computing and science and stuff like that. And another thing which which is maybe interesting useful to point out of here is and so I was a Red Hat summit last week.\nRudolph Pienaar: There's a whole bunch of stuff, you know, about how in industry we can. You know. Deploy models of computing. Like AI models. How do we deploy them? The first, I can tell the industry model to do that. Is you take a data scientist working in Jupiter notebook. And that's all they ever do. And then an application engineer or development comes in and takes her Python Jupiter notebook and shoves it into a flask python. Framework or fast API and that fast API thing, you then go and throw on the Web and manage with Kubernetes or partner, whatever the case. and that's if you want, most people are doing and that's, there's nothing wrong with that, of course, but it just struck me that What ends up happening there is that you kind of entrenching the separation between you the primary developer like potato scientists.\nRudolph Pienaar: Where it's going to be deployed. There's a huge gulf between them. Right. The data scientists. It doesn't know anything about flasks or fast API, they want to touch that. They don't interested in doing that. But in a system that we put together over here, the The actual thing that is deployed on the Web that is managed by Partman is managed by this whole system, is pretty much the exact code that you as a data scientists. Develop. so it's so it that that Delta between your prototype. Code, and the deploy code.\nRudolph Pienaar: Is much much shallow smaller and shallower than what it, and what is the normal way? It means. So that's another innovation where I super excited about to do you, right? You can develop your stuff, you can be a data scientists. You don't even have in this case here, you don't have to know what man. We doing it all for you without scripts, but you are developing your code and you're able to deploy it locally on your own machine. And pretty much see what it would be like, in production. Skin. Anyway, that's just a quick quick. High-end plug here.\nStevan Le Meur: Well thanks a Rudolph. I think that's exactly what we are trying to to accomplisher. It's helping the developers to be able to produce locally. Things that they would run on production. So having something as close as possible from production is super critical. Who have fast turnarounds, when you are building your application. But also, when you are consuming it, as you use, just the mode in fact so wonderful. The demo is fantastic. I think, and it's really nice to see the technology being used for such cases, as well. That's, that's very nice.\nJennings: So I was able to get what I wanted to show running, which is I just rolled back to an earlier commit. That was working. So what I tried to do was I ran a second, plugin instance here. and you can see what I did was, I was trying to run this program called Simple DS up with a parameter called Sleep Length, 20. And here we can see the output in podman desktop as well. So what the cris system did was once it received the request to run a container. It handles, all of the handles fudging with the podman interface for you, And it created a container with heels and both DS up. And here's the output, I'm not sure if we'll be able to inspect it anymore. Yeah, I can't inspect that any more because Chris decided to delete the container, once it was done running, if it was still running, then you would be able to see the flags here as well.\n00:20:00\nJennings: I also wanted to just quickly show off what Rudolph was talking about. So what I was showing here was just the stages of a biomedical compute pipeline. It often involves multiple steps and multiple programs that are going to be glued together by a bash script. If you've ever done any kind of scientific computing, you would understand what I'm talking about East Bash scripts or even CSH scripts are going to be maybe 4,000 lines long of gibberish. Whereas with Chris how we organize and orchestrate, these workflows is using a yaml schema\nJennings: over to pull up. My browse organ. this is a pipeline that I've been working on, which Extracts surfaces aka just polygonal mesh, representations of the fetal brain cortex. From a reconstructed brain image and so it does some file conversions and it processes the left and right hemisphere separately. And this is specified using a declarative yaml syntax instead of bash.\nJennings: I also wanted to add to what Stevan was talking about. We have Chris deployed and targeting Openshift container platform. Unfortunately this week we were just on Lucky our\nJennings: local cloud that we use. It's called the Massachusetts, Open Cloud and the New England Research Cloud. They are doing their yearly power down maintenance. So I can't show that off though. Typically Chris is deployed on Openshift and also uses Openshift for its public compute and one of the things about podman is it makes it easy where we can have this one set of Kubernetes, DML manifests that work on both Openshift and also just locally on my desktop\nJennings: I don't know if I'm supposed to be calling on people, but hello Matt.\nTom Sweeney: Oh sure. Go ahead.\nM\xe1ir\xedn Duffy: Hi. So my question for you because I know you guys were previously using Docker compose and I just wanted to know how was the transition been kind of coming from Docker compose into this setup?\nJennings: Yeah. Um, perhaps we should I noticed next in the schedule, someone's talking about quadlet which is something that we need to look into. I'll talk about why right now actually using Docker compose is a lot easier. For not necessarily the right reasons. It's because the her compose has a Insecure by default kind of mode of operand, which is great for developers. but, One of the things that I'm curious about is just trying to enforce the principle of least privileges here, and moving into podman was more difficult because of the Damon list thing. We need a Damon to talk which is why I'm running the podman socket and also the rootlessness thing, There were a few bugs there. But in general, the experience was somewhat good.\nJennings: There are some key differences between how podman cube play works and how the actual Kubernetes system works or how Docker compose works. The two biggest discrepancies, are going to be that.\nJennings: Podman cube play. Operates sequentially. What that means is it's going to create one pod or sorry. One container at a time and that's a problem. When you have containers depending on each other, in the world of docker, compose, or Kubernetes. These containers are going to start Asynchronously meaning If the dependencies aren't resolved, they'll just restart in a few seconds. And podman. I need to do the dependency resolution myself and how that works is. I've prefixed these with numbers denoting the order in which they are dependent. So I need my config maps first. And then I need my database and Q. Services which my backend is dependent on and then I have to run my back end near the end because it's dependent on the database and rapid MQ.\n00:25:00\nJennings: Yeah, Brent.\nBrent Baude: Let me check with Tom first on time check, how are you feeling Tom.\nTom Sweeney: And we've got all just a few more minutes. I can go five more minutes but that's gonna be pushing it.\nBrent Baude: Okay, I'm curious then. So when you say that, When you say that before with, I think it was composed and it's done. Sort of asynchronously. Are you handling?\nJennings: in docker compose, it's possible to specify the dependency order of containers. And that's not a perfect solution, but it is.\nJennings: Better than sequential.\nBrent Baude: Okay.\nJennings: I think it's also supported in podmin composed, but we've tried to move off of podman compose and into podman play cube.\nBrent Baude: Okay.\nJennings: So what you can see is when I'm running the Chris container over here, this is a docker compose file. I can increase the font size of it. This Chris service is defined with the auctions depends on, and the pens on is a list of other services, which must be started before the Chris service. This is good because we can make sure that these other services at least exist prior to Chris. This isn't a complete solution, because even though the containers themselves exist, these service might not be ready to accept connections yet, but still docker, composes able to figure out the dependency order and then start these both.\nJennings: Asynchronously. And in the order that would satisfy the dependency tree with podman currently, the dependency resolution must be handled manually. This is also somewhat deviant from the communities spec. I'm not sure if it's part of the Kubernetes spec, but I would assume. So that every resource specified in a yaml file, Or sorry, the order of resources specified in a yaml file, should not matter. So,\nJennings: What I have here is, I have a yaml file of a bunch of Kubernetes resources, they're separated by the Triple Dash syntax and in theory, or ideally the order of these services shouldn't matter. But when you're running it using podman, whether it be through podman desktop or podman cube play, the order does matter. You need to specify the dependencies before the dependence.\nBrent Baude: Okay, thank you.\nTom Sweeney: Any further questions. This has been great presentation. Great discussion.\nBrent Baude: I assume Tom has your contact information if I would want to follow up, you 'D be willing to answer some.\nJennings: Yeah. Oh, I mentioned Someone's later going to present on quadlet. I would be very interested in hearing more about quadlet because to my understanding Quad lit, is where podman uses system D as DC. Orchestrator of some sorts. And so hopefully, system D can sidestep this issue. With plodman cube in my understanding, is podman is starting these services sequentially. But if we were to define domestic D unifiles and system D does start services in parallel. I hopefully this dependency resolution problem goes away.\nTom Sweeney: Know unfortunately the speaker had to back out literally just after the meeting started. So we're not going to be discussing quality today but we can certainly get you in touch with him if you'd like to.\nBrent Baude: Who was the speaker, Tom? oh, Okay, we can. Yeah, we can do, we can arrange something for you.\n00:30:00\nTom Sweeney: Then, okay. And then not as moves, you down to the bottom of this agenda today, just so we can get to the other things too. If we don't get to the four, five update, I think we can get by without that. So next. Okay, next up. Step on me and just stop update.\nStevan Le Meur: Yeah. So I I think the demo that was just done by Jennings was a, just a very clearly illustration of how pen mendes that could be leverage for helping streamlining, container walkthroughs and streams. Most and if you can developer experience so this is great introduction. I will say so on, I'm going to share my skin. So we just announced the version 1.0 of Batman Desktop and We are really two weeks ago.\nStevan Le Meur: In this version, as you might already know, we provide a user friendly interface for managing containers and working with Kubernetes directly from the local developer machine. So that's a bunch of things that we are trying to, to do from a component desktop, like abstracting the setup and the configuration of the entire container tooling. So you can create your appointment machine directly from the UI and you have the ability to to create your machine.\nStevan Le Meur: With or without good privileges as well. And as it has been demoted as well, just capabilities to play Kubernetes yamls directly from from the UI. So you can see your buds you can see The logs, you can interact with. we said with each of the containers, And you can get the Kubernetes manifests for. Somewhere. Oh, you applications. So you can easily test that onto. Onto a unto donuts around. So I can take A container.\nStevan Le Meur: And I can say, Hey I want to run this container inside of a bud so I can create a pod on my container. I need locally with a man. and then, once I have this this environment, which is a, which is running, Once I have my bud running locally with Batman, I can easily deploy that onto Kubernetes environment. So I can test it on two different Kubernetes around and right now. From Batman Desktop, you can create a kind cluster which is a Kubernetes. Christopher running in input, man. So you can create the cluster.\nStevan Le Meur: You will, you will have that NDF there are after a few seconds, a few few minutes depending on the on the network. And when you are in the context of of your bird and your images, you will have the ability to easily insight with the cluster so you will have the ability to push an image that you build locally. With Batman and you will be able to push that image directly onto the gain cluster. To use it into a deployment or into service that you you want to try out locally? So, this is one step. One step further in some sense.\nStevan Le Meur: Once you have your game cluster, it appears as a container in your list of container. So I have it here in you. I can see the logs. And what's pretty interesting is that I can also directly from the here. I can also interact directly with a research there so I can Also, do a computer comment directly from the from here. So if I have my bud that I just create I can say, Hey, I want to deploy. That bird onto my chemical stuff so it's you use a superman coming to generate the Kubernetes manifests.\n00:35:00\nStevan Le Meur: And and then it selects the Kubernetes context and I can do the deployment. Of my bud directly on tour. Onto my calendar. So share, it's probably pulling the image and now engine is running and I can see my part running locally in Batman, but I can also see it running on Kubernetes kind of stuff here as well. So this has a type of workflow that you you can leverage to make make it easier for you to have your turn around and you to test your application. More easier. As well.\nStevan Le Meur: Coming with the version 1.0 we have a set of of extensions as you know, Batman Desktop. He's a, he's a it's open to multiple container online and Kubernetes distributions so that's compatibility with with the care Lima and for Kubernetes, we have integrated kind. But there's also the ability to run Openshift on your local developer environment. So you you can directly install the extension from from the screen. And once you have the application, the extension installed you can trade. An open shift, local environment. So I already have one. So, It's not going to.\nStevan Le Meur: Turn that you have the ability to configure your bunch of local with two different presets. So either you can use an open shift, local an open shift, single cluster single note, cluster on your local environment. Or you can also use a lightweight version of Openshift which is micro shift that you can run you locally. So this is what I am running. Here and you obviously ability to switch your Kubernetes context from gain. To Microshift. So, if I have An image that I want to deploy to Microshift. I can also do that directly from on the list of images. And I can.\nStevan Le Meur: Deploy. I can deploy you. Birds, I can deploy Kubernetes cmls directly onto a main micro shifter environment. We also integrated the capabilities for enabling the Docker compatibility mode. So this enable to map the docker circuit directly to to put men, but also use the command lines, that some developers may already be familiar with. So this is prettier pretty as well. So, it's available.\nStevan Le Meur: Today it's free. You can download it from a ferment desktop dota you open man.io. As well. And we are always looking for feedback and you new new ideas on things that we could be. We could be improving. So feel free to engage on the requisitory as well, so you can create issues. And you can also report feedbacks directly from within the application so you can share your experience. And tell us, what are your suggestions as well.\nStevan Le Meur: And with this, I think. I covered.\nStevan Le Meur: The Intel. On Badman Desktop 1.0. So the lunch was two weeks ago, we have been getting a very positive Feedback from from the community. We had a lot of blog posts and the media coverage but there is also\n00:40:00\nStevan Le Meur: Really announcements that we are. We published on a developers that had that come. So feel free to to give you to give a look, if you are interested, otherwise looking for hearing you your feedback and your thoughts. On the product.\nStevan Le Meur: Any questions?\nTom Sweeney: Another question but would you share the department.io site real quick? It's the fun. Yeah, just for a moment,\u2026\nStevan Le Meur: Sure.\nTom Sweeney: I just did want to mention that we have Mole here and That has been revamped greatly by her and other folks and it's looking phenomenal right now.\nStevan Le Meur: Yeah, it's the new website is looking fantastic. So kudos to to move what's been working on this quite easily and it's it's I think what Batman was deserving so, really cool to see.\nTom Sweeney: Yes, thank you. And thank you once again. Well, it really is great. all right, that we're going to move on to Lokesh talking about Paul man, shakes\nLokesh Mandvekar: All right, let me share my screen. Stevan, could you stop showings\nStevan Le Meur: Sure.\nLokesh Mandvekar: Well.\nLokesh Mandvekar: All right, I guess you can see my screen. Oh, all right, so first off, what's the problem at hand? So as a system administrator, I would like to confine each user to a predefined show environment and in that environment a user would have access to volumes and capabilities specify for that particular user. Now, what is Plug-inch? Odman SH is an executable user been augments h along with a container by the same name. I'm going to search now. This container is managed by a user quadley. With the login shell, set to the plug-in SH executable. When the user logs into the system, they enter the podmanus H container directly. Now, let me do a quick demo. So first, let's check the current user is\nLokesh Mandvekar: So that's the current user with the show set to bin Dash. Now I have created a demo user for this purpose. Now, this demo user has shell set to User bin podmanish. Also, with the user quadlet created for this demo user.\nLokesh Mandvekar: Books.\nLokesh Mandvekar: So this is a basic quadlet that's been created for the user. The image has been sent to Ubi-9 minimal. Now, let me first. See what posts I'm on. I'm on Fedora released 38. Now, I'll ssh into the system as gonna be user.\nLokesh Mandvekar: Okay. so I'm ssh in and as the user demo,\nLokesh Mandvekar: Environment is a real environment. As was specified in the bottled file. So, current status of this work, this is still working progress. There is an open PR, I'll link to it in Hack MD. Now this might get into 4.6, as a tech preview, but it should be ready for the release after 4.6. And that's my demo questions.\nTom Sweeney: Not hearing things.\nLokesh Mandvekar: All right. Yeah, Tom back to you.\nTom Sweeney: Right, Lokesh. Thank you. That's great. And Matt, do you want to give us a quick rundown? What's happening with four or five?\nMatt Heon: I honestly I think I'll just take the opportunity to go on to four six and future release plans because four five is, this point is two months old. so,\n00:45:00\nTom Sweeney: What?\nMatt Heon: Generally speaking, we are planning at least, one more release this summer, but there's still discussion going on in the team as to whether we're going to do two one end of this month and one somewhere in August, or just, just one release, which would be probably mid to late July. So we're not completely sure on this, but you were getting at least a four six and potentially a four seven by end of summer, we're hoping to firm this up and get an actual document out that will describe future release cadence at some point, but that's still being worked on as to what you can expect. And for six generally speaking improvements to podman machine, especially around Mac, and Windows improvements to quadlet and just general bevy of bug fixes that you usually gets also at some point, maybe not for six, but some point the future we are going to be making the new SQLite database back and the\nMatt Heon: Fault, still needs to be discussed if it's mature enough to do that and four, six. This should be only for new installation. So I don't expect any significant changes from user perspective, but that is something to look out for. And I think that's about it. I could go into four or five features again it's two months old and at our current cadence, that is a agent history.\nTom Sweeney: Now, that's fine by me. Brent, did you have anything to say? You look like you had something you wanted to sing?\nBrent Baude: You know, no, but I can add to it. We're currently just sort of looking at\u2026\nTom Sweeney: Okay.\nBrent Baude: what we're working on where Matt hit a lot of it. We're working on some final pieces for Netta Mark. Parody with CNI. And in terms of machine,\nBrent Baude: But I currently have two new hypervisors in flight. And one is Hyper-V. For windows. And the second is the apple hypervisor their native, one rather than c** you. Both are progressing nicely. Because their new platforms. For fedora coros, it does have to go through a rather. lengthy process and get into their release process, to where images would be automatically created.\nBrent Baude: On. But a lot of that code will be in four six and potentially for those chomping at the bit they can Check out if it fixes or solves any problems one. Very good thing. I'm happy to report is we have hurt Ilfs, working on the apple, Hypervisor part and it's quite fast.\nBrent Baude: I think that's it, Matt.\nMatt Heon: Yeah, science about right to me.\nBrent Baude: yes, of course, Stephen\nStevan Le Meur: you yeah, wanted to ask if you if you are looking for people who want to test, the the work on the I Native I advisors If you are seeking for, for more testers from the community here, I'm not yet.\nBrent Baude: I will but not yet on the hyper V side.\nStevan Le Meur: Okay.\nBrent Baude: We need we need ignition upstream to merge, and start creating some images. I could do one offs, but it's not something I like to do. The second piece is the\nBrent Baude: socket mapping. For Hyper-V is not been completed.\nBrent Baude: So, it would make it. More difficult for people to actually use in that regard on the habitable. On the apple side, we're still working out. I'm actually sort of faking out ignition right now, and that's how I'm doing the testing. But we're we're basically saying thing there, no socket mapping yet and we need mission to Merge when it works done.\nBrent Baude: And I'm going fishing next week, so it won't be in the next week.\nTom Sweeney: Don't catch any Celtics, please.\n00:50:00\nTom Sweeney: All right, that's it for our plan topics. We have just a few minutes left for open form. Questions, does anybody have any questions or comments? They want to make\nBrent Baude: We love to hear what we're not doing, right?\nTom Sweeney: yes. And also any topics that you'd like to see for the next meeting. Which I'll just say real quickly. Our next meeting is August 1st 2023. That's a Tuesday. That's first Tuesday of August, that'll be at 11:00 am again in our next ball. Meetings back up on me because you do that on the third floor you stay at the month and that's on the 15th this time around. So that'll be next Thursday. So, if you have any topics for either of those, let me know currently the quality demo will be on that list for the community meeting New August.\nTom Sweeney: I'm not hearing any other questions comments.\nStevan Le Meur: Comments. I think it's super cool. Everything that is happening in the Comet Padman community at the moment. So thanks everyone for your engagement involvement.\nTom Sweeney: All this.\nStevan Le Meur: It's amazing.\nTom Sweeney: this, it's been\nGerry Seidman: actually, if I can at the 11th hour, ask questions, I actually met with Ben\u2026\nTom Sweeney: there.\nGerry Seidman: At Red Hat Summit and he's very aware of this stuff we're doing with a major financial that very much wants ALS if you would be ultimate layer storage. kind of,\nGerry Seidman: Whatever dancing. Just I presented the group on it, I won't be able to, I don't know if I'll put on the 15th, but what's one after the 15th, what the meeting date after the 15th?\nTom Sweeney: um, the one is there's Department of Community meeting on August 1st with this. Another one, another Cabal meeting. And if I can get my calendar up, I tell you, it's the third Thursday, in July. You don't?\nGerry Seidman: Right. Well, I'll reach out to you, then send an email between you and I, I'll follow up on that. Um, really\u2026\nTom Sweeney: Okay.\nGerry Seidman: what I would, what my curiosity is, is right now. The ALF is considered experimental and storage in the container storage. Any suggestions on decide what the things I talked with Dan about about, Moving it forward to. Not being experimental.\nGerry Seidman: Like documentation. Things like that.\nTom Sweeney: Right? Can I throw that one in your life?\nBrent Baude: Yeah, I was just waiting to see if anyone piped up. So Gerry you're the one then.\nGerry Seidman: I'm the one if you've heard about the people thinking about it. Yeah.\nBrent Baude: I heard about him.\nBrent Baude: I guess for content. I'd have to think about that. It's an interesting question. What is I'm not deeply familiar with what's held it back? Other than the fact that it's fairly new, but not a new technology, but a new ad.\nGerry Seidman: Yeah, it's it's it's deployed, it works. In the, you know, it's it's Dan suggested Da edit, you know, submitting some documentation. The only place I could imagine to document that is in the Storage.com. Man Page because nothing, there's no commands associated with it. Maybe you have some other thoughts in that. I've written that up. I just haven't submitted it yet. um, It works.\nBrent Baude: Okay.\nGerry Seidman: Um, it's really just a matter of fear of commitment.\nGerry Seidman: because, Other than myself, a group of NT.\nGerry Seidman: And then some other miscellaneous projects, I don't think anybody, I don't know how many people using it.\nBrent Baude: let me, let me get back to you, but I wondered if there were You said there was documentation and container storage.\nGerry Seidman: Now there's there is not, I I wrote some up that I can submit and\u2026\nBrent Baude: Oh, okay. Okay.\nGerry Seidman: it really just I mean if you the other technology is the, you know, the alternate image store and that literally has two lines of documentation. I wrote A couple of paragraphs, which is probably too much but\nBrent Baude: Well regardless that would be good to have.\nBrent Baude: I think, beginning the blog about it would be smart it and we can provide a blogging resource if you're interested.\nGerry Seidman: Yeah, that's good to that but if you do you have my cut contact information?\nBrent Baude: Yeah, it's in the calendar notice, I would assume.\nGerry Seidman: okay, so I don't have your contact information, so if you could ping me out response, thank you.\nBrent Baude: Absolutely.\n00:55:00\nTom Sweeney: Right. Folks, unless there's any last questions. We're almost a time for this meeting. I'd like to very much thank all the presenters today for coming in and showing off the substance of fascinating. Look for a lot of things today. And again, we'll be meeting next on August 1st and then on July 20th. June 15th and July 20th. But I'm gonna stop the recording.\nTom Sweeney: And anybody wants to say anything and not be recorded. Otherwise, let's go to lunch.\nStevan Le Meur: Boost.\nGerry Seidman: In 30 days.\nTom Sweeney: All right, folks. Have a great day. Thanks so much.\nMeeting ended after 00:56:17 \ud83d\udc4b\n")))}qo.isMDXComponent=!0;const zo={},Vo="Podman Community Cabal Meeting Notes",Ko=[{value:"June 15, 2023 11:00 a.m. Eastern (UTC-5)",id:"june-15-2023-1100-am-eastern-utc-5",level:2},{value:"Attendees:",id:"attendees",level:2},{value:"June 15, 2023 Topics",id:"june-15-2023-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"Additional Layer Storage (ALS) (0:57 in the video) - Gerry Seidman",id:"additional-layer-storage-als-057-in-the-video---gerry-seidman",level:3},{value:"AuriStorFS - The cloud file system for the 21st century",id:"auristorfs---the-cloud-file-system-for-the-21st-century",level:4},{value:"Containers as Software Deployment",id:"containers-as-software-deployment",level:4},{value:"Container Storage",id:"container-storage",level:4},{value:"Additional Image Storage (AIS)",id:"additional-image-storage-ais",level:4},{value:"Additional Layers Storage (ALS)",id:"additional-layers-storage-als",level:4},{value:"AuriStor Container Accelerator (ACA)",id:"auristor-container-accelerator-aca",level:4},{value:"Qustions",id:"qustions",level:4},{value:"ipfs integration into Podman - Anders Bj\xf6rklund",id:"ipfs-integration-into-podman---anders-bj\xf6rklund",level:3},{value:"Open discussion (54:45 in the video)",id:"open-discussion-5445-in-the-video",level:3},{value:"Next Meeting: Thursday, July 20, 2023, 11:00 a.m. EDT (UTC-5)",id:"next-meeting-thursday-july-20-2023-1100-am-edt-utc-5",level:3},{value:"Possible Topics",id:"possible-topics",level:2},{value:"Next Community Meeting: Tuesday, August 1, 2023, 11:00 a.m. EDT (UTC-5)",id:"next-community-meeting-tuesday-august-1-2023-1100-am-edt-utc-5",level:3},{value:"Possible Topics:",id:"possible-topics-1",level:3}],Qo={toc:Ko},Zo="wrapper";function _o(e){let{components:t,...n}=e;return(0,ce.kt)(Zo,(0,Q.Z)({},Qo,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("h2",{id:"june-15-2023-1100-am-eastern-utc-5"},"June 15, 2023 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h2",{id:"attendees"},"Attendees:"),(0,ce.kt)("p",null,"Ashley Cui, Chetan Giradkar, Christopher Evich, Daniel Walsh, Ed Santiago Munoz, Gerry Seidman, Gerry Seidman's Presentation, Giuseppe Scrivano, Jake Correnti, Lokesh Mandvekar, Martin Jackson, Matt Heon, Miloslav Trmac, Mohan Boddu, Nalin Dahyabhai, Paul Holzinger, Preethi Thomas, Tom Sweeney, Tom Sweeney's Presentation, Urvashi Mohnani, Valentin Rothberg"),(0,ce.kt)("h2",{id:"june-15-2023-topics"},"June 15, 2023 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Additional Layer Storage (ALS) - Gerry Seidman"),(0,ce.kt)("li",{parentName:"ol"},"ipfs integration into Podman - Anders Bj\xf6rklund to kick off")),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://youtu.be/GYrFHoYtXDA"},"Recording")),(0,ce.kt)("p",null,"Meeting start 11:02 a.m. Thursday, June 15, 2023"),(0,ce.kt)("h3",{id:"additional-layer-storage-als-057-in-the-video---gerry-seidman"},"Additional Layer Storage (ALS) (0:57 in the video) - Gerry Seidman"),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"./AuriStor-ACA-PodmanCabal.pdf"},"Slides")),(0,ce.kt)("p",null,"What is AuriStorFS\nFraming the Problem ACA Solves\nAdditional Image Store AIS\nAlternate Layer Storage ALS\nThe AuriStor Container Accelerator ACA"),(0,ce.kt)("h4",{id:"auristorfs---the-cloud-file-system-for-the-21st-century"},"AuriStorFS - The cloud file system for the 21st century"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Global Namespace\nAccess Transparent\nSecure\nCache Consistency\nPlatform Independent\nAFS Volumes as Policy Containers\nHigh Availability\nWorks Well over WAN as well as LAN\nBoundless Scalability\nHybrid/Multi-Cloud\n")),(0,ce.kt)("p",null,"Works with Fedora 31 and higher"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"ls /afs\ndnf install -y -q kafs-client\nsystemctl start afs.mount\nls /afs/cern.ch\n")),(0,ce.kt)("p",null,"Platform independent"),(0,ce.kt)("p",null,"Volume are rooted directories"),(0,ce.kt)("p",null,"Examples of Volumes\nRead Only - Machine Learning, Application Binaries, Configuration files, Static Web Content\nRead/Write - Business Documents, User Home Directories, Logs"),(0,ce.kt)("p",null,"Volumes are the units of Management and Policy\nAFS Volumes are named\nSpecial volume named root.cell\nVolume Directories can link to other volumes"),(0,ce.kt)("p",null,"Mounting Volumes to Local File System\nDirect Mount\n\u2022 ",(0,ce.kt)("inlineCode",{parentName:"p"},"mount --bind /afs/.@mount //"),"\n\u2022 ",(0,ce.kt)("inlineCode",{parentName:"p"},"ln \u2013s /afs/.@mount//"),'\nDynamic Mounting\nAFS Client side "Dynamic Root"'),(0,ce.kt)("p",null,"Every Volume is really an Object Store\nLocal Cache Consistency"),(0,ce.kt)("h4",{id:"containers-as-software-deployment"},"Containers as Software Deployment"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Container has root file system, and you can push/pull the image.\n")),(0,ce.kt)("p",null,"Costs of pulling a container image\nClock Time\nNetwork bandwidth\nCPU and I/O time spent\nDisk space"),(0,ce.kt)("p",null,"Large Container Images are not uncommon\nPyton is 1GB\nGerry has seen 40GB sized custom made."),(0,ce.kt)("p",null,"Large Containers can add up, and you can have many on a machine."),(0,ce.kt)("h4",{id:"container-storage"},"Container Storage"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Configuration File\n /home/gerry/.config/containers/storage.conf\nWorking directory\n /home/gerry/.local/share/containers\n")),(0,ce.kt)("p",null,"Podman Pull - object from container registry"),(0,ce.kt)("p",null,"Layer files are found under 'overlay'"),(0,ce.kt)("p",null,"Running a container adds the R/W layer"),(0,ce.kt)("h4",{id:"additional-image-storage-ais"},"Additional Image Storage (AIS)"),(0,ce.kt)("p",null,"Allows multiple ./storage instances\nImages are pulled into specified ./storage\nAt runtime, Images are search across AIS sequentially\nCan be share across users and machines"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"You can list images from multiple image stores\n")),(0,ce.kt)("h4",{id:"additional-layers-storage-als"},"Additional Layers Storage (ALS)"),(0,ce.kt)("p",null,"Stargz (Seekable Tar GZ)\nAttempt to solve the slow container start time\nSeekable allows lazy download of required image chunks\nRequires Augmented OCI Image"),(0,ce.kt)("p",null,"Alternate Layer Sstorage (ALS)\nProvides Alternate sources for Layer content (Stargz, IPFS, AuriStorFS)\nIntercepts Layer Pull/Expand"),(0,ce.kt)("p",null,"ALS Fuse Driver Plugin\nFor Layers it support the FUSE plugin will service paths in the form\n",(0,ce.kt)("inlineCode",{parentName:"p"},"//")),(0,ce.kt)("p",null,"Podman pull with ALS\nThe image size was reduced by quite a lot."),(0,ce.kt)("p",null,"This is deployed by Podman, but is experimental. Gerry would like to get it promoted."),(0,ce.kt)("h4",{id:"auristor-container-accelerator-aca"},"AuriStor Container Accelerator (ACA)"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"ACA Root satisified ALS Path 'Services'\nAuristor ACA finds AuriStor Volume\nACA Layer Volume Generator Service\n")),(0,ce.kt)("h4",{id:"qustions"},"Qustions"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Can AFS volumes store extended attributes (i.e Selinux labels)? Not yet, but in a near future version.\n\nAre access controlled on the server or on the client? Yes, in a number of places, being refined and needs improvement.\n\nALS requires a huge file system, is it opensource? Depends on which you choose.\n\nIs there a tool that creates the additional layer stores? Yes.\n\nWhay ALS instead of AIS. The dynamic nature of ALS. He would have to try and figure out AIS mapping.\n\nIn the past others have said latency is a problem with AIS.\n")),(0,ce.kt)("h3",{id:"ipfs-integration-into-podman---anders-bj\xf6rklund"},"ipfs integration into Podman - Anders Bj\xf6rklund"),(0,ce.kt)("p",null,"Not discussed due to time and Anders not being able to attend."),(0,ce.kt)("h3",{id:"open-discussion-5445-in-the-video"},"Open discussion (54:45 in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Podman v4.6 Release Update")),(0,ce.kt)("h3",{id:"next-meeting-thursday-july-20-2023-1100-am-edt-utc-5"},"Next Meeting: Thursday, July 20, 2023, 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h2",{id:"possible-topics"},"Possible Topics"),(0,ce.kt)("p",null,"ipfs integration into Podman - Anders Bj\xf6rklund to kick off\nPodman v4.7 and beyond update"),(0,ce.kt)("h3",{id:"next-community-meeting-tuesday-august-1-2023-1100-am-edt-utc-5"},"Next Community Meeting: Tuesday, August 1, 2023, 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h3",{id:"possible-topics-1"},"Possible Topics:"),(0,ce.kt)("p",null,"None Discussed"),(0,ce.kt)("p",null,"Meeting finished 12:02 p.m."),(0,ce.kt)("p",null,"Raw Meeting Chat:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Gerry Seidman11:02\u202fAM\nhttps://drive.google.com/file/d/1OjaARJayC-9Z3dQ0HdubWiyyzL3XFVcY/view?usp=sharing\nYou11:03\u202fAM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nChetan Giradkar11:03\u202fAM\nit requires access\nYou11:04\u202fAM\nGerry you';re muted.\nYou11:06\u202fAM\nQuestions in the chat please, Gerry can't hear.\nDaniel Walsh11:09\u202fAM\n:^(\nChristopher Evich11:12\u202fAM\nCan AFS volumes store extended-attributes (i.e. SELinux labels)?\nYou11:16\u202fAM\nI'll try to get him for questions at the end\nDaniel Walsh11:20\u202fAM\nAre access controlled on the server or on the client? Enforcement of who is allowed to chown.\nYou11:28\u202fAM\nFor those joining, Gerry can not hear us.\nNalin Dahyabhai11:45\u202fAM\nare your speakers muted?\nieq-pxhy-jbh\n")),(0,ce.kt)("p",null,"Raw Google Meet Transcript"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Tom Sweeney: Wanting everybody today is Thursday June 15th, 2023. This is the Podman Community Cabal meeting. We'll be talking today about additional layer storage and we have Gerry's. I'm going to mess up your name. Jerry, is it Seidman?\nGerry Seidman: But I've been seidman. Yep.\nTom Sweeney: Seidman, And then after that we've got to talk that's kind of a generic talk. For Ipfs integration into Pod, Anders was going to delete at least take that off. I don't see offers. Yeah, so we'll see. And I know Dan had wanted to talk about that as well. And so I have hack MD set up where I'll be taking the notes today. If you have links or anything that you want to add to it or if you find that I've just described something in the notes, feel free to go ahead and change those as you see fit. And with all that, I'm gonna hand it over to Gerry's. Thanks for coming today. I'm not sure.\nGerry Seidman: somebody could just check the fact that works that Could be my presentation's life. if not, \u2026\nDaniel Walsh: He?\nGerry Seidman: because some people like to follow along and as PDF, I could have put them there. That's a good point. Right.\nGerry Seidman: Nobody's going to confirm or deny.\nTom Sweeney: While I was muted, which was very helpful. It's no like not.\nGerry Seidman: Did you get it?\nTom Sweeney: It says I need access. Question.\nGerry Seidman: All right, hold on. Anyone with the link? Not let me do it again.\nDaniel Walsh: and I was now we said, Yep.\nGerry Seidman: Got it. Excellent because you don't make it easier for everybody because I'm going to talk fast. I'm from New York and I have too many flights. so hi. I'm Gerry Seidman. I'm president or a store which is a company that has a security distributed file system. I'm going to talk about our core product and also going to talk about what we're doing the container space or doing for accelerating.\nTom Sweeney: Who's Gerry now?\nEd Santiago Munoz: Very immuted.\nDaniel Walsh: Gerrymuted.\nDaniel Walsh: I see infinity.\nGerry Seidman: All right. Can somebody now say, Yes Gerry. I fear flies and I hear you\nDaniel Walsh: Yes Gerry. I see your slides and\u2026\nTom Sweeney: Yes.\nDaniel Walsh: I hear you.\nGerry Seidman: Nobody. You.\nDaniel Walsh: Yes.\nTom Sweeney: we can hear you.\nGerry Seidman: Can you hear me? So I can't hear you for some reasons, but that's okay. If you have any questions. I'll jump out.\nGerry Seidman: I've got it. All right, so I'm gonna go very quickly through a lot of topics. What I'm going to talk about what is Orest or FS. I'm gonna fake frame, the problem that\nGerry Seidman: The ores will container Accelerator solves. I'm going to very very quickly talk about container storage internals which most of you should know better than me. I'm gonna talk about additional image or which Dan certainly knows better than me. Then I'm gonna talk about additional layer stores, that's a typo,\u2026\nTom Sweeney: Technology.\nGerry Seidman: It should be additional layer Stores, storage, and then finally, I'm going to talk about the order here accelerator Actually, I'm going to be talking about that interest first with a bunch of other stuff and specific to it. So our surprise the cloud process for the 21st century that's actually a joke because the orchestra file system has its roots in the Andrew file system, which predates NFS it was designed.\nGerry Seidman: Very presciently. but the reason or what our stores initial funding came from the Department of Energy and we got an SDAR to create a 21st Century Cloud file system that extends upon the AFS vision. so that's the joke in that. but it was designed to do a lot of things store on extends very much beyond what the open source AFS does and certainly what anybody who's AFS a long time ago, might\n00:05:00\nGerry Seidman: Remember but here's the kind of the high level points and I'm going to drill into some of them, A true global namespace on that actually can span organizations not just clouds access transparent. It's just a processing files again for definition. In this case, I'm talking about the part of the file system, Not block storage. it's highly secure. I'm not going to go into the security model at all, into the catch consistency model. What that means is that, There is a local cash on that, on the machine, on each client. And if something changes in the server, it's the server's responsibility to inform the client, which means to do polling because it's done properly. Little version has the things like that. The cash actually survives a regal.\nGerry Seidman: if platform independent, the clients were on pretty much everything. I'm going to talk more about I'm going to talk about evidence, volume separately, high availability works well over the win as well as the land boundless scalability and like I said, hybrid multicloud by default. I'm just focus for a minute on these because they're just what I mean by a global namespace is if you just take a fresh install of the Dora and anything over for 31, There's a bug answer 38. But if you do a fresh install you LS slash AFS there's nothing there you install the cast client, there's an upstream when it's client that's in the main clean line, as well as in many distributions like we're going to not yet in route but we have a fine version if you're running around.\nGerry Seidman: 9.2 Ask reach out to me and I can give you this client. you just start the afs.mount service. And then if you're running there's a bug integer at 38 where you have to stand in first, permissive you don't into door up 37 and you won't or 39 and hopefully not much longer 38.\nGerry Seidman: And then just believe you're an astrophysicist or a high energy businesses and just look at files concern, LS slash AFS last cern.ch and lo and behold it works. Zero client configuration global management. Access transparent. It just looks like a file. So I'm going to just add a file from Cerns Atlas Project. Let's go from their aspected and it just work and as I said, it's platform, independent, on the one side of windows and the other side of women. I'm going to focus on the parts that are salient for ALS, the cash consistency model and the answer findings of policy containers really more than about the air that's fine in AFS again,\u2026\nTom Sweeney: He?\nGerry Seidman: volume is highly overloaded term in AFS and abiding. It's just a rooted directory of, files And it can have, files and sim links and directories etc. an example of a volume rewrite volumes would be, for example, painting data, machine learning training that a lot models data sets application binaries, configuration files, static Web content for write, your home, directory Scratch, space log but some specific project etc.\nGerry Seidman: Volumes are the unit of management and It's the thing, you put policy upon things like quota replicas. So for example, if that's where I want high availability, I might serve it up on three fosterers in New York in Shanghai One in London. It's still globally accessible, but your client will find a closest one to get you the best performance. maximal access controls, the security thing things that you can do things like this data. Can't be the US. It's got a lot of cool stuff, but an AFS volume and the AF unit of management is called Estelle and cells have volumes in them and volumes have human readable names. so for example I could have a volume called Language Model DOT training DASH data.\nGerry Seidman: so that would be where I would put it. I didn't say that access it yet and there's also a special volume with the name Root that again there's volumes. I don't know why I have a separate. you miss, what I'm showing is that within an FS volume, you can link to another amp as volume as if you triangle are for\n00:10:00\nGerry Seidman: Yeah, the triangles are showing, you can actually have hard links, you've actually have hard links as well as SIM links within a volume. You can't do hard length. but you can do mount points of the volumes. so how are you access it in? actually gave you This is the syntax not for cast but for our proprietary client but anybody can reach out, tell you how to do it or look up online. Mount Slash cell volume name gets you to a volume. That just works. There's also a dynamic route, /, By default. It could be anything else in your system. it doesn't have a lot of our banking customers, have it.\nGerry Seidman: Only locally accessible on and that's how the global names So I'll get back to that with an example. But for example, somewhere on my file system, I might want to have my, chat ABC language training data. I want to mount it there. So I just say I could do L / blah blah\u2026\nTom Sweeney: it's\nGerry Seidman: because slash that out. / myog.com, Bush language, training directly gets me to the root of that volume. So if I link it to be there, I now have it anywhere my file system. again, that's the syntax of here, but one of the cool things is dynamic, zero, configuration Global namespace. So there is that I mentioned in passing, a slash AFS directly off of the route. That's now actually reserve name. You can't. It's\nGerry Seidman: Its official things slash AFS you can't have such anything, and the way it works, if I go AFS slash you michigan.edu or cern.edu, There are DNS service records that say, where the metadata servers are for University of Michigan or certain etc. And what happens is the client, when you say slash afs/stern.com, it goes to DNS and it finds the IP address of the metadata server. And then it dynamically mounts, the route that sell special fruit. I\nGerry Seidman: Last say the penultimate thing I want to say is afs Everything was, really, an object store. It's not really a false, Server. It's an object server where each volume is an object store and each entity in it files, links, directories etc, are objects with their unique guys object IDs. And actually the server doesn't know anything about paths, unlike NFS. the path is all the pathwork, Interpretation is always done, completely on the client.\nGerry Seidman: As I said, also said there's a cash consistency model that survives reboot so when you read from the file server, a fraction of not a copy and sync file system. it just grabs the block that you read, it stores in the cash or the least presentation you use caching on and the cash can be very very large. couple gigabytes would be a couple of terrified. So for example you doing the machine learning Up. You might want to have a very large cache. so \u2026\nTom Sweeney: Traditionals.\nGerry Seidman: point basically networks over All right, that's all we know are all experts in or restore. now I talk a little bit about containers of software,\u2026\nTom Sweeney: Gerry.\nGerry Seidman: deployment, inheriting, all the classic problems of software delivery. very quick slide. Just we all know this that at runtime you're using, you've got an overlay file system the presented to the run container at runtime where the route is the write layer. And then there's a list of We don't get players. On the local machine, if you built. A container with a bunch of layers, you have all the files locally in particular, you also have a manifest that are config file. Whatever, those are well dependent,\nGerry Seidman: it's just helps me about the container image. But when you say top, I've been push. It takes those files on the layers and creates a car.tz compressed version. And that's what goes up to the container registry, and the container regency stores them. And in fact, the container registry is basically an object store where the manifest even a io slash\n00:15:00\nGerry Seidman: Out library slash alpine, you go to the registry and say Hey, what's its unique ID? What's the idea of its manifest? That's the only time you used, It's not object like And then from there on you just bootstrap and say Give you the man give you this object ID which is the manifest. They give me this object Died ID with coming in the manifest, the layer ID to grab the layers. and when you say Pull you do the opposite, you pull the layers and you untar them locally onto your local disk. so what are the associated costs with pulling a container? There's the clock time spent downloading the entire car.g file, which for large files, can be not insignificant that the cost of the network bandwidth.\nGerry Seidman: but if any CPU and IO spent expanding, that's hard on TV onto locales and the disk space required to store them and expand them. So effectively your container start time is the download time plus the expansion time and again these costs are only incurred the first time to container the layers full I say container image but it's per large container. Images are not uncommon. Icon is 1.1 gigabyte. Before you do anything, we have I know of customers that have just taken. Legacy systems and made them into one. Giant could 40 gigabyte Container. and then an example of that would be SAS. If you remember the old statistics programs is? Yes. That's what they did. They're not a customer bars but they have one I think there's 50 or 60 gigabytes. They just\nGerry Seidman: Big one, giant container image big deal. I'm only downloading it once no problems. So if I got a one gigabyte app, I download it to my machine or my server. I got the problem is a scale this adds up. So if I'm deploying a thousand one gigabyte images to a thousand machine a thousand. And they say, if I'm delivering a single gigabyte image to a thousand machine, that means I've got to move a terabyte over my network. which is you don't ever want to start a thing with a terabyte over your network and certainly, if you're in any industry where the network has to be really, Smooth like a bank anything is doing experimentation on it. you don't want that choppiness of the network caused by a lot of pulling of images on. And again, we're running a thousand machines is an uncommon. I mean, we have enterprise customers that are running on\nGerry Seidman: It actually running applications almost 200,000 machines. Tens of thousands of applications not uncommon for a single application, to go to a thousand machines and then we just drifted across the enterprise both locally and globally and cross-cloud. So that's not uncommon and we also have customers that have HPC compute clusters, where they got a thousand nodes and they'll just, blow out the container image To the notes in the classroom so It's not unrealistic. The other thing is that if you're running lots of containers at a single machine either individually with pod man or orchestrated by a Kubernetes, you can have a lot of containers in the machine and that actually causes a bloat in the disc\nGerry Seidman: just by the way. there's the Pie Man Group, an open ship node if you configured it with a bunch of stuff. Turned on can be up to 100 gigabytes of operator interview. So when you're creating a new openshift node, you could be pulling as much as a hundred gigabytes of container images and there are many as factors in the time but it takes about 45 minutes of setup and openshift note. so okay, so now we know, can we take as bad? their respects. so an important observation and this actually goes back, is this software delivery crop, there's over deployment problem goes back to cards, and tapes, and discs, and CDs, and RPM files. and containers, that many of the files in this offer deployment, and the container image are just not used.\nGerry Seidman: They're just not used. unless somebody put a lot of work into calling their deployment. Pretty bloated. In fact, going back to a paper on back in 2016. There's link by harder.\n00:20:00\nGerry Seidman: Pulling packages accounts, for 76% of containers, start time, but only six, four percent of that data is great. That was the result of Studies their analysis over the three years ago but I suspect it's worse, not better. But There you go. So in that prior example, if I'm pushing a thousand copies of a container to, a one gig by tonight near to a thousand machines that one terabyte would go down to 6.4.\nGerry Seidman: And there's a local dishes, reduction of storage actually for more than six for more because the carballs expand again for a single image. It's not important. But I've got a machine with many images, I could have hundreds and they have hundreds of gigabytes of Actively use container images on it on a server or a coin Tom, I'm not going to dwell on this. This is from that 2006 paper, about some example slides, let me go back, What was their research was fast, distribution of lazy doctor containers, and they had this idea that if you could create an index into the target, the file you just cherry pick the\nGerry Seidman: Blocks of the Tar of the blob using HTTP get range instead of just HTTP, get all from the tainer registry. and so, their whole paper is about creating indices and creating these non -standard container images. so this is from there.\nGerry Seidman: There, non-standard implementation, but still they're getting pretty impressive, compressions and pretty significant. Start time improvement. again because it's only pulling down the files that are actually used as runtime. Or so let's not take another digression on container storage. because then this will all come together because My feeling is, never.\nGerry Seidman: Never use a technology. You don't know how to write. So I'm basically going into the internals of you understand how it works in that way? Hopefully everything is clear, container storage. again, This is talking to the choir, he's acquire or I am preaching, that you've got the storage on configuration file storage at Conf file. and then you have a local working directly where the container layers and images information stored on and at those respective paths, this is all implemented in the Storage containers slash image, subsystems,\nGerry Seidman: Just for laughs, I'm just starting with a fresh system I say podman images. And what that does is that actually populates the empty graph of the structure. I can teach drove into everything but that's the kind of the structure of storage in Edwin time with pod man. And if I look at it, when I just created empty, it's about 32k, all right. we're only going to focus on again, in these slides, the things in green are the things remind myself to talk about. There's the overall a storage and that's the storage slash over. that's what the actual files are stored for the layers and images. It's where Information about the images. is stored because again, a layer may be used by multiple image just\nGerry Seidman: All So again doing something simple like a dot pod man poll, it gives us a throws out this number which is the the layer digest of a layer outside the single layer container. this every day I'm saying works on multi-layer containers. It cools down the manifest file and then it copy signature and it goes back the id of the registry, the idea of con that's a digest of the container image and justice. So we'll see these numbers again is 31. is the layer C1, aabv is the looking inside the overlay images file. We see bear again.\n00:25:00\nGerry Seidman: Corresponding to the image ID of C1a. There's a self-direct you c1a with junk under it, but it does include the manifest file and the way you find the Sea 31 e35. that's the actually manifest ID. The digest of the compressed image, not the uncompressed image, which is actually what's used in the manifest file. so the way to find the Actual digest, that layer is doing stuff.\nGerry Seidman: But extracting stuff out of the JSON bucket advo, again, I'm not going to talk it through, but the point of making is that you cannot forget about the 31 e blah blah, because it maps to one to the seven, a 78, 8 blah blah, but we're gonna want. Again let's look at the overlay folder, we see the bear lo and behold is a directly corresponding to that layer. With some files, the saline file being the diff file which contains the files from that layer and I can go directly and see those fun. All right, so we're now and then it run time.\nGerry Seidman: Everyone at runtime. You need a we'll see a second, container layers created. That's the transient regular layer of this container. when the container ends and you remove, podman RM. that layer will go away but I just want to, be clear that I run the container and break some content in it. I can see it actually under over All right. So now We all probably were experts on this before I started talking, but now we're reminded experts. so now we're talking about an additional image store and I'm additional image store, briefly on Alicia Image Store, allows you to have multiple instances of that structure that I just talked about. and\nGerry Seidman: you specify and you have one or more of those. And those are configured in the storage. I can't follow under additional image stores. and what it worked exactly like when you do a poll it looks like any pull, but you pull into a specified copy. So you have actually that directly structure multiple times in multiple plates. All right, depending on how many you have. And so if I pull busy box into that and then I go into that directly the temp slash ais. You'll see lo and behold, I get exactly what I saw before. but the AIS will only be read only. You will never ever be, it's only for the images, the layers from\nGerry Seidman: Downloaded Images. The rewrite layers at runtime, it will always put the rebite layer in your primary route. But notice, I left something out. I just want to be very clear When I ran Alpine 7.5 megabytes just remember that number 7.5, megabytes is the size of alpine, busy boxes smaller, 4.8 megabytes. and when you do a podman images, you have an extra column with them additional restore which will tell you whether it's your store it's coming from whatever you read, only layer stores.\nGerry Seidman: so what's the value, proposition of this, you get to share only layers across multiple users. for example, if the alternate image stores is on a single box, as you know, that in podman root was podman, every user has their own directly structure. Corresponding to storage on digital, allow you to have a single place rather than having every user on a machine. Downloading, the image, they can get from a shared place. another use case is you downloaded into an NSF share. And now, you have files that are being called on your local machine from an NFS share. And so instead of having copies on every machine, you have a copies just share all of this because of the whole into the alternative.\n00:30:00\nGerry Seidman: Image store, it has to be administrative managed. Somebody's got to do something to do that, whether to do the Poland locally of the pull, into the end of the share, on if you haven't read it. There's Daniel Walsh's is article on exploring additional image tours in climate. So the bottom line is part, man, works pretty much to me. Additionally, the creamers standard. It's just allows to have more than one. Let's have extra real now to be contrasted with additional layer store. ALS.\nGerry Seidman: It would, the history of ALS goes back to that harder paper where they tried to create As I said, a way to lazy load containers by having an index into a GC file That's what the essence seekable tar tzus. But that stands for, and that's what they did. I'm not gonna dwell in it. But, the original approves, the concept for ALS was done by a group of NTT engineers, who did the heavy lifting of\nGerry Seidman: Implementing what the harder group did but in actually container slash images just in compares my storage as well as in container d. and it is now shipped. it is in padman today so, ALS provides or additional sources of layer content not about the whole structure of the storage. It's just A layer content on there are actually three examples of uses of ALS the star GC. The NTT one serum I think has one, but I think they may have walked away from it. There's an ipfs implementation, of course,\nGerry Seidman: so, the way you implement ALS is with a fuse driver on because you need some sort of RPC from the container runtime, to say, Hey, I need the thought content of the layer. Can you provide it? It's really what happens at runtime right? But before down do I have the files locally? it says Hey you use file system. Can you provide? And you specify the root of your ALS file system under additional layer stores in the configuration problem.\nGerry Seidman: And so what happens is at runtime, there's an intercept. if it doesn't already have the files, it asks, can you do it? And if you're also says, yes, It's okay, great. Give me your route and I'll get the files from you. we'll see a little bit more details. Don't here. So, in this example I have my Orestore ultimately stored fruit at Chiliary Slash Home slash Store by putting that in your config file. It's telling the container runtime to look\nGerry Seidman: We don't want to query you, it uses the fuses according language, it's kind of an RPC, your future, lash your ALS root slash the basically form of the image Layer Digest. And that's where it's expecting. You to provide. a different directory, as well as some info and info file and the RAW blog if it asks you for it never does. But alright. So again you have to satisfy the ALS RPC by being able to service these paths.\nGerry Seidman: But these paths by your driver. So let's look again. So here's the same thing. I did I have a blank fresh banana storage, the 32k. I do it with my ALS driver running. I saw a problem Paul, everything's the same. And now I look into a dis usage on it, and instead of being 7.5 megabytes, it's 1.4 kilometers. And 104 kilobyte and that's not going to change. The caching is done on AFS. That cash is any different place. so in this case we reduce the container storage size by quite a lot. And the interesting thing is, when I did this Dr. Paul nothing came over the network.\n00:35:00\nGerry Seidman: All that happened was the ALS driver, said I can provide the services. I can provide the file. You didn't answer any file. So I'm not doing anything yet but I'm saying, I can if you false at those directories. So now let's look in the store for that's actually overlay. no this is the ALS route. what my fuse Paul system is providing and my priest is a root with the base 64 encoding of I guess that's io / Alpine. Or something like that, the digest of the layer. And I have to provide.\nGerry Seidman: Basic people of the reference slash died, layer digest, slash Bob /, stiff /, info and doing a little forward. Think notice that, what am I doing in my Orestore? They also implementation. I am I'm just doing a link to a volume on the cell DVD that I mx.com blah blah. Coincidentally with the name, very similar. I'm truncating, the names just for you either use and again just to prove I did an echo of that z blah blah through based 64 decode and yes in fact it is / liver.\nGerry Seidman: going back to container storage. what I'm seeing is that A Digest ID, I see. Under the death rather than the files which I saw before. I just see a symbolic link. again, I did that's what it really is but below I kind of abbreviated so The Overlay slash Layer Digest. Glitch GIF is really a symbolic into that AFS about into that path, which in fact is Going to give you the content of the day ARS or volume.\nGerry Seidman: And I'm just kind of showing you that really works on the slash info just gives you a standard information of the information of that layer. That's a image standard. and if I do a stat - l of the blob file, it says that in fact, if Laos driver can give you the part of the file of that, layer, and it's gonna be three point four, 3.4 mega. and of course, if I run the end and if I just run it, everything runs as normal. So again, the only, I ran this and the storage size, one from seven point five megabytes, a hundred, and four kilobytes.\nGerry Seidman: So that's the trick behind ALS to be many. You can put NFS behind Ali but if the fundamental difference in ALS and AIS, is that, as has a complete replication of that complicated structure, which allows us to reuse a lot of code, it's using the same code as container storage. But,\nGerry Seidman: but with ALS, you're just grabbing the layers on the Web. All right, so this is currently Deployed in pod, You can run it today in five, but if you look in this source code, it says Experimental. And if you look the band page for storage comp, there's no reference. So one of my missions is to get it promoted. and Dan suggested the following route, give a presentation of the pod, man. Cabal, this write a blog article about it.\n00:40:00\nGerry Seidman: Update the man pages to storage account.\nGerry Seidman: Describes additional layer store and makes them create some as a test. I can be run in the continuous integration, I think for the storage fiber. So finally, yes, there are some container accelerator. again, I really want to already All it is a fuse driver at runtime, it's a fuse driver. That maps, those munched names of lake of container image references slash layers to AF volume names in a well-defined manner. How is it configured? Actually look at this actually have in a cell\nGerry Seidman: I have this layer volume that file so actually that path is the same path. That I put in Assuming I'm sorry configuration storage account in the ALS client configuration, give it a path that they bootstrap I don't want Put information on I'm a distributed file system. I might as well have to configuration where it should be. and what that's saying is that The cell name ABC Direct ids.com will service layers.\nGerry Seidman: these are from these repos and you will find it in that cell under the layer name, J-1 Underscore Blah, where the blood and I strip out this shot to pick the same. so that's the mapping to find the air or volume, from from the image and Up. Why does it work where these layers coming from? There's a service called the oyster layer.\nGerry Seidman: Volume generation service that either can be hooked by a webhooks for your container registry or through. A command line tool where you say L V I'll be c Ingest docker.io slash Alpine and all it does does it goes to the container registry, it grabs the manifest? And then, for each of the DIP layers, it says, If I haven't already created an IFS volume corresponding to that in the appropriate cell. I download it and I untar it and then I create an Amazon volume with that. and so that's what the later generation service does, that's it. So now I'm gonna stop sharing and I think I was not too over and I haven't heard anything. So hopefully\nDaniel Walsh: Can you hear us now?\nGerry Seidman: Hopefully people here, it might get presentation. Good can't hear you.\nDaniel Walsh: Yes.\nGerry Seidman: Could somebody say something our speakers muted?\nDaniel Walsh: we're trying to talk, you can't\nGerry Seidman: No, they're not. Okay, so people are speaking. I'm gonna just\nDaniel Walsh: Can you hear us now?\nGerry Seidman: Okay. Tom. You raise his hands.\nGerry Seidman: Are you speaking time? And hold on a second,\u2026\nTom Sweeney: Can you hear anything? At all during\nGerry Seidman: I'm sorry.\nTom Sweeney: Can you check chat?\nTom Sweeney: And here's\nGerry Seidman: My Bluetooth. I'm having technology problems. I apologize.\nEd Santiago Munoz: first past,\nGerry Seidman: and so,\nTom Sweeney: I don't think he's on board yet. you can hear us. Okay.\nGerry Seidman: I can hear you now. Yeah, my Bluetooth. Down.\nGerry Seidman: Who knows all these screen sharing things do weird,\u2026\nTom Sweeney: I'll be.\nGerry Seidman: things that Bluetooth and it turns out the speakers on my laptop don't work. So I had to put an external speaker.\nTom Sweeney: Okay, so We do have a couple questions that were queued up while you were talking,\u2026\nGerry Seidman: I apologize.\nTom Sweeney: and we couldn't get your attention. So Chris had one that was can volume store extended attributes,\u2026\nGerry Seidman: Absolutely.\n00:45:00\nTom Sweeney: ie SE Linux labels\nGerry Seidman: extended attributes're currently not supported, they will be supported in the next release of our store. and I'm guessing you asked that because the overlay file system wants speaks so it turns out pod man is good Kubernet. Openshift is bad because POD Man default to fuse overlay at this. I refuse every AFS I can provide them the dot, the white app files But in the next version of Aura Store, we'll be able to do that. We're actually doing some other stuff. We're also doing verities checking and things like that which will make us the only just distributed file system that can do that. That's already if and when you care on etc.\nDaniel Walsh: Gerry. I asked Access control. Is that done on the server side,\u2026\nGerry Seidman: Yes. there,\u2026\nDaniel Walsh: or the client side?\nGerry Seidman: there's a problem. Ask the control of an interesting thing, because there's actually three different places where your Baptist control. You have the Unix bits that are in the container images. Those are preserved by container of the standard pipeline, there's the permission to download the layers on the container registry. And then there's the permission to access the AFS volume.\nGerry Seidman: All right, three different places We can restrict.\nGerry Seidman: A runtime application to access the files in an AFS volume. We can do that. We can put access control on the volume. We can't do it on the per file because I can't be worth that. Can't be represented, we actually can but it makes no sense in the whole container model. but if you would really want to do that, you would want to have a container registry that would never serve the product PZ.\nDaniel Walsh: yeah, yeah, because we've been in the past if I put stores on And network file store. For instance, NFS. It doesn't understand username space. So if I'm in using a space and I tried to chone a file, the service says, no because it doesn't want, UID the Walsh to Jones. Uid 100,000 Yeah.\nGerry Seidman: Got it. Yeah. Yeah, I don't think yeah, good.\nDaniel Walsh: I think it Would AFS work same way.\nGerry Seidman: And that's the book. No, I guess would work. I don't,\u2026\nDaniel Walsh: What?\nGerry Seidman: I don't know why it's out of my pay grade but if I \u2026\nDaniel Walsh: So, you think Andrew would allow that?\nGerry Seidman: I believe. So I could run a quick check, but I believe it does. But take that as a qualified. Yes.\nDaniel Walsh: All right, so yeah, when you were showing the additional layer store, you have a tool.\nGerry Seidman: And hopefully, I'll play it in this representational image store.\nDaniel Walsh: No, no additional. But I liked a lot of lights and it'd probably be helpful. If we got some of those slides up to basically describe all this stuff all works the ALS Though.\nGerry Seidman: Every.\nDaniel Walsh: You say there's a fuse file system that's required, we is that fuse file system open source at this point.\nGerry Seidman: It's an implementation specific thing, the start the MTT one, the star gz one is the orcer.\nDaniel Walsh: Right. Okay.\nGerry Seidman: One is not but\nGerry Seidman: It's a Long story. As to why or store is not open source? We'd love to be.\nDaniel Walsh: Right.\nGerry Seidman: We just can't eat and build in source.\nDaniel Walsh: That's fine. So, you have a tool that is creating these additional layer stores.\nDaniel Walsh: in a format that we can get some to buy making consume. Hi.\nGerry Seidman: Yep.\nGerry Seidman: Yeah, yeah, I think it's that the image layer digest to layer, the orcer layer volume. Configuration is, this is shared by the server and the service that creates them as well as the client. yeah.\nDaniel Walsh: and lastly, the\nGerry Seidman: Anything and there's a little thing I want it. Also mentioned Big organizations that have a lot of apps over. A lot of time have a lot of problems with Cullen. when when you call something and our customers are always asking what can we do to help and it's not a lot we can do to help because you can only at best in for certain things, but and the container images you have this an even worse problem because you are Ask you be, cashed far away, and have it for a long time. And so we posited that we could get some some users metrics from our ALS drunk from our fuse driver. Of the weather layers are being used, would you?\n00:50:00\nDaniel Walsh: Yeah. So if he had a layer that has been used in three years that you can get rid of it.\nGerry Seidman: Right. Exactly.\nDaniel Walsh: other questions, anybody?\nDaniel Walsh: So, why would you prefer to use ALS rather than just doing? Ais.\nGerry Seidman: This. One is the dynamic nature of it that there's no pull. The other with. Areas is, I would have to figure out how to do it. Because I'm mapping, I'd have to do something in image store, to do From. The appropriate path where ALS jumps off. where was storage? as it's just the standard storage, overlay slash blah. I don't know how I would even look into that without doing some. Plumbing. In story. Right.\nDaniel Walsh: I guess, lastly, the reason've people have said they won't use Ais in the past has been laden. so that you're running a container, it's running fine for a long period of time and\u2026\nGerry Seidman: Okay.\nDaniel Walsh: then all of a sudden decides to access some piece of data that is in cash. And It goes into a pause.\nGerry Seidman: Yeah, I mean but yes the answer is one of the events of a alsover. Over AIS in that regard is the cash. If you hit something, you haven't hit the long time. it may still be in the cash for the NFS. You're always doing it whether you voted it recently or not. Could be cashing is much.\nGerry Seidman: And not as good. which,\nGerry Seidman: and one of the things they did in East RG, the Star Gz project which we have talked about doing as well to That problem is to create a manifest of files to pull the pold to populate to feed the cash. When I was at Redhead Summit, I spoke extensively with somebody who works as a cruise line and a ship is one giant. Open ship cluster. And they have a lot of pain bouncing that off of a satellite network. That's extensive and slow and loss and unreliable.\nGerry Seidman: So to meet their needs, we talked about adding functionality of, like I said, a seat a seed, set of these are files, you should preload and those can be obtained by observing fire runs of the application on. That's already implemented again in Star Gz, You look at there's a way to somehow I forget how but somehow specify however how to pre-pull Anyway this is funny because it sounds the fast start but by default it then lazy loads the whole image. So you're going to fast start, but eventually you have all the fossils.\nTom Sweeney: Okay, I'm gonna have to hold questions here because we are way over time and\u2026\nGerry Seidman: So sorry.\nTom Sweeney: yeah, no problem. but thank you Gerry's, very interesting. And if we'd love to have you back in the future,\nGerry Seidman: Okay, I'm gonna post that I post. Only I possibly, you guys have. Yeah. Hopefully that wasn't too fast.\nTom Sweeney: Yeah, we have the link.\nTom Sweeney: That briefly.\nMatt Heon: That's delay until Monday. Four minutes is a little late to talk about this and I don't want pushes. or without we'll delay this,\u2026\nTom Sweeney: Okay.\nMatt Heon: until next time we can\nTom Sweeney: Okay, yeah, it's gonna be a couple.\nDaniel Walsh: I get.\nTom Sweeney: Yeah. This.\nDaniel Walsh: Yeah, just for those I guess we're not gonna start for another week for that sex is what bottom line, right?\nMatt Heon: Yeah, at this point I would like to get things rolling but we can probably get the ball rolling during the planning on Tuesday and then see things roll from there. I would hope to have an RC out in two weeks maximum.\n00:55:00\nTom Sweeney: Yeah, and our end goal for four sixes to have something out by mid to late August.\nMatt Heon: No, that's four seven and go for four,\u2026\nMatt Heon: six is to have something out very early July. Hopefully\nTom Sweeney: But much more expedient that I had Given that I think I'm going to wrap up this meeting and just I do.\nGerry Seidman: I'm going to question\u2026\nTom Sweeney: No, I do the Sure.\nGerry Seidman: if I make is really advanced when we met you, we talked about there should be a man page other than storage on Conf Where would man information go? I can't think of any place because there's no just storage.com Good.\nDaniel Walsh: Right. You're going to Storage.com. Yeah.\nGerry Seidman: Okay, I just wanted to confirm that. Thank you.\nTom Sweeney: Okay, so our next cabal meeting will be on July 20th. Same time, 11 o'clock in the morning eastern time and then our next community meeting will be happening on Tuesday, August 1st. I'd like to thank Gerry very much for coming here. Presenting today is great information and for everybody participating and with that, I'm going to turn off the recording.\nTom Sweeney: And so many buttons to click to turn off the recording, Anybody want to say anything or comment anything? Without recording going on.\nTom Sweeney: Because a big fat no and say let's go get some lunch dinner and get out of here. Right.\nDaniel Walsh: Nope. Gerry I'm glad I could attend but I was supposed to be on a flight out to Europe and never made\u2026\nGerry Seidman: I'm glad you got made it\u2026\nDaniel Walsh: So, I'm stuck in DC right now. So,\nGerry Seidman: hopefully, it clarified a little bit more what we're doing.\nDaniel Walsh: Yeah, know I found an interesting. It's\nGerry Seidman: Yeah. This scary thing is how incredibly simple it is. and\u2026\nDaniel Walsh: yeah.\nGerry Seidman: it works because we have a million lines of code of a really good secure distribution policy system underneath but the ALS part and\u2026\nDaniel Walsh: Right.\nGerry Seidman: they container part it's trivial.\nDaniel Walsh: What was AFS first introduced,\nGerry Seidman: It isn't a history of the brief history. once upon a time, There were no computer science departments, there were math, departments at ED Departments, and back in 1982, CMU was forming a computer science department and IBM. And if you want to start a department, you need researchers to pull it in. So, I'd be able to length and seven of the researchers, when IBM did real research and gave them 35 million dollars and said, Focus on distributed computing. And that was the start of the CMU Department and the start of the Andrew project.\nGerry Seidman: And many things came out of the Andrew Project. IBM's distributed transaction processing system came out of that and they made a billion dollars on that. So they got their money back in spades and the end system came out of it, too. the intention was to spin off companies FS on into plans are IBM, which was a product. No idea in real life, AFS doesn't sell hardware and they decided sunset, it and ended up and open source. and it struggled in open source and forest formed by them primary open source, people to Make it good. And he mentioned,\u2026\nDaniel Walsh: It's cool.\nGerry Seidman: who's using it, by the Department of Defense is used by Horn of Energy. She's my major banks, many different use cases.\nTom Sweeney: The PCE back in the day. Also, Do you know was a part of DCE distributed computing environment.\nGerry Seidman: it was,\u2026\nTom Sweeney: That was a\nGerry Seidman: There was a fork of it. That went into that, I think. Again, that's way before my time. You\u2026\nDaniel Walsh: Thank you.\nGerry Seidman: I'm relatively new to this world. In historical.\nDaniel Walsh: Dte DC came a few years later. So,\nGerry Seidman: Yeah.\nTom Sweeney: There are some early 90s.\nDaniel Walsh: but,\nGerry Seidman: Yeah. What happened was got Guam density, Athena project. If you remember the Athena project MIT, which you did okay.\nDaniel Walsh: I worked on it being a project, so\nGerry Seidman: Which led to some licensing issues and it issues and questions that Dot, It was a different world. But how software was?\nGerry Seidman: Used by different people.\nTom Sweeney: Banner,\u2026\nDaniel Walsh: Yeah.\nTom Sweeney: you're making it to check. Are you coming back to me?\nDaniel Walsh: I am making it to check and flying out at 5:30 tonight. And Mandela,\u2026\nTom Sweeney: Choices.\nDaniel Walsh: I'm right outside of Dulles airport right now. Waiting to Have any extended stay at a hotel room.\nDaniel Walsh: Late. Check out.\nTom Sweeney: Yikes.\nDaniel Walsh: alright. Good Gerry, good step, one done. I need step two, three four. And we'll\nGerry Seidman: Okay, I've written the documentation, but the problem is that, I think I wrote too much For the Man page but I'll run that by you.\n01:00:00\nDaniel Walsh: Yeah, you're probably confused the all right.\nGerry Seidman: Excuse me.\nDaniel Walsh: You'll probably confuse everybody by putting a huge section. Yeah.\nGerry Seidman: The Man page for AIS is one line. Put stuff here.\nGerry Seidman: I could do that too.\nDaniel Walsh: Alright.\nGerry Seidman: Thank you guys. Have a great afternoon.\n")))}_o.isMDXComponent=!0;const Xo={},$o="Podman Community Cabal Meeting Notes",ei=[{value:"July 20, 2023 11:00 a.m. Eastern (UTC-5)",id:"july-20-2023-1100-am-eastern-utc-5",level:2},{value:"Attendees:",id:"attendees",level:2},{value:"July 20, 2023 Topics",id:"july-20-2023-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"Passwd and group entry handling with --user, etc. issue (0:354 in the video) - Justin Jereza",id:"passwd-and-group-entry-handling-with---user-etc-issue-0354-in-the-video---justin-jereza",level:3},{value:"ipfs integration into Podman - Anders Bjorklund",id:"ipfs-integration-into-podman---anders-bjorklund",level:3},{value:"Podman Release (32:33 in the video) - Matt Heon",id:"podman-release-3233-in-the-video---matt-heon",level:3},{value:"Open discussion (: in the video)",id:"open-discussion--in-the-video",level:4},{value:"Next Meeting: Thursday, August 16, 2023, 11:00 a.m. EDT (UTC-5)",id:"next-meeting-thursday-august-16-2023-1100-am-edt-utc-5",level:3},{value:"Possible Topics",id:"possible-topics",level:2},{value:"Next Community Meeting: Tuesday, August 1, 2023, 11:00 a.m. EDT (UTC-5)",id:"next-community-meeting-tuesday-august-1-2023-1100-am-edt-utc-5",level:3},{value:"Possible Topics:",id:"possible-topics-1",level:3},{value:"Raw Meeting Chat:",id:"raw-meeting-chat",level:3},{value:"Raw Google Meet Transcript",id:"raw-google-meet-transcript",level:3}],ti={toc:ei},ni="wrapper";function ai(e){let{components:t,...n}=e;return(0,ce.kt)(ni,(0,Q.Z)({},ti,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("h2",{id:"july-20-2023-1100-am-eastern-utc-5"},"July 20, 2023 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h2",{id:"attendees"},"Attendees:"),(0,ce.kt)("p",null,"Aditya Rajan, Anders F Bj\xf6rklund, Ashley Cui, Ed Santiago Munoz, Jake Correnti, Justin Jereza, Lokesh Mandvekar, Martin Jackson, Matt Heon, Miloslav Trmac, Mohan Boddu, Nalin Dahyabhai, Paul Holzinger, Tom Sweeney, Valentin Rothberg"),(0,ce.kt)("h2",{id:"july-20-2023-topics"},"July 20, 2023 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"passwd and group entry handling with ",(0,ce.kt)("inlineCode",{parentName:"li"},"--user"),", etc. ",(0,ce.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/18903"},"issue")," - Justin Jereza"),(0,ce.kt)("li",{parentName:"ol"},"ipfs integration into Podman - Anders Bj\xf6rklund to kick off",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"See ",(0,ce.kt)("a",{parentName:"li",href:"https://github.com/containerd/nerdctl/blob/main/docs/ipfs.md"},"https://github.com/containerd/nerdctl/blob/main/docs/ipfs.md"),"\nit is about peer-to-peer image distribution, using OCI ",(0,ce.kt)("a",{parentName:"li",href:"https://github.com/containerd/stargz-snapshotter/blob/main/docs/INSTALL.md#install-stargz-store-for-cri-opodman-with-systemd"},"estargz")," format"),(0,ce.kt)("li",{parentName:"ul"},"Question for containers/image, fallback is ",(0,ce.kt)("inlineCode",{parentName:"li"},"localhost:5050/ipfs/"),"\n(proxy server from IPFS, started with ",(0,ce.kt)("inlineCode",{parentName:"li"},"nerdctl ipfs registry serve"),")")))),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://youtu.be/O-6RWIcIvqk"},"Recording")),(0,ce.kt)("p",null,"Meeting start 11:05 a.m. Thursday, July 20, 2023"),(0,ce.kt)("h3",{id:"passwd-and-group-entry-handling-with---user-etc-issue-0354-in-the-video---justin-jereza"},"Passwd and group entry handling with ",(0,ce.kt)("inlineCode",{parentName:"h3"},"--user"),", etc. ",(0,ce.kt)("a",{parentName:"h3",href:"https://github.com/containers/podman/issues/18903"},"issue")," (0:354 in the video) - Justin Jereza"),(0,ce.kt)("p",null,"Docker wasn't able to create the uid/gid correctly, but Podman was. Justin showed a script that showed the steps used to test Docker and Podman to show the issue. Docker doesn't create the entries in user/passwd files, while Podman does."),(0,ce.kt)("p",null,"He ran through a number of man pages for Podman, showing where this was going on."),(0,ce.kt)("p",null,"Just is suggesting adding/modifying these options:"),(0,ce.kt)("h1",{id:"do-these-options-continue-to-add-a-passwdgroup-entry-or-is-it-a-bug-because-it-doesnt-follow-the-docker-behavior-exactly"},"Do these options continue to add a passwd/group entry or is it a bug because it doesn't follow the Docker behavior exactly?"),(0,ce.kt)("h1",{id:"docker-behavior-doesnt-add-passwdgroup-entry"},"Docker behavior doesn't add passwd/group entry"),(0,ce.kt)("p",null,"--user\n--group"),(0,ce.kt)("h1",{id:"retain-these-and-add-passwdgroup-entry-to-the-container-from-the-host"},"Retain these and add passwd/group entry to the container from the host"),(0,ce.kt)("p",null,"--userhost\n--usergroup"),(0,ce.kt)("h1",{id:"these-continue-to-function-as-they-currently-do"},"These continue to function as they currently do."),(0,ce.kt)("p",null,"--passwd-entry $(getent passwd $UID)\n--group-entry $(getent group $GID)"),(0,ce.kt)("p",null,"Using these options he's proposing adding to the pertinent files on the host for each of these options."),(0,ce.kt)("p",null,"The discussion started in the issue noted in the title. Please review and add comments there."),(0,ce.kt)("p",null,"Matt in concerned that there may be resistance about moving some of this functionality away from the system."),(0,ce.kt)("p",null,"Split the problem into to fixes. Make --user/--group work as Docker does."),(0,ce.kt)("p",null,"Paul asked if the difference in user/group between Docker/Podman is a problem? Justin doesn't see a bad effect to that. He's OK with it as is. Paul's worried that changing that now for user/group might cause a change in behavior that others would not be happy with. Justin is brining this difference up only due to it being different, not necessarily that it's wrong. "),(0,ce.kt)("p",null,"Matt believes the current functionality was added as a convenience sometime in the past. He also think we could firm up the documentation here as to the whys of the behavior."),(0,ce.kt)("p",null,"Justin is OK with retaining the current user/group behavior."),(0,ce.kt)("p",null,"Just says we're using a groupID in a groupName field, and Miloslav said that's a bug if that's happening. We should be creating a name if one is not getting there."),(0,ce.kt)("p",null,"This is a food for thought, and he'd like people to consider it going forward."),(0,ce.kt)("p",null,"Issue of note: ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/issues/18903#issuecomment-1595048047"},"https://github.com/containers/podman/issues/18903#issuecomment-1595048047")),(0,ce.kt)("p",null,"Matt is going to tag Dan Walsh on the GitHub issue to see if he can comment on this."),(0,ce.kt)("p",null,"Jason is Teminus in Matrix/IRC."),(0,ce.kt)("h3",{id:"ipfs-integration-into-podman---anders-bjorklund"},"ipfs integration into Podman - Anders Bjorklund"),(0,ce.kt)("p",null,"Postponed"),(0,ce.kt)("h3",{id:"podman-release-3233-in-the-video---matt-heon"},"Podman Release (32:33 in the video) - Matt Heon"),(0,ce.kt)("p",null,"Podman v4.6 RC2 now, final today. Podman v4.6.0 today. Planning to do Podman v4.7 in early fall. Then a Podman v4.8 in a February 2024 time frame."),(0,ce.kt)("p",null,"Podman v4.6 is a relatively large release. A number of podman machine fixes/stabilizations. Podman v4.6.1 should be out in a couple of weeks, in early/mid-August. V4.7 should have some Hyper-V improvements for the podman machine. Also, podman compose improvements."),(0,ce.kt)("p",null,"Usually, a 4 to 6-week process to get into CoreOS via the stabilization soak process for any Podman release."),(0,ce.kt)("h4",{id:"open-discussion--in-the-video"},"Open discussion (: in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"None")),(0,ce.kt)("h3",{id:"next-meeting-thursday-august-16-2023-1100-am-edt-utc-5"},"Next Meeting: Thursday, August 16, 2023, 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h2",{id:"possible-topics"},"Possible Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"None Discussed")),(0,ce.kt)("h3",{id:"next-community-meeting-tuesday-august-1-2023-1100-am-edt-utc-5"},"Next Community Meeting: Tuesday, August 1, 2023, 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h3",{id:"possible-topics-1"},"Possible Topics:"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"None Discussed")),(0,ce.kt)("p",null,"Meeting finished 11:43 a.m."),(0,ce.kt)("h3",{id:"raw-meeting-chat"},"Raw Meeting Chat:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Justin Jereza10:56\u202fAM\ncan you here me ok?\nYou10:56\u202fAM\nI can not hear you at all\nJustin Jereza10:56\u202fAM\ngonna see if i can fix it.\nYou10:56\u202fAM\nI can see you just fine.\nJustin Jereza10:58\u202fAM\ni'll just use a phone for audio. mic doesn't seem to be working well on fedora.\noh wait, that only works in the US. heh\nJustin Jereza10:59\u202fAM\ni'll reconnect and see if it works.\nJustin Jereza11:01\u202fAM\nis my audio working now?\nEd Santiago Munoz11:01\u202fAM\n@Justin I see your lips moving, and you're unmuted, but do not hear you.\nEd Santiago Munoz11:06\u202fAM\nAudio is very very bad\nYou11:16\u202fAM\nhttps://github.com/containers/podman/issues/18903\nValentin Rothberg11:28\u202fAM\ntime check\nPaul Holzinger11:28\u202fAM\nI have to drop\nYou11:31\u202fAM\nI'm going to go to 40 past the hour on this, then on to Matt, we have no other topics.\nJustin Jereza11:34\u202fAM\nhttps://github.com/containers/podman/issues/18903#issuecomment-1595048047\nJustin Jereza11:35\u202fAM\nTerminus in #podman IRC/matrix channel.\nYou11:43\u202fAM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nAditya Rajan11:44\u202fAM\nthanks justin !\nMohan Boddu11:44\u202fAM\nThanks Justin\nxrq-uemd-bzy\n")),(0,ce.kt)("h3",{id:"raw-google-meet-transcript"},"Raw Google Meet Transcript"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Transcript\nThis editable transcript was computer generated and might contain errors. People can also change the text after it was created.\nTom Sweeney: Okay, everybody. Welcome to the Batman Community. Cabal meeting today is Thursday. July 20th, 2023. We have two topics for today. The first one is about password and group country handling with desktop user and etc. That on Justin's gonna be leaving us on. We also had a discussion about Ipfs integration department lined up over, Dan and Brent are both not here and Anders, who would kind of kicking that off for us, was kind of saying that. Maybe we ought to wait off for that. Once I think we're not going to discuss that much. We have Somebody with strong opinions to do so today. And then Matt you wanted to talk a little bit about pot Versions coming out to\nMatt Heon: Sure I can give us another video that's\nTom Sweeney: Okay, go and talk about that after Justin finishes. So with all that, just welcome to the meetings. Nice to have you here. And please leave it off.\nJustin Jereza: just, Going forward.\nJustin Jereza: Okay, so I said, put my plug in the issue that she could make up to the hospital and said. It's scary. And\nValentin Rothberg: No.\nTom Sweeney: Yes, it looks good.\nJustin Jereza: Happens. Is that\nJustin Jereza: but,\nJustin Jereza: Okay, so what happens?\nJustin Jereza: create password and the bottoman base. So that's\nJustin Jereza: so he followed by the office, why\nJustin Jereza: The problems. Where he?\nJustin Jereza: So, you can see here.\nJustin Jereza: That's the problem. so,\nJustin Jereza: so this thing that we'll find it. And it's a series of Department of events that you.\nJustin Jereza: That's the senior, and File. And finally,\nJustin Jereza: So that's even presentation. There. Yes.\nJustin Jereza: And I think Chris also got the supposed and that this Are almost.\nJustin Jereza: presentation. and finally,\n00:05:00\nJustin Jereza: that's US Open. before, like, He?\nJustin Jereza: post and with just\nJustin Jereza: And that's what he\nJustin Jereza: so we know for acceptable commandments.\nJustin Jereza: In this case, 25 with the possibility of adding something either. Which were I don't do the same thing. This user host was just take the bathroom people that are so moving experiment. I think we can actually useful person in certainly. And just did and just innovation somewhere that you can do the classroom and password you.\nJustin Jereza: And that would eliminate those three. And so far, I hope the industry much\nJustin Jereza: So that's the community. What? It boils down to we have These six options and how do we move forward from there? And the presentation give him what's mentioned in the issue and what\nJustin Jereza: the status.\nJustin Jereza: So I don't I think that's it. You guys have any comments on this?\nTom Sweeney: I have a hard time following a little bit as well just know, because the audio was kind of Creaky or monthly I guess. I don't know. Any Valentin or Matt. Do you have any thoughts based on this or the discussion that's been going on? And issues.\nValentin Rothberg: no, I did not follow the issue, so I guess it will be hard To, I guess find consensus now in the meeting. on how to move forward, but thanks a lot for the problem. how would you prefer to move forward? Justin?\nTom Sweeney: Ation.\nJustin Jereza: He mentioned in.\nTom Sweeney: Ation.\nTom Sweeney: Ation.\nJustin Jereza: Okay.\n00:10:00\nJustin Jereza: There are.\nJustin Jereza: Of what he? About where as the corresponding. Password entries into the container energy that Doctor doesn't have.\nJustin Jereza: The second part.\nJustin Jereza: You Want to show you often a different example.\nJustin Jereza: What he\nJustin Jereza: and create a course on YouTube option, that would be the same for groups. Even. We place the objects or remove the entirely and need able to presentation. that you\nJustin Jereza: I said,\nJustin Jereza: The time.\nMatt Heon: Comments after everything.\nJustin Jereza: sorry, I\nTom Sweeney: I've just added it.\nJustin Jereza: saw the Side. And\nTom Sweeney: It's in the.\nTom Sweeney: Yeah, it is in the agenda, not just added it into the Google meet chat as well\u2026\nJustin Jereza: yeah.\nTom Sweeney: if that's easier.\nMatt Heon: I will say that there's going to be resistance to the idea of moving any functionality away from existing, I can use this. That is The reason we added a lot of this was for convenience and we recognize that it's not necessarily completely compatible Maybe it's not been cases The ability to just do and use your smile user and gets a fairly musical session is important. So I think that we don't necessarily want to take\nJustin Jereza: so, I'm thinking basically how about just organizations down here. So,\nJustin Jereza: okay, reduce to lose you.\nJustin Jereza: and Then for user Presentation says, but he\nJustin Jereza: And that's\nJustin Jereza: then finally, He?\nMatt Heon: I don't know if we want to stream sleep system behavior. You can definitely additional offense that are going to guarantee creation of guarantee modification. The password, I'm not at all close to that, thought it always that. If we were to modify the behavior of existing usually group options, we are going to break people. It is hardly\n00:15:00\nJustin Jereza: The user options. Anything like you just and us and that's what.\nJustin Jereza: lead to, I just\nJustin Jereza: Completely others are how? And yeah.\nJustin Jereza: You thought so then?\nPaul Holzinger: So, maybe the question is What does the problem with? Adding the Entry, it is then actual problem, like something preventing you from getting us to work. Or it's just a different in, if you look at the fire because I don't, See. Why your container image would care that much,\nJustin Jereza: yes, I don't think. That he needs it from how God, it deserves as an impact. Okay. Yes if\nJustin Jereza: I don't really see any. So, If you guys inside that, Hector, and it's okay. But I think that, okay.\nPaul Holzinger: Yeah, because if we would remove adding the entry, then stuff could change behavior, right? If you ask what's your username in the container? If there's no entry Then You cannot know. So, for Portman uses that, it's a potential recreation and we try to avoid making this change. And if there's no reason for this change, just other than toca compat, but there is no one who breaks. I don't see why Be sure to change it at all,\nJustin Jereza: It's yes, a difference in behavior, not that I really believe that. it's 25 anything wrong with And differently. The problem that's handled.\nMatt Heon: If I remember correctly, this was originally added as convenience functionality, or ruthless pot man. I don't remember the exact context of that that there is a reason why we put it in the first place. if I had an opinion here would be that it's That it's not consistent because I'm 90 I don't have the code in front of me, but I kind of remember what it looks like. And I'm pretty sure the 90% of circumstances were not going to change password and group, but in the 10% circumstances that we do, it could be confusing. So we definitely have a documentation problem It's not going to be clear to users. Why these changes? Have. But what do you call it? I don't necessarily know.\n00:20:00\nPaul Holzinger: Seen the big use case, I think is the user anders keep which sets your user ID and then in the container you want, the classic Toolbox use case basically so, You want your user copied in and\u2026\nJustin Jereza: He?\nPaul Holzinger: and behave it, The same. I think it was probably edit because of something like that.\nJustin Jereza: I think that basically just thoughts, and in the editor that I can see, And I think that's the three box situation where you would want it. That's inviting so, I did where it's a reason. Why this in You should increase. so,\nJustin Jereza: I think that's a good.\nJustin Jereza: Within the big nation. Yeah.\nJustin Jereza: The next thing happened. we're getting the functionality of the group. the other thing is,\nJustin Jereza: I like this. Okay.\nJustin Jereza: The name of the user. And so it's the line that shows you. And in this case instead of coffee, which I believe in this case, yes, that's the name of the house. He?\nJustin Jereza: Said.\nJustin Jereza: I did, he just\nJustin Jereza: I mean problems and\nJustin Jereza: Keep. I just\nMiloslav Trmac: Okay, I think using group ID in the Group Name. Field is just not going to work. So if we are doing that, I don't know whether it's about that we can always fix. I'm not familiar with the code but there's definitely something\nJustin Jereza: So let's\n00:25:00\nJustin Jereza: Know.\nMiloslav Trmac: Bottle bubbly. I mean we kind of invent an entirely new random name. Just the principle of the thing is that there has to be a name India.\nMiloslav Trmac: Or. Maybe actually not. I'm sorry\u2026\nJustin Jereza: So I guess one way to think about this,\u2026\nMiloslav Trmac: if you are Edina and entry.\nJustin Jereza: this will you mind space on whether they're actually?\nJustin Jereza: So in the case of, I think that options they should follow you in this case, The. Saves me. But he accepts and happening on both. when it comes into the containment and not presentation,\nJustin Jereza: and then,\nJustin Jereza: that's,\nJustin Jereza: But if we did have that, then both of these will also look at the host.\nJustin Jereza: Coffee here. It's probably really the last two. Which should allow me to. I\nJustin Jereza: And so password, and something that has books\nJustin Jereza: You and the same, it's good for you to hold and Just talking.\nJustin Jereza: the wheels are the people who really\nJustin Jereza: Wow, happy and the post.\nJustin Jereza: Silently as well.\nJustin Jereza: But I think if\nJustin Jereza: and the issue I\nJustin Jereza: Specifically. And whether they should be probably from the host or not,\nJustin Jereza: It's here.\nTom Sweeney: So I'm hearing a bit of silence here and I think people need some time to digest and take a look at the issue on Github and we probably ought to wrap this up in a few more minutes just in. Is there anything else you'd like to ask her say\n00:30:00\nJustin Jereza: It just something that has to solved immediately, it's just\nJustin Jereza: it's right education.\nJustin Jereza: and there are matrix. so,\nMatt Heon: I'm going to tag Dan Walsh on this issue. That is like, he's not in the meeting right now, but I think it was the original instigator behind Ad.\nJustin Jereza: Yeah. So if you have any more and protectively, we're done.\nJustin Jereza: if you guys think I've been right, yeah.\nJustin Jereza: that's,\nTom Sweeney: Sorry, I'm talking away on mute which isn't very helpful at all. Justin, thank you so much for coming today and getting this discussion going and I'm sure it will continue on inside Github and I RC and Matrix going forward. Matt's, you have plot, Coming up pretty soon. You want talked about that a little bit.\nMatt Heon: Let's see. So we are getting ready for for six. We are in Rc2 right now and Ashley correct me if I'm wrong but I expect a final release and\u2026\nJustin Jereza: E.\nMatt Heon: sometime early next week. Is that what we were planning or am I wrong?\nAshley Cui: I thought we were putting the release today.\nMatt Heon: Okay, that's early that I was expecting but that gives everyone something to look forward to after this so pod, 4 6, final probably. Today, we are still expecting to do a four seven. We were expected to do with this summer, but honestly, at this point, it's probably gonna slip into September, but I would expect a four seven in early fall, I would call it and then a four eight somewhere in the February ish timeframe. four six it's a moderately large release, it's a fairly substantial feature release. It's been a while since I looked at the, What do you call the voice notes? But it's gonna have some interesting things. I think this is not\nMatt Heon: Is this one of the bigger releases for what? I call it Admin Machine? I'm thinking we added something big there at the point is slipping my mind.\nAshley Cui: Not a big feature, but a big fix. I think for stabilization.\nMatt Heon: That's worse. Yeah, we have a lot of bug fixes in system service. We have a spattering of each releases everywhere and generally speaking, I am expecting a 461 and a week or so that'll have a bunch of public fixes it based on any issues, the release happens. And then of course seven maybe six weeks thereafter and four seven is going to include a couple other interesting features. I'm hopeful that we can get some additional windows support in the pot and machine, especially man on hyper-b. We're putting a lot of work in there and I don't want to speak for Brett because he's not here. Maybe we will also have some things. osx native virtualization. let's see. and that's probably the odd, man, composed work that Valentin has been working on the other that just landed. So, feel free to look at that comments.\n00:35:00\nMatt Heon: Yeah, that's about it Wise any questions?\nTom Sweeney: I'm hearing silence.\nAnders F Bj\xf6rklund: When would this come to the apartment machine or core OS?\nMatt Heon: Usually, we expect that poor to six week. Basically, we have to get into fedora. Then we have to work our way through the fedora core os, unstable, streams until it's in stable. So, we usually expect to lag by about a month six weeks. It could easily be faster on that, but it usually takes this year or a couple weeks beyond that, so you get at Paul's compose. Exactly. So there is a substantial time.\nTom Sweeney: Must not this particular Pac-Man release but any partner released in general, right?\nMatt Heon: Yeah. If it is a particularly important noise, if we had some absolutely critical bug fixed in, there are ways we can expedite, but we prefer not to do that because it puts more workload on us, it with your work, run the F cost team. And generally speaking, no one likes doing this. So, if we do not have something extremely urgent, we're going to go through the soap process which\nTom Sweeney: It sounds good. Right, I'm not sure if I mentioned this after I started the recording but we're going to pass on the ipfs integration into Pod man topic that we had on the agenda today we're going to push that out later or perhaps even postpone it further discussions to go offline on that and then given that I am going to open up to any topics or questions at this point in the open discussion session. If I have anything they want to talk about or ask questions about\nTom Sweeney: It's two centigrate equipment. you're considering I'll just note when our next For the Cabal again will be Thursday. August 16th 2023 at 11am in our community meeting is coming up very soon. It's actually just a little under two weeks now, I guess. And that's going to be on Tuesday, August 1st. Also at 11:00 am. I would love to have topics for other? I have one topic for the community meeting at what it is right now but I don't have any flickable at this point. So if you have suggestions for topics that you'd like to see or presentation better yet present on Friday, those meetings, I'd love to hear one last call. Any further questions, comments. Why is I'll stop the recording?\nJustin Jereza: And sorry guys. I\nMeeting ended after 00:38:36 \ud83d\udc4b\n")))}ai.isMDXComponent=!0;const oi={},ii="Podman Community Cabal Meeting Notes",si=[{value:"September 21, 2023 11:00 a.m. Eastern (UTC-5)",id:"september-21-2023-1100-am-eastern-utc-5",level:2},{value:"Attendees:",id:"attendees",level:2},{value:"September 21, 2023 Topics",id:"september-21-2023-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"Default settings for Podman 4.7",id:"default-settings-for-podman-47",level:4},{value:"Open discussion",id:"open-discussion",level:4},{value:"Next Meeting: Thursday, October 19, 2023, 11:00 a.m. EDT (UTC-5)",id:"next-meeting-thursday-october-19-2023-1100-am-edt-utc-5",level:3},{value:"Possible Topics",id:"possible-topics",level:4},{value:"Next Community Meeting: Tuesday, October 4, 2023, 11:00 a.m. EDT (UTC-5)",id:"next-community-meeting-tuesday-october-4-2023-1100-am-edt-utc-5",level:3},{value:"Possible Topics:",id:"possible-topics-1",level:4},{value:"Raw Google Meet Transcript",id:"raw-google-meet-transcript",level:3}],ri={toc:si},li="wrapper";function hi(e){let{components:t,...n}=e;return(0,ce.kt)(li,(0,Q.Z)({},ri,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("h2",{id:"september-21-2023-1100-am-eastern-utc-5"},"September 21, 2023 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h2",{id:"attendees"},"Attendees:"),(0,ce.kt)("p",null,"Aditya Rajan, Anders F Bj\xf6rklund, Ashley Cui, Ed Santiago Munoz, Jake Correnti, Justin Jereza, Lokesh Mandvekar, Martin Jackson, Matt Heon, Miloslav Trmac, Mohan Boddu, Nalin Dahyabhai, Paul Holzinger, Tom Sweeney, Valentin Rothberg"),(0,ce.kt)("h2",{id:"september-21-2023-topics"},"September 21, 2023 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Default settings for Podman 4.7",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"zstd:chunked + gzip by default"),(0,ce.kt)("li",{parentName:"ul"},'default_rootless_network_cmd = "pasta" by default'),(0,ce.kt)("li",{parentName:"ul"},"Deprecate podman generate systemd"),(0,ce.kt)("li",{parentName:"ul"},"Deprecate CNI"),(0,ce.kt)("li",{parentName:"ul"},"Others")))),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://youtu.be/By7wb1tOvLc"},"Recording")),(0,ce.kt)("p",null,"Meeting start 11:02 a.m. Thursday, September 21, 2023"),(0,ce.kt)("h4",{id:"default-settings-for-podman-47"},"Default settings for Podman 4.7"),(0,ce.kt)("p",null,"RC1 is out now, possibly RC2 this week, and Podman v4.7 final next week.",(0,ce.kt)("br",{parentName:"p"}),"\n","Configuration changes discussion. SQLite DB is not default but is available. Matt would like to swap the default DB to SQLite for the v4.7 code. Not currently in the main branch, but can be done easily."),(0,ce.kt)("p",null,"Tom asked if it could be done for RC2. Might be too soon to release. Could we do Podman v4.8 in late Fall, then v4.9 in January 2024?"),(0,ce.kt)("p",null,"OK for 4.8, maybe to do for late November/Early December and then target RHEL 4.9 for RHEL."),(0,ce.kt)("p",null,"For 4.8 we will do SQLite, and then plan around what else will fit in there."),(0,ce.kt)("p",null,'Valentin brought up that there is work to be done before just flipping it. He also thinks we should not merge "features" into any RC. Can be toggled by containers.conf setting.'),(0,ce.kt)("p",null,"Podman v4.7 has branched, and changes to main can be done now with SQLite being the default."),(0,ce.kt)("p",null,"zstd:chunked not ready for primetime. Giuseppe says to push out for now and not deliver. Hopefully to be completed in the next few weeks. Maybe in time for RHEL 4.8. However, Valentin is concerned this might break existing images and it should be pushed to Podman v5.0. Risk management needs to be completed before we add it in."),(0,ce.kt)("p",null,"zstd:chunked needs a lot of soak before we deliver for RHEL. It won't be ready by Podman v4.8. A meeting to be held later to discuss delivery in more detail."),(0,ce.kt)("p",null,'Default network to "pasta". Paul doesn\'t think this is stable enough now. He wants to wait for networking stuff to get working. Mostly work to do in Podman, a little from the pasta project folks. We will need to get a prioritized card for pasta development. '),(0,ce.kt)("p",null,"About a week of coding for Paul, then dealing with port forwarding and adjusting from there. That's harder to estimate the time necessary. The team needs to prioritize this. Matt would like to see this in Podman v5.0. Users are using it now, and are fixing bugs and stabilizing."),(0,ce.kt)("p",null,"Podman v5.0 delivery sometime in early summer is current thinking, but not a commitment."),(0,ce.kt)("p",null,"A lot of the breaking changes anticipated for Podman v5.0 are 'podman machine' related, and less likely to be in the Podman commands."),(0,ce.kt)("p",null,"Podman v5.0 list of features doc to be put together by Matt in the next week or two."),(0,ce.kt)("p",null,"Deprecate podman generate systemd is deprecated, but not dropped. A warning is issued now, no new features only. It could be kept as deprecated for Podman v5.0."),(0,ce.kt)("p",null,"Matt talked about dropping CNI in Podman v4.8, Tom questioned if it should be Podman v5.0. Matt will put a deprecated notice in soon. Then Brent is fine with dropping on Podman v5.0, Brent to put it together."),(0,ce.kt)("p",null,"Ideally, Brent thinks Podman v5.0 in the early Spring 2024, then v5.1 before Summit in May 2024. Paul is concerned about showing too many warnings during runtime for CNI but is good with documenting."),(0,ce.kt)("p",null,"Tom to run down the deprecation notice of CNI in RHEL 9.3."),(0,ce.kt)("p",null,"Anything else to be changed in Podman v4.8? Brent would like a containers.conf version 2. Brent would like JSON.config to be the same for all providers in podman machine. Also, a transition from v4 to v5 of podman machine would not be a thing, to be debated."),(0,ce.kt)("p",null,"Brent is looking to not overtax the team on machine migration issues."),(0,ce.kt)("p",null,'Specgen work is also being considered for remote capabilities. We may also need code refactoring between "local" and "remote" within the code.'),(0,ce.kt)("p",null,"A discussion to be put into GitHub after the initial changes are identified by Brent, Mark, and Matt for what changes should be in Podman v5.0. So the community can add their own thoughts and requests there."),(0,ce.kt)("h4",{id:"open-discussion"},"Open discussion"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"None")),(0,ce.kt)("h3",{id:"next-meeting-thursday-october-19-2023-1100-am-edt-utc-5"},"Next Meeting: Thursday, October 19, 2023, 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h4",{id:"possible-topics"},"Possible Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"None discussed")),(0,ce.kt)("h3",{id:"next-community-meeting-tuesday-october-4-2023-1100-am-edt-utc-5"},"Next Community Meeting: Tuesday, October 4, 2023, 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h4",{id:"possible-topics-1"},"Possible Topics:"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"None discussed")),(0,ce.kt)("p",null,"Meeting finished 11:54 a.m."),(0,ce.kt)("p",null,"Raw Meeting Chat:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Brent Baude11:04\u202fAM\nis it the default in main branch ?\nYou11:06\u202fAM\nAnders, sorry about dropping you the first time, hit the wrong button\nMartin Jackson11:08\u202fAM\nThis was something we talked about previously doing for the 4.7 release\nMatt Heon11:09\u202fAM\nAnd then, unfortunately, completely forgot about... Other priorities intervened\nBrent Baude11:32\u202fAM\nno\nJake Correnti11:42\u202fAM\nget rid of migrateVM in machine. already tagged on gh\nBrent Baude11:54\u202fAM\ni have a question for the team ... but can go last, should be quick\n\n")),(0,ce.kt)("h3",{id:"raw-google-meet-transcript"},"Raw Google Meet Transcript"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"xrq-uemd-bzy (2023-09-21 11:02 GMT-4) - Transcript\nAttendees\n\nAnders F Bj\xf6rklund, Ashley Cui, Brent Baude, Chetan Giradkar, Christopher Evich, Ed Santiago Munoz, Giuseppe Scrivano, Jake Correnti, Leon N, Lokesh Mandvekar, Martin Jackson, Matt Heon, Mohan Boddu, Nalin Dahyabhai, Paul Holzinger, Shion Tanaka (\u7530\u4e2d \u53f8\u6069), Tom Sweeney, Tom Sweeney's Presentation, Urvashi Mohnani, Valentin Rothberg\nTranscript\n\nThis editable transcript was computer generated and might contain errors. People can also change the text after it was created.\n\nTom Sweeney: Good morning This is Thursday, September 21st, 2023 already just a few days away from fall. This is the Podman Community, Cabal meeting. We have just one discussion point today. So I hope people brought good questions for. So we can fill up some of the time that I'm sure we'll have. And with that said, I'm just going to turn it over to our one topic and Matt had decided to eat that and I'm sure Brent can also jump in. Also And let's talk about default settings for appointment 4.7 which just came up Matt.\n\nMatt Heon: Okay, so we have podman 4.7 rc1 out. Now we're looking for in RC\n\nMatt Heon: We might do an rc2 this week, I'll put it that way. And then we are definitely doing a 47 final next week just to get schedule out the way. And we're at a very late point in this release but it's still not too late for us to discuss certain configuration changes that we'd like to make because we'd like them to soak in Victor or for a while before we put them in Frankly but also because we'd like to get these out as soon as possible. So actually start using them. the more important ones here is switching default database. We had the SQLite driver added in odd, man for six, but we haven't made it default yet. We've been letting it sit and I think at this point, we're pretty happy with how stable it is. We've been running it through I extensively. We haven't had issues. So we would like to swap the default database from both DB to seek light for new installations only in 4.7\n\nMatt Heon: Going to be supporting the BOLD database and if you have a existing volt database you'll keep using it. But SQLite will be the default for new installs and four seven or at least we'd like it to be.\n\nMatt Heon: And I believe there were some other things called out in the default features.\n\nTom Sweeney: Before we go there, Brent had a question in the chat, Matt.\n\nMatt Heon: Sure, it is not the default in the main branch bread. So we would have to get this developed in over the next week. But at this point, this is an hours worth of code. So this is not a difficult thing to get.\n\nBrent Baude: I'm the only reason I asked is it would seem? I mean I want to make the change to so I'm supportive of whatever decision, the team makes, but it was seen reasonable That. For one development cycle, it would be the default in the main branch.\n\nBrent Baude: while we work on for eight or whatever ends up to be, Just so that. We have a little bit of silk time on our own hands.\n\nTom Sweeney: No, would it be possible to do that before our C2?\n\nMatt Heon: We were not initially planning on an rc2. If I worked on it this afternoon I think there's a decent chance we could get it all done. But it would be cutting it very close. Paul and Valentin. You and your answer.\n\nPaul Holzinger: And in my opinion doing this no is not in the purpose of doing an rc1 and it's not expectation and we say we are feature of frozen and we decide to change a critical default which the database is critical. So I,\n\nMatt Heon: Honestly, I don't know when this agenda item was added. I feel like it was intended to be discussed a lot sooner. So I think you're right about that. A lot of these are going to end up being 4.8. Regardless, we are too late in the cycles. Do major things. I don't necessarily view the sequel database as a major thing, just because how much we've tested it. But I agree with you that we are very late.\n\nBrent Baude: Can we not just we branched, right? So do the work and\u2026\n\nMatt Heon: Yeah, we're branch. We can easily throw all this stuff in main right now.\n\nBrent Baude: flick it now and make it a 4-8 target. That would mean, I'm kind of agreeing with Paul here in the sense that Maybelline features is sort of naughty on a release candidates. So, what's the downside of waiting other than it doesn't get out there?\n\nMatt Heon: I think that is the big downside. It's first release will be,\u2026\n\nBrent Baude: Okay.\n\nMatt Heon: it'll go out everywhere. Basically it'll go out to send stream rel etc.\n\nBrent Baude: But it would seem reasonable to me that if we want to soak it at the door, we should have soaked it in Maine. At least that's my Justin. I'll check out after that.\n\nMatt Heon: I'm not going to push too hard for making changes this late in the game. I mean, it's small enough that I would say it's doable but that doable and sensible are different things.\n\n00:05:00\n\nMatt Heon: Given that are we? Okay with saying, No big changes for seven? Let's just change this agenda item to say four, eight, because four eight is looking like our next big release.\n\nTom Sweeney: I have slight concerns of doing that, kind of change for real without it soaking Infidor first. Then we target a 48. Yeah, in between Here in Rome in February.\n\nMatt Heon: Let's see. We're gonna have four eight or four seven out late, September. If we want to do a 4/8 or late November early December, We could do that. It wasn't on the plan, but As long as it's just an upstream release. It doesn't add that much burden. To what we're doing. Does everyone agree with that?\n\nBrent Baude: This is I guess the downside of the forced March schedule. That we've In the past,\u2026\n\nTom Sweeney: Yeah.\n\nBrent Baude: we've Released when we're ready.\n\nBrent Baude: At this point. I could make a strong argument because Hypervy just missed. For seven. I can make a strong argument that I would want to if I was Making decisions and releases were easy. I'd want to 48 in a month.\n\nBrent Baude: but, that's a quicker cadence than we've done as quick and so we've done in a while, but it makes sense. So, that maybe what we need to do is say, before we will Do sequel light. And we need to go back now and talk about a release schedule for eight.\n\nMatt Heon: Valentin.\n\nValentin Rothberg: I think we need to start doing notes because we had this conversation multiple times and in this year, What we said for fedora or discussed was to just make it a conf setting and default it there. So we don't necessarily need to do that in the main garage but one thing we didn't test yet is I don't think we tested it. Is. We need to make sure that even more existing deployments even if we default to make sure that the existing policy database continues to be used. This is something that have not been done yet to my knowledge so we are not ready. To just flip it now. There's still some work to be done. on this front. With respect to.\n\nValentin Rothberg: Merging things into RC and I would block every feature into our RC's. it has a number of times and we came up with the document to never Merge features during RC base, and I think we should continue to stick to it. Otherwise, we just keep on Budding us in the mail. There's a specialty for things that haven't been properly tested or bigger things. They will always introduce regressions. And that is what makes the release process and in the past to make it hard. just a reminder on this front.\n\nTom Sweeney: So Europe, are you okay with doing the changes in a 4-8 for this going?\n\nValentin Rothberg: And sure as long as we're ready and as long as upgrade scenarios work. So what needs to work is that unless being specified in containers, where a user explicitly says I want to use SQLite or explicitly things set on the CLI, if the internal default from memory SQLite, there's an existing wall TP database we need to use this multi beat database, otherwise, On update users will not see any of their objects, containers, volumes networks, etc anymore.\n\nMatt Heon: contested, in my view, I\n\nValentin Rothberg: Our absolutely but it's an item that hasn't been done for many months now and it's something we need to do before, flipping the default and before refreshing it. It'm not saying it's hard, I'm just saying it needs to be done.\n\n00:10:00\n\nTom Sweeney: Yeah, where does 47 live? It's still up in Maine. Is the branch. Okay.\n\nMatt Heon: That's branched already. We branched before RCS.\n\nTom Sweeney: So we could make the changes of main at any point in time.\n\nMatt Heon: at this point after thinking about 4/8, the sooner the better otherwise we will forget about\n\nTom Sweeney: Yeah. That's my thinking as well.\n\nMatt Heon: Are I think we've come to a general decision here? That we're going to do The only question is how we're going to do for it, whether it's going to be in earlier release. We have a guaranteed release coming out in February, are going to do it release for that and have February before nine. So I think we can move on the assumption that the release schedule will be decided. Later is everyone comfortable?\n\nMatt Heon: All right, the next default we wanted to talk about was Z standard chunked. Plus Gzip split compression. We do not have any in the room. Discuss Anyone else here? Sufficiently comfortable with Formatting to talk about this because frankly, I'm not as up to speed on this as I should be.\n\nTom Sweeney: Giuseppe would be our other person, perhaps.\n\nValentin Rothberg: Yeah would also point to Giuseppe which Giuseppe you mentioned at least chunked isn't yet? Ready for prime time, right?\n\nGiuseppe Scrivano: Yeah, it's not really. There is still an open issue in continuous image, that needs to be merged. So I think we should postpone it for now.\n\nPaul Holzinger: I think what then was throwing around was always like that. You push this multi manifest thing with Statistity and Jesus. By default, I think that was what then wanted so that, new clients can benefit from the faster. So that's really pulls.\n\nGiuseppe Scrivano: Yeah, but still then first of all the feature it needs to be manually enabled and second it's not ready without The changes that the containers image, it's kind of broken.\n\nGiuseppe Scrivano: So, I mean it's fine for our performance, but Without that changes, it's not really usable, right?\n\nTom Sweeney: This is something that you think will be ready by a late November or February timeframe Giuseppe or beyond that.\n\nGiuseppe Scrivano: I'm working on that. I mean, I hope this will be done in the next. Few weeks.\n\nTom Sweeney: Okay.\n\nValentin Rothberg: I think this is something very critical. because,\n\nValentin Rothberg: Whatman is being used. So if the goal is to compress images by default with C standards with C standard compression, this can break a lot of deployments.\n\nValentin Rothberg: So I think in my opinion this is something important. Because imagine\u2026\n\nTom Sweeney: August.\n\nValentin Rothberg: if you have a build plan, you use the apartment, let's say department knowledge or you updated or on your server people pipeline, you build the image, you push it. And suddenly Your clients or your deployments outside in a while. Start to break because they do not support these standard yet, maybe all the versions of docker, maybe very, very old versions of Scorpio appointment or build up this. This can break.\n\nPaul Holzinger: but the ideas to push both compression formats now 12 a period where you push set the city in Jesus which of course is Ben Roeth more expensive and time but I think that was what then was always suggesting\n\nValentin Rothberg: This could in theory break as well, if the deployments expect a single image manifest and not an OCI index on the registry. So, I guess we're pointing at this.\n\nValentin Rothberg: Before deciding this default. I think we need to do some I don't find a better word. Sorry risk management of which things may put everything on the desk and then look at all potential risks and then check whether you're comfortable doing. But this changes. One, or how images look like in the nature of images? And this is something we're\n\n00:15:00\n\nValentin Rothberg: feeling uncomfortable.\n\nTom Sweeney: I think it's valid concerns, but are you comfortable with delivering automaton 5.0? in real next year, just worth waiting, not long for the zsd chunk, and we can push back, if it's not in before then.\n\nValentin Rothberg: I would even challenge whether it's reasonable for apartment image, push to push a manifest, if there is a portman manifest push. So I think we're at the risk of conflating or breaking things. So, I would even question whether we should do it or not. So, I can't really answer that. That's all.\n\nTom Sweeney: Okay, that's fair.\n\nMatt Heon: What I am hearing here is that we are extremely uncomfortable with this going into Rel first. So, this absolutely. I mean, even if we do a four, eight four hand, it sounds like it's probably not going to be ready. This does sound like It's a lot of additional testing. So this is if we're doing something between the February release and the next little release that this is potentially good time frame for that sound I mean, assuming that we can make it work.\n\nValentin Rothberg: I think we should follow up on this soon. So that we make sure that, The thinking continues about the issues or about this particular issues, how do we want it to behave? What are we trying to achieve in? What are we at risk of breaking?\n\nValentin Rothberg: At the moment it's just me throwing my foot in the door\u2026\n\nMatt Heon: Okay.\n\nValentin Rothberg: but I would be curious. I don't see. Minnows left in the meeting but nalin has to build specialist. what are you feeling about this?\n\nNalin Dahyabhai: Again.\n\nValentin Rothberg: How do you feel about the idea of just pushing these multicompressed image manifests that are a single image on apartment push?\n\nNalin Dahyabhai: No. I don't think I have any thoughts that haven't already been waste about additional bandwidth and I mean I'm not really worried about compatibility with registries at this point.\n\nNalin Dahyabhai: the bandwidth is the compute for compression because when you're building a cluster it's Compression actually is one of the more expensive parts.\n\nChristopher Evich: This should work with the new.\n\nNalin Dahyabhai: but,\n\nChristopher Evich: I mean zooming gets into pod It should work with the new Farm builds, right?\n\nChristopher Evich: Listen Theory.\n\nNalin Dahyabhai: I thought we did this push time, so we didn't actually modify the images when they were on disc because they're not compressed on disk when you build them.\n\nValentin Rothberg: Form build is something awful about this Creating Multi-arch Manifest Lists easier. But it doesn't address. The issue of compression, algorithms. US trying to push for C standard as the new standard.\n\nMatt Heon: I definitely. Are we comfortable leaving this here? And doing a follow-up later with more? I think we're really suffering. We're missing. less. Love and Audi, and Dan. Would be okay with having a meeting later. We'll have more people who actually know a lot about this in the\n\nTom Sweeney: Yeah, I think that's a good idea.\n\nMatt Heon: All right, in that case, I propose that we move on to the next one, which is setting default network command to pasta by default.\n\nMatt Heon: Paul. This one is mostly Feelings on it. Are we stable enough to do this?\n\nPaul Holzinger: No. I mean, it depends. The biggest problem is that the outstanding work that we need to deliver the ruthlessness logic if you use named networks, And that's still hard coded to Slurp. So as long as that isn't the rest that I don't see a pointed defaulting to Pastor for the normal problem. Because then, that means that every distribution. Definitely needs to require both SD product for example. it's\n\n00:20:00\n\nPaul Holzinger: yeah, I don't particularly you see the benefits of switching it before. The networking stuff works really.\n\nMatt Heon: Okay, and this is mostly the pasta. Maintainers not us.\n\nPaul Holzinger: Know that would be me and also a bit on pasta but The thing how it works is that we have these intermediate namespace and inside of namespace, we just use But never work with pitch networking, but to connect this intermediate namespace, with those namespace, you need and the ruthless networking tool. So, I love or pasta and since this was written, two and a half years ago, that it just uses slow. And now I need to convert this code and that's not particularly\n\nPaul Holzinger: evie, I would say that there are Their corner case of everywhere, basically. And then assumptions And, when I touched the code, I try to make it better. So A bit of a longer process. To get this done.\n\nPaul Holzinger: Thought of I always have it in my queue, but it's always something comes on top of it usually. So, I didn't progress in the last week.\n\nBrent Baude: Why are we coughing with my name?\n\nTom Sweeney: How much time?\n\nMatt Heon: Really, it sounds like this switching to pasta by default is enough work that we're going to need. It's not going to get done unless it's prioritize is what I'm hearing from Paul. Does that sound Acc?\n\nPaul Holzinger: It would make it much faster. If we say that the priority, but,\n\nBrent Baude: But you guys get the prioritize as much as I do.\n\nTom Sweeney: sometimes you think Paul,\u2026\n\nMatt Heon: All right.\n\nTom Sweeney: if you were just single way devoted to wrap it up, You talking?\n\nPaul Holzinger: the problem is coding, not like I know what needs to be done and writing a code. That's maybe a week of work. But then making sure that all comes together. and Everything works. one outstanding problem. Why? I haven't devoted more time on it. If port forwarding problem. So right now, what really happens. Is that with forwarding? We use the routers port process. So that's a process that respond to a container.\n\nPaul Holzinger: And the problem is that this process is it's a dumb. Proxy basically and it makes it source IP. So that's the biggest complaint with ruthless networking and the port forwarding, We have My Source IP and in your website a lot. That's Not very good for auditing stuff. but someone's compromised and you don't have to iPS and I don't have a good answer to the port forwarding problem with possibly can do port forwarding. But it's missing the option to do this dynamically. So as we As respawn. we would only have one part of the process in this rootless, networking scenario. and that means we need to Forwarding capabilities\n\nPaul Holzinger: And that's not impossible. I talk to the person maintenance day. we are on an agreement that can be done and They accept pensions, but it's like, somebody needs to prioritize and make the work and So it's kind of stuff.\n\nMatt Heon: Fair enough. Personally, I would love to see this in Fibo, so That gives us a fair bit of time, but it would be very nice to have fivo with the improved networking.\n\nPaul Holzinger: Yeah, definitely. And I mean, Right now, we have a lot of Users trying it out just a regular pasta with Putman, Run Dash network pasta. and there we are able to, Fix the many bugs already. So I think it's getting in it to a point where it's definitely stated enough to say we do this before. So,\n\n00:25:00\n\nMatt Heon: Anything else on this? I think we know what needs to be done. We know it is a lot of work and it's probably going to need to be bubbled up in priorities at some point. But anything else\n\nTom Sweeney: I don't know. I don't need a hard answer to this, but what are you thinking for? Five, vogue delivery timeframe. Are you thinking next summer?\n\nMatt Heon: Yeah. Sometime early summer issue.\n\nTom Sweeney: Okay.\n\nMatt Heon: think we were thinking about this was potentially the next release after the February drop. Although we have options here again if we've really feel like we need some soak before five. we can give it less time and have an intermediate.\n\nValentin Rothberg: I think if we really want to push 50 through and it should be for or before relative Because I guess in 9. I think we can't ship five.\n\nTom Sweeney: So you're thinking a 501 say early spring and then five one for real 10, possibly.\n\nValentin Rothberg: I don't know. But it would make what makes sense to have? some sort of time or five hour and fedora before throwing into\n\nTom Sweeney: Yeah.\n\nMatt Heon: And for reference here, a lot of the breaking changes. We're thinking about in five though, we're going to be machine stuff so not directly relevant to the rail schedule. This is mostly getting podman machine in a more sane position than it is right now.\n\nValentin Rothberg: A couple of comments in our code and upstream issues that would impact Rel as well.\n\nMatt Heon: Yeah, of course, we have a lot of accumulated, 50.\n\nPaul Holzinger: Yeah, I find that. More useful to make a list of what we want to do for five and maybe we're talking the speaker about containers comfort, for example. and I've find out how to set a deadline without seeing what we want to do first,\n\nMatt Heon: But I'm really hearing is that we probably need a 50 doc at some point like this or next week that we can just start accumulating. What needs to be done and from there, we can figure out exactly what's out and\u2026\n\nTom Sweeney: Yeah. This next one, but\n\nMatt Heon: what the schedule is.\n\nMatt Heon: I'll take responsibility for making that. I can do it after lunch. anyways, if we are okay with saying that 50 planning can wait, I think we have a couple things that are slam dunks before eight. Those being cni and deprecating on man Generate system D. Of Valentin. Did we already deprecate generate system D or was that just being discussed?\n\nValentin Rothberg: It is already deprecated, but not dropped. So, deprecation Since there are multiple interpretations of what In this case, we said deprecation to just encourage users. That will be a warning now being emitted and using it pointing users to qualit. known your features will be added only, important bug fixes will be edit, we could consider dropping it entirely with Botman 5 adult, but it's used generate system. D is used in many pipelines.\n\nValentin Rothberg: And personally, I don't think it hurts to keep it around if we can spare some Edmonds, some very hard time for sure. I would love people to jump on quadland but the duplication will at least or hopefully be sufficiently annoying at some point that people will jump to it and we also didn't, because Internet System has been out for a long long while. So even experienced popmen users,\n\nMatt Heon: So I think that deprecate what you said emitting warnings and putting in the man pages that it's going to be dropped, at some point is sufficient. at this point, the only question is whether we do that to CNI as well and now that we have the plugin system and net of arc, I think the answer is yes.\n\n00:30:00\n\nTom Sweeney: For 5.0.\n\nMatt Heon: I for eight. Potentially drop an entirely in 50.\n\nTom Sweeney: Yeah.\n\nMatt Heon: Brent's.\n\nTom Sweeney: Doesn't mean to Matt.\n\nBrent Baude: No. Both of you to No, I don't think we should drop. Until? The net filter stuff is done. Or was it Nettables or whatever? It is the one that we haven't done needs to be done?\n\nMatt Heon: We are no worse than them in that respect. They do not have.\n\nBrent Baude: At the same matter.\n\nMatt Heon: I'm thinking about this in terms of, Can we get it out before Rel 10?\n\nBrent Baude: All what's the real question?\n\nPaul Holzinger: Yesterday.\n\nMatt Heon: I think.\n\nBrent Baude: What are you really asking to do?\n\nMatt Heon: one prop, C, and put a deprecated notice in Maine right now, do it today,\u2026\n\nBrent Baude: Yes, that's fine.\n\nMatt Heon: Two. Figure out what the first release going into rallies and drop CNI before that, or at least conditional compile. and don't compile it into 10. Because if we put it in 10, we are guarantee. We have to support that for the next 10 years.\n\nBrent Baude: No, there's no doubt about that. So 50 to me would be the drop time. I had to excuse me myself but I was able to hear the conversation. I had an interruption here.\n\nBrent Baude: So that's fine On the podman 5 other thing. I'm gonna start a document here shortly. The problem that I'm having is that we have yet undefined requirements from the desktop team, On what this needs to be done, on And as far as five timing, In the most ideal world. Five, all gone out in early spring.\n\nBrent Baude: Five one will be. Something. That's real or 505. Pending on. How we do coming out the door, but something like the second release. Coming just before. Red Hat Summit. So, If I had mine, most ideal schedule, that would be it. And there should Not spend a lot of time thinking about why I would want it that way. The desktop team is going to do some splashes probably there. and it may very likely require some Change in our behalf to be able to support them to do that.\n\nBrent Baude: But that's all undefined right now, so that makes it a little fuzzy. But we should start final adopt that starts, talking about things. We're going to We already know that that's unrelated to machine. And anything else? Also, talked about containers Comp. Evolution. So there's plenty of things we could, put in there right now and start talking about. It probably warrants. A series of short conversations about things and then we can dont in a document. the folks are okay with that, and I'm happy to leave that effort.\n\nTom Sweeney: It matters talked about doing similar thing, but sounds like it's a combination.\n\nBrent Baude: Yeah, I heard that I probably should own it since the decisions are probably in the end to Mark and I'm on some of the stuff,\u2026\n\nTom Sweeney: Yep.\n\nBrent Baude: yeah. That. But otherwise, I think everything else is online. Matt, I mean, we're right on top of it. And at this point, late in the 48 game. Let's get the deprecation notices on things and we'll contemplate the actual drop or compile out. Type approach. For five.\n\nPaul Holzinger: What are you talking about? When you talk about deprecation, notice In the code.\n\nBrent Baude: I think we needed to display some sort of cnis going away.\n\nPaul Holzinger: Yeah, and that's where I'm like. That means a warning on every command, if Everywhere really touches the United.\n\nBrent Baude: we can do a suppress thing too to and we know\n\nMatt Heon: Just network create maybe. I mean.\n\nBrent Baude: Yeah.\n\nMatt Heon: Ultimately I would definitely want to see in the man pages and I want to see it on any Korean that creates a new network that is using the old tech.\n\n00:35:00\n\nBrent Baude: That's fair. And then we can get the usual docs and social.\n\nBrent Baude: Social media stuff out there, getting that idea ever out and I wonder too does RPM even maybe have a deprecation approach? when it gets installed to say, Hey, this is Not a thing. Anyways.\n\nLokesh Mandvekar: We can admit warnings maybe when something is installed or updated.\n\nBrent Baude: Paul. I don't know exactly what it means, but it's something along those lines. We don't want to spam people which I think is your concern.\n\nPaul Holzinger: Yeah. Yeah, it's just like putting it in dots is totally fine, but it will miss a lot of people just running in some deployment. So That makes.\n\nBrent Baude: Understood.\n\nPaul Holzinger: It's difficult line to navigate too much spam and not reaching the users. So\n\nBrent Baude: Indeed.\n\nMatt Heon: Going to be gone is critical.\n\nBrent Baude: we can also,\u2026\n\nPaul Holzinger: Will be.\n\nBrent Baude: Probably could do,\u2026\n\nPaul Holzinger: We needed.\n\nBrent Baude: we could do the message on everyone and in the message touch a file here to suppress this warning, so give them an out. There's lots of options.\n\nTom Sweeney: I wonder if.\n\nPaul Holzinger: do we need to change proposal for Fedora or something like that?\n\nBrent Baude: I don't believe so we may need to talk to F cost. But as far as I'm concerned, This doesn't affect them toolbox at me, impact.\n\nPaul Holzinger: No, it doesn't affect two books. They use,\u2026\n\nBrent Baude: Okay.\n\nPaul Holzinger: they use host networking exclusively. So\n\nBrent Baude: Okay, that's even better.\n\nMatt Heon: Realistically speaking, I think that we're going to need a change request for Pod Man, 5, obviously, but I don't think we need to be more specific than that, I I think we can just do one broad. We're upgrading Department 5, It'll have the following changes.\n\nTom Sweeney: I just wanted to, if we should put in early Deprecation, notice into the eight, nine, nine three, docs before it goes out.\n\nMatt Heon: It's not going to be deprecated in eight. Nine CNI.\n\nTom Sweeney: Like Christopher Warn.\n\nMatt Heon: CNI is going to be the standard on eight for the lifetime. I wonder if we already did it in nine I almost feel like we were discussing that at some point but\n\nTom Sweeney: All right, let me run down nine.\n\nMatt Heon: That's another part of why we can actually get away with this. if we're looking at the last major code, drop into related, the next in the very near future. And once that's done, we can actually think about getting rid of a lot of stuff. We were keeping around for eight.\n\nBrent Baude: So, can we Podman into rust. But 50.\n\nMatt Heon: Sure, We're just gonna have to drop machine and compose and I don't know, we'll choose 50% of the code base where we write that that's what you\n\nBrent Baude: Okay, so I guess, I took the ball on the 50 stuff and We'll just do some Meetings to carve out some basic time and some meetings to get Everyone's thoughts for at least written down and then we can begin to evaluate document.\n\nTom Sweeney: Should we move on to the generate system D?\n\nMatt Heon: Sounds good to.\n\nTom Sweeney: Or did we kind of discuss that? Yeah. Yeah.\n\nMatt Heon: That's already.\n\nBrent Baude: in terms of deprecating, it\n\nMatt Heon: It's already deprecated. wonderful thing.\n\nBrent Baude: it's been marked.\n\nTom Sweeney: We just went out of order and I'm just looking at the order here of the agenda. So we're all set there.\n\nBrent Baude: In terms of moving on, I'd be happy to move on to the next thing to talk about.\n\nMatt Heon: The next thing is others, so I guess Does anyone else have anything? They would want deprecated for a potential removal or adjustment in 50. We're not even deprecated. Does anyone have anything they want changed in the future to prepare for?\n\nBrent Baude: I would like a containers comp V2. Do we have that? Written down.\n\nMatt Heon: I don't think it's captured. Yeah.\n\nBrent Baude: Okay.\n\nBrent Baude: I think that there's a submitted one thing for a machine is I'm probably not going to sell this team very hard, but I think that we need to probably make every JSON. Config that keeps track of the machines resources and where everything sits the same across all providers. It is not today.\n\n00:40:00\n\nMatt Heon: I think we really just need to write down major machine refactor and then figure out what stems off of that.\n\nBrent Baude: I think a lot of that will be done in the four versions so specifically, because this may be a breaking change is one of them.\n\nMatt Heon: Yeah yeah we're discussing for eight as well as 50 so I'm like four eight four nine whatever we do before five I think we have to do a lot of refactoring to get ready five.\n\nBrent Baude: Particular one.\n\nBrent Baude: yeah, and I'm also seriously contemplating a proposal that would Make transition from four to five in the machine world. Not a thing. In other words, it's breaking machine release. Over action by users, will have to be taken.\n\nBrent Baude: So that's something that we need to debate the ups and downs of that. But I have good reasons which I know really want to go into right now, but That's a thing. Go ahead Paul.\n\nPaul Holzinger: and just not explicitly related to machine but General, I think we shouldn't Change things just because we've all benefit, We have a chance to break something that's fine, but that doesn't mean we need to break everything, right? So it's\n\nBrent Baude: Correct.\n\nBrent Baude: And I'm probably trying to dig out a little more space than we need. So that we're not pulling ourselves into migration scenarios that may over tax us. For the simple. Recovery of cloud, man, machine remote padman machine, and your backup. And, running, you just don't have your content. So,\n\nPaul Holzinger: Yeah I mean I think that's a fine assumption for a lot of things but it would be good to know document such as solutions. And anyway if there's a lot of you that later and the machine that's just gone, And I think some users might not really understand the concept If you're a butt reports,\u2026\n\nBrent Baude: Yep.\n\nPaul Holzinger: if you ask the judge recreate the machine and oops.\n\nBrent Baude: And the other bit is, we may be able to do some pinky around. Just\n\nBrent Baude: without some ideas on how we can potentially get around us. I think a Matt there was some stuff which I can't remember around Spec Gen. That we also had contemplated that we're breaking, so it needs somebody that crawl through the spectrum and take a look.\n\nPaul Holzinger: So, the important part is to have a way to define defaults on the server side, with that, comes together with containers.com somehow. because we want defaults on the server side,\u2026\n\nBrent Baude: Yes.\n\nPaul Holzinger: for the most part,\n\nMatt Heon: I think the ideal way to do this would be to refactor. the defaults are set in a common way across local and remote the spectrum gets pretty populated in a sensible way and\u2026\n\nBrent Baude: Yep.\n\nMatt Heon: it's those defaults that get displayed via the command line but that's a lot of work.\n\nBrent Baude: I mean That's kind of what we did when we went from whatever prior to specina. I forget what it was called but To Spec Jen. As we did we did some of that rearranging twisting. So it seems like that. We have to do that again. To deal with remote.\n\nMatt Heon: That is not. Echoical.\n\nPaul Holzinger: And what I would really love. Is some research during around, And what's local? In the code, the separation of concern in these packages, It's a mess. and to be honest, there's a pretty big buck in a lot of things that this rootless checks, we have plenty of them on the client where it makes no sense at all.\n\nBrent Baude: Fair enough. Matt, There's one other big one which is system connection.\n\nMatt Heon: Is this?\n\nBrent Baude: Is going to need to be rehammered out because it was not when John designed that. It was designed for remote and local. Basically, Yeah, I want to add a remote connection, I don't want to type it every time. And then we started using that for machine. so now we've got system connection. That is remote in every sense but it also could be different depending on the provider of the vert machine.\n\n00:45:00\n\nBrent Baude: And so the name of the connection is something like Podman Machine. Default when you don't name your VM, And it's theoretically possible to have Padman machine default with multiple providers. And then we get system connection collisions.\n\nBrent Baude: So we'll probably need to build some robustness into system connection, that allows a provider to be specified.\n\nPaul Holzinger: I would label this and containers.com free, right? And we don't want this in containers that All as you talked about, we don't run to write a containers of confile because that rewrites a personal config file of and you lose all comments. And so on what we mentioned,\n\nBrent Baude: Yep. Agreed.\n\nBrent Baude: Yeah, and maybe more of that needs to go into that world, so that's something and that theoretically could be breaking if we can't figure. To me, that's gonna probably be a breaking change, or we're gonna figure out. If machines are breaking changes, then there's no reason to try to compensate for system connections in my opinion. So,\n\nPaul Holzinger: I had a fun one today. Another interesting thing that's in our flagparticle, there's a thing called strength, light and string array. And I bet only a few people know what that means. what the difference is because if your past a gray flex, you have to chance to at the slice, you can call my separate values and there's an array. You just like I mean that's multiple times. And as it turns out, comma separated values are passed the field three and That is not heavy. If you pass in quotes and other stuff here. Yeah, if you have a regular t35, basically there are rules. And just today usually like this, incredible stupid syntax that you need to use.\n\nPaul Holzinger: If you have this dislike things and we have defined everywhere, for options that accept the five path, that means you cannot have a comma on the fire path and stuff like that.\n\nMatt Heon: We really should just have a litter to detect that. There are very few cases where you actually want string SL.\n\nPaul Holzinger: But the problem is ever noted on the issue, we cannot change. That's what operating somebody because the fees if you figure out the piece and text then you escape it with quotes and so on. but then that means the value, as soon as I change it to array, it's no longer the same That you get when you stream flies.\n\nMatt Heon: Five of stuff. we can break the small portion people who actually do these things. If I know this is the kind of thing where I would say I would argue. It's about Not even a breaking change but we can do it in five hours so we can do it anyway.\n\nPaul Holzinger: Yeah. That's\u2026\n\nTom Sweeney: Yep. Just looking at the clock and\u2026\n\nPaul Holzinger: where I'm getting it.\n\nTom Sweeney: we're seeming to grind on this just a little bit. do we have anything else? Major that needs to get in Can we create a discussion? Perhaps on the Github site for things you'd like to see in 5.0 or has one been created already?\n\nMatt Heon: I don't think we ever get up discussion. That's a good point. I think that we should probably have our internal discussions first, so we can populate. But once that's done, we can get something up and see what people think.\n\nMatt Heon: Completed also probably should have a blog about this, but yeah.\n\nTom Sweeney: Even myself have a place where people can just go ahead and put their ideas and go from there.\n\nPaul Holzinger: Yeah. What one thing if you say we have a deadline next summer, Then I think it's important to focus on stuff that require us some dragging changes because if they talk about features, we can add features at any point, if there are true features like a new command or something, that I think it would be important to allocate resources correctly so that we can get stuff that needs to happen forward and that cannot wait for\n\nPaul Holzinger: if I've got one more whatever.\n\nMatt Heon: Fair enough. We really need to get the docs start before we can start clarifying this. But yeah, I will see how soon I can carve us into the schedule because I think this is an important one start talking about,\n\nTom Sweeney: Like a girl. I think I'm gonna wrap up this particular discussion, Matt, unless you need to talk about anything else and just open up for any questions. Before we wrap up for the day that anybody else said related to this or anything else for that matter.\n\n00:50:00\n\nTom Sweeney: Very quiet. Last chance. Otherwise, I'll start.\n\nBrent Baude: Whether they come on,\u2026\n\nBrent Baude: you waited this long.\n\nTom Sweeney: Yeah. I'll just put in.\n\nTom Sweeney: Just a note for one. Our next meeting Got one coming up pretty quickly for the community meeting that's happening on Tuesday October 4th. I'm not sure that if any topics at this point for that one. So if you'd like to demo something there would love to have people do so. and then, The next cabal meeting will be on Thursday October 19th and both of those meetings will be on at 11 AM Eastern time and both will be daylight savings time. Still, I don't think we flip over until November for Daylight savings time. In this country anyway. And one last chance for questions comments.\n\nTom Sweeney: but otherwise, I'm gonna turn off the recording and we'll wrap that up.\n\nTom Sweeney: Right folks.\n\nTom Sweeney: That is the end of the recording.\n\nMeeting ended after 00:51:17 \ud83d\udc4b\n")))}hi.isMDXComponent=!0;const di={},ui="Podman Community Meeting Notes",mi=[{value:"October 3, 2023, 11:00 a.m. Eastern (UTC-4)",id:"october-3-2023-1100-am-eastern-utc-4",level:2},{value:"Attendees (28 total)",id:"attendees-28-total",level:3},{value:"Topics",id:"topics",level:3},{value:"Meeting Start: 11:02 a.m. EDT",id:"meeting-start-1102-am-edt",level:2},{value:"Video Recording",id:"video-recording",level:3},{value:"Modules Demo/Intro",id:"modules-demointro",level:2},{value:"Valentin Rothberg",id:"valentin-rothberg",level:3},{value:"(2:02 in the video)",id:"202-in-the-video",level:4},{value:"Demo - 3:25 in the video",id:"demo---325-in-the-video",level:4},{value:"Allow specifying a guest OS in podman machine init",id:"allow-specifying-a-guest-os-in-podman-machine-init",level:2},{value:"Brent Baude",id:"brent-baude",level:3},{value:"(16:59 in the video)",id:"1659-in-the-video",level:4},{value:"Demo - 20:22 in the video",id:"demo---2022-in-the-video",level:4},{value:"Quadlet Demo",id:"quadlet-demo",level:2},{value:"Dan Walsh",id:"dan-walsh",level:3},{value:"(40:34 in the video)",id:"4034-in-the-video",level:4},{value:"Open Forum/Questions?",id:"open-forumquestions",level:2},{value:"(55:10 in the video)",id:"5510-in-the-video",level:4},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday, December 5, 2023, 11:00 a.m. Eastern (UTC-4)",id:"next-meeting-tuesday-december-5-2023-1100-am-eastern-utc-4",level:2},{value:"Next Cabal Meeting: Thursday, October 19, 2023, 11:00 a.m. Eastern (UTC-5)",id:"next-cabal-meeting-thursday-october-19-2023-1100-am-eastern-utc-5",level:2},{value:"Meeting End: 12:08 p.m. Eastern (UTC-4)",id:"meeting-end-1208-pm-eastern-utc-4",level:3},{value:"Google Meet Chat copy/paste:",id:"google-meet-chat-copypaste",level:2},{value:"Raw Google Meet Transcription",id:"raw-google-meet-transcription",level:2}],ci={toc:mi},pi="wrapper";function gi(e){let{components:t,...n}=e;return(0,ce.kt)(pi,(0,Q.Z)({},ci,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting-notes"},"Podman Community Meeting Notes"),(0,ce.kt)("h2",{id:"october-3-2023-1100-am-eastern-utc-4"},"October 3, 2023, 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"attendees-28-total"},"Attendees (28 total)"),(0,ce.kt)("p",null,"Aditya Rajan, Adrian De Jesus Perez Dominguez, Ashley Cui, Blaise Pabon, Brent Baude, Chetan Giradkar, Christopher Evich, Daniel Walsh, David Chisnall, Doug Rabson, Ed Maste, Ed Santiago Munoz, Gerry Seidman, Giuseppe Scrivano, Jad Bsaibes, Jake Correnti, Jennings, Johns Gresham, Kiran, Lokesh Mandvekar, Martin Jackson, Matt Heon, Miloslav Trmac, Mohan Boddu, Nalin Dahyabhai, Preethi Thomas, Tom Sweeney, Urvashi Mohnani, Valentin Rothberg, Ygal Blum"),(0,ce.kt)("h3",{id:"topics"},"Topics"),(0,ce.kt)("p",null,"1) Modules Demo/Intro - Valentin Rothberg\n2) Allow specifying a guest OS in podman machine init - Brent Baude\n3) Quadlet Demo - Dan Walsh"),(0,ce.kt)("h2",{id:"meeting-start-1102-am-edt"},"Meeting Start: 11:02 a.m. EDT"),(0,ce.kt)("h3",{id:"video-recording"},"Video ",(0,ce.kt)("a",{parentName:"h3",href:"https://youtu.be/kjsQVJRQlJU"},"Recording")),(0,ce.kt)("h2",{id:"modules-demointro"},"Modules Demo/Intro"),(0,ce.kt)("h3",{id:"valentin-rothberg"},"Valentin Rothberg"),(0,ce.kt)("h4",{id:"202-in-the-video"},"(2:02 in the video)"),(0,ce.kt)("p",null,"Feature with the v4.7.0 release on Fedora and others. Many new options. This allows you to specify a number of options that you use across multiple Podman commands to be included in a config file. This helps lessen the complexity of the command line."),(0,ce.kt)("h4",{id:"demo---325-in-the-video"},"Demo - 3:25 in the video"),(0,ce.kt)("p",null,"Showed a Podman command with a lot of options defined with it. He showed a containers.conf file with several environment variables and capabilities set."),(0,ce.kt)("p",null,"The ",(0,ce.kt)("inlineCode",{parentName:"p"},"--module")," option can be used to specify the location of the file. He then showed a much shorter Podman command by specifying the module configuration file. You could ship the containers.conf to multiple users if you wanted them to start up in a certain way."),(0,ce.kt)("p",null,"The file can be named anything, but needs to be a ",(0,ce.kt)("inlineCode",{parentName:"p"},".conf")," file."),(0,ce.kt)("p",null,"If you specify multiple files, the later ones override anything that had been specified prior. Work on going to allow flexibility to specify order significance."),(0,ce.kt)("p",null,"Will --module be supported in quadlets? Not supported at the moment there? Valentin asked for an RFE issue for quadlet support."),(0,ce.kt)("p",null,"The --module option needs to be specified before the command. i.e.\n",(0,ce.kt)("inlineCode",{parentName:"p"},"podman --module=123.conf run")," and not ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman run --module=123.conf"),'. It\'s a "root" type of command that works for any command in Podman.'),(0,ce.kt)("p",null,"The modules demo can be found here: ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/vrothberg/tutorials/blob/main/modules/01-containers-conf-modules.sh"},"https://github.com/vrothberg/tutorials/blob/main/modules/01-containers-conf-modules.sh")),(0,ce.kt)("h2",{id:"allow-specifying-a-guest-os-in-podman-machine-init"},"Allow specifying a guest OS in podman machine init"),(0,ce.kt)("h3",{id:"brent-baude"},"Brent Baude"),(0,ce.kt)("h4",{id:"1659-in-the-video"},"(16:59 in the video)"),(0,ce.kt)("p",null,"David Chisnall showed a PR (",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/pull/19939"},"https://github.com/containers/podman/pull/19939"),") which allows for FreeBSD to be run by a machine, and then further, any other Operating System."),(0,ce.kt)("h4",{id:"demo---2022-in-the-video"},"Demo - 20:22 in the video"),(0,ce.kt)("p",null,"He has been working on getting Podman to work on FreeBSD. He showed a terminal into a Mac Book, and he's added a ",(0,ce.kt)("inlineCode",{parentName:"p"},"--machine-os")," option to specify the OS. In about 20 seconds it was up, and in FreeBSD. He then went on to show a number of commands."),(0,ce.kt)("p",null,"He was surprised a bit by the push back on the PR that he has received to getting it in. "),(0,ce.kt)("p",null,"Brent noted the demo was good. He asked if the image had been customized. He's hoping the FreeBSD team can create the images necessary for Podman over time. David noted that the changes to Podman are a few hundred lines. The changes to FreeBSD are much more significant."),(0,ce.kt)("p",null,"He wants to have an images that will use ignition that's fully configured. They have that now and it has the ignition pieces built in."),(0,ce.kt)("p",null,"Dan said if FreeBSD folks are willing to support this, then it's something we should consider."),(0,ce.kt)("p",null,"Doug Rabson added that he doesn't expect Podman to support all of the FreeBSD."),(0,ce.kt)("p",null,'Dan is not worried about the FreeBSD support, but later drive by commits for "My OS", that wouldn\'t have the backing from the new OS that Podman has from FreeBSD.'),(0,ce.kt)("p",null,"Brent is concerned about QEMU, and David and he exchanged comments on it. FreeBSD would also like to get working with a Mac hypervisor too."),(0,ce.kt)("p",null,"Another hurdle is trying to get tests working with CI. Brent asked if they could run their code against the CI machine test. We don't have a FreeBSD CI, they have that, but would need a Mac CI. Chris talked about a number of options."),(0,ce.kt)("p",null,"They have a small FreeBSD in the CI now."),(0,ce.kt)("h2",{id:"quadlet-demo"},"Quadlet Demo"),(0,ce.kt)("h3",{id:"dan-walsh"},"Dan Walsh"),(0,ce.kt)("h4",{id:"4034-in-the-video"},"(40:34 in the video)"),(0,ce.kt)("p",null,"Hoped right into the demo. Quadlet is an integration between systemd and Podman. He wrote a blog ",(0,ce.kt)("a",{parentName:"p",href:"https://www.redhat.com/sysadmin/quadlet-podman"},"https://www.redhat.com/sysadmin/quadlet-podman")),(0,ce.kt)("p",null,"systemd has a unit file, and quadlet created a ","[Container]"," section which is allowed now by quadlet. Dan talked his way through there."),(0,ce.kt)("p",null,'Ygal Blum created "Deploying a multi-cotainer application using Podman and Quadle" (',(0,ce.kt)("a",{parentName:"p",href:"https://www.redhat.com/sysadmin/multi-container-application-podman-quadlet"},"https://www.redhat.com/sysadmin/multi-container-application-podman-quadlet"),") with more advanced features."),(0,ce.kt)("p",null,"Dan then showed quadlet allowed for android to run under a container on his desktop. It does take a bit to get going."),(0,ce.kt)("p",null,"Quadlet is a way to let you use files to declare container setups."),(0,ce.kt)("p",null,"Can specify if systemd should auto restart the service or not. "),(0,ce.kt)("p",null,"You can also set pidslimit to -1."),(0,ce.kt)("p",null,"Is Quadlet k8s for humans? (poor man k8s). You still need to write the config files."),(0,ce.kt)("p",null,'You can define the application with a k8s yaml, so you can use your old deployments, you don\'t need to have two "sources of truth". In Podman v4.8, ',(0,ce.kt)("inlineCode",{parentName:"p"},"podman volume create")," will allow you to pull an image if necessary."),(0,ce.kt)("p",null,"Quadlet is biased to systemd use cases, but can run Kubernetes workloads too."),(0,ce.kt)("h2",{id:"open-forumquestions"},"Open Forum/Questions?"),(0,ce.kt)("h4",{id:"5510-in-the-video"},"(55:10 in the video)"),(0,ce.kt)("p",null,"1) Running a rootless container, how to block from other users getting in, especially root. Dan pointed out that confidential computing is the way to handle that, but that's six to nine months out. It will encrypt the content. He's mostly concerned about his source code in hte container, can he use secret? No, it can't hide the code. You could use secret to encrypt the code, but it could still be seen now by root."),(0,ce.kt)("p",null,"2) Jennings asked about ",(0,ce.kt)("inlineCode",{parentName:"p"},"pasta"),", he raised an issue ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/issues/19577"},"https://github.com/containers/podman/issues/19577"),". He's having problems with a self hosted Google drive. He's found it works OK with Quadlet using a systemd start. The problem is the application wants to talk to Docker API, but it fails. The issue is a rather generic error message and he's not sure if it's a real issue or just something a little off. This is an internal database issue, that will require refactoring. This is work that is ongoing. Would be nice to get info from the NextCloud folks. He believes it's broken, but it is an edge case. It's currently the last bug keeping NextCloud from working with Quadlet at the moment."),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("p",null,"1) None"),(0,ce.kt)("h2",{id:"next-meeting-tuesday-december-5-2023-1100-am-eastern-utc-4"},"Next Meeting: Tuesday, December 5, 2023, 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"next-cabal-meeting-thursday-october-19-2023-1100-am-eastern-utc-5"},"Next Cabal Meeting: Thursday, October 19, 2023, 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"meeting-end-1208-pm-eastern-utc-4"},"Meeting End: 12:08 p.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"google-meet-chat-copypaste"},"Google Meet Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Lokesh Mandvekar11:00\u202fAM\nnot recording yet\nDaniel Walsh11:14\u202fAM\npapabear.conf\nBlaise Pabon11:16\u202fAM\ncould you press `up arrow` so that we can see that command again?\nthx\noooooh,ok\nI get it\nit's like the modules are plugins\nBrent Baude11:17\u202fAM\nthis is what Valentin meant about it being a root flag i believe\nDaniel Walsh11:18\u202fAM\n--modules will work with all Podman commands as well including podman build.\nBlaise Pabon11:18\u202fAM\nthanks (sorry, I was the least clever of my group in college)\nBrent Baude11:18\u202fAM\nif you run podman --help, you can see alot of them\nMartin Jackson11:20\u202fAM\nhttps://github.com/containers/podman/issues/20246\nValentin Rothberg11:21\u202fAM\nThe modules demo can be found here: https://github.com/vrothberg/tutorials/blob/main/modules/01-containers-conf-modules.sh\nBrent Baude11:21\u202fAM\nthe PR in question is https://github.com/containers/podman/pull/19939\nBlaise Pabon11:25\u202fAM\nFWIW, I've been having issues with `--rootful` on OS X. I think that it is a known issue\nBlaise Pabon11:26\u202fAM\n...is that arch ARM because you're on Apple Silicon?\nThx!\nBlaise Pabon11:27\u202fAM\nI have a lot of spare x86 compute available , if you like\nEd Maste11:29\u202fAM\nI'm on the call but don't have a working mic.\nEd Maste11:30\u202fAM\nBut the Foundation is quite interested in this topic and is willing to dedicate resources to supporting what might be needed from the FreeBSD image / build side, and I am looking at some production uses for FreeBSD containerization in genreal\nChristopher Evich11:32\u202fAM\nI think this is a really cool idea. I can imagine it being useful with (as one example) a Windows VM to run windows \"containers\".\nEd Santiago Munoz11:34\u202fAM\nDid audio just go all wonky, with metallic buzz?\nDavid11:34\u202fAM\nNot for me...\nLokesh Mandvekar11:34\u202fAM\naudio is fine for me too\nEd Santiago Munoz11:34\u202fAM\nkthx\nDaniel Walsh11:41\u202fAM\ntime check...\nFamous last words.\nEd Maste11:42\u202fAM\nSorry I had to step aside for a moment, if there are any open questions for me from the FreeBSD Foundation perspective happy to have people get in touch emaste@freebsd.org or emaste on GitHub\nBrent Baude11:43\u202fAM\n@David -> https://github.com/containers/podman/blob/main/pkg/machine/e2e/README.md\nBlaise Pabon11:43\u202fAM\nYay! I'm here for the quadlet demo\nDavid11:44\u202fAM\nI think Doug wants to get podman machine to support bhyve so it can use run Linux containers on a FreeBSD host. For testing podman machine with a FreeBSD VM on Mac, we don't need the CI system to provide a FreeBSD host environment.\nEd Maste11:45\u202fAM\nYeah I'd be very excited if podman machine could drive bhyve\nDoug Rabson11:46\u202fAM\nIts failrly low on my 'want' list but it could be useful\nYou11:46\u202fAM\nBlog Dan is referencing: https://www.redhat.com/sysadmin/quadlet-podman\nBlaise Pabon11:46\u202fAM\nI've been playing with dagger.io and I wonder if that might help in this scenario (by not requiring a virtual host to run the container) ?\nYou11:47\u202fAM\nYgal's blog: https://www.redhat.com/sysadmin/multi-container-application-podman-quadlet\nChristopher Evich11:48\u202fAM\n@Dave/Doug/Ed: We have a bare-metal setup today for running podman-machine tests on a Linux host. That would be relatively easy to extend for testing other VM types in a matrix.\nBlaise Pabon11:48\u202fAM\nIs quadlet k8s for humans?\n(poor mans k8s)\nWow\nJennings11:50\u202fAM\nquadlet, podman-compose, docker-compose, and podman kube play are all ways you can use files to declaratively manage containers\nquadlet is biased to prefer systemd syntax, so i guess the question is: is systemd for humans as well?\nBlaise Pabon11:51\u202fAM\nROFL, `systemd for humans` would make great click bait\nEd Maste11:51\u202fAM\n@Christopher do you have a link handy for more info on that?\nBlaise Pabon11:53\u202fAM\n@Dan, can we get `buildah systemd-generate` to handle tje boilerpllate?\nBlaise Pabon11:56\u202fAM\n^ never mind\nChristopher Evich11:57\u202fAM\n@Ed I wouldn't expect you guys to implement it, but in my mind it could be a matrix on this task: https://github.com/containers/podman/blob/13456be1e72f4a8eb6aaac6dedc95cf4f621de88/.cirrus.yml#L705-L734 \n (Note: That doesn't yet run the \"new\" podman-machine e2e tests - that's on my list too).\nDavid11:58\u202fAM\n@brent: Even before I try the FreeBSD bits, I hit this error from make .install.ginkgo:\ngo build -o build/ginkgo ./vendor/github.com/onsi/ginkgo/v2/ginkgo\nrosetta error: overlapping Mach-O segments:\nBlaise Pabon12:00\u202fPM\n@Kiran, you may also want to loot into the Wolfi distro-less images from Chainguard.\nEd Maste12:02\u202fPM\n@Christopher, thanks -- I'm a fan of Cirrus CI as they're the hosted provider that supports FreeBSD, I will take a look\nJennings12:02\u202fPM\nhttps://github.com/containers/podman/issues/19577\nYou12:05\u202fPM\n@Luap77 == Paul on GitHub fwiw\nGerry Seidman12:09\u202fPM\nThanks all... gotta jump\nxrq-uemd-bzy\n")),(0,ce.kt)("h2",{id:"raw-google-meet-transcription"},"Raw Google Meet Transcription"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"om Sweeney: Good morning, This is Tuesday, October 3rd, 2023. This is the podman community meeting in this meeting, we generally discuss demos and the upcoming new items that are inside the project that we want to show up. For people want to show off or other projects that are dealing with pub man that want to show off their work as well. So if you have topics love to have them anytime in the future. For today, we're going to be talking about no, that's not that This is a meeting that goes on every First Tuesday of the month. We also have a couple meeting which has been going on on the third Tuesday of the month. It will go on the third Tuesday in this month. But going forward, we're moving that to the third Tuesday. Of the month as well. So on first Tuesday, will be the community meeting. The third Tuesday will be the call meeting. That will be starting for that one. and then topics are driven by car meetings or if you send requests to me,\nTom Sweeney: love to have topics at any point in time and we are willing to accept discussions on man build us copio or any related container projects, if using any of those part of your project, we'd love to have that as well. I have the meeting notes today that I've got a link there, audit and Google chat in a moment here. If you want to go ahead and correct anything I put in or add anything. And the presenters if you have links in particularly like that, love to have those edit there. And then for today's meeting, we are having a demo on modules and an intro from Valentin. And we'll have a discussion about you specifying, Guest, OS and poverty machine in it for Brent, and Daniel will be following up with the quadlet demo. And then for the last 10, 15 minutes, we'll have open topics for anybody. That has a topic that they want to talk about. Before we get too far, we have to have a note from our sponsor. If you haven't seen it yet, I've been in Action book by Daniel, Walsh's, excellent resource and Dennis caring this. But if you have a Red Hat subscription, you can get it for free online.\nTom Sweeney: And with that, I'm going to help over this bidding to Valentin the start of\nValentin Rothberg: All Sorry to click through the sharing before I apologies in advance. I gotta run in our own 20 minutes, so I won't be able to make it throughout the entire call. So thanks Tom for moving me first. So I want to talk about something that we call Containers Khan from modules. This is a feature that made it in the just recently released Portland for seven. and I think it's best explained with a motivating example. Use cases can be quite complex and there are loads of command line options and flex that you may need to use to run your certain workload. In this case here, I have an example where the workload, it's just an exemplary. One needs a lot of capabilities. There certainly more elegant solutions to do that. I'm going to show them in a minute.\nValentin Rothberg: But it boils down to some use cases need a lot of massaging. One motivating example or use case is for instance running or accessing graphics cards inside containers, which is very common in HPC use cases where the user is even need to mount certain launch amount certain and video libraries from the host into their containers because they don't want to ship All these huge libraries to keep the images as small as possible.\nValentin Rothberg: So it boils down to the command line, interface can be very complex. So if you want to run your containers on a number of nodes, either you're going to find a way to inject Generate these commands use config files or users need to be incredibly smart. typing a lot and make sure that there's no typo. So in this case here, we've just a Simple Container Using a Lot of Capabilities. One thing that we have an apartment space is a configuration file, which is called containers column. So if you go into the man pages of containers.com, you see a lot of options that you can find there and most of these options replay, certain command line flex. So in this case,\nValentin Rothberg: I'm using containers Conf to replace all the capabilities that we have before. And here we see one environment variable here, I'm using printf just to print all the environment variables inside the container. You see that it has been injected here from the host. How did I do that? And then it like that. So the environment variable has been injected here via the environment.\nValentin Rothberg: String array and all the capabilities have been injected via the array on top. So this works just fine. So you can use a containerscon file already today to set certain defaults if you want for the workloads that you want. You can do that per user. You can do that system wide. I then use a share if you want to ship it via for instance, rpm package or on Etsy. If your assistant men and want to configure it for you user base, but It's always a default setting. It sets the baseline. There has until 4.7 not been away to opt in certain.\n00:05:00\nValentin Rothberg: Configuration files enable them selectively other than specifying them environment variable as I just did on the command line flag. Use cases can be more complex than that. Maybe you need more than one configuration file. Maybe you want to separate them config options. You want to put in security Conf all in video related options. You want to put into Nvidia.com and at some point you may be want to compose them and use them all at once. selectively. So this is the use case that mod Solve. So, instead of specifying these environment or these config files over the environment.\nValentin Rothberg: there is a new root flag important - module where you can specify either an absolute path. If you specify an absolute path, then the file behind this absolute path will be loaded. And if you specify a relative path, then This relative path will be resolved to certain directories On the host. So,\nValentin Rothberg: To elaborate more on that here. If I move from my the module into my home, directory, can do this rootless if I want to in that containers conf dot modules. If I place it there and then use it after, I can totally do that. So, in this case, if I run here, we can see that the module is being resolved. Because first, we don't get an error and second, we get exactly the environment flag that we've seen before. So, I do not have an Nvidia card so I unfortunately cannot show a cool HPC for instance, workload using the new modules flag on national workstation here. But I hope I got the message and the idea across. So it's This new containers kind of modules, allow for enabling certain configurations.\nValentin Rothberg: And I believe it's a huge improvement over in terms of user experience because you do not need to use and recall. All these hundreds or dozens of depending on the command line flags. You can. Ship these containerscon files if you want to for all users. So if for instance, the capabilities con would not be in my home directory. But for instance, use a share or Etsy tain containers Conf modules, then it would be found there as well. So it's a Pretty simple Powerful means to ship. These settings, these defaults for your certain use cases, load them on demand. And I think that's it. So, I'm open to questions.\nTom Sweeney: Restriction. So the naming of the files.\nValentin Rothberg: They need to end With.com. this is pretty much The convention that we had before for containerscon files. One thing I should elaborate on. Probably as well, is that these confiles will be loaded in the specified order. So if you have module three, first one will be loaded, three will be loaded. So one thing that is probably worth mentioning as well, is that? during this loading sequence, if a configuration file, let's say configuration two would set the environment. Array, then previous settings will be overridden. so at the moment we're looking into and we have a proof of concept open at the moment against the containers common\n00:10:00\nValentin Rothberg: Get a project upstream where all the code for containers kind of lives. That allows for appending to these things. This is not something that Tamil natively supports, so we use tomal behind, it's a markup language. Behind containers gone. So we're working on improving the usability for these things and I should probably Call out the people who raise their hand.\nTom Sweeney: We'll go to Chris.\nValentin Rothberg: I see Chris\nChristopher Evich: Yeah, just quickly. This seems like this could get really complicated quickly with lots of modules and the orders significant and why not. This is a reasonably easy way to see What is loaded from where in the debug output for example,\nValentin Rothberg: yeah, that you will see in the debug output, which CONFIGS are our loaded from where But I agree for people probably shouldn't take this to an extreme and ship. dozens of conflicts with Fubar. but,\nValentin Rothberg: Looking at the state of the art today. If you have these very complex you want to use in videographic cards in your containers, what you got to do is either use and ship huge images and use a lot of command line flex, or normally sized images and still use a lot of command line flex. So in the future, there could be a future where you wouldn't install an RPM package, for instance pot man dash and video module or something like that. And it would just install a container's conf module in user share. And then if, you type Module Nvidia.com and everything's done, you don't have to care. No worry about this anymore or\nValentin Rothberg: if you have some security sensitive systems, you may use very strong defaults, but certain containers may still need to add certain capabilities or play a little bit with SEO Linux then it's probably where I would consider best practice to Ship Containers, Conf module which sets the base minimum of capabilities needed to run a certain works workloads rather than forcing or pushing users into using the privileged flag for instance. Yes, then as Dan says the Papa bear. Can't\nValentin Rothberg: Martin has another question.\nMartin Jackson: Yeah, this looks pretty cool. it looks like on current main. The module option is not yet supported in quadlets. do we have to pass that through with hot men arts? I like going forward?\nValentin Rothberg: That's a very good question. Yes, you're right at the moment, quality doesn't support. there's no quadlet native containers confield. So if you want to use it you got to use the department arcs cheat someone but it's actually a great request. Would you what you might opening an issue on Github so we want forget about it.\nMartin Jackson: I will happily do that.\nValentin Rothberg: Cheers.\nMartin Jackson: Thank you.\nValentin Rothberg: Another question from Eagle.\nYgal Blum: command line that you ran there, the argument was passed before the ran command does it matter where that can like that parameter is, or can it I'm just preparing myself to the club that PR\nValentin Rothberg: He has a quad limit. That's a very, very good question. the module flag needs to be specified before a command. So when you look in the terminal it\nValentin Rothberg: It needs to look like this. and\u2026\nYgal Blum: Yeah, and it can't look the other way around. Yeah.\nValentin Rothberg: not like this. So, I can give it 20 seconds. X or explanation of that.\nValentin Rothberg: To initialize, right?\nBrent Baude: And women request, if you could just Protocol your history so they can see the original command. To have your history still.\nValentin Rothberg: No. I run a shell script for the demo.\nBrent Baude: Okay.\nValentin Rothberg: But I can quickly jump through it. So what you saw here is the module flag. spec needs to be specified before any apartment command or subcommand. It has a technical reason. Which boils down to how the goal library that we use for CLI parsing works. And the fact that these containers confile are being used to set the defaults for these flags. So, we got a the module flag, very early on initialization of the potman very early on or right after the go run time. Has been initialized. To inject all these values. So,\n00:15:00\nValentin Rothberg: yeah, looking forward to see this and in Kuala.\nYgal Blum: Yeah, thanks.\nValentin Rothberg: Yeah, Great comment also, from Dan for those listening in, probably not reading or being able to read the chat, these modules work for any command. So this is not limited to Running containers is just a very compelling example but containers kind of allows for changing all kinds of fields and knobs important. So even when pulling an image, there are flex and fields in containers, confident influence that or when creating that works volumes, all kinds of things.\nTom Sweeney: I'm hearing the questions, slow down here and I know that Valentin's got to Make his way out of here, pretty soon. So, last chance, for the questions?\nValentin Rothberg: Thanks for the great questions and thanks everybody for joining. Back to you, Tom.\nTom Sweeney: Right thanks for coming in today and talking about that. So now next we have brent's up leading a discussion on specifying, a guest OS and podman machine admits\nBrent Baude: Why don't We'll start with David's demo, but to Set the stage, Perhaps a little bit. The David I believe You were the author of the PR or you're not Yeah.\nDavid Chisnall: Yeah.\nBrent Baude: And David has created a PR that opens up. Padman machine and knit to do.\nBrent Baude: Be able to load alternate os's. I think as we've debated this for weeks now. Internally I believe it kind of boils down to two things. One he's opens up the ability to be able to do FreeBSD. As a machine. And the other is that it opens up to be Able to do whatever you want as a machine. So with that, I think it's good that we look at what is PR does and then we can Talk about what? Am I mean?\nBrent Baude: We're getting a blank screen.\nTom Sweeney: And no sound from David. Who was on prior, I'm wondering if he's got chewed up by Google meet which sometimes takes people away.\nTom Sweeney: It's back. And David are you back now?\nBrent Baude: You're unmute David?\nDavid: Every time I try and share window, the\nDaniel Walsh: You're very low volume.\nBrent Baude: I provided the PR that we're talking about in the chat. for folks, If anyone wants to familiarize themselves with it, I think. Our team has debated it quite a bit, so we're quite familiar with it.\nTom Sweeney: David's, third time, the child.\nBrent Baude: Yes, it looks like it.\n00:20:00\nDaniel Walsh: David, if you're talking, we can't hear you.\nDavid: Sorry restarting the Web browser remuted me. So can people see a terminal window now?\nDaniel Walsh: Yes.\nDavid: So yeah, to Google meet thing kept crashing so I'm not sure. Quite what was said in the intro but my starting point here has been building on top of Doug Rabson's work to get podman working on FreeBSD. Most of what I've done has actually been on the FreeBSD side. I just had some very small patches to pop down to make all of this work. but what you can see, hopefully, here is a terminal on M2 macbook.\nDavid: And the thing that I've added is the ability to specify what the machine OS is, so that you can then key different behaviors of that. And there are a few places where currently Pubman hardcode some assumptions about specific target machines. so if we start this saying here is a FreeBSD disk image Let's boot up. PubMed machine for managing containers. This takes about 20 seconds. Last time, I ran it maybe a bit more with Google meet eating all the CPU.\nDavid: This does more or less. the same things that it does today with the next version, it mounts volumes from the host, provisions, ssh keys. And everything I did specify minus root full, but it doesn't actually propagate that setting and that's on my list of things to investigate. So I need to explicitly say past, this is as the root thing. but now, from the Mac, all the podman remote stuff works. So I can grab a FreeBSD container image. I can. And something in that that tells me what the version is.\nDavid: the kernel version is, BSD 15 current that container is from an older version. And mind mounts from the host of working. So, That's mounting the current directory in slash MNT and that shows the same things we see on the host.\nDavid: And for a little bit of extra fun, the previous image also has the Linux compact layer working. So I can also run the Linux command to look inside a Linux image.\nDavid: And if you run your name, you see that this is not actually a Linux can kernel. It's a FreeBSD kernel pretending to be a Linux kernel. So, this is kind of where I wanted to be able to Build use previously containers on the Mac. And that I can then deploy to servers that are running a freebs DOS on the host. That seemed like it was a hundred percent in scope for what podman machine was supposed to do. it's for supporting running containers of one OS, when the host is something different, that's why I was kind of surprised by how much negativity, there was in the PR but a couple of people suggested discussing it in this forum, so,\nDavid: Yeah. Yes, this is arm because I'm on a apple, silica Mac. Most of this stuff should work on x86, but my x86 Mac is too old for me to be able to build pod, man on it. The go compiler, crashes. So I haven't been able to test it on x86.\nBrent Baude: Okay.\nDaniel Walsh: So Paul is not here, So Paul is the one that push back the hottest.\nBrent Baude: No. I think we can speak for Paul. The team was pretty unified.\n00:25:00\nDaniel Walsh: Yeah.\nBrent Baude: And in their thinking. So I'll try to represent the team the best David. And what I would like to do is just have a friendly conversation and please don't take anything as a negative.\nBrent Baude: So you're demo was very nice. it just Established a couple of facts. Podman machine and knit is not an automatic thing with tribute SD yet. Is it?\nDavid: You currently have to provide the image. It doesn't go infected automatically,\u2026\nBrent Baude: And is that image been customized?\nDavid: There's some build scripts that make that look as much. what you expect from a Linux guest, as possible. As I said, what I was trying to do with most of this work is minimize the disruption in Odd, Man, it's taking the ignition file. It's extracting the bits from that it needs. It's not adding, anything custom, my goal is to have the FreeBSD release engineering, team able to produce VM images that are the shape of man expects to be able to consume And I think EDM Matt from the previous D Foundation is on the call so he can maybe speak more to that. But the\nDavid: to go for most of this work. And this is why, the Pod man changes are a couple of hundred lines. The FreeBSD changes are significantly larger than that. As always been to make sure that we're not making undue requests from podman, we're not saying, Please change how you do sharing, how you provision? Ssh keys. We're just saying, Please don't make or provide a hook that lets us not use Linux specific mount commands, but export those with the free BSD ones and I think that the total changes I have\nDavid: Are really, about a hundred lines of code. And a big chunk of that is moving stuff from one function to another.\nBrent Baude: okay, so when you weren't to clarify, when you were talking about dealing with a free BSD, disk Images, Your intent I have an image that is not configured and would use ignition. Okay. How far away do you think you are from something like that?\nDavid: Yeah.\nDavid: So that's what we have. that image I build with poudreau\u2026\nBrent Baude: You do.\nDavid: which is the thing that the previous D project uses for building packages and can build this images. That's preconfigured to look for the ignition. And file in the qmu firmware, config exported space extract, SSH keys from that AD users based on that. It has the 9pfs stuff built in so it can grab the host shares from that. It installs podman from the packages,\u2026\nBrent Baude: Okay.\nDavid: it has all the services that's up to run all of those bits.\nDavid: And that's now scripted as a thing that just spits out a disk image that can be consumed by Bob Man. that's not where I want to end up. I'd like that to be something that the FreeBSD Release Engineering team is producing For every security advisory for every Iraq to notice.\nDavid: As they do with other customized disk images, for cloud providers and so on.\nTom Sweeney: Note for David and Brent is, did you see the note from Ed must. I'm hoping, I'm pronouncing his name correctly, It's last name. Anyway, he doesn't have a working. Mechan want to make a note that the foundation is quite interested in this topic and is willing to dedicate resources to support what we needed from the FreeBSD image. I can't speak English today either built side and I'm looking at some perfection uses of FreeBSD containerization in general. Ed works with you David? Is that true or previous?\nDavid: Yeah. So Ed is on the board of the FreeBSD Foundation and manages their technical activities.\n00:30:00\nDaniel Walsh: yeah, so I think it would be First ad for BSD support, I think the biggest pushback has been or against making prime machine end up being, some way of Downloading, any random, Unix Pat box and running it? and the main problem we have with that, is that we end up being the support people for I pulled down my machine for Ubuntu and it's not working properly and we don't have anything to do that. So if previous people are willing to support this I think it's something that we should definitely consider, again, we can't support it. So we need Doug and we need you David and anybody else from free, PSD to be able to support us. Doug.\nDoug Rabson: Hey, I'm absolutely there to support this feature and it's kind of interesting. The word support means different things in different contexts. And when I read the two, the four seven release notes includes a line for, adding support for DASH device on previously that absolutely doesn't mean that I expect Red Hat to support commercial customers using that feature. But it's nice that the Pod Binary supports it so I think we can have a sliding scale sort of context, depends. Support model in this case. David. And I really care about Having pod man work as well as it can on previous D and being able to use that on a Mac. Just opens up people to experiment with it. I have a Mac on my desk at home that I'm working. So, we'll be useful for me, but it doesn't mean that I expect you to,\u2026\nDaniel Walsh: I just want to.\nDoug Rabson: to feel support calls for that future.\nDaniel Walsh: Yeah, I don't want to first of all, Red Hat support and just because a few bunch of us were for redhead Red Hat supports a totally different thing. We're always talking about here is upstream support. And in that case everything you just said actually is true as well. Our fear is that Doug you've been a great partner for us so you're not as category but we get a lot of drive by commits that has my favorite Linux distribution. I need a machine for it. So here's how to do an alpine machine and then that person disappears and all of a sudden we're getting, github issues on it and we're closing it and people like I man sucks it doesn't support Alpine right or, things like that. So that's probably the biggest pushback or,\u2026\nBrent Baude: Okay, wait,\u2026\nDaniel Walsh: at least my biggest push back.\nBrent Baude: we really designed Purposely an appliance such that we could have this conversation of you don't get to just put whatever you want in there and\u2026\nDaniel Walsh: \nBrent Baude: have us figure it out. So, that was a defensive maneuver at least, when I wrote the original code. IQ IQ. And I think the team as well with some mattresses. Feels pretty good about the freebies steam machine part. So, the hangup is on the BSD machine, if you I think our wish would be that if you follow the code pass, there's something called a provider. In our code. We'd like to see free. BSD be a provider even though it's using If that's something we can maybe figure out and I need to go back and look at the code to see if that's possible or we just sort of talk it, under there as a OS. everything under square\nDavid: Yeah, so I mean the Current.\nBrent Baude: UNIX, or whatever.\nDavid: Delta between Linux and 3bsd in qmu is two things. One of which I'd like to not need for some reason on a arch.\nBrent Baude: Okay.\nDavid: 64 FreeBSD is not correctly. Handling, the ACPI Shut down event. There's a bug filed about that ream. Maybe Ed can help. Devote some resources to fixing that, but that means we just ssh in and do a shut down dash p now, as well as sending that event. that's three lines of code on two of those are the open brace and closed brace If it's Free BSD, have this hacky work around\n00:35:00\nDavid: the other one is when we mount the host file systems, The FreeBSD, and the Linux Mount commands takes slightly different arguments. I factored that out into a separate function for the Linux and\u2026\nBrent Baude: We?\nDavid: the Freebs D1. And everything else is shared across the qme1.\nBrent Baude: Perfect.\nDavid: I haven't tried the Apple HP code paths yet. I'm not sure how mature they are if they're in a working state but I'd love to work on that. I know some customers that would be very happy to have. No requirement to run GPL codes to be able to run containers on a Mac. I don't have quite that hang up so I'm happy to work with the qmu version.\nBrent Baude: I wrote the Apple HP stuff, so it's perfect obviously. It does work, the biggest hang up with Apple HP. Right now is just simply that we don't have photo or cos image being generated by a fedora correlas. So otherwise it's been pretty bulletproof. It does use vfkit. have you seen that? Okay, and\u2026\nDavid: Yeah. In a past life,\u2026\nBrent Baude: it uses GT proxy.\nDavid: I actually wrote the book about the Zen internal, so I have more than a passing familiarity with how hypervisor work.\nBrent Baude: so that would be the only You think of a free bsd problem of via Kit? I would imagine that would boot just fine. They're red Hatters so we can get cooperation. There.\nBrent Baude: And I think they even let me merge Prs. so, the second small hurdle will have to figure out is somehow one of our biggest efforts right now as a team, As Chris can tell, you is, We're trying to get machines, we have a whole slew of machine tests. Now, And we're trying to get that working in CI. so, the first thing that might be good is to Have you run your current code against the machine tests? There's a readme in there. I think you'll be able to figure it out.\nBrent Baude: If not hit me on IRC here wherever else? But we don't really have a freebsdci solution. Is that something you guys have?\nDavid: Yeah I mean Sarah Ci does open source Freebsdci but the bit that we actually need here is Mac CI. And we can provide FreeBSD.\nChristopher Evich: He?\nDavid: This images that can integrate with that.\nChristopher Evich: I can speak a little bit to that. So, serous, the serious FreeBSD, I believe, that's using their compute services and I'm pretty sure that's going to be running on a VM of some sort. So, that seems like that would cause issues with trying to run nested for and\nDavid: Yeah.\nDavid: I thought she supported nested virtualization, but I've not actually tried it.\nChristopher Evich: Sue and So I'm not exactly sure what is behind the serous compute stuff? It's kind of a black box. but you're right there are I think in both GCE and in AWS, I think they've got\nChristopher Evich: Images that are available. The ez2 side is a bit more attractive because we could in theory, run bare metal there. It's kind of expensive, but\nChristopher Evich: Maybe that's a possibility.\nBrent Baude: So let's get it.\nDavid: But yeah.\nBrent Baude: Can we get an issue upstream about implementing? this and Chris Knight, This is the last of your\nChristopher Evich: yeah, You can stick me on it.\nTom Sweeney: Okay.\nBrent Baude: But it would be the last of your platforms to work on it. At least at this\u2026\nChristopher Evich: Yeah.\nBrent Baude: but David, if we can get a thumbs up, that it passes the tests if you run it, local, That would be,\u2026\nDavid: Yeah.\nBrent Baude: that would be very helpful to us. In terms of confidence.\nDavid: Yeah, if you can drop me a link in the chat to the Readme that has the instructions. I can definitely spend some time on it this weekend.\nTom Sweeney: Okay, that's good. I wanted to just touch base with Doug real quick and then we're gonna have to move on if we want to come back to this at the end we can't, did you have something further to talk about here?\nDoug Rabson: Yeah. I was just going to note that in a very small way. We have a FreeBSD workload running in the CI does the native through the SD build as opposed to a cross build obviously it's not doing nested virtual anything like complicated Long-term, I kind of want to be able to run system tests, but I think we're quite our way away from that.\n00:40:00\nTom Sweeney: I'm just gonna end this conversation right now just because of time rather than of interest.\nBrent Baude: Yeah.\nTom Sweeney: And I'm going to ask Dan to step up now and give us a quiet demo and then we can come back to the Select Demo style if we still want to. 10.\nDaniel Walsh: Okay, so I was talking in time before it's a quad that's been around for a little while. I'm surprised we haven't done this at community meeting. So let me I'm just going to talk through quickly. What quadlet is and Show you a couple of examples of it. Those who haven't played with it yet.\nDaniel Walsh: So, a little history lesson, I wrote a blog on Quad, led Pod that back February of this year. So quadlet was a effort of integration of podman and system D. So for those of you out there that played with partners, always have this command, Baude man system. System degenerate, which would take a running containers on your system or running pods in your system and then would generate a system to unit file. That was sort of the best practices of the time to define how to run this pod man under a system to unifile. And\nDaniel Walsh: That a lot of people use that matter fact, that somebody who we've sort of tried to deprecate it and now there's some people pushing back as they use it heavily inside of production. So we're have to look at it. But a engineer from Red Hat, Alex, Larson saw this and actually realize that he understood the system. He had this concept of what's called the generator and what a generated allows you to do is actually sort of do that on the fly, all Actually generate a unit file and then customize the way that the unit file actually looked on a system. So if you played with system D at all, he probably seen a unit file that looks something like this.\nDaniel Walsh: And usually a unit file defines the actual application and find some stuff under services. And then usually Elijah to set up relationships between different unifiles. So you can do things like install and say, the services are going to start till after the civil service starts, but there's a special section inside of this. That doesn't exist in most system to Unifiles. And this section can be defined, and then you run a generator to convert this section into something that looks like in a system D could actually support. So what quadlet does is allows us to specify these special sections inside of what looks like a traditional system. The unit file in this case is just a couple of lines What image the container is going to run. And then just the command to execute inside the container.\nDaniel Walsh: When you run a system daemon reload that will actually cause system D to run a generator, which is going to run quadlet to translate that thing that looks like a system. To, file, we call them quadlets into a real system to unit file and I think down the bottom here. this is the real system to unifologist generated here and you'll see\nDaniel Walsh: Basically, that gent takes generates it into a podman command that will run and your services. But this builds in all the intelligence that we've added to make sure that Pod man runs correctly on the system to unit files. So the original one was just to do, simple, quadlets containers underneath unit files, There's a second blog that was written by Ygal on this call. Also that looks at advanced features of quadlet, so we don't only support container. But we actually support Dot Coop, which allows you to specify Kubernetes, Yaml file to run inside of a quad. that's going to use Pod, man, who play underneath the covers and then there's additional tools Dot network and Dot volume. Let's that allow you to specify, to create a pod man that work or create a Pie Man volume. And then you can into mix all these together and this\nDaniel Walsh: The blog Goes heavily into How to set up a real complex, Kubernetes Yml file with its own networking, in its own volumes, but all created, by these multiple different files underneath the Kubernetes Yaml files. So now, I'm gonna go out and show you another example. So, in my home directory, this is big enough. Everybody to see I created a quadlet for running Android. So, this is a\n00:45:00\nDaniel Walsh: A quick quadlet that someone has Android VM to be able to run inside of a container underneath the pod, man, and this gives you an idea of right up here on doing some leaking the environment variable to tell it which look for Wayland to my desktop. Then I'm adding a couple of it needs KVM and renderer and a few other commands to be able to run container. It's kind of interesting that you can actually do things like Advanced concepts. I think percent takes the current xdg runtime directory and mouse it into the container. So this advanced up but basically this is all this stuff is going to get converted into a real complex pod man. and to run but again it's fairly simple to look at and then I can just do A start.\nDaniel Walsh: Android and basically standard system, the commands to actually process a quadlet. And there you have Android running underneath Pod Man, inside of a container on my desktop, it takes a couple of seconds to refresh.\nDaniel Walsh: Here it comes.\nDaniel Walsh: And say it was giving me this severely real fast, but There are some stuff that we can do to improve the speed of this, but Now, you have an This is Android Auto,\u2026\nTom Sweeney: But yeah.\nDaniel Walsh: so a lot of this was done for the Auto SD code. So this eventually shows you, Yes, that running. So now I'm gonna go into quickly through some slides of some of the power that you can do with quadlets because quad lights, allows you to integrate system setting up parts of the system as well as setting up containers. And now you can interact between the two of them. So this is actually part of the ribose effort, red and vehicle operating system and we're looking for\nDaniel Walsh: Up a section of the disk to isolate processes inside of this section, from the rest of the system. And so I'm just going to go through one of the things we can do is we can name sort of the C group that we're gonna associate with the entire service. We can actually take through all system D tools that you can use to convey a quadlet. We can actually pin all the processes inside of this broad led to specific CPUs and the system you can actually set up C groups measurements on the group. So you can set up CPU weight. Now you can set this up in five man as well but it's kind of interesting that System has some advanced features that we can take advantage of i08 similar\nDaniel Walsh: On and we're gonna go down here. We can actually set things like boom killer. So if I want to make sure that my process gets killed inside of a container, I can set up outside of this service is priority wise. They can do that a couple of those things.\nDaniel Walsh: We can actually take set stuff like recent whether or not system should restart the service automatically. And this is interesting too system. D has advanced features for stopping fork bombs. So Taskmax here is actually setting, basically says the service to say that it can never have more than 50% of the maximum amount of kids on the system. And then we're going to jump down.\nDaniel Walsh: And now we're in the container section. So these are commands to setting up pod man, but when I set up the pid's limits there, what's interesting? I think I stopped here as I can soon section. These are all flags, you can set But I was trying to get to and I guess my presentation. So right here, Pid's limit If I wanted a container to have more than,\nDaniel Walsh: Yeah. The Pid's limit, if I wanted to control his limits from my system point of view, and not from podman's, hide coded to go to 2048 by default that runs containers. But if I wanted to have 50% of all CPUs and I go into my Pod, Man section and tell it to set the limits to minus one. Now, most of these fields inside of the container section, all match up some what to match up to similar Pod, Man. Command line options and there is a Get Out of Jail free card. If we did an implement one. So there is a podman arc so you can actually specify individual pod, Commands bottom line is, you can do really advanced stuff with running podman of the system d. So if you're moving to services running on nodes edge devices, things like that is incredible power on this. So I'm gonna end it.\n00:50:00\nDaniel Walsh: End at this point and open myself up to questions I guess.\nTom Sweeney: Any questions for dinner. I saw a couple go by, for Blaise in the comments talking about Now, I've lost it.\nTom Sweeney: Always quiet, Kubernetes for humans. In other words, a poor man's Kubernetes\nDaniel Walsh: Here. you still have to write the Kubernetes Yaml files. Although Pod, Man has ability to generate Kubernetes Yaml files so you can do podman Coop generate from existing pods of containers and that'll generate a yaml file that you can then use in a pod man and inside of a quadlet and Egal is much more of an expert on this. So I'm sure he's jumping up to answer the question so go, yeah.\nYgal Blum: But I'm I think might I have a problem with my camera, Sorry for that. So the idea is that you can define your application either directly on a containers as a dot container or it is a dot cube and then use it as a kubernetesmo and then point to it with a dot cube file, the ideas that then you can reuse your already existing Kubernetes deployment or even said or whatnot and use it directly and you don't need to maintain two sources of truth.\nYgal Blum: An image pool operation that will be separated from the apartment run. the initial reason I added It was that I needed a weight. I wanted to create a volume based on an image and unlike Podman Run which knows All the Image Podium volume. Create does not do So I needed an automated way to pull the image separately from the creation of the volume. So this allowed me to do that and not sure if Dan mentioned it. So there's an if you can see it in my blog post, Once the Dot volume. And next DOT image file are not only used to define these entities, but they can also be used in the Dot cube or DOT container or next in the DOT volume using DOT image file. So that\nYgal Blum: Quartet will know to create the link between them and also to create a dependency between the service file. So let's say I have a network created by a DOT network file and I point to it from a DOT container file, then while that will know to link to that network and also to create a dependency between the service created for the DOT container file and the one created for the DOT network.\nDaniel Walsh: Excellent. They got somebody's pointing out that there's multiple ways of running containers.\nTom Sweeney: Yes.\nDaniel Walsh: There's Kubernetes There's Darker compose, there's pod, man system degenerate and now I think quadlet is biased towards system. D, use cases for running containers and we've always had a goal with pod man to make it as integrated with System. B is as humanly possible, the real neat thing is that you can start to run, could you Kubernetes workloads? I mean, define your application in terms of Kubernetes, then we can run at locally under a system, as well as running inside of a Kubernetes cluster. So we can actually run the gamut of those tools. Obviously we continue to support compose and kubernels for running. container as well, but\n00:55:00\nDaniel Walsh: So that's it. Any other questions I missed anything?\nTom Sweeney: I'm hearing silence and we're getting close to the end of the hour. So I'm gonna think that and you go for talking through this and the questions that we got on it and I will just ask if there are any questions that somebody else had Kiran\nKiran: Hi, Tom. so my question is regarding I deployed my container. but, I was thinking to add authentication for it. If any user is using Portman exec command we can directly get inside the container. So is there a way to add any type of authentication for that?\nDaniel Walsh: Do you want to You running a ruler container or focus data.\nKiran: it is a rootless container.\nDaniel Walsh: So you're worried about other people logged into that user getting in or is your container listening on the network?\nKiran: I'm worried about the other user, specially the root user. To access my container.\nDaniel Walsh: Yeah, so that if you were worried about the root user, the future of that type of worry Pod, man has no way of control and I'm back. No process on a Linux system. Right now has a way of controlling that if you following along with the thing called confidential computing, which is just starting to show up right now and Computing is the way to solve that problem, but it takes specific types of hardware that are not available on laptops or low-end devices yet, but I think over the next six to nine months so this would be So the processes inside of your container as well as all the content would be encrypted in such a way that the root process would not be able to interfere with it. the only you could do is kill it but you wouldn't be able to examine the content or manipulate it so\nKiran: Okay, so I'm mostly concerned about my source code, which is inside using the Portman secret.\nDaniel Walsh: yeah.\nKiran: Can I hide all of my source code?\nDaniel Walsh: No Secret is only to leak a secret into the containers in a way that it would not be saved. So It's really a secret from the image that could be created. So secret secrets is not what you think it is. Now you could encrypt your container and pass in a secret to decrypt, your content. But that would not make it safe from the reviews around the system.\nKiran: Thank you, Daniel.\nDaniel Walsh: Yeah. Yeah.\nTom Sweeney: Thanks.\nDaniel Walsh: Jennings is a hand raised. Go Jennings.\nTom Sweeney: hope to do, just\nTom Sweeney: We can go a few more minutes.\nJennings: Okay. Yeah.\nDaniel Walsh: If your questions between me and lunch, so yeah. but,\nJennings: So I have a really long question. That's really multiple questions. First, I can share that I've been using Quad lit, just on my personal home server and I've been able to deploy next cloud, using quad lit and so far. It's been running smoothly, but I do have a couple of bugs that I need to work around. One of them has to do with podman network create and When I created the issue on, the podman Github, they close that as won't fix. So I'm just trying to explore other options. I've seen this word pasta appear like on the issue boards but I've never found any documentation for it. Can anyone tell me what pasta is and is it something that I could possibly look into\nDaniel Walsh: but,\nBrent Baude: Pasta is a replacement for the current slurp. Implementation. It's claim to fame is that it's more performant.\nBrent Baude: Maybe you could paste the issue so that we can familiarize ourself with the issue.\nJennings: Yeah. I'm looking for,\nJennings: There we go. So that's the issue with podman that I have. How the On quadlet thing for me works is that this is a special repository called Next Cloud. All-in-one A little context on what Next Cloud is a self-hosted, Google Drive and this next cloud, all in one project works by speaking to the Docker Damon and creating some containers of its own. I found this pretty easy to do with quadlet and also rather elegant to do because as a System D service, the dot container file can actually specify a dependency on the podman socket. And so I'm able to just bring everything up with a system restart or as a system CTL start. But then, we get to this problem where? The application called Nextcloud Aio wants to speak to the Docker.\n01:00:00\nJennings: API and podman understands most of the things. But in counters, A Internal error with this specific issue. I wanted to create a workaround in next Cloud Aio, but they just shot down my PR as well.\nChristopher Evich: I was exploring that the other day and I saw that there's a little blurb on their website. That basically says that they don't want to support Pod man because of differences with the docker API. They don't enumerate what those differences are which is not helpful.\nBrent Baude: What is the difference?\nChristopher Evich: We don't know, It just says Next Cloud. Aio does not currently support podman due to differences with the Docker API. it's very generic like that.\nBrent Baude: Is that what you're seeing Jennings?\nJennings: The API is the same but the behavior is different. So you can make the proper API call but it's not going to work because of this. Issue with Slurp and I'm not sure if it's truly something like that I can't figure out or whether or not, it's been closed by won't fix erroneously.\nBrent Baude: Paul's not here to speak for himself so I'm not going to speculate He's one.\nMatt Heon: I can.\nBrent Baude: Smart cookie.\nMatt Heon: I can say it on the sprint. This is mostly internal database stuff there are,\u2026\nBrent Baude: Yep.\nMatt Heon: it's an accounting thing, where the sloper knit in this net mode doesn't allow for a list of networks.\nMatt Heon: I think it's definitely fixable but this is refactor stuff that will probably go along with the rewrite for pasta. So I don't think it's fixed by pasta, but I do think that we're actively working on this bit of code as part of the posture transition.\nBrent Baude: And all is working on that presently. So, we could take a note to follow up with Paul.\nBrent Baude: To see if that's something. He can consider. Is that what your sort of suggesting Matt?\nBrent Baude: And he's in Germany. So he's on PTO today. There's a holiday.\nChristopher Evich: It seems like it would be useful for us to get details from the next Cloud people. What exactly in the API is not matching because there's my understanding as we want to try to have problem and be close.\nChristopher Evich: So, if it's\nJennings: To try to save you from that conversation. I'm pretty sure what they just mean. Is they are Skeptical and it's more work for them to maintain something that is somewhat niche in their community right now.\nChristopher Evich: Yeah. Yeah.\nJennings: Everyone's happy just running docker, as the root user and they make rootless locker, a special case as well. And then podman is a special case of a special case. And they just don't have the manpower to tease out these tiny little bugs that are different between docker and podman. So this issue that I created on the podman repository it does seem like a difference or broken feature parity to me because it's very easy to reproduce but I can see that this is also just a very rare edge case since trying to join in existing container to a existing network. Isn't something that most people will do very often\nDaniel Walsh: Then.\nJennings: if we do have a solution for this bug, down the road, after a pasta rework and then after some more effort on this issue, then, I would say This bug is the last thing that's kind of blocking specifically mixed cloud aio from working with Quad lit in a very elegant way. so, If this issue is at a result, then I would probably be able to contribute to the next Repository just the set of quality files that I used to bring everything up and it'll be a seamless experience for other people to try.\n01:05:00\nChristopher Evich: Or a blog article would be good.\nJennings: Yeah. the next cloud Aio Maintainer invited me to write a wiki page. I haven't, really once again, things work out of the box. So, long as you work around this one bug by just changing, two lines of source code.\nTom Sweeney: All right, I think I'm going to wrap up here just due to time. Jennings is there anything else that we can do at the moment or for you or help you with this? Or just continue on the bus.\nBrent Baude: Let's try to circle back, Jennings. Are you on discord or IRC or something? Where we can circle back to you later in the week?\nJennings: I am on the Matrix channel.\nBrent Baude: Okay, great.\nTom Sweeney: As Jennings.\nTom Sweeney: Sounds good. Any other last questions before we wrap up for today?\nTom Sweeney: Okay, I'll just throw up the reminders for upcoming meetings. We are December 5th for the community meeting here. Our next cabal meetings coming up in just a few weeks. That will be on Thursday October 19th. And that too. Is that 11 am? And as a reminder, that will be our last Cavali meeting will be moving those As of November the third Tuesday of the month there, And with that, I am going to thank everybody and our presenters, especially, and the folks that ask questions and we're going to stop recording here. Yes.\nBrent Baude: I'm just if I can before you hang her up, could the FreeBSD folks and at least Matt stick around.\nMatt Heon: Sure.\nMeeting ended after 01:06:41 \ud83d\udc4b\n")))}gi.isMDXComponent=!0;const yi=function(e){let{cards:t}=e,n=[],a=[];const[o,i]=(0,Z.useState)(!1),[s,r]=(0,Z.useState)(void 0),[l,h]=(0,Z.useState)(void 0),d=[(0,Z.useRef)(),(0,Z.useRef)()],u=(0,Z.useRef)();var m,c;m=u,c=()=>i(!1),(0,Z.useEffect)((()=>{const e=e=>{m?.current?.contains(e.target)||c(e)};return document.addEventListener("mousedown",e),document.addEventListener("touchstart",e),()=>{document.removeEventListener("mousedown",e),document.removeEventListener("touchstart",e)}}),[m,c]);const p=function(){for(var e=arguments.length,t=new Array(e),n=0;ni(!1)},Z.createElement(me,null)))),i(!0)};function g(e){const{meeting_minutes:t,meeting_recording:n,date:a}=e;return Z.createElement("div",{className:"inline-flex justify-around bg-white px-8 py-1 dark:bg-gray-700 dark:shadow-none"},Z.createElement("h3",{className:"flex-1 pl-1 text-base text-gray-700 dark:text-gray-50"},a),Z.createElement("a",{className:"flex-1 no-underline hover:no-underline",href:n?.link},n?.text),Z.createElement("a",{onClick:()=>{p(t,a)},className:"cursor-pointer"},t?.text))}Object.values(K)?.forEach((e=>{let t=e?.default((0,Z.useRef)());t?.props?.children?.forEach((o=>{let i=o?.props?.children[0],s=o?.props?.children[1];"string"==typeof i&&(i.includes("BlueJeans")||i.includes("Video"))&&(e?.contentTitle?.includes("Cabal")?n.unshift({date:(e?.toc?.[0]?.value).split(/[0-9]{2}:[0-9]{2}/)[0],meeting_minutes:{markDown:t,modalHeaderData:e.contentTitle,text:"Meeting Minutes"},meeting_recording:{link:s?.props?.href,text:"Watch Recording"}}):a.unshift({date:(e?.toc?.[0]?.value).split(/[0-9]{2}:[0-9]{2}/)[0],meeting_minutes:{markDown:t,modalHeaderData:e.contentTitle,text:"Meeting Minutes"},meeting_recording:{link:s?.props?.href,text:"Watch Recording"}}))}))}));let y=[],k=[];for(let w=0;w<2;w++){let e=a.shift();y.push({date:e?.date,icon:"film-icon",buttons:[{path:e?.meeting_recording?.link,text:e?.meeting_recording?.text},{...e?.meeting_minutes}]}),e=n.shift(),k.push({date:e?.date,icon:"film-icon",buttons:[{path:e?.meeting_recording?.link,text:e?.meeting_recording?.text},{...e?.meeting_minutes}]})}return Z.createElement("div",{className:"justify-content-center align-items-center custom-card-grid-root flex"},t.map(((e,t)=>{let i=1==t?k:y;return Z.createElement("div",{key:`card-container-${t}`,className:"align-items-center card-container mb-4 flex flex-1 flex-col flex-wrap justify-center transition duration-150 ease-linear lg:mb-6"},Z.createElement(he,{key:`custom-card-${t}`,title:e?.title,subtitle:e?.date,details:e?.timeZone,text:e?.subtitle,data:e?.buttons,primary:!0}),Z.createElement(te.Z,{title:"",description:"Most Recent meetings",textGradientStops:"from-purple-500 to-purple-700 dark:text-purple-500",textGradient:!1}),Z.createElement(de,{key:`subcard-grid-${t}`,cards:i,toggleIsModalOpen:p}),Z.createElement(ue,{options:(r=1==t?[...n]:[...a],r.map((e=>Z.createElement(g,e)))),dropdownRef:d[t],text:"Older meeting details"}),Z.createElement("dialog",{className:"bg-stone-200 w-90-screen h-80-screen fixed top-20 z-50 max-h-screen w-fit border-4 border-purple-100",open:o,ref:u},Z.createElement("div",{className:"modal-content flex flex-col"},s,Z.createElement("div",{className:"md-wrapper overflow-y-auto scrollbar-thin scrollbar-track-gray-100 scrollbar-thumb-gray-300 dark:bg-gray-700 dark:text-gray-50 dark:shadow-none"},l))));var r})))};const ki=function(e){const{title:t,subtitle:n,button:a}=e;return Z.createElement("article",{className:" my-4 flex max-w-xs flex-col justify-between"},Z.createElement("h4",{className:"text-gray-700"},t),Z.createElement($.Z,{text:n,styles:"mb-4 mt-2 w-[198px] md:w-64"}),Z.createElement(oe.Z,(0,Q.Z)({outline:!0,as:"link"},a)))};const wi=function(){const e=new Date,t=[e.toLocaleString("en-US",{timeZone:"Europe/Paris",hour:"numeric",minute:"numeric",hour12:!1}),Intl.DateTimeFormat("en-US",{timeZone:"Europe/Paris",timeZoneName:"long"}).format().split(",")[1]],n=[e.toLocaleString("en-US",{timeZone:"America/New_York",hour:"numeric",minute:"numeric",hour12:!1}),Intl.DateTimeFormat("en-US",{timeZone:"America/New_York",timeZoneName:"long"}).format().split(",")[1]];return Z.createElement("article",{className:"mb-10 max-w-lg rounded-lg bg-aqua shadow-md dark:bg-purple-900"},Z.createElement("div",{className:"m-4 grid grid-cols-2 gap-x-4 lg:m-8"},Z.createElement("div",{className:"col-span-full mb-5 text-center"},Z.createElement("h3",{className:"font-bold text-gray-300 dark:text-gray-100"},"Current Time")),Z.createElement("div",{className:"text-center"},Z.createElement("h4",{className:"mb-2 text-3xl font-extrabold text-purple-500 dark:text-gray-100"},t[0]),Z.createElement("p",{className:"w-40 font-bold text-blue-900"},t[1])),Z.createElement("div",{className:"text-center"},Z.createElement("h4",{className:"mb-2 text-3xl font-extrabold text-purple-500 dark:text-gray-100"},n[0]),Z.createElement("p",{className:"w-40 font-bold text-blue-900"},n[1]))))};const fi=function(e){let{title:t,text:n,darkBg:a="dark:bg-purple-900"}=e;return Z.createElement("aside",{className:`rounded-lg bg-aqua ${a} max-w-lg px-6 py-8 text-gray-700 shadow-xl dark:shadow-md dark:shadow-gray-900`},Z.createElement("h4",{className:"mx-auto mb-2 max-w-md font-bold dark:text-gray-50"},t),Z.createElement("p",{className:"mx-auto max-w-md dark:text-gray-100"},n))};var bi=n(37528);const vi=function(e){let{text:t,path:n,icon:a,image:o,textLogo:i}=e;return Z.createElement("a",{href:n,className:"mx-auto flex flex-col items-center text-center"},Z.createElement("div",{className:"max-w-fit rounded-full bg-white p-8 shadow-sm dark:bg-gray-900"},a?Z.createElement(X.JO,{icon:a,className:"text-5xl"}):i?Z.createElement("span",{className:"block py-2 font-display text-4xl font-extrabold"},i):Z.createElement("img",{src:o.path,alt:o.alt,className:"w-16"})),Z.createElement("span",{className:"underline-offset-6 duration-149 mt-4 block text-blue-700 underline transition ease-linear hover:text-blue-900"},t))};var Mi=n(4544),Ii=n(92074),Ai=n(86547);const Ti="Community",Si="We want your feedback, issues, patches, and involvement in the development of Podman. **Chat** with us on Slack, IRC, or on our **mailing list**. Submit **issues & pull requests** (see our [CONTRIBUTING guide](https://github.com/containers/podman/blob/main/CONTRIBUTING.md) on how.) Participate in one of our twice-monthly community meetings. You are welcome in our community!",Ci={text:"To help ensure all feel welcome in the Podman community, we expect all who participate to adhere to our [Code of Conduct](https://github.com/containers/common/blob/main/CODE-OF-CONDUCT.md)",icon:"fa6-regular:handshake"},Ni={title:"Chat with the Podman community",subtitle:"The Podman developers are generally around during CEST and Eastern Time business hours, so please be patient if you\u2019re in another time zone!",links:[{text:"#podman:matrix.org",path:"https://matrix.to/#/#podman:fedoraproject.org",image:{path:"logos/raw/element-56w-59h.png",alt:"Element Matrix Logo"}},{text:"#podman on libera.chat",path:"https://web.libera.chat/#podman-desktop",textLogo:"IRC"},{text:"Podman GitHub Discussions",path:"https://github.com/containers/podman/discussions",image:{path:"vectors/raw/github.svg",alt:"GitHub Logo"}},{text:"Podman Discord",path:"https://discord.gg/vwpj7K6gW5",icon:"logos:discord-icon"},{text:"Slack",path:"https://slack.k8s.io/",icon:"logos:slack-icon"}]},Di={title:"Podman Community Meetings",subtitle:"Many of the maintainers for the Podman project attend both of these meetings, so it's a great chance for community members like you to ask them questions or address concerns directly. If you have a topic that you\u2019d like to propose for either meeting, please send a note to the [Mailing List]().",image:{path:"images/optimized/community-call-554w-219h.webp",alt:"An image of podman team members in a virtual meeting"},cards:[{title:"Podman Community Meeting",subtitle:"This meeting is used to show demos for or to have general discussions about Podman or other related container technologies. It is also used to make announcements about Podman and the other projects in the [Containers repository on GitHub](https://github.com/containers).",date:"**1st Tuesday** of even numbered months",timeZone:"11 AM US ET /5 PM CET",buttons:[{text:"Join Meeting",path:Ai.wz},{text:"Meeting Agenda",path:"https://hackmd.io/fc1zraYdS0-klJ2KJcfC7w"}]},{title:"Podman Community Cabal",subtitle:"The focus of the cabal meeting is the planning and discussion of possible future changes to Podman or the [related Containers projects](https://github.com/containers) and discussing any outstanding issues that might need solving.",date:"**3rd Thursday** every month",timeZone:"11 AM US ET /5 PM CET",buttons:[{text:"Join Meeting",path:Ai.wz},{text:"Meeting Agenda",path:"https://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both"}]}]},Pi={title:"Mailing List",subtitle:"The Podman Mailing list is available for your questions, concerns or comments about Podman.",browseInfo:{title:"Browse the mailing list",subtitle:"Simply visit [the Podman mailing list website](https://lists.podman.io/) to browse or search previous postings to the Podman mailing list."},subscribeInfo:{title:"Subscribe or post to the mailing list",subtitle:"Simply visit [the Podman mailing list website](https://lists.podman.io/) to browse or search previous postings to the Podman mailing list.",description:"Regardless of which method you use, a confirmation email will be sent to you. After you reply back to that confirmation email, you'll then be able to send mail directly to podman@lists.podman.io Send an email to [podman-join@lists.podman.io](mailto:podman-join@lists.podman.io). You can then also go to [the web page](https://lists.podman.io) and manage your subscription.",options:[{title:"Option 1",subtitle:'Send an email to [podman-join@lists.podman.io](mailto:podman-join@lists.podman.io) with the word "Subscribe" in the subject.',button:{text:"Send email",path:"mailto:podman-join@lists.podman.io"}},{title:"Option 2",subtitle:'Enter your email at the bottom of [the mailing list sign up page](https://lists.podman.io/admin/lists/podman.lists.podman.io/), and hit the "Subscribe" button.',button:{text:"Sign up page",path:"https://lists.podman.io/admin/lists/podman.lists.podman.io/"}}]},extraInfo:{image:{path:"images/optimized/mailing-list-screenshot-580w-376h.webp",alt:"A screenshot of the Podman mailing list home screen."},note:{title:"Please note:",text:"If you have a bug that you\u2019d like to report, it\u2019s best to report it here by creating a \u201cNew issue\u201d rather than sending an email to the list."}}},xi=[{title:"Submitting Issues & Pull Requests",subtitle:"The following is a quick cheat-sheet of sorts on how to submit issues and pull requests to the Podman project. For the most up-to-date and more comprehensive information, please take a look at [CONTRIBUTING.md](https://github.com/containers/common/blob/main/CONTRIBUTING.md) in the Podman repo."},{title:"Submitting Issues",subtitle:"Don't include private / sensitive info in issues!",sections:[{text:"**Before reporting an issue**, [check our backlog of open issues](https://github.com/containers/podman/issues) to see if someone else has already reported it. If so:",checkList:["Feel free to add your scenario, or additional information, to the discussion.","Subscribe to the issue to be notified when it is updated."],button:{text:"Check Open Issues",links:[{text:"Check open Podman issues",path:"https://github.com/containers/podman/issues"},{text:"Check open Podman Desktop issues",path:"https://github.com/containers/podman-desktop/issues"},{text:"Check open Buildah issues",path:"https://github.com/containers/buildah/issues"},{text:"Check open Skopeo issues",path:"https://github.com/containers/skopeo/issues"},{text:"Check open Cri-o issues",path:"https://github.com/cri-o/cri-o/issues"}]}},{text:"**If you find a new issue**, we'd love to hear about it! The most important aspect of a bug report is that it includes enough information for us to reproduce it. So, please:",checkList:["Include as much detail as possible","Try to remove any extra stuff that doesn't really relate to the issue itself"],button:{text:"File a New Issue",links:[{text:"File a new Podman issue",path:"https://github.com/containers/podman/issues/new/choose"},{text:"File a new Podman Desktop issue",path:"https://github.com/containers/podman-desktop/issues/new/choose"},{text:"File a new Buildah issue",path:"https://github.com/containers/buildah/issues/new/choose"},{text:"File a new Skopeo issue",path:"https://github.com/containers/skopeo/issues/new/choose"},{text:"File a new Cri-o issue",path:"https://github.com/cri-o/cri-o/issues"}]}}]},{title:"Submitting Pull Requets",subtitle:"No Pull Request (PR) is too small! Typos, additional comments in the code, new test cases, bug fixes, new features, more documentation, **...it's all welcome!** ",description:['While bug fixes can first be identified via an "issue", that is not required. It\'s ok to just open up a PR with the fix, but make sure you include the same information you would have included in an issue - like how to reproduce it.',"PRs for new features should include some background on what use cases the new code is trying to address. When possible and when it makes sense, try to break-up larger PRs into smaller ones - it's easier to review smaller code changes. But only if those smaller ones make sense as stand-alone PRs. Regardless of the type of PR, all PRs should include:"],checkList:["Well-documented code changes.","Additional testcases. Ideally m they should fail w/o your code change applied.","Documentation changes."],button:{text:"More PR Submission Details",path:"https://github.com/containers/podman/blob/main/CONTRIBUTING.md#submitting-pull-requests"}}],Bi=()=>{const e=Ni.links.map((e=>e));return Z.createElement("ul",{className:"mb-12 flex flex-wrap items-end justify-around gap-8 lg:gap-16"},e.map(((e,t)=>Z.createElement("li",{key:t},Z.createElement(vi,e)))))},Ei=()=>Z.createElement("section",{className:"bg-gray-50 dark:bg-gradient-to-t dark:from-gray-700 dark:via-gray-900 dark:to-gray-900 "},Z.createElement(te.Z,{textGradient:!0,title:Ni.title}),Z.createElement("div",{className:"mx-4 mt-8 flex flex-wrap justify-around gap-4 sm:mx-8 lg:mx-auto lg:mt-16 lg:max-w-6xl"},Z.createElement("div",{className:""},Z.createElement("p",{className:"max-w-sm text-center text-gray-700 md:max-w-md md:text-start lg:max-w-xl"},Ni.subtitle)),Z.createElement(wi,null)),Z.createElement("div",{className:"container pt-12 lg:pt-20"},Z.createElement(Bi,null)),Z.createElement(Ii.Z,null)),Wi=()=>Z.createElement("section",{className:"bg-gradient-to-b from-white via-gray-50 to-gray-100 pb-8 dark:from-gray-900 dark:to-gray-900"},Z.createElement("div",{className:"container flex flex-col"},Z.createElement(te.Z,{title:Di.title,description:Di.subtitle,textGradientStops:"from-purple-500 to-purple-700 dark:text-purple-500",textGradient:!0}),Z.createElement("img",{src:Di.image.path,alt:Di.image.alt,className:"order-first mx-auto object-cover lg:max-w-lg"}),Z.createElement(yi,{cards:Di.cards}))),ji=()=>Z.createElement("section",null,Z.createElement("div",{className:"container grid gap-4 lg:grid-cols-2"},Z.createElement(te.Z,{title:Pi.title,description:Pi.subtitle,layout:"col-span-full",textColor:"dark:text-blue-700"}),Z.createElement("section",{className:"container mb-8"},Z.createElement("h3",{className:"mb-2 font-medium text-purple-700 dark:text-purple-500"},Pi.browseInfo.title),Z.createElement("p",{className:"max-w-prose text-gray-500"},Pi.browseInfo.subtitle)),Z.createElement("section",{className:"container mb-8"},Z.createElement("h3",{className:"mb-2 font-medium text-purple-700 dark:text-purple-500"},Pi.subscribeInfo.title),Z.createElement($.Z,{text:Pi.subscribeInfo.subtitle,styles:"max-w-prose "}),Z.createElement("div",{className:"flex flex-wrap gap-6"},Pi.subscribeInfo.options.map(((e,t)=>Z.createElement(ki,(0,Q.Z)({},e,{key:t}))))),Z.createElement("div",{className:"my-4 max-w-prose"},Z.createElement($.Z,{text:Pi.subscribeInfo.description}))),Z.createElement("section",{className:"mb-8 lg:col-start-2 lg:row-span-2 lg:row-start-2"},Z.createElement("div",null,Z.createElement("img",{src:Pi.extraInfo.image.path,alt:Pi.extraInfo.image.alt,className:"w-full object-cover"})),Z.createElement("div",{className:"ml-8 xl:ml-10"},Z.createElement(fi,{title:Pi.extraInfo.note.title,text:Pi.extraInfo.note.text}))))),Li=()=>Z.createElement("section",{className:"max-w-lg rounded-md bg-white px-10 pt-10 shadow-lg dark:bg-gray-900"},Z.createElement("header",{className:"mb-10"},Z.createElement("h3",{className:"mb-4 text-center text-blue-700 dark:text-blue-500"},xi[1].title),Z.createElement("div",{className:"bg-blue-100/25 px-3 py-2"},Z.createElement("p",{className:"flex items-center gap-2 rounded-md"},Z.createElement(X.JO,{icon:"fa-solid:exclamation-circle",className:"text-purple-700"}),Z.createElement("span",null,xi[1].subtitle)))),Z.createElement("div",null,xi[1].sections.map(((e,t)=>{return Z.createElement("div",{key:t,className:"mb-12"},Z.createElement($.Z,{text:e.text}),Z.createElement("ul",{className:"mb-8 ml-5 mt-4 list-disc"},e.checkList.map(((e,t)=>Z.createElement("li",{key:t},e)))),Z.createElement(Mi.Z,{text:e.button.text,option:(n=e.button.links,Z.createElement("div",{className:"rounded-md p-4 shadow-md"},Z.createElement("ul",null,n.map(((e,t)=>Z.createElement("li",{className:"my-2 rounded-md px-2 transition duration-150 ease-linear hover:bg-purple-700 hover:text-white"},Z.createElement("a",{href:e.path,className:" w-full hover:text-white hover:no-underline"},e.text)))))))}));var n})))),Hi=()=>Z.createElement("section",{className:"max-w-lg rounded-md bg-white p-10 shadow-lg dark:bg-gray-900"},Z.createElement("header",{className:"mx-auto mb-10"},Z.createElement("h3",{className:"mb-3 text-center text-blue-700 dark:text-blue-500"},xi[2].title),Z.createElement($.Z,{text:xi[2].subtitle})),Z.createElement("div",null,xi[2].description.map(((e,t)=>Z.createElement("p",{key:t,className:"my-3"},e))),Z.createElement("ul",{className:"my-4 ml-5 list-disc"},xi[2].checkList.map(((e,t)=>Z.createElement("li",{key:t},e)))),Z.createElement(oe.Z,{as:"link",outline:!0,text:xi[2].button.text}))),Ri=()=>Z.createElement("section",{className:"bg-gradient-to-b from-gray-50 to-gray-100 dark:from-gray-900 dark:via-blue-900 dark:to-purple-900"},Z.createElement(te.Z,{title:xi[0].title,description:xi[0].subtitle,textGradientStops:"from-purple-500 to-purple-700 dark:text-blue-700",textGradient:!0}),Z.createElement("div",{className:"mx-auto mb-20 mt-16 flex flex-wrap justify-center gap-20 px-8 lg:container"},Z.createElement(Li,null),Z.createElement(Hi,null)));const Oi=function(){return Z.createElement(_.Z,null,Z.createElement(ee.Z,{title:Ti,description:Si}),Z.createElement(bi.Z,{description:Ci.text,icon:Ci.icon,styles:"bg-purple-500 dark:bg-purple-700 text-white"}),Z.createElement(Ei,null),Z.createElement(Wi,null),Z.createElement(ji,null),Z.createElement(Ri,null),Z.createElement(ae,null))}},86547:(e,t,n)=>{n.d(t,{_o:()=>o,kq:()=>a,wz:()=>s,yw:()=>i});const a="4.7.1",o="1.4.0",i="https://podman-desktop.io/blog/podman-desktop-release-1.4",s="https://meet.google.com/xrq-uemd-bzy"},31976:(e,t,n)=>{n.d(t,{Z:()=>a});const a=n.p+"assets/files/Podman_and_MinIO_RH_Webniar-c67aa1a014e2cc8f0cafbed016d26a56.pdf"},18064:(e,t,n)=>{n.d(t,{Z:()=>a});const a=n.p+"assets/files/Podman_in_the_Edge-15a870660e3632b751765efbc3f5ff3b.pdf"},87903:(e,t,n)=>{n.d(t,{Z:()=>a});const a=n.p+"assets/files/Time_To_Merge_Tool-9a9d827b0b8a73df826d96926f35b850.pdf"},1382:(e,t,n)=>{n.d(t,{Z:()=>a});const a=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/57b59cd4.d14a8c69.js b/assets/js/57b59cd4.d14a8c69.js new file mode 100644 index 000000000..23151f57f --- /dev/null +++ b/assets/js/57b59cd4.d14a8c69.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[86849],{3905:(e,t,n)=>{n.d(t,{Zo:()=>d,kt:()=>p});var a=n(67294);function o(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function i(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function s(e){for(var t=1;t=0||(o[n]=e[n]);return o}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(o[n]=e[n])}return o}var l=a.createContext({}),h=function(e){var t=a.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):s(s({},t),e)),n},d=function(e){var t=h(e.components);return a.createElement(l.Provider,{value:t},e.children)},u="mdxType",m={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},c=a.forwardRef((function(e,t){var n=e.components,o=e.mdxType,i=e.originalType,l=e.parentName,d=r(e,["components","mdxType","originalType","parentName"]),u=h(n),c=o,p=u["".concat(l,".").concat(c)]||u[c]||m[c]||i;return n?a.createElement(p,s(s({ref:t},d),{},{components:n})):a.createElement(p,s({ref:t},d))}));function p(e,t){var n=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var i=n.length,s=new Array(i);s[0]=c;var r={};for(var l in t)hasOwnProperty.call(t,l)&&(r[l]=t[l]);r.originalType=e,r[u]="string"==typeof e?e:o,s[1]=r;for(var h=2;h{n.d(t,{Z:()=>i});var a=n(67294),o=n(72389);function i(e){let{children:t,fallback:n}=e;return(0,o.Z)()?a.createElement(a.Fragment,null,t?.()):n??null}},51372:(e,t,n)=>{n.d(t,{Z:()=>s});var a=n(67294),o=n(1954);const i={title:"Basic Resources",buttons:[{text:"Installation Instructions",path:"docs/installation",icon:"fa6-solid:book"},{text:"Documentation",path:"https://docs.podman.io/en/latest/",icon:"fa6-solid:book"},{text:"Podman Troubleshooting Guide",path:"https://github.com/containers/podman/blob/main/troubleshooting.md",icon:"fa6-solid:book"}]},s=()=>a.createElement("div",{className:"mt-4 lg:my-0"},a.createElement("header",{className:"container mb-6 text-center xl:mb-8 xl:text-start"},a.createElement("h3",{className:"font-medium text-blue-700 dark:text-blue-500"},i.title)),a.createElement("div",null,a.createElement("ul",{className:"mb-10 mt-4 flex flex-col gap-6 lg:mb-16 lg:mt-8 lg:gap-4 xl:flex-col"},i.buttons.map(((e,t)=>a.createElement("li",{key:t},a.createElement("a",{href:e.path,className:"no-underline hover:no-underline leading-none mx-auto flex h-32 max-w-lg flex-col items-center justify-center gap-4 rounded-md bg-gray-100 p-4 text-center text-purple-700 underline-offset-4 transition duration-150 ease-linear hover:bg-purple-700 hover:text-purple-50 hover:shadow-md dark:bg-gray-700 dark:hover:bg-purple-900 dark:hover:text-white lg:h-auto lg:flex-row xl:justify-start"},a.createElement("span",{className:"text-left"},e.text),a.createElement(o.JO,{icon:e.icon,className:"order-first hidden lg:block"}))))))))},1320:(e,t,n)=>{n.d(t,{Z:()=>m});var a=n(67294),o=n(1954),i=n(92074),s=n(38201),r=n(51372);const l=e=>{let{grid:t,display:n,layout:o,title:i,description:r}=e;return a.createElement("div",{className:`${t} ${n} ${o}`},a.createElement("h1",{className:"mb-6 max-w-sm text-purple-700 dark:text-purple-500 lg:max-w-lg "},i),a.createElement(s.Z,{text:r,styles:"leading-relaxed"}))},h=e=>{let{grid:t,display:n,layout:o,image:i={path:"images/raw/podman-2-196w-172h.png",alt:"Podman Logo"}}=e;return a.createElement("div",null,a.createElement("img",{src:i.path,alt:i.alt,className:`${t} ${n} ${o}`}))};function d(e){let{image:t,basicResources:n}=e;return n?a.createElement(r.Z,null):a.createElement(h,{image:t,layout:"mb-8 lg:mb-0"})}function u(e){let{instructions:t}=e;return t?a.createElement("div",null,a.createElement("h3",{className:"text-gray-700 mb-4"},t.title),a.createElement("p",null,t.subtitle),a.createElement("ul",{className:"mb-10 mt-4 flex flex-col gap-6 sm:flex-row lg:mb-16 lg:gap-4 xl:flex-col"},a.createElement("li",null,a.createElement("a",{href:t.button.path,className:"no-underline hover:no-underline flex h-32 max-w-lg flex-col items-center justify-center gap-4 rounded-md bg-gray-100 p-4 text-center text-purple-700 underline-offset-4 transition duration-150 ease-linear hover:bg-purple-700 hover:text-purple-50 hover:shadow-md dark:bg-gray-700 dark:hover:bg-purple-900 dark:hover:text-white lg:h-auto lg:flex-row xl:justify-start"},a.createElement("span",null,t.button.text),a.createElement(o.JO,{icon:t.button.icon,className:"order-first hidden lg:block"}))))):null}const m=function(e){let{title:t,description:n,image:o,lightColor:s="white",darkColor:r="gray-900",basicResources:h,instructions:m}=e;return a.createElement("header",{className:`bg-${s} dark:bg-${r}`},a.createElement("div",{className:"bg-gradient-to-r from-blue-500 to-purple-700 dark:from-blue-700 dark:to-purple-900 lg:pt-8"},a.createElement(i.Z,null)),a.createElement("div",{className:"container flex flex-col md:flex-row justify-around"},a.createElement("div",null,a.createElement(l,{title:t,description:n,layout:"mt-12 lg:mt-0 mb-8"}),a.createElement(u,{instructions:m})),a.createElement("div",{className:"w-[50%] ml-24"},a.createElement(d,{basicResources:h}))))}},53198:(e,t,n)=>{n.d(t,{Z:()=>i});var a=n(67294),o=n(38201);const i=function(e){let{title:t,description:n,textGradientStops:i="from-blue-700 via-blue-700 to-blue-900 dark:from-blue-500 dark:to-blue-700",textGradient:s=!1,textColor:r="text-gray-900",fontWeight:l,layout:h,bgColor:d}=e;const u=s?`bg-gradient-radial bg-clip-text text-transparent dark:bg-gradient-radial dark:text-transparent ${i}`:`${r}`;return a.createElement("header",{className:`${d} ${h}`},a.createElement("div",{className:"container mx-auto mb-4 mt-12 text-center lg:mt-16"},a.createElement("h2",{className:`${u} ${l}`},t),a.createElement(o.Z,{text:n,styles:"mx-auto my-4 max-w-4xl leading-relaxed text-gray-700 dark:text-gray-100"})))}},92074:(e,t,n)=>{n.d(t,{Z:()=>o});var a=n(67294);const o=function(e){let{light:t="fill-white",dark:n="dark:fill-gray-900",width:o="100",height:i="130",grid:s,layout:r}=e;return a.createElement("svg",{xmlns:"http://www.w3.org/2000/svg",className:`${s} ${r}`,width:`${o}%`,viewBox:`-8620 -1968 1400 ${i}`},a.createElement("path",{className:`${t} ${n}`,d:"M-8629-1935v-10.614s78.25-20.752 155.47-20.752c131.788 0 169.95 23.309 233.125 23.309 108.108 0 138.56-21.268 208.573-21.268s108.701 25.151 233.283 25.151c124.581 0 120.881-43.085 251.082-22.031 112.227 18.148 187.023 22.031 264.45 7.825 76.957-14.12 79.117 14.113 79.014 18.38l.003 258h-1425v-258Z"}))}},37528:(e,t,n)=>{n.d(t,{Z:()=>s});var a=n(67294),o=n(1954),i=n(38201);const s=function(e){let{title:t,description:n,image:s,styles:r,icon:l,bgColor:h="from-blue-700 via-blue-700 to-blue-900 dark:from-blue-500 dark:to-blue-700",titleColor:d="text-purple-700 dark:text-purple-500",marginHeight:u="mt-8 lg:mt-16"}=e;return a.createElement("section",{className:`${r} ${h} ${u} mx-auto w-full`},a.createElement("div",{className:"mx-auto flex max-w-3xl flex-wrap items-center justify-center gap-4 py-4 md:py-8 lg:gap-8 xl:max-w-fit"},a.createElement("div",null,l?a.createElement(o.JO,{icon:l,className:"text-4xl text-white dark:text-gray-50"}):s?a.createElement("img",{src:s.src,alt:s.alt}):a.createElement("p",null,"No image or icon")),t?a.createElement("div",{className:"mx-auto text-center md:text-start lg:pl-4"},a.createElement("h3",{className:`mx-auto mb-4 text-3xl font-bold ${d}`},t),a.createElement(i.Z,{text:n,styles:"mx-auto max-w-4xl leading-relaxed text-gray-700"})):a.createElement(i.Z,{text:n,styles:"mx-auto leading-relaxed"})))}},14307:(e,t,n)=>{n.d(t,{Z:()=>i});var a=n(67294),o=n(1954);const i=function(e){let{as:t="link",outline:n,colors:i,icon:s,text:r,method:l,path:h}=e;const d="text-xl h-fit my-2 block max-w-fit cursor-pointer rounded-md px-6 py-2 font-semibold transition duration-150 ease-in-out hover:no-underline hover:shadow-md whitespace-nowrap",u=n?` no-underline outline dark:bg-white dark:text-purple-700 text-purple-700 dark:text-purple-900 dark:hover:bg-purple-900 dark:hover:text-white ${i}`:`bg-purple-700 dark:bg-purple-900 text-white dark:text-white hover:bg-purple-900 no-underline hover:no-underline dark:hover:text-gray-50 dark:hover:bg-purple-700 hover:text-white ${i}`;return"button"===t?a.createElement("button",{onClick:l,className:`${d} ${u}`},s?a.createElement("span",{className:"flex items-center gap-2"},r," ",a.createElement(o.JO,{icon:s})):a.createElement("span",null,r)):a.createElement("a",{href:h,className:`${d} ${u}`},s?a.createElement("span",{className:"flex items-center gap-2"},r," ",a.createElement(o.JO,{icon:s})):a.createElement("span",null,r))}},4544:(e,t,n)=>{n.d(t,{Z:()=>i});var a=n(67294),o=n(1954);const i=function(e){const t=(0,a.useRef)(),[n,i]=(0,a.useState)(!1);var s,r;return s=t,r=()=>i(!1),(0,a.useEffect)((()=>{const e=e=>{s.current&&!s.current.contains(e.target)&&r(e)};return document.addEventListener("mousedown",e),document.addEventListener("touchstart",e),()=>{document.removeEventListener("mousedown",e),document.removeEventListener("touchstart",e)}}),[s,r]),a.createElement("div",{ref:t},a.createElement("button",{"data-dropdown-toggle":"dropdown",onClick:()=>i((e=>!e)),className:"my-2 flex items-center gap-2 rounded-md bg-white px-4 py-2 font-bold text-purple-700 transition duration-150 ease-linear hover:bg-purple-700 hover:text-white focus:shadow-md dark:text-purple-900 dark:hover:text-white"},a.createElement("span",null,e.text),a.createElement(o.JO,{icon:"ion:caret-down-outline"})),n&&a.createElement("div",{className:"absolute mt-2 max-w-fit rounded-md bg-white shadow-md dark:bg-gray-900"},e.option))}},38201:(e,t,n)=>{n.d(t,{Z:()=>s});var a=n(67294),o=n(91262);const i=(0,a.lazy)((()=>n.e(51195).then(n.bind(n,51195))));const s=function(e){let{text:t,styles:n}=e;return a.createElement(o.Z,null,(()=>a.createElement(a.Suspense,{fallback:a.createElement("p",null,"text loading...")},a.createElement(i,{children:t,className:n}))))}},81426:(e,t,n)=>{n.r(t),n.d(t,{default:()=>Oi});var a={};n.r(a),n.d(a,{contentTitle:()=>ge,default:()=>fe,frontMatter:()=>pe,toc:()=>ye});var o={};n.r(o),n.d(o,{contentTitle:()=>ve,default:()=>Te,frontMatter:()=>be,toc:()=>Me});var i={};n.r(i),n.d(i,{contentTitle:()=>Ce,default:()=>xe,frontMatter:()=>Se,toc:()=>Ne});var s={};n.r(s),n.d(s,{contentTitle:()=>Ee,default:()=>He,frontMatter:()=>Be,toc:()=>We});var r={};n.r(r),n.d(r,{contentTitle:()=>Oe,default:()=>Ye,frontMatter:()=>Re,toc:()=>Je});var l={};n.r(l),n.d(l,{contentTitle:()=>qe,default:()=>Qe,frontMatter:()=>Ue,toc:()=>ze});var h={};n.r(h),n.d(h,{contentTitle:()=>_e,default:()=>tt,frontMatter:()=>Ze,toc:()=>Xe});var d={};n.r(d),n.d(d,{contentTitle:()=>at,default:()=>rt,frontMatter:()=>nt,toc:()=>ot});var u={};n.r(u),n.d(u,{contentTitle:()=>ht,default:()=>ct,frontMatter:()=>lt,toc:()=>dt});var m={};n.r(m),n.d(m,{contentTitle:()=>gt,default:()=>ft,frontMatter:()=>pt,toc:()=>yt});var c={};n.r(c),n.d(c,{contentTitle:()=>vt,default:()=>Tt,frontMatter:()=>bt,toc:()=>Mt});var p={};n.r(p),n.d(p,{contentTitle:()=>Ct,default:()=>xt,frontMatter:()=>St,toc:()=>Nt});var g={};n.r(g),n.d(g,{contentTitle:()=>Et,default:()=>Ht,frontMatter:()=>Bt,toc:()=>Wt});var y={};n.r(y),n.d(y,{contentTitle:()=>Ot,default:()=>Yt,frontMatter:()=>Rt,toc:()=>Jt});var k={};n.r(k),n.d(k,{contentTitle:()=>qt,default:()=>Qt,frontMatter:()=>Ut,toc:()=>zt});var w={};n.r(w),n.d(w,{contentTitle:()=>_t,default:()=>tn,frontMatter:()=>Zt,toc:()=>Xt});var f={};n.r(f),n.d(f,{contentTitle:()=>an,default:()=>ln,frontMatter:()=>nn,toc:()=>on});var b={};n.r(b),n.d(b,{contentTitle:()=>dn,default:()=>pn,frontMatter:()=>hn,toc:()=>un});var v={};n.r(v),n.d(v,{contentTitle:()=>yn,default:()=>bn,frontMatter:()=>gn,toc:()=>kn});var M={};n.r(M),n.d(M,{contentTitle:()=>Mn,default:()=>Sn,frontMatter:()=>vn,toc:()=>In});var I={};n.r(I),n.d(I,{contentTitle:()=>Nn,default:()=>Bn,frontMatter:()=>Cn,toc:()=>Dn});var A={};n.r(A),n.d(A,{contentTitle:()=>Wn,default:()=>Rn,frontMatter:()=>En,toc:()=>jn});var T={};n.r(T),n.d(T,{contentTitle:()=>Jn,default:()=>Un,frontMatter:()=>On,toc:()=>Fn});var S={};n.r(S),n.d(S,{contentTitle:()=>zn,default:()=>Zn,frontMatter:()=>qn,toc:()=>Vn});var C={};n.r(C),n.d(C,{contentTitle:()=>Xn,default:()=>na,frontMatter:()=>_n,toc:()=>$n});var N={};n.r(N),n.d(N,{contentTitle:()=>oa,default:()=>la,frontMatter:()=>aa,toc:()=>ia});var D={};n.r(D),n.d(D,{contentTitle:()=>da,default:()=>pa,frontMatter:()=>ha,toc:()=>ua});var P={};n.r(P),n.d(P,{contentTitle:()=>ya,default:()=>ba,frontMatter:()=>ga,toc:()=>ka});var x={};n.r(x),n.d(x,{contentTitle:()=>Ma,default:()=>Sa,frontMatter:()=>va,toc:()=>Ia});var B={};n.r(B),n.d(B,{contentTitle:()=>Na,default:()=>Ba,frontMatter:()=>Ca,toc:()=>Da});var E={};n.r(E),n.d(E,{contentTitle:()=>Wa,default:()=>Ra,frontMatter:()=>Ea,toc:()=>ja});var W={};n.r(W),n.d(W,{contentTitle:()=>Ja,default:()=>Ua,frontMatter:()=>Oa,toc:()=>Fa});var j={};n.r(j),n.d(j,{contentTitle:()=>za,default:()=>Za,frontMatter:()=>qa,toc:()=>Va});var L={};n.r(L),n.d(L,{contentTitle:()=>Xa,default:()=>no,frontMatter:()=>_a,toc:()=>$a});var H={};n.r(H),n.d(H,{contentTitle:()=>oo,default:()=>lo,frontMatter:()=>ao,toc:()=>io});var R={};n.r(R),n.d(R,{contentTitle:()=>uo,default:()=>go,frontMatter:()=>ho,toc:()=>mo});var O={};n.r(O),n.d(O,{contentTitle:()=>ko,default:()=>vo,frontMatter:()=>yo,toc:()=>wo});var J={};n.r(J),n.d(J,{contentTitle:()=>Io,default:()=>Co,frontMatter:()=>Mo,toc:()=>Ao});var F={};n.r(F),n.d(F,{contentTitle:()=>Do,default:()=>Eo,frontMatter:()=>No,toc:()=>Po});var G={};n.r(G),n.d(G,{contentTitle:()=>jo,default:()=>Oo,frontMatter:()=>Wo,toc:()=>Lo});var Y={};n.r(Y),n.d(Y,{contentTitle:()=>Fo,default:()=>qo,frontMatter:()=>Jo,toc:()=>Go});var U={};n.r(U),n.d(U,{contentTitle:()=>Vo,default:()=>_o,frontMatter:()=>zo,toc:()=>Ko});var q={};n.r(q),n.d(q,{contentTitle:()=>$o,default:()=>ai,frontMatter:()=>Xo,toc:()=>ei});var z={};n.r(z),n.d(z,{contentTitle:()=>ii,default:()=>hi,frontMatter:()=>oi,toc:()=>si});var V={};n.r(V),n.d(V,{contentTitle:()=>ui,default:()=>gi,frontMatter:()=>di,toc:()=>mi});var K={};n.r(K),n.d(K,{F20201006:()=>a,F20201103:()=>u,F20201201:()=>f,F20210202:()=>C,F20210302:()=>j,F20210406:()=>o,F20210504:()=>m,F20210601:()=>b,F20210715:()=>N,F20210803:()=>L,F20210819:()=>i,F20210907:()=>c,F20210916:()=>v,F20211005:()=>D,F20211021:()=>H,F20211102:()=>s,F20211118:()=>p,F20211207:()=>M,F20211216:()=>P,F20220120:()=>R,F20220201:()=>r,F20220217:()=>g,F20220317:()=>I,F20220405:()=>x,F20220421:()=>O,F20220519:()=>l,F20220607:()=>y,F20220721:()=>A,F20220802:()=>B,F20220915:()=>J,F20221004:()=>h,F20221117:()=>k,F20221206:()=>T,F20230119:()=>E,F20230207:()=>F,F20230216:()=>d,F20230316:()=>w,F20230404:()=>S,F20230420:()=>W,F20230518:()=>G,F20230606:()=>Y,F20230615:()=>U,F20230720:()=>q,F20230921:()=>z,F20231003:()=>V});var Q=n(87462),Z=n(67294),_=n(7961),X=n(1954),$=n(38201),ee=n(1320),te=n(53198);const ne=[{label:"Red Hat",href:"https://www.redhat.com/",src:"logos/raw/red-hat-120w-77h.png",alt:"Red Hat Logo"},{label:"Amadeus",href:"https://www.amadeus.com/",src:"logos/raw/amadeus-171w-22h.png",alt:"Amadeus Logo"},{label:"Suse",href:"https://www.suse.com",src:"logos/raw/suse-167w-30h.png",alt:"Suse Logo"},{label:"Motorola",href:"https://www.motorolasolutions.com/",src:"logos/raw/motorola-solutions-128w-110h.png",alt:"Motorola Solutions Logo"},{label:"NTT",href:"https://www.global.ntt",src:"logos/raw/ntt-145w-50h.png",alt:"NTT Logo"},{label:"IBM",href:"https://www.ibm.com",src:"logos/raw/ibm-92w-37h.png",alt:"IBM Logo"},{label:"Debian",href:"https://www.debian.org/",src:"logos/raw/debian-68w-90h.png",alt:"Debian Logo"}];const ae=function(){const[e,t,n,a,o,i,s]=ne;return Z.createElement("section",{className:"my-8 lg:my-12"},Z.createElement("header",{className:"container my-4 text-center lg:my-8"},Z.createElement("h2",{className:"mb-3 text-blue-700 dark:text-purple-500"},"Special thanks to our contributors"),Z.createElement("p",{className:"text-gray-900"},"The Podman community has contributors from many different organizations, including:")),Z.createElement("div",{className:"relative mx-auto my-8 flex items-center"},Z.createElement("button",{onClick:()=>{const e=document.getElementById("slider");e.scrollLeft=e.scrollLeft-500},className:"lg:hidden"},Z.createElement(X.JO,{icon:"fa-solid:arrow-circle-left",className:"text-4xl text-gray-500 opacity-25 transition duration-150 ease-linear hover:text-purple-900 hover:opacity-100 dark:hover:text-purple-700"})),Z.createElement("div",{id:"slider",className:"justify-center mx-auto h-full w-full place-items-center gap-6 overflow-x-scroll scroll-smooth whitespace-nowrap scrollbar scrollbar-track-purple-500 lg:container lg:grid"},Z.createElement("a",{href:e.href,target:"_blank",className:"mx-4 mb-4 inline-block rounded-md p-4 dark:bg-gray-100 lg:row-span-2 lg:row-start-1 lg:mb-0"},Z.createElement("img",(0,Q.Z)({},e,{className:"mx-auto p-4"}))),Z.createElement("a",{href:t.href,target:"_blank",className:"mx-4 mb-4 inline-block rounded-md p-4 dark:bg-gray-100 lg:mb-0 lg:flex lg:h-28 lg:w-80 lg:items-center"},Z.createElement("img",(0,Q.Z)({},t,{className:"object-fit mx-auto max-w-sm p-4 "}))),Z.createElement("a",{href:n.href,target:"_blank",className:"mx-4 mb-4 inline-block rounded-md p-4 dark:bg-gray-100 lg:mb-0 lg:flex lg:h-28 lg:w-80 lg:items-center"},Z.createElement("img",(0,Q.Z)({},n,{className:"object-fit mx-auto max-w-sm p-4 "}))),Z.createElement("a",{href:a.href,target:"_blank",className:"mx-4 mb-4 inline-block rounded-md p-4 dark:bg-gray-100 lg:row-span-2 lg:row-start-1 lg:mb-0"},Z.createElement("img",(0,Q.Z)({},a,{className:"mx-auto p-4"}))),Z.createElement("a",{href:o.href,target:"_blank",className:"mx-4 mb-4 inline-block rounded-md p-4 dark:bg-gray-100 lg:mb-0 lg:flex lg:h-28 lg:w-80 lg:items-center"},Z.createElement("img",(0,Q.Z)({},o,{className:"object-fit mx-auto max-w-sm p-4 "}))),Z.createElement("a",{href:i.href,target:"_blank",className:"col-span-3 mx-4 mb-4 inline-block rounded-md p-4 dark:bg-gray-100 lg:mb-0 lg:flex lg:h-28 lg:w-80 lg:items-center"},Z.createElement("img",(0,Q.Z)({},i,{className:"object-fit mx-auto max-w-sm p-4 "}))),Z.createElement("a",{href:s.href,target:"_blank",className:"mx-4 mb-4 inline-block rounded-md p-4 dark:bg-gray-100 lg:row-span-2 lg:row-start-1 lg:mb-0"},Z.createElement("img",(0,Q.Z)({},s,{className:"mx-auto p-4"})))),Z.createElement("button",{onClick:()=>{const e=document.getElementById("slider");e.scrollLeft=e.scrollLeft+500},className:"lg:hidden"},Z.createElement(X.JO,{icon:"fa-solid:arrow-circle-right",className:"dark:hover-text-purple-700 text-4xl text-gray-500 opacity-25 transition duration-150 ease-linear hover:text-purple-900 hover:opacity-100"}))))};var oe=n(14307);const ie=function(){return Z.createElement("svg",{width:"74.667",xmlns:"http://www.w3.org/2000/svg",className:"film-icon",height:"56",id:"screenshot-f22025ed-2924-807f-8002-a2aff9654955",viewBox:"0 0 74.667 56",fill:"none",version:"1.1"},Z.createElement("g",{id:"shape-f22025ed-2924-807f-8002-a2aff9654955",rx:"0",ry:"0"},Z.createElement("g",{id:"shape-f22025ed-2924-807f-8002-a2af748c75a7",className:"svg-inline--fa fa-film fa-w-16",rx:"0",ry:"0",fill:"url(#fill-0-rumext-id-2)"},Z.createElement("defs",null,Z.createElement("radialGradient",{id:"fill-color-gradient_rumext-id-2_0",cx:"0.5",cy:"0.5",r:"0.5",gradientTransform:"matrix(-1.000000, 0.000000, -0.000000, -1.000000, 1.000000, 1.000000)"},Z.createElement("stop",{offset:"0",stopColor:"#68c6f7",stopOpacity:"1"}),Z.createElement("stop",{offset:"1",stopColor:"#3799cc",stopOpacity:"1"})),Z.createElement("pattern",{patternUnits:"userSpaceOnUse",x:"0.0000022199039904080564",y:"0.0000025210333660652395",height:"56.00000799999998",width:"74.66667200000188","data-loading":"false",id:"fill-0-rumext-id-2"},Z.createElement("g",null,Z.createElement("rect",{width:"74.66667200000188",height:"56.00000799999998",fill:"url(#fill-color-gradient_rumext-id-2_0)"})))),Z.createElement("g",{id:"shape-f22025ed-2924-807f-8002-a2af748c75a8"},Z.createElement("defs",null,Z.createElement("radialGradient",{id:"fill-color-gradient_rumext-id-3_0",cx:"0.5",cy:"0.5",r:"0.5",gradientTransform:"matrix(-1.000000, 0.000000, -0.000000, -1.000000, 1.000000, 1.000000)"},Z.createElement("stop",{offset:"0",stopColor:"#68c6f7",stopOpacity:"1"}),Z.createElement("stop",{offset:"1",stopColor:"#3799cc",stopOpacity:"1"})),Z.createElement("pattern",{patternUnits:"userSpaceOnUse",x:"-0.10779549147923717",y:"0.000006515896984637948",height:"56.000000000000455",width:"75.00000000000205","data-loading":"false",patternTransform:"matrix(1.000000, 0.000000, 0.000000, 1.000000, 0.000000, -0.000000)",id:"fill-0-rumext-id-3"},Z.createElement("g",null,Z.createElement("rect",{width:"75.00000000000205",height:"56.000000000000455",fill:"url(#fill-color-gradient_rumext-id-3_0)"})))),Z.createElement("g",{className:"fills",id:"fills-f22025ed-2924-807f-8002-a2af748c75a8"},Z.createElement("path",{fill:"url(#fill-0-rumext-id-3)",rx:"0",ry:"0",d:"M71.167,0.000L70.000,0.000L70.000,2.917C70.000,3.879,69.213,4.667,68.250,4.667L62.417,4.667C61.454,4.667,60.667,3.879,60.667,2.917L60.667,0.000L14.000,0.000L14.000,2.917C14.000,3.879,13.213,4.667,12.250,4.667L6.417,4.667C5.454,4.667,4.667,3.879,4.667,2.917L4.667,0.000L3.500,0.000C1.560,0.000,0.000,1.560,0.000,3.500L0.000,52.500C0.000,54.440,1.560,56.000,3.500,56.000L4.667,56.000L4.667,53.083C4.667,52.121,5.454,51.333,6.417,51.333L12.250,51.333C13.213,51.333,14.000,52.121,14.000,53.083L14.000,56.000L60.667,56.000L60.667,53.083C60.667,52.121,61.454,51.333,62.417,51.333L68.250,51.333C69.213,51.333,70.000,52.121,70.000,53.083L70.000,56.000L71.167,56.000C73.106,56.000,74.667,54.440,74.667,52.500L74.667,3.500C74.667,1.560,73.106,0.000,71.167,0.000ZZM14.000,44.917C14.000,45.879,13.213,46.667,12.250,46.667L6.417,46.667C5.454,46.667,4.667,45.879,4.667,44.917L4.667,39.083C4.667,38.121,5.454,37.333,6.417,37.333L12.250,37.333C13.213,37.333,14.000,38.121,14.000,39.083L14.000,44.917ZZM14.000,30.917C14.000,31.879,13.213,32.667,12.250,32.667L6.417,32.667C5.454,32.667,4.667,31.879,4.667,30.917L4.667,25.083C4.667,24.121,5.454,23.333,6.417,23.333L12.250,23.333C13.213,23.333,14.000,24.121,14.000,25.083L14.000,30.917ZZM14.000,16.917C14.000,17.879,13.213,18.667,12.250,18.667L6.417,18.667C5.454,18.667,4.667,17.879,4.667,16.917L4.667,11.083C4.667,10.121,5.454,9.333,6.417,9.333L12.250,9.333C13.213,9.333,14.000,10.121,14.000,11.083L14.000,16.917ZZM53.667,47.250C53.667,48.213,52.879,49.000,51.917,49.000L22.750,49.000C21.788,49.000,21.000,48.213,21.000,47.250L21.000,33.250C21.000,32.288,21.788,31.500,22.750,31.500L51.917,31.500C52.879,31.500,53.667,32.288,53.667,33.250L53.667,47.250ZZM53.667,22.750C53.667,23.713,52.879,24.500,51.917,24.500L22.750,24.500C21.788,24.500,21.000,23.713,21.000,22.750L21.000,8.750C21.000,7.788,21.788,7.000,22.750,7.000L51.917,7.000C52.879,7.000,53.667,7.788,53.667,8.750L53.667,22.750ZZM70.000,44.917C70.000,45.879,69.213,46.667,68.250,46.667L62.417,46.667C61.454,46.667,60.667,45.879,60.667,44.917L60.667,39.083C60.667,38.121,61.454,37.333,62.417,37.333L68.250,37.333C69.213,37.333,70.000,38.121,70.000,39.083L70.000,44.917ZZM70.000,30.917C70.000,31.879,69.213,32.667,68.250,32.667L62.417,32.667C61.454,32.667,60.667,31.879,60.667,30.917L60.667,25.083C60.667,24.121,61.454,23.333,62.417,23.333L68.250,23.333C69.213,23.333,70.000,24.121,70.000,25.083L70.000,30.917ZZM70.000,16.917C70.000,17.879,69.213,18.667,68.250,18.667L62.417,18.667C61.454,18.667,60.667,17.879,60.667,16.917L60.667,11.083C60.667,10.121,61.454,9.333,62.417,9.333L68.250,9.333C69.213,9.333,70.000,10.121,70.000,11.083L70.000,16.917ZZ"})))),Z.createElement("g",{id:"shape-f22025ed-2924-807f-8002-a2af7f162a3b",className:"svg-inline--fa fa-film fa-w-16",rx:"0",ry:"0",fill:"url(#fill-0-rumext-id-4)"},Z.createElement("defs",null,Z.createElement("radialGradient",{id:"fill-color-gradient_rumext-id-4_0",cx:"0.5",cy:"0.5",r:"0.5",gradientTransform:"matrix(-1.000000, 0.000000, -0.000000, -1.000000, 1.000000, 1.000000)"},Z.createElement("stop",{offset:"0",stopColor:"#68c6f7",stopOpacity:"1"}),Z.createElement("stop",{offset:"1",stopColor:"#3799cc",stopOpacity:"1"})),Z.createElement("pattern",{patternUnits:"userSpaceOnUse",x:"0.0000022199039904080564",y:"56.000002521033366",height:"56.00000799999998",width:"74.66667200000188","data-loading":"false",id:"fill-0-rumext-id-4"},Z.createElement("g",null,Z.createElement("rect",{width:"74.66667200000188",height:"56.00000799999998",fill:"url(#fill-color-gradient_rumext-id-4_0)"})))),Z.createElement("g",{id:"shape-f22025ed-2924-807f-8002-a2af7f162a3c"},Z.createElement("defs",null,Z.createElement("radialGradient",{id:"fill-color-gradient_rumext-id-5_0",cx:"0.5",cy:"0.5",r:"0.5",gradientTransform:"matrix(-1.000000, 0.000000, -0.000000, -1.000000, 1.000000, 1.000000)"},Z.createElement("stop",{offset:"0",stopColor:"#68c6f7",stopOpacity:"1"}),Z.createElement("stop",{offset:"1",stopColor:"#3799cc",stopOpacity:"1"})),Z.createElement("pattern",{patternUnits:"userSpaceOnUse",x:"-0.10779549147923717",y:"56.000006515896985",height:"56.000000000000455",width:"75.00000000000205","data-loading":"false",patternTransform:"matrix(1.000000, 0.000000, 0.000000, 1.000000, 0.000000, -0.000000)",id:"fill-0-rumext-id-5"},Z.createElement("g",null,Z.createElement("rect",{width:"75.00000000000205",height:"56.000000000000455",fill:"url(#fill-color-gradient_rumext-id-5_0)"})))),Z.createElement("g",{className:"fills",id:"fills-f22025ed-2924-807f-8002-a2af7f162a3c"},Z.createElement("path",{fill:"url(#fill-0-rumext-id-5)",rx:"0",ry:"0",d:"M71.167,56.000L70.000,56.000L70.000,58.917C70.000,59.879,69.213,60.667,68.250,60.667L62.417,60.667C61.454,60.667,60.667,59.879,60.667,58.917L60.667,56.000L14.000,56.000L14.000,58.917C14.000,59.879,13.213,60.667,12.250,60.667L6.417,60.667C5.454,60.667,4.667,59.879,4.667,58.917L4.667,56.000L3.500,56.000C1.560,56.000,0.000,57.560,0.000,59.500L0.000,108.500C0.000,110.440,1.560,112.000,3.500,112.000L4.667,112.000L4.667,109.083C4.667,108.121,5.454,107.333,6.417,107.333L12.250,107.333C13.213,107.333,14.000,108.121,14.000,109.083L14.000,112.000L60.667,112.000L60.667,109.083C60.667,108.121,61.454,107.333,62.417,107.333L68.250,107.333C69.213,107.333,70.000,108.121,70.000,109.083L70.000,112.000L71.167,112.000C73.106,112.000,74.667,110.440,74.667,108.500L74.667,59.500C74.667,57.560,73.106,56.000,71.167,56.000ZZM14.000,100.917C14.000,101.879,13.213,102.667,12.250,102.667L6.417,102.667C5.454,102.667,4.667,101.879,4.667,100.917L4.667,95.083C4.667,94.121,5.454,93.333,6.417,93.333L12.250,93.333C13.213,93.333,14.000,94.121,14.000,95.083L14.000,100.917ZZM14.000,86.917C14.000,87.879,13.213,88.667,12.250,88.667L6.417,88.667C5.454,88.667,4.667,87.879,4.667,86.917L4.667,81.083C4.667,80.121,5.454,79.333,6.417,79.333L12.250,79.333C13.213,79.333,14.000,80.121,14.000,81.083L14.000,86.917ZZM14.000,72.917C14.000,73.879,13.213,74.667,12.250,74.667L6.417,74.667C5.454,74.667,4.667,73.879,4.667,72.917L4.667,67.083C4.667,66.121,5.454,65.333,6.417,65.333L12.250,65.333C13.213,65.333,14.000,66.121,14.000,67.083L14.000,72.917ZZM53.667,103.250C53.667,104.213,52.879,105.000,51.917,105.000L22.750,105.000C21.788,105.000,21.000,104.213,21.000,103.250L21.000,89.250C21.000,88.288,21.788,87.500,22.750,87.500L51.917,87.500C52.879,87.500,53.667,88.288,53.667,89.250L53.667,103.250ZZM53.667,78.750C53.667,79.713,52.879,80.500,51.917,80.500L22.750,80.500C21.788,80.500,21.000,79.713,21.000,78.750L21.000,64.750C21.000,63.788,21.788,63.000,22.750,63.000L51.917,63.000C52.879,63.000,53.667,63.788,53.667,64.750L53.667,78.750ZZM70.000,100.917C70.000,101.879,69.213,102.667,68.250,102.667L62.417,102.667C61.454,102.667,60.667,101.879,60.667,100.917L60.667,95.083C60.667,94.121,61.454,93.333,62.417,93.333L68.250,93.333C69.213,93.333,70.000,94.121,70.000,95.083L70.000,100.917ZZM70.000,86.917C70.000,87.879,69.213,88.667,68.250,88.667L62.417,88.667C61.454,88.667,60.667,87.879,60.667,86.917L60.667,81.083C60.667,80.121,61.454,79.333,62.417,79.333L68.250,79.333C69.213,79.333,70.000,80.121,70.000,81.083L70.000,86.917ZZM70.000,72.917C70.000,73.879,69.213,74.667,68.250,74.667L62.417,74.667C61.454,74.667,60.667,73.879,60.667,72.917L60.667,67.083C60.667,66.121,61.454,65.333,62.417,65.333L68.250,65.333C69.213,65.333,70.000,66.121,70.000,67.083L70.000,72.917ZZ"}))))))};function se(e){const{title:t,subtitle:n,details:a}=e;return Z.createElement("div",{className:"mx-2 mb-10 mt-4 text-center"},Z.createElement("h3",{className:"mb-3 whitespace-nowrap font-bold text-gray-700 dark:text-gray-50"},t),Z.createElement($.Z,{text:n,styles:"text-gray-700"}),Z.createElement($.Z,{text:a,styles:"text-gray-700"}))}function re(e){const{text:t}=e;return Z.createElement("div",{className:"mx-2 my-6 overflow-y-auto lg:my-8"},Z.createElement("p",{id:"cardBody-parsed",className:"text-gray-700 dark:text-gray-100"},Z.createElement($.Z,{text:t})))}function le(e){const{data:t=[{text:"button text",markDown:Z.createElement(Z.Fragment,null,"No MarkDown to Display!")}],primary:n=!1,method:a=(()=>{console.error("No callback method passed")})}=e;return Z.createElement("div",{className:"align-center mb-4 mt-8 flex flex-row flex-wrap justify-center gap-4 lg:mb-8 2xl:px-10"},n?t.map(((e,t)=>Z.createElement("div",{key:t},0==t?Z.createElement(oe.Z,(0,Q.Z)({as:"link"},e)):Z.createElement(oe.Z,(0,Q.Z)({as:"link",outline:!0},e))))):t.map(((e,t)=>Z.createElement("div",{key:t},0==t?Z.createElement(oe.Z,(0,Q.Z)({as:"link",outline:!0},e)):Z.createElement(oe.Z,(0,Q.Z)({as:"button",method:()=>{a(e)},outline:!0},e))))))}const he=function(e){return Z.createElement("article",{style:e.primary?{maxHeight:"550px",flex:1}:{},className:"flex w-11/12 flex-col rounded-lg bg-gray-50 p-4 shadow-xl dark:bg-gray-700 dark:shadow-none lg:mx-8 lg:my-4"},Z.createElement(se,e),e?.icon?Z.createElement(ie,null):Z.createElement(re,e),Z.createElement(le,e))};const de=function(e){let{cards:t,toggleIsModalOpen:n}=e;return Z.createElement("div",{className:"mb-4 flex lg:mb-6"},t?.map(((e,t)=>{let a=new Date(e.date).getDay();return Z.createElement(he,{key:t,title:e.date,subtitle:(o=a,["Sunday","Monday","Tuesday","Wednesday","Thursday","Friday","Saturday"][o]),details:e.timeZone,text:e.subtitle,data:e.buttons,icon:e.icon,method:t=>{n(t,e.date)}});var o})))};const ue=function(e){const{dropdownRef:t}=e,[n,a]=(0,Z.useState)(!1);var o,i;return o=t,i=()=>a(!1),(0,Z.useEffect)((()=>{const e=e=>{o.current&&!o.current.contains(e.target)&&i(e)};return document.addEventListener("mousedown",e),document.addEventListener("touchstart",e),()=>{document.removeEventListener("mousedown",e),document.removeEventListener("touchstart",e)}}),[o,i]),Z.createElement("div",{ref:t},Z.createElement("div",{"data-dropdown-toggle":"dropdown",onClick:()=>a((e=>!e)),className:"my-2 flex cursor-pointer items-center gap-1 py-2 pl-12 font-bold text-purple-700 dark:text-purple-500"},Z.createElement("div",{className:`transition duration-150 ease-linear ${n&&"rotate-90"}`},Z.createElement(X.JO,{icon:"bi:caret-right-square-fill"})),Z.createElement("span",null,e.text)),Z.createElement("div",{className:"dropdown-options absolute mt-2 flex flex-col overflow-y-auto overflow-x-hidden shadow-md scrollbar-thin scrollbar-track-gray-100 scrollbar-thumb-gray-300 dark:bg-gray-900 md:max-h-full lg:max-h-96"},n&&e?.options.map((e=>e))))};const me=function(e){const{classNames:t}=e;return Z.createElement("svg",{width:"33",xmlns:"http://www.w3.org/2000/svg",height:"33",id:"screenshot-6dbb9699-50de-8051-8002-b160b2203dcd",viewBox:"-0.5 -0.5 33 33",fill:"rgb(177, 178, 181)",version:"1.1",className:t},Z.createElement("g",{id:"shape-6dbb9699-50de-8051-8002-b160b2203dcd",rx:"0",ry:"0"},Z.createElement("g",{id:"shape-6dbb9699-50de-8051-8002-b15f80612846"},Z.createElement("g",{className:"fills",id:"fills-6dbb9699-50de-8051-8002-b15f80612846"},Z.createElement("path",{d:"M5,0 h22 a5,5 0 0 1 5,5 v22 a5,5 0 0 1 -5,5 h-22 a5,5 0 0 1 -5,-5 v-22 a5,5 0 0 1 5,-5 z",x:"0",y:"0",transform:"matrix(1.000000, 0.000000, 0.000000, 1.000000, 0.000000, 0.000000)",width:"32",height:"32"})),Z.createElement("g",{id:"strokes-6dbb9699-50de-8051-8002-b15f80612846",className:"strokes"},Z.createElement("g",{className:"stroke-shape"},Z.createElement("path",{d:"M5,0 h22 a5,5 0 0 1 5,5 v22 a5,5 0 0 1 -5,5 h-22 a5,5 0 0 1 -5,-5 v-22 a5,5 0 0 1 5,-5 z",x:"0",y:"0",transform:"matrix(1.000000, 0.000000, 0.000000, 1.000000, 0.000000, 0.000000)",width:"32",height:"32",opacity:"0.5",fill:"none",strokeWidth:"1",stroke:"rgb(0, 0, 0)",strokeOpacity:"1"})))),Z.createElement("g",{id:"shape-6dbb9699-50de-8051-8002-b16031b36494"},Z.createElement("g",{className:"fills",id:"fills-6dbb9699-50de-8051-8002-b16031b36494"},Z.createElement("path",{rx:"0",ry:"0",d:"M28.500,3.500L3.500,29.500"})),Z.createElement("g",{id:"strokes-6dbb9699-50de-8051-8002-b16031b36494",className:"strokes"},Z.createElement("g",{className:"stroke-shape"},Z.createElement("path",{rx:"0",ry:"0",d:"M28.500,3.500L3.500,29.500",fill:"none",strokeWidth:"2",stroke:"rgb(0, 0, 0)",strokeOpacity:"1"})))),Z.createElement("g",{id:"shape-6dbb9699-50de-8051-8002-b1604c231d3e"},Z.createElement("g",{className:"fills",id:"fills-6dbb9699-50de-8051-8002-b1604c231d3e"},Z.createElement("path",{rx:"0",ry:"0",d:"M28.500,28.500L2.500,3.500"})),Z.createElement("g",{id:"strokes-6dbb9699-50de-8051-8002-b1604c231d3e",className:"strokes"},Z.createElement("g",{className:"stroke-shape"},Z.createElement("path",{rx:"0",ry:"0",d:"M28.500,28.500L2.500,3.500",fill:"none",strokeWidth:"2",stroke:"rgb(0, 0, 0)",strokeOpacity:"1"}))))))};var ce=n(3905);const pe={layout:"default",title:"Podman Community Meeting"},ge=void 0,ye=[{value:"October 6, 2020 11:00 a.m. Eastern",id:"october-6-2020-1100-am-eastern",level:2},{value:"Attendees (34 total)",id:"attendees-34-total",level:3},{value:"Introductions",id:"introductions",level:2},{value:"Upcoming",id:"upcoming",level:2},{value:"Podman v3.0 Planning",id:"podman-v30-planning",level:2},{value:"HPC",id:"hpc",level:2},{value:"Questions?",id:"questions",level:2},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday, November 3, 2020, 11:00 a.m. Eastern",id:"next-meeting-tuesday-november-3-2020-1100-am-eastern",level:2},{value:"BlueJeans Chat raw copy/paste:",id:"bluejeans-chat-raw-copypaste",level:2}],ke={toc:ye},we="wrapper";function fe(e){let{components:t,...a}=e;return(0,ce.kt)(we,(0,Q.Z)({},ke,a,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("p",null,(0,ce.kt)("img",{alt:"Podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,ce.kt)("h1",{id:"-pagetitle-"},"{{ page.title }}"),(0,ce.kt)("h2",{id:"october-6-2020-1100-am-eastern"},"October 6, 2020 11:00 a.m. Eastern"),(0,ce.kt)("h3",{id:"attendees-34-total"},"Attendees (34 total)"),(0,ce.kt)("p",null,"Tom Sweeney, Alex Litvak, Chris Evich, Christian Felder, Douglas, Ed Santaigo, Josep Gooch, Joe Doss, Lokesh Mand, Manish, Matt Heon, Reinhard Tartler, Valentin Rothberg, Wolfgang K, Nalin Dahyabhai, Dusty Mabe, Urvashi Mohnani, Sally O'Malley, Eduardo Santiago, Anders, Miloslav Trma\u010d, Jhon Honce, Parker Van Roy, Brent Baude, James Alt, Greg Shomo, Paul Holzinger, Ralf Haferkamp, Giuseppe Scrivano, Scott McCarty, Anders Bj\xf6rklund (afbjorklund), Balamurugan, Brian Smith, Drew Baily"),(0,ce.kt)("h2",{id:"introductions"},"Introductions"),(0,ce.kt)("p",null,"Each of the attendees gave a quick introduction."),(0,ce.kt)("h2",{id:"upcoming"},"Upcoming"),(0,ce.kt)("p",null,"Matt Heon discussed the upcoming releases and some of their content. He said, v2.1 came out a little over a week ago, v2.1.1 coming with bug fixes in the next week or so.\nAiming v3.0 towards sometime in February, which will include the removal of the varlink api as it has been deprecated. The big changes for v3.0 will be the removal of varlink and it will include improvements in handling short image names."),(0,ce.kt)("p",null,"Trying to get additional commands such as ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman container clone")," and other commands in as well. Also improvements to the REST API, including new endpoints to more closely mimic what Podman locally does."),(0,ce.kt)("p",null,"Lots of effort currently being put into fixing reported bugs and moving people from established Docker shops who want to transition."),(0,ce.kt)("h2",{id:"podman-v30-planning"},"Podman v3.0 Planning"),(0,ce.kt)("p",null,"Dan Walsh led the discussion on Podman v3.0 planning. Short names of images will be added. This will help prevent spoofing of images. ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman pull foo")," will go to all the defined registries and you'll be given a choice to pick from a list. If you pull later, it will repull that same pick. Similar to known hosts in ssh. Better support for Kata containers. More documentation and enhancements in usernamespace. Auto-selection of usernamespace is one such area of improvement. Also kubernetes integration enhancements, currently underway from a number of community members."),(0,ce.kt)("h2",{id:"hpc"},"HPC"),(0,ce.kt)("p",null,"Dan talked in general about the HPC community and that the development team would like to work closely with that community. Valentin talked about the differences in that environment. The goal is to generalize the problems and make them more usable."),(0,ce.kt)("h2",{id:"questions"},"Questions?"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Any plans for improved systemd integration with rootless? Specifically running systemd units with the ",(0,ce.kt)("inlineCode",{parentName:"li"},"User=")," directive calling podman rootless.\n(jdoss)")),(0,ce.kt)("p",null,"Podman team has talked to the systemd team and the systemd team was somewhat confused about why someone would want that. Further talks had about ways to use it are ongoing, but no support from systemd team at the moment. We'd like to get it in, but rely on the systemd team's help."),(0,ce.kt)("ol",{start:2},(0,ce.kt)("li",{parentName:"ol"},"Could you elaborate on the timing of integration of podman 2.x and 3.x into certain RHEL 8.x releases? (JA)")),(0,ce.kt)("p",null,"Podman 2.0 is 8.3.0, Podman 2.1 in 8.3.1. Not sure about 3.0 yet - perhaps 8.4.0 if we make the deadline there."),(0,ce.kt)("ol",{start:3},(0,ce.kt)("li",{parentName:"ol"},"What versions of podman/buildah/skopeo can we expect to end up in RHEL7 (RHEL8)? (R. Tartier)")),(0,ce.kt)("p",null,"RHEL7 is now frozen on 1.6.4"),(0,ce.kt)("ol",{start:4},(0,ce.kt)("li",{parentName:"ol"},"Will this go into another module stream though? (C Felder)")),(0,ce.kt)("p",null,"Yes. Nevertheless, RHEL8 stream is always rolling to the latest."),(0,ce.kt)("ol",{start:5},(0,ce.kt)("li",{parentName:"ol"},'Does "kind" work with Podman?')),(0,ce.kt)("p",null,"It should work now for Podman running as root in Podman 2.0."),(0,ce.kt)("ol",{start:6},(0,ce.kt)("li",{parentName:"ol"},"Does the podman team work with the Quay team about registry interactions - access control features? ability to move older images to a different registry with different permissions? maybe these are quay questions...")),(0,ce.kt)("p",null,"We'd like to work closer with Quay, but they've been overloaded since onboarding with Red Hat. We'd love any feedback that we can get. The majority of the answers to this question would have to come from the Quay team."),(0,ce.kt)("ol",{start:7},(0,ce.kt)("li",{parentName:"ol"},"podman go api -- any updates around ",(0,ce.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/6866"},"https://github.com/containers/podman/issues/6866"))),(0,ce.kt)("p",null,"Brent Baude answered. The best I can say is this is on the roadmap. Brent discussed that we've been bug fixing mostly as of late, but that it is on our road map."),(0,ce.kt)("ol",{start:8},(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Do you folks plan on publishing a public road map that shows community and Red Hat needs/wants for features/bug?"),(0,ce.kt)("p",{parentName:"li"},"Scott is working on this for the RHEL side of things. Brent is using Jira for our \"internal\" work. He'd like to share the Jira cards, but he's not sure about the timing of getting them done. Dusty suggested on grouping which are near term items vs more future items."))),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("p",null,"Is support for different logging drivers is on the road map in the future?"),(0,ce.kt)("p",null,"What Red Hat Thinks - Design directions - Brent Baude"),(0,ce.kt)("p",null,"I could do a summary of boot2podman/podman-machine (basically a varlink post-mortem) - Anders Bj\xf6rklund (Sold! and thanks!)\nCurrently involved in a little project to make a vagrant shell wrapper similar to it."),(0,ce.kt)("h2",{id:"next-meeting-tuesday-november-3-2020-1100-am-eastern"},"Next Meeting: Tuesday, November 3, 2020, 11:00 a.m. Eastern"),(0,ce.kt)("h2",{id:"bluejeans-chat-raw-copypaste"},"BlueJeans Chat raw copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Christian Felder10:57 AM\nHi, this is Christian from Munich\nReinhard Tartler10:57 AM\nHi, this is Reinhard from New York!\nAlex Litvak10:57 AM\nHi this is Alex from Chicago\nMe10:58 AM\nHowdy All! Tom from Leominster, MA. We'll be starting shortly\nLokesh S Mandvekar11:00 AM\nHello everyone\nnice to put faces to some of the names finally :)\nGreg Shomo11:00 AM\nhello, world\nJoe Doss (jdoss)11:00 AM\nHello! Joe Doss from Chicago I work for DEV Community Inc https://dev.to / forem.com\nDusty Mabe11:01 AM\nhey All, I'm Dusty Mabe - work for Red Hat on Fedora CoreOS and RHCOS. Good to meet everyone.\nMe11:01 AM\nMeeting Notes: https://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nmanish11:02 AM\nhello , i am manish\nMe11:02 AM\nPlease add yourself to the attendees list if I didn't get you there.\nafbjorklund11:04 AM\nI am Anders Bj\xf6rklund, and I was doing boot2podman. Might have to drop out today since I am joining from car\nBalamurugan11:08 AM\nyes\nDusty Mabe11:09 AM\nthere can be only one Dan\nLokesh S Mandvekar11:15 AM\n@tom: ManIsh, not ManUsh\nScott McCarty11:15 AM\nMight be worth sharing with this group. Red Hat has a community program called Red Hat Accelerators which gives you access to Red Hat engineering and leadership. I believe it was just announced today: https://access.redhat.com/accelerators#overview\nReinhard Tartler11:17 AM\nHi, I'm Reinhard, long-term Debian and Ubuntu Core Developer (13 years), and I've integrated podman 2.0.6 into the upcoming Debian 11 and Ubuntu 20.10 releases. I'm located in New York and work at Bloomberg leading a team working on a firmwide integration build system\nBrent Baude11:17 AM\n@Reinhard, please to meet you\nScott McCarty11:20 AM\n@Reinhard, that is super exciting to hear!\nLokesh S Mandvekar11:21 AM\nthanks a ton Reinhard :)\nJoe Doss (jdoss)11:24 AM\nAny plans for improved systemd integration with rootless?\nBrent Baude11:25 AM\nid encourage you to ask ... and specify what exactly you want\nJoe Doss (jdoss)11:25 AM\nSpecifically running systemd units with the User= directive calling podman rootless.\nJA11:27 AM\nCould you elaborate on the timing of integration of podman 2.x and 3.x into certain RHEL 8.x releases?\nmheon11:27 AM\n@JA - Podman 2.0 is 8.3.0, Podman 2.1 in 8.3.1\nNot sure about 3.0 yet - perhaps 8.4.0 if we make the deadline there\nReinhard Tartler11:28 AM\nQ: What versions of podman/buildah/skopeo can we expect to end up in RHEL7 (RHEL8)? - I'm asking because I need to decide what version to integrate for Debian 11, and would love to hear some opinions.\nChristian Felder11:29 AM\nfollow up on JA's question. Will this go into another module stream though?\nmheon11:30 AM\n@Reinhard - RHEL7 is now frozen on 1.6.4\nRHEL8 has two streams, one rolling steadily to the latest release, one with long-term-support releases\nBalamurugan11:30 AM\nwhat is the latest podman stable release for rhel 8.2\nDouglas11:30 AM\nHey Tom, what's the current status of running kind on top of podman?\nmheon11:31 AM\nTragically, the 2.0 module does not have Podman 2.0\nWe may have made a naming error, there...\nChristian Felder11:32 AM\nalright, to get the latest stuf just stay on rhel8 stream though\nmheon11:33 AM\n@Douglas - RHEL 8.2 has 1.6.4 in both streams. 8.2.1 has the fast-moving stream upgraded from 1.6.4 to 1.9.3\n@Christian - yes, RHEL8 stream is rolling to the latest\nChristian Felder11:33 AM\nthanks\nReinhard Tartler11:34 AM\nI'd love to see the Debian images added to the \"well-known\" list :-)\nDouglas11:34 AM\nnot sure if I follow mheon :(\nmy question is regarding kind - kubernetes\nmheon11:35 AM\nOh, sorry, replied to the wrong person\nThat was re: Balamurugan\nDouglas11:35 AM\nno worries\nAlex Litvak11:35 AM\nReinhard, is there a chance of podman backported to 20.04 LTS on ubuntu ?\nBalamurugan11:35 AM\nthanks @mheon\nAlex Litvak11:36 AM\nspeaking of a package of course\nDouglas11:39 AM\nthanks. Going to retest in a fresh git clone.\nmanish11:40 AM\ngvisor with podman.? is possible near future?\nBrent Baude11:41 AM\n@Tom, can I ask questions?\nmheon11:41 AM\n@manish - Should work fine as root. Rootless would require support from the gvisor folks\nJust need to add it as a runtime to containers.conf\nAlex Litvak11:42 AM\nany comments on the future logging support similar to docker?\nmanish11:43 AM\nthanks mheon.\nJA11:43 AM\nDoes the podman team work with the Quay team about registry interactions - access control features? ability to move older images to a different registry with different permissions? maybe these are quay questions...\nDrew Bailey11:43 AM\npodman go api -- any updates around https://github.com/containers/podman/issues/6866\nBrent Baude11:44 AM\nDrew, let's sdiscuss now!\nJoe Doss (jdoss)11:48 AM\nDo you folks plan on publishing a pubic road map that shows community and Red Hat needs/wants for features/bug?\nMe11:48 AM\nTopics for next time? Please add to: https://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nDrew Bailey11:52 AM\n\ud83d\udc4d awesome thanks, will help us get off varlink :D\nJoe Doss (jdoss)11:57 AM\nI think it would be nice for the community to have insights into what is important for the RH Podman Team and maybe the community can help. Also design direction within the roadmap would help inform community help.\nhelp guide community help**\nJoe Doss (jdoss)11:59 AM\nWe can help if we know what direction you folks want to go.\nSally O'Malley11:59 AM\nthank you everyone! i have to drop - see you all next month\nBrent Baude11:59 AM\njoe you are exactly correct.\nmanish12:00 PM\nthanks :)\nJoe Doss (jdoss)12:00 PM\nGreat call and turnout!\nValentin Rothberg12:00 PM\nThanks for joining, all!\n")))}fe.isMDXComponent=!0;const be={},ve="Podman Community Meeting",Me=[{value:"April 6, 2021 08:00 p.m. Eastern (UTC-4)",id:"april-6-2021-0800-pm-eastern-utc-4",level:2},{value:"Attendees (18 total)",id:"attendees-18-total",level:3},{value:"Meeting Start: 8:00 p.m.",id:"meeting-start-800-pm",level:2},{value:"BlueJeans Recording",id:"bluejeans-recording",level:3},{value:"Podman Commit Topic Standards",id:"podman-commit-topic-standards",level:2},{value:"Matt Heon",id:"matt-heon",level:3},{value:"(2:17 in the video)",id:"217-in-the-video",level:4},{value:"Podman v3.1 Preview",id:"podman-v31-preview",level:2},{value:"Matt Heon",id:"matt-heon-1",level:3},{value:"(3:00 in the video)",id:"300-in-the-video",level:4},{value:"U volume flag to chown source volumes",id:"u-volume-flag-to-chown-source-volumes",level:2},{value:"Eduardo Vega",id:"eduardo-vega",level:3},{value:"(6:58 in the video)",id:"658-in-the-video",level:4},{value:"Demo (8:30 in the video)",id:"demo-830-in-the-video",level:5},{value:"Podman on Mac Preview",id:"podman-on-mac-preview",level:2},{value:"Brent Baude/Ashley Cui",id:"brent-baudeashley-cui",level:3},{value:"(15:20 in the video)",id:"1520-in-the-video",level:4},{value:"Demo (19:22 in the video)",id:"demo-1922-in-the-video",level:5},{value:"Questions?",id:"questions",level:2},{value:"(35:00) in the video)",id:"3500-in-the-video",level:4},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday May 4, 2021, 11:00 a.m. Eastern (UTC-4)",id:"next-meeting-tuesday-may-4-2021-1100-am-eastern-utc-4",level:2},{value:"Meeting End: 8:43 p.m. Eastern (UTC-4)",id:"meeting-end-843-pm-eastern-utc-4",level:3},{value:"BlueJeans Chat copy/paste:",id:"bluejeans-chat-copypaste",level:2}],Ie={toc:Me},Ae="wrapper";function Te(e){let{components:t,...n}=e;return(0,ce.kt)(Ae,(0,Q.Z)({},Ie,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting"},"Podman Community Meeting"),(0,ce.kt)("h2",{id:"april-6-2021-0800-pm-eastern-utc-4"},"April 6, 2021 08:00 p.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"attendees-18-total"},"Attendees (18 total)"),(0,ce.kt)("p",null,"Tom Sweeney, Brent Baude, Jhon Honce, Dan Walsh, Chris Evich, Lokesh Mandvekar, Urvashi Mohnani, Nalin Dahyabhai, Eduardo Santiago, Matt Heon, Ashley Cui, Sumantro Mukherjee, Scott McCarty, Shion Tanaka, Juanje Ojeda, Edward Shen, Reinhard Tartler"),(0,ce.kt)("h2",{id:"meeting-start-800-pm"},"Meeting Start: 8:00 p.m."),(0,ce.kt)("h3",{id:"bluejeans-recording"},"BlueJeans ",(0,ce.kt)("a",{parentName:"h3",href:"https://bluejeans.com/s/@f3vA2PsK7a"},"Recording")),(0,ce.kt)("h2",{id:"podman-commit-topic-standards"},"Podman Commit Topic Standards"),(0,ce.kt)("h3",{id:"matt-heon"},"Matt Heon"),(0,ce.kt)("h4",{id:"217-in-the-video"},"(2:17 in the video)"),(0,ce.kt)("p",null,"If you're fixing a bug or an issue, please include a link to the commit message or at least in a comment."),(0,ce.kt)("h2",{id:"podman-v31-preview"},"Podman v3.1 Preview"),(0,ce.kt)("h3",{id:"matt-heon-1"},"Matt Heon"),(0,ce.kt)("h4",{id:"300-in-the-video"},"(3:00 in the video)"),(0,ce.kt)("p",null,"Matt pulled up the release notes (",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/RELEASE_NOTES.md"},"https://github.com/containers/podman/blob/main/RELEASE_NOTES.md"),"). Matt likes to get rleases out every 6 to 8 weeks"),(0,ce.kt)("p",null,"Added secrets, although not with crypto, manifest commands and prune have been added. The Podman copy command has been reworked heavily by Valentin Rothberg. Now you can copy to directories too now. You should now be able to copy anywhere in a container."),(0,ce.kt)("p",null,"Also added U option for mounting volumes."),(0,ce.kt)("p",null,"Matt then went over a number of bugs/issues about 50, with many fixes from the community and a small CVE."),(0,ce.kt)("p",null,"More significant work in the next release coming up in"),(0,ce.kt)("h2",{id:"u-volume-flag-to-chown-source-volumes"},"U volume flag to chown source volumes"),(0,ce.kt)("h3",{id:"eduardo-vega"},"Eduardo Vega"),(0,ce.kt)("h4",{id:"658-in-the-video"},"(6:58 in the video)"),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman.io/blob/main/community/meeting/notes/2021-04-06/Podman-U-Volume-Opt-06_04_2021.pptx"},"slides")),(0,ce.kt)("p",null,"New Volume option."),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Podman create and Podman run with --volume."),(0,ce.kt)("li",{parentName:"ul"},'"U" uppercase letter is the new option'),(0,ce.kt)("li",{parentName:"ul"},"Changes ownership of source volumes on the host.",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"Based on the container owners uid and gid and maps those to th host."),(0,ce.kt)("li",{parentName:"ul"},"The container and the volume will have the same owners")))),(0,ce.kt)("h5",{id:"demo-830-in-the-video"},"Demo (8:30 in the video)"),(0,ce.kt)("p",null,"podman run -it -v /tmp/data01:/data:Z --user 998:998 fedora sh"),(0,ce.kt)("p",null,"This showed that the wrong user (root) owned directories in the container."),(0,ce.kt)("p",null,"Now with 'U' added to the volume specification."),(0,ce.kt)("p",null,"podman run -it -v /tmp/data01:/data:Z,U --user 998:998 fedora sh"),(0,ce.kt)("p",null,"The directory and files are now owned by 998."),(0,ce.kt)("p",null,"This can also be run with tmpfs volumes"),(0,ce.kt)("p",null,"podman run -it --rm --tmpfs /data:Z,U --user 998:998 fedora ls -la data"),(0,ce.kt)("p",null,"This also shows the directory has the right permissions. Ditto overlayfs."),(0,ce.kt)("p",null,"Dan talked about some other use cases."),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Usefull when running mariadb in a container, you could volume mount /var/lib/mariadb for it with the correct permissions."),(0,ce.kt)("li",{parentName:"ul"},"It's super useful for a rootless user in the usernamespace."),(0,ce.kt)("li",{parentName:"ul"},"It's a really great and powerful feature that people haven't disovered yet.")),(0,ce.kt)("h2",{id:"podman-on-mac-preview"},"Podman on Mac Preview"),(0,ce.kt)("h3",{id:"brent-baudeashley-cui"},"Brent Baude/Ashley Cui"),(0,ce.kt)("h4",{id:"1520-in-the-video"},"(15:20 in the video)"),(0,ce.kt)("p",null,'Brent Baude led off. Creating a Podman on Mac using a subcommand in pocman called "machine" building upon other efforts. The code is very modular. The initial implementation is Fedora CoreOS in the vm which is configurable.'),(0,ce.kt)("p",null,"Testing on X86 linux on Mac OS X8664 and aarch64."),(0,ce.kt)("p",null,"Current implementation relies on qemu which currently has some platform dependencies."),(0,ce.kt)("p",null,"Hurdle to resolve the networking on the VM and exposing services running in the container on the host."),(0,ce.kt)("p",null,"Podman machine is upstream now and works, but no ability to expose services at this point. But you can build images and experiment with how it works."),(0,ce.kt)("h5",{id:"demo-1922-in-the-video"},"Demo (19:22 in the video)"),(0,ce.kt)("p",null,"Ashley did a demo running on her Mac."),(0,ce.kt)("p",null,"Used the\npodman-remote machine --help command\npodman-remote machine init # pulled fedora coreos image"),(0,ce.kt)("p",null,"podman-remote machine init anothername # creates with the specified name."),(0,ce.kt)("p",null,"podman-remote machine ls # shows the machines create"),(0,ce.kt)("p",null,"When you init the vm, it creates connections automatically."),(0,ce.kt)("p",null,"podman-remote machine start # starts the VM"),(0,ce.kt)("p",null,"podman-remote machine ssh podman-machine-default # sshinto the machine"),(0,ce.kt)("p",null,"podman-remote pull alpine #failed with socket issue being chased."),(0,ce.kt)("p",null,"Ashely tried a number of pulls and it finally worked after a number of attempts and tweaking."),(0,ce.kt)("p",null,"The container runs on the VM, but you type on the Mac. It does work, but socket activation issues are being chased."),(0,ce.kt)("p",null,"This is running on the Mac M1 now, and work in progress on Mac Intel based."),(0,ce.kt)("p",null,"Questions on the systemd socket. The socket issue is likely due to Podman talking to systemd. Dan thinks it's fixed upstream in systemd."),(0,ce.kt)("p",null,'The demo showed "podman-remote", but the final release will just be "podman".'),(0,ce.kt)("p",null,'The user experience should be you would just install "podman" and everything needed will come along with that.'),(0,ce.kt)("p",null,"Dan asked about install: goal user experience is\n",(0,ce.kt)("inlineCode",{parentName:"p"},"brew install podman"),", ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman machine init"),", ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman machine start"),", and then you're running as if you're on a linux box."),(0,ce.kt)("h2",{id:"questions"},"Questions?"),(0,ce.kt)("h4",{id:"3500-in-the-video"},"(35:00) in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"What about Podman on windows? The current leaning is to use WSL2 probably Ubuntu. It's being looked at and we'd love community help."),(0,ce.kt)("li",{parentName:"ol"},"Tshirts were recently available, but are not currently due to a vendoring problem. ;^("),(0,ce.kt)("li",{parentName:"ol"},"For FCOS, does the machine pull stable every time? It pulls the next stream and you can use a URL if you'd like."),(0,ce.kt)("li",{parentName:"ol"},"Will podman machine will work on a linux box? Yes")),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("h2",{id:"next-meeting-tuesday-may-4-2021-1100-am-eastern-utc-4"},"Next Meeting: Tuesday May 4, 2021, 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"meeting-end-843-pm-eastern-utc-4"},"Meeting End: 8:43 p.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"bluejeans-chat-copypaste"},"BlueJeans Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Me:7:57 PM\nPlease sign in at: https://hackmd.io/fc1zraYdS0-klJ2KJcfC7w?both\nBrent Baude8:00 PM\nok, had one flicker of the power from the storm here .... three flickers and we're out\nReinhard 'siretart' Tartler8:08 PM\nFWIW, I've got the podman 3.1 package almost ready, will upload to debian/experimental later this week\nDaniel (rhatdan) Walsh8:08 PM\nThanks\nBrent Baude8:08 PM\noutstanding\njhonce8:08 PM\n@siretart Great!\nBrent Baude8:09 PM\n@siretart, maybe connect with us to make sure the latest libcap and crun are being used? we can explain.\nperhaps stay a few minutes after and we can elaborate ?\nReinhard 'siretart' Tartler8:09 PM\nsure thing!\nMatt Heon8:13 PM\nThis is *very* useful for rootless user/group mapping issues. I'm writing a blog on this right now and am definitely mentioning this.\nBrent Baude8:14 PM\n++ mheon\nMe:8:15 PM\nVery nice!\nShion Tanaka8:18 PM\nI'm interested in being able to run Podman on a Mac, since VS Code's Remote Containers feature is not available on Macs.\nsumantrom8:31 PM\nAwesome Presentation Asley, for FCOS, it pulls the latest stable everytime by default?\nsumantrom8:32 PM\nthanks!\nReinhard 'siretart' Tartler8:38 PM\nI'd love to see podman working out of the box on wsl2 and macs (at dayjob, that's what the company provides)\nawesome t-shirt. Where can I get one? :-)\nShion Tanaka8:38 PM\nThanks for the great demo!\nReinhard 'siretart' Tartler8:39 PM\n+1 -- awesome!\ndebian and ubuntu, for that matter :-)\nReinhard 'siretart' Tartler8:41 PM\nwill do\nthanks for organizing this meeting, amazing demos, really enjoyed them!\nEd8:42 PM\nGreat work, thanks!\nJuanje Ojeda8:44 PM\nGreat meeting and demos. Thanks!\nsumantrom8:44 PM\nThanks for organizing!\n\n")))}Te.isMDXComponent=!0;const Se={},Ce="Podman Community Cabal Meeting Notes",Ne=[{value:"August 19, 2021 11:00 a.m. Eastern",id:"august-19-2021-1100-am-eastern",level:2},{value:"August 19, 2021 Topics",id:"august-19-2021-topics",level:2},{value:"Open Discussion",id:"open-discussion",level:3},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"Podman v4.0 inclusions (1:22 in the video)",id:"podman-v40-inclusions-122-in-the-video",level:4},{value:"Podman on Windows (12:30 in the video)",id:"podman-on-windows-1230-in-the-video",level:4},{value:"Open discussion (39:45 in the video)",id:"open-discussion-3945-in-the-video",level:4},{value:"Next Cabal Meeting: Thursday September 16, 2021 10:00 a.m. EDT (UTC-4)",id:"next-cabal-meeting-thursday-september-16-2021-1000-am-edt-utc-4",level:3}],De={toc:Ne},Pe="wrapper";function xe(e){let{components:t,...n}=e;return(0,ce.kt)(Pe,(0,Q.Z)({},De,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("p",null,"Attendees (22): Tom Sweeney, Nalin Dahyabhai, Paul Holzinger, Dan WAlsh, Preethi Thomas, Valentin Rothberg, Matt Heon, Pavel Sosin, Chris Evich, Ashley Cui, Anders Bjorklund, Peter Hutn, Urvashi Mohnani, Brent Baude, Erik Bernoth, Giuseppe Scrivano, Ed Santiago, Guillaume Rose, Mehul Arora, Miloslav Trmac, Scott McCarty"),(0,ce.kt)("h2",{id:"august-19-2021-1100-am-eastern"},"August 19, 2021 11:00 a.m. Eastern"),(0,ce.kt)("h2",{id:"august-19-2021-topics"},"August 19, 2021 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Podman v4.0 inclusions"),(0,ce.kt)("li",{parentName:"ol"},"Podman on Windows"),(0,ce.kt)("li",{parentName:"ol"},"Open Discussion")),(0,ce.kt)("h3",{id:"open-discussion"},"Open Discussion"),(0,ce.kt)("p",null,"Save the last 15 minutes for an open floor discussion."),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://drive.google.com/file/d/1VOzFK0zpG4MgjQnyiGDZL3J9gMIj-msh/view"},"Recording"),"\nAttendees:"),(0,ce.kt)("p",null,"Meeting start 10:05 a.m Thursday August 19, 2021"),(0,ce.kt)("h4",{id:"podman-v40-inclusions-122-in-the-video"},"Podman v4.0 inclusions (1:22 in the video)"),(0,ce.kt)("p",null,"Podman 4.0-dev is now upstream.\nPaul Holzinger has added a large change for Networks.\nMore performance analysis and attempting to lessen memory and CPU usage. Adopting Buildkit functionality in Buildah and thus Podman build."),(0,ce.kt)("p",null,"Giuseppe is working with supporting virtual pools to retrieve just files that are not already present in local storage, to help decrease load times. It may not be Docker compatible, it may have to be OCI based only."),(0,ce.kt)("p",null,"We're looking for ideas/changes that might require breaking API changes. But are hoping not to make too many at once."),(0,ce.kt)("h4",{id:"podman-on-windows-1230-in-the-video"},"Podman on Windows (12:30 in the video)"),(0,ce.kt)("p",null,"Currently looking into WSL possible solutions."),(0,ce.kt)("p",null,"Pavel talked about his use case of using Fedora directly from the Microsoft Windows Store. Once installed, he was able to run the latest Podman on Fedora."),(0,ce.kt)("p",null,"Erik asked if systemd is working? (Not likely to at the moment.) He too uses Podman on Windows and it works fine for him now."),(0,ce.kt)("p",null,"WSL2 is installed on windows by default already in the latest, and then install Fedora from Microsoft store, and then Podman ran from there."),(0,ce.kt)("p",null,"Docker has a GUI interface that can be used from Windows, we would probably not provide a similar out of the box."),(0,ce.kt)("p",null,"If you create a container currently in Windows using the Fedora, you can't talk to the container outside of that Windows host. Something that will need looking at."),(0,ce.kt)("p",null,"Fedora costs $10 for Fedora 34 distribution from the Microsoft Store."),(0,ce.kt)("p",null,"Dan would like to default to just click a button somewhere once to install Podman. The issue with that is keeping it updated over time. The best case is to get the Fedora team to provide Fedora with Podman preinstalled in the Microsoft Store."),(0,ce.kt)("p",null,"What should the experience be for when the podman-machine needs to be updated? What is the best case scenario? TBD."),(0,ce.kt)("p",null,"Two upgrade paths in Windows per Pavel. We'd like to know how the upgrade could happen seamlessly for the end-user."),(0,ce.kt)("p",null,"Docker checks the version at starti-up and then asks the user to do update. Information is stored in a small json file. They apparently do an update in a separate VM."),(0,ce.kt)("p",null,"On Docker, can you do a volume mount on a Windows directory? Giuillaume says it does work."),(0,ce.kt)("h4",{id:"open-discussion-3945-in-the-video"},"Open discussion (39:45 in the video)"),(0,ce.kt)("p",null,"When's Podman v3.3 coming out? Hopefully Monday, Aug 23, 2021. Then we will likely be creating a Podman 3.4 for sometime later in the fall."),(0,ce.kt)("p",null,"One thing to watch is that Podman v4.0 can not break Fedora 35. Fedora 36 should be in April 2022 and would be the target if we break Fedora 35, but that hopefully won't be the case."),(0,ce.kt)("h3",{id:"next-cabal-meeting-thursday-september-16-2021-1000-am-edt-utc-4"},"Next Cabal Meeting: Thursday September 16, 2021 10:00 a.m. EDT (UTC-4)"),(0,ce.kt)("p",null,"Raw BlueJeans:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Nalin Dahyabhai10:02 AM\nAgenda: https://hackmd.io/gQCfskDuRLm7iOsWgH2yrg\nErik Bernoth10:39 AM\nI have to go. If you do a podman on Windows issue on GH, please CC me. See you next time!\nBrent Baude10:43 AM\nhttps://www.redhat.com/sysadmin/podman-windows-wsl2\n")))}xe.isMDXComponent=!0;const Be={},Ee="Podman Community Meeting",We=[{value:"November 2, 2021 11:00 a.m. Eastern (UTC-4)",id:"november-2-2021-1100-am-eastern-utc-4",level:2},{value:"Attendees (21 total)",id:"attendees-21-total",level:3},{value:"Meeting Start: 11:03 a.m.",id:"meeting-start-1103-am",level:2},{value:"BlueJeans Recording",id:"bluejeans-recording",level:3},{value:"Buildah buildkit update",id:"buildah-buildkit-update",level:2},{value:"Aditya Rajan",id:"aditya-rajan",level:3},{value:"(2:10 in the video)",id:"210-in-the-video",level:4},{value:"Podman on Mac Status",id:"podman-on-mac-status",level:2},{value:"Ashley Cui/Brent Baude",id:"ashley-cuibrent-baude",level:3},{value:"(13:45 in the video)",id:"1345-in-the-video",level:4},{value:"netavark update",id:"netavark-update",level:2},{value:"Matt Heon/Brent Baude",id:"matt-heonbrent-baude",level:3},{value:"(15:44 in the video) 23",id:"1544-in-the-video-23",level:4},{value:"Open Forum/Questions?",id:"open-forumquestions",level:2},{value:"(18:15) in the video)",id:"1815-in-the-video",level:4},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday December 7, 2021, 11:00 a.m. Eastern (UTC-5)",id:"next-meeting-tuesday-december-7-2021-1100-am-eastern-utc-5",level:2},{value:"Next Cabal Meeting: Thursday November 18, 2021, 10:00 a.m. Eastern (UTC-5)",id:"next-cabal-meeting-thursday-november-18-2021-1000-am-eastern-utc-5",level:2},{value:"Meeting End: 11: a.m. Eastern (UTC-4)",id:"meeting-end-11-am-eastern-utc-4",level:3},{value:"BlueJeans Chat copy/paste:",id:"bluejeans-chat-copypaste",level:2}],je={toc:We},Le="wrapper";function He(e){let{components:t,...n}=e;return(0,ce.kt)(Le,(0,Q.Z)({},je,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting"},"Podman Community Meeting"),(0,ce.kt)("h2",{id:"november-2-2021-1100-am-eastern-utc-4"},"November 2, 2021 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"attendees-21-total"},"Attendees (21 total)"),(0,ce.kt)("p",null,"Tom Sweeney, Jhon Honce, Chris Evich, Urvashi Mohnani, Matt Heon, Erik Bernoth, Chris Evich, Scott McCarty, Anders Bj\xf6rklund, Lokesh Mandvekar, Ashley Cui, Brent Baude, Aditya Rajan, Giuseppe Scrivan, Miloslav Trma\u010d, Rudolf Vesely, Shion Tanaka, Christian Felder"),(0,ce.kt)("h2",{id:"meeting-start-1103-am"},"Meeting Start: 11:03 a.m."),(0,ce.kt)("h3",{id:"bluejeans-recording"},"BlueJeans ",(0,ce.kt)("a",{parentName:"h3",href:"https://bluejeans.com/s/bhRBWYOh02V"},"Recording")),(0,ce.kt)("h2",{id:"buildah-buildkit-update"},"Buildah buildkit update"),(0,ce.kt)("h3",{id:"aditya-rajan"},"Aditya Rajan"),(0,ce.kt)("h4",{id:"210-in-the-video"},"(2:10 in the video)"),(0,ce.kt)("p",null,"There are features in buildkit that are not in Buildah. New features added include --mount=type-bind, which allows performing a bind mount and scoped to current RUN statements.\nYou can also mount by stages if you would like. This is in upstream now and will be in Podman in the near future."),(0,ce.kt)("p",null,"The other feature added is --mount=type=cache. This adds support for persistent caching across builds. So it could be used by other images other than the one being built."),(0,ce.kt)("p",null,"Another is --mount=type=tmpfs which allows a user to mount a chunk of volatile memory instead of a persistent storage device. It looks like an actual disk for the build, but it's only temporary and doesn't persist after the build completes."),(0,ce.kt)("p",null,"This is upstream in Buildah now, will likely be in Buildah v1.24.","*"," and higher and Podman v4.0. Both will be out by early next year."),(0,ce.kt)("p",null,"Demo (7:11 in the video)"),(0,ce.kt)("p",null,"A feature to skip stages is underway but not complete."),(0,ce.kt)("p",null,"Is it possible by using --mount-type=cache to prevent a rogue/misguided Containerfile from using a cache that it should not use? We have the option to segregate cache but no way to avoid other builds from using it. Something Aditya will look into it."),(0,ce.kt)("h2",{id:"podman-on-mac-status"},"Podman on Mac Status"),(0,ce.kt)("h3",{id:"ashley-cuibrent-baude"},"Ashley Cui/Brent Baude"),(0,ce.kt)("h4",{id:"1345-in-the-video"},"(13:45 in the video)"),(0,ce.kt)("p",null,"DEMO (14:00 in the video)"),(0,ce.kt)("p",null,"Ashley showed several mockups for the new Mac interface. They show the machines available and then the ability to start/stop them. She's been looking into doing this with Swift."),(0,ce.kt)("p",null,"Brent noted that we're working on volumes, the Docker socket, and other sockets. In addition, rootful and rootless. The big issue with the volume mount is if you use a bind mount, it's mounted in the VM rather than the host machine itself."),(0,ce.kt)("p",null,"Would it make sense to implement the GUI with Qt? Isn\u2019t Swift just available for the Mac? Yes, for now, looking at POC, then thinking about figuring out what to do with Windows. Things work well on WSL there now, and it runs in Linux there."),(0,ce.kt)("h2",{id:"netavark-update"},"netavark update"),(0,ce.kt)("h3",{id:"matt-heonbrent-baude"},"Matt Heon/Brent Baude"),(0,ce.kt)("h4",{id:"1544-in-the-video-23"},"(15:44 in the video) 23"),(0,ce.kt)("p",null,"The ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/netavark"},"netavark")," project is a new project and replaces CNI plugins. Podman would call this with JSON input, and it would handle network setup, firewalls, etc. Being written in RUST and have a basic piece of code running today for a typical setup except the JSON response and firewall rules."),(0,ce.kt)("p",null,"We're doing this mainly to get the ipv6 support and DNS in play. The DNS piece will not be in place for the initial Podman v4.0 release but a later release. The team feels this will be a more supportable layer for the network."),(0,ce.kt)("p",null,"The team is happy to have RUST experts come in and contribute."),(0,ce.kt)("p",null,"How to understand netavark? Take a look at what CNI is doing under the covers, and that's being emulated/replaced? Also, a decent understanding of network concepts."),(0,ce.kt)("p",null,"We will be supporting firewalld as a backend to support firewall tables."),(0,ce.kt)("h2",{id:"open-forumquestions"},"Open Forum/Questions?"),(0,ce.kt)("h4",{id:"1815-in-the-video"},"(18:15) in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Podman on Windows priority? Lower on the priority list as the WSL solution is pretty solid now. But something we're looking into.")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"IRC slack connections: ",(0,ce.kt)("a",{parentName:"p",href:"https://podman.io/community/#slack-irc-matrix-and-discord"},"https://podman.io/community/#slack-irc-matrix-and-discord"))),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"We should use an interface approach for the volume drivers work per Anders. The issue now is the machine configuration is in containers/common, and that can be a bit of a dance. Brent and Anders have been looking into a few options, including ssh. There are other things they're looking at that have better speed but not as much functionality. For the ssh solution, playing with the crypto levels might help with speed."))),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("h2",{id:"next-meeting-tuesday-december-7-2021-1100-am-eastern-utc-5"},"Next Meeting: Tuesday December 7, 2021, 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h2",{id:"next-cabal-meeting-thursday-november-18-2021-1000-am-eastern-utc-5"},"Next Cabal Meeting: Thursday November 18, 2021, 10:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"meeting-end-11-am-eastern-utc-4"},"Meeting End: 11: a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"bluejeans-chat-copypaste"},"BlueJeans Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Me11:01 AM\nhttps://hackmd.io/fc1zraYdS0-klJ2KJcfC7w?both\nMiloslav Trmac11:13 AM\nIs there some scoping mechanism to the --mount-type=cache, so that a rogue/misguided Containerfile can't use a cache it shouldn't be using?\nMatt Heon11:19 AM\nMounting the Docker socket?\nChristian Felder11:21 AM\nWouldn't it make sense to implement the GUI with e.g. Qt? Isn't Swift just available for Mac?\nAnders Bj\xf6rklund11:21 AM\nI halted the Qt GUI fo rnow\nhttps://github.com/afbjorklund/podman-systray\nChristian Felder11:22 AM\nOk, I just thought about having the same GUI for Windows... So you wouldn't need to reimplement it\nAnders Bj\xf6rklund11:23 AM\nPodman doesn't really work on Windows, only on WSL (Linux)\nChristian Felder11:23 AM\nOk, thanks\nAnders Bj\xf6rklund11:23 AM\nbut I suppose you could run `wsl podman` or something\nbaude11:23 AM\nhttps://github.com/containers/netavark\nShion Tanaka11:27 AM\nIs there any other knowledge I should know to understand netavark?\nShion Tanaka11:29 AM\nOK,thanks!\nbaude11:30 AM\ncatching us on irc or the matrix bridge is probably the best approach for that\nLokesh Mandvekar11:31 AM\nhttps://podman.io/community/#slack-irc-matrix-and-discord\n\n")))}He.isMDXComponent=!0;const Re={},Oe="Podman Community Meeting",Je=[{value:"February 1, 2021 11:00 a.m. Eastern (UTC-5)",id:"february-1-2021-1100-am-eastern-utc-5",level:2},{value:"Attendees (26 total)",id:"attendees-26-total",level:3},{value:"Meeting Start: 11:02 a.m. EST",id:"meeting-start-1102-am-est",level:2},{value:"BlueJeans Recording",id:"bluejeans-recording",level:3},{value:"Container Plumbing Days",id:"container-plumbing-days",level:2},{value:"Tom Sweeney",id:"tom-sweeney",level:3},{value:"(1:23 in the video)",id:"123-in-the-video",level:4},{value:"Podman on Windows Demo",id:"podman-on-windows-demo",level:2},{value:"Jason Greene",id:"jason-greene",level:3},{value:"(2:14 in the video)",id:"214-in-the-video",level:4},{value:"Podman Network",id:"podman-network",level:2},{value:"Matt Heon",id:"matt-heon",level:3},{value:"(19:15 in the video)",id:"1915-in-the-video",level:4},{value:"Open Forum/Questions?",id:"open-forumquestions",level:2},{value:"(26:53) in the video)",id:"2653-in-the-video",level:4},{value:"Podman Desktop Companion Demo",id:"podman-desktop-companion-demo",level:2},{value:"Ionut Stoicia",id:"ionut-stoicia",level:3},{value:"(34:27 in the video)",id:"3427-in-the-video",level:4},{value:"Easter Egg",id:"easter-egg",level:2},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday April 5, 2021, 11:00 a.m. Eastern (UTC-4)",id:"next-meeting-tuesday-april-5-2021-1100-am-eastern-utc-4",level:2},{value:"Next Cabal Meeting: Thursday February 17, 2021, 11:00 a.m. Eastern (UTC-5)",id:"next-cabal-meeting-thursday-february-17-2021-1100-am-eastern-utc-5",level:2},{value:"Meeting End: 11:51 a.m. Eastern (UTC-5)",id:"meeting-end-1151-am-eastern-utc-5",level:3},{value:"BlueJeans Chat copy/paste:",id:"bluejeans-chat-copypaste",level:2}],Fe={toc:Je},Ge="wrapper";function Ye(e){let{components:t,...n}=e;return(0,ce.kt)(Ge,(0,Q.Z)({},Fe,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting"},"Podman Community Meeting"),(0,ce.kt)("h2",{id:"february-1-2021-1100-am-eastern-utc-5"},"February 1, 2021 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"attendees-26-total"},"Attendees (26 total)"),(0,ce.kt)("p",null,"Tom Sweeney, Jhon Honce, Chris Evich, Urvashi Mohnani, Matt Heon, Chris Evich, Anders Bj\xf6rklund, Ashley Cui, Aditya Rajan, Eduardo Santiago, Valentin Rothberg, Paul Holzinger, Nalin Dahyabhai, Ionut Stoica, Jason Greene, Giuseppe Scrivano, Chris Evich, Lokesh Mandvekar, Niall Crowe"),(0,ce.kt)("h2",{id:"meeting-start-1102-am-est"},"Meeting Start: 11:02 a.m. EST"),(0,ce.kt)("h3",{id:"bluejeans-recording"},"BlueJeans ",(0,ce.kt)("a",{parentName:"h3",href:"https://youtu.be/-dVK9CfqeNM"},"Recording")),(0,ce.kt)("h2",{id:"container-plumbing-days"},"Container Plumbing Days"),(0,ce.kt)("h3",{id:"tom-sweeney"},"Tom Sweeney"),(0,ce.kt)("h4",{id:"123-in-the-video"},"(1:23 in the video)"),(0,ce.kt)("p",null,"We are looking for speakers for the ",(0,ce.kt)("a",{parentName:"p",href:"https://containerplumbing.org/speakers"},"Container Plumbing days"),". It is occurring on March 22 and 23, 2022, in the morning through early afternoon Eastern time. They are looking for all kinds of container-related topics. Check the website for more details."),(0,ce.kt)("h2",{id:"podman-on-windows-demo"},"Podman on Windows Demo"),(0,ce.kt)("h3",{id:"jason-greene"},"Jason Greene"),(0,ce.kt)("h4",{id:"214-in-the-video"},"(2:14 in the video)"),(0,ce.kt)("p",null,"API event forwarding is working and demonstrated that."),(0,ce.kt)("p",null,"Jason started a machine on Windows under WSL. If you're using typical Docker, it expects a pipe to be opened, and Podman can now talk to that same pipe."),(0,ce.kt)("p",null,"He did a number of Docker commands that ran under Podman."),(0,ce.kt)("p",null,"The ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman machine start other")," will allow for multiple instances of podman to run on the Windows machine. If you do ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman ps"),', it will show only the "other machine" instances, but you can hop back to the original and see the ones running under that machine.'),(0,ce.kt)("p",null,"Podman machine is starting a separate API forwarding service, and it's hooked into the windows event logging system. It's not running using .NET, but some of the .NET tools."),(0,ce.kt)("p",null,"The proxy is called win-sshproxy by default."),(0,ce.kt)("p",null,"He's exporting the root socket to pull this off to allow the Docker APIs to work with this. WSL is running under the user's identity, so not a security vulnerability."),(0,ce.kt)("p",null,"This is all running in WSL running in the shared WSL VM. Similar to a privilged container image. It is just mapping Docker to the Podman socket."),(0,ce.kt)("p",null,"Do volume mounts outside of /mnt work? i.e. /home/user/projects. That should work withing the WSL Linux environment."),(0,ce.kt)("p",null,"Extend podman-py to integration with WSL podman machine windows socket."),(0,ce.kt)("h2",{id:"podman-network"},"Podman Network"),(0,ce.kt)("h3",{id:"matt-heon"},"Matt Heon"),(0,ce.kt)("h4",{id:"1915-in-the-video"},"(19:15 in the video)"),(0,ce.kt)("p",null,"A new update to the network stack. The new stack is created by ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/netavark"},"netavark")," and ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/aardvark-dns"},"aardvark-dns"),". The aardvark-dns project handles DNS, netavark takes care of the rest of the stack. It is undergoing extensive testing as of now."),(0,ce.kt)("p",null,"Blog post soon on how to use the new stack."),(0,ce.kt)("p",null,"If you upgrade from Podman v3 to Podman v4, you will continue to use CNI so you won't break. But you can configure up to the new stack as you wish."),(0,ce.kt)("p",null,"Multiple IPs per container and IPv6 support will be provided."),(0,ce.kt)("p",null,"Netavark is based on similar kernel facilities as CNI. It is going to be eventually be working in the firewald framework soon."),(0,ce.kt)("h2",{id:"open-forumquestions"},"Open Forum/Questions?"),(0,ce.kt)("h4",{id:"2653-in-the-video"},"(26:53) in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"For people using Fedora, Podman v4 will be on Fedora 36, but not Fedora 35 as it's a breaking change there. If you want Podman v4.0 on Fedora 35, you will need to install it. We're leaning towards not doing a parallel stream due to the connection issues with the Podman socket in that scenario.")),(0,ce.kt)("h2",{id:"podman-desktop-companion-demo"},"Podman Desktop Companion Demo"),(0,ce.kt)("h3",{id:"ionut-stoicia"},"Ionut Stoicia"),(0,ce.kt)("h4",{id:"3427-in-the-video"},"(34:27 in the video)"),(0,ce.kt)("p",null,"Slides - ",(0,ce.kt)("a",{parentName:"p",href:"https://podman.io/community/meeting/notes/2022-02-01/Podman_Desktop_Companion.pdf"},"here")),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("p",{parentName:"li"},"Target - People wanting to learn about containers (Podman) and full-stack developers.")),(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("p",{parentName:"li"},"Goals - Look and feel the same on all operating systems with a familiar UI."),(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"This project supports Windows and macOS."))),(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("p",{parentName:"li"},"Trials - Native trial using Lazarus, GTK4, and QT."),(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"All looked good, but each had its hurdles.")))),(0,ce.kt)("p",null,"At the end, Ionut went with the Electron Web APP and is still exploring. It's easy to develop/share ownership using it. Electron also handles many major OSs for an end product."),(0,ce.kt)("p",null,"Immediate Goals: Windows and Mac binaries ASAP, then on to GitHub issues. Then need to advertise. Wants to take the 10 most useful scenarios in Podman and convert them to desktop demos."),(0,ce.kt)("p",null,"Demo (41:50 in the video)"),(0,ce.kt)("p",null,"Showed inspecting a container, secrets management space, and volumes. All were GUI driven."),(0,ce.kt)("p",null,"Question: Are you looking to add build/pull images? Eventually, build functionality is not yet available though."),(0,ce.kt)("p",null,"He's using the Podman API after talking with Anders. After seeing Jason's demo, Ionut thinks he can make progress there. It is handing only rootless there now. Anders had an update for Lima that will help."),(0,ce.kt)("p",null,"Ionut aims for the main Podman functions to start, and he wants the project to handle as many functions as possible. Ionut intends to create a GUI that's very useful to the CI."),(0,ce.kt)("p",null,"Ionut would like to include this project under ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers"},"containers"),". He will work with Brent and Dan to make that happen in the near future."),(0,ce.kt)("h2",{id:"easter-egg"},"Easter Egg"),(0,ce.kt)("p",null,(0,ce.kt)("inlineCode",{parentName:"p"},"podman run quay.io/podman/hello")),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Sparsefile handling with Podman - Giuseppe Scrivano")),(0,ce.kt)("h2",{id:"next-meeting-tuesday-april-5-2021-1100-am-eastern-utc-4"},"Next Meeting: Tuesday April 5, 2021, 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"next-cabal-meeting-thursday-february-17-2021-1100-am-eastern-utc-5"},"Next Cabal Meeting: Thursday February 17, 2021, 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"meeting-end-1151-am-eastern-utc-5"},"Meeting End: 11:51 a.m. Eastern (UTC-5)"),(0,ce.kt)("h2",{id:"bluejeans-chat-copypaste"},"BlueJeans Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Me11:02 AM\nhttps://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nScott McCarty11:07 AM\nI always love Jason's videos. I'm so jealous LOL\njhonce11:14 AM\nw00t!\nIonut Stoica11:18 AM\nI have one, do volume mounts that are not from /mnt work ? Let's say /home/user/Projects\nJason Greene11:21 AM\nthanks guys!\nIonut Stoica11:21 AM\nCan you guys hear me ?\nMatthew Heon11:26 AM\nWe can't, sorry\nJason Greene11:26 AM\nis netavark based on similar kernel facilities as cni?\nPaul Holzinger11:26 AM\nyes\nIonut Stoica11:26 AM\nswitching browsers\nPaul Holzinger11:27 AM\nhopefully better firewalld support soon\nJason Greene11:27 AM\nawesome thats great\nionut stoica11:28 AM\nI can see myself / test works, but you guys cannot\nI am in firefox\nAdi11:29 AM\ntry to open in a private tab of firefox\nEduardo Santiago11:29 AM\nI thought the reason for BJ was ease of publishing recordings?\nionut stoica11:30 AM\nI've created a google meeting, there it works https://meet.google.com/uvv-dzzg-cxa but wont be recorded\nbaude11:31 AM\n@Anders, can you stick behind after the meeting?\nMe11:32 AM\nIonut, let me try to stream that\nJason Greene11:37 AM\nwoohoo\njhonce11:47 AM\n:+1:\n\ud83d\udc4d\nJason Greene11:48 AM\nvery cool\nAdi11:49 AM\n\ud83d\udc4d\nJason Greene11:50 AM\nare you aiming for parity with the command line or just main tasks?\nMe11:51 AM\ndwalsh@redhat.com\nbaude11:52 AM\nplease include\nbbaude@redhat.com\nbc Dan is just going to fw it to me :)\nAnders11:53 AM\nWill stay\n")))}Ye.isMDXComponent=!0;const Ue={},qe="Podman Community Cabal Meeting Notes",ze=[{value:"May 19, 2022 11:00 a.m. Eastern",id:"may-19-2022-1100-am-eastern",level:2},{value:"May 19, 2022 Topics",id:"may-19-2022-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"Container Lock Contention - (1:10 in video) - Matt Heon",id:"container-lock-contention---110-in-video---matt-heon",level:3},{value:"Vendoring and release hygiene - (12:53 in video) - Reinhard Tartler",id:"vendoring-and-release-hygiene---1253-in-video---reinhard-tartler",level:3},{value:"Podman API specgen/create options - (24:47 in video) - Charlie Doern",id:"podman-api-specgencreate-options---2447-in-video---charlie-doern",level:3},{value:"Open discussion (: in video) - 45",id:"open-discussion--in-video---45",level:4},{value:"Next Meeting: Thursday June 16, 2022 11:00 a.m. EDT (UTC-5)",id:"next-meeting-thursday-june-16-2022-1100-am-edt-utc-5",level:3},{value:"June 16, 2022 Topics",id:"june-16-2022-topics",level:2},{value:"Next Community Meeting: Tuesday June 7, 2022 11:00 a.m. EDT (UTC-5)",id:"next-community-meeting-tuesday-june-7-2022-1100-am-edt-utc-5",level:3},{value:"Possible Topics:",id:"possible-topics",level:3}],Ve={toc:ze},Ke="wrapper";function Qe(e){let{components:t,...n}=e;return(0,ce.kt)(Ke,(0,Q.Z)({},Ve,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("p",null,"Attendees: Tom Sweeney, Matt Heon, Brent Baude, Nalin Dahyabhai, Paul Holzinger, Karthik Elango, Charlie Doern, Lokesh Mandvekar, Urvashi Mohnani, Niall Crowe, Lance Lovette, Zachariah Cavazos, Reinhard Tartler, Leon N, Dan Walsh, Valentin Rothberg, Miloslav Trmac, Mohan Bodu"),(0,ce.kt)("h2",{id:"may-19-2022-1100-am-eastern"},"May 19, 2022 11:00 a.m. Eastern"),(0,ce.kt)("h2",{id:"may-19-2022-topics"},"May 19, 2022 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Container Lock Contention - Matt Heon"),(0,ce.kt)("li",{parentName:"ol"},"Vendoring and release hygiene - Reinhard Tartler"),(0,ce.kt)("li",{parentName:"ol"},"Podman API specgen/create options - Charlie Doern")),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://youtu.be/G4pad4k2Az4"},"Recording")),(0,ce.kt)("p",null,"Meeting start 11:02 a.m. Thursday May 19, 2022"),(0,ce.kt)("h3",{id:"container-lock-contention---110-in-video---matt-heon"},"Container Lock Contention - (1:10 in video) - Matt Heon"),(0,ce.kt)("p",null,"Issues that spun up the discussion ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/issues/11940"},"here:")),(0,ce.kt)("p",null,"Restarting 100 containers at once does not take a trivial amount of time, and then ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman ps")," hangs. Most other commands hang at too. Matt is looking for suggestions. Looking for a fairness doctrine so other things can go on while restart is cranking."),(0,ce.kt)("p",null,"Brent suggested looking into readlocks, but we're using glib locks, and they don't have one currently available. Having a daemon would help with lock contention, but something to avoid given our design model."),(0,ce.kt)("p",null,"Podman restart goes to do 100 containers, and it does them in a particular order. At the same time, spin-off ps, it takes less time to run than restart, so it eventually hangs when it tries to ps a container that's locked due to the restart."),(0,ce.kt)("p",null,"As ps refreshes the status of the container, it requires the lock to be held. If a container exited, ps writes to the database with that new info, so it can not use a read lock."),(0,ce.kt)("p",null,"Potentially the code could be changed to use a read lock. Then if an update is needed, spin-off a thread to wait for the write lock."),(0,ce.kt)("p",null,"Action item to look further."),(0,ce.kt)("h3",{id:"vendoring-and-release-hygiene---1253-in-video---reinhard-tartler"},"Vendoring and release hygiene - (12:53 in video) - Reinhard Tartler"),(0,ce.kt)("p",null,"Packaging dependencies up to Podman v4.1. Most of his time is spent on figuring out dependencies that need to be updated. The dependencies have caused problems for gzip in the past. Problems also occur when runtime-tools include features that are not available."),(0,ce.kt)("p",null,"He's needed to update with a snapshot which hasn't made him very comfortable."),(0,ce.kt)("p",null,"New versions haven't been released for image-spec. Dan will ping the folks in Red Hat who have the ability to merge things that Reinhard is required. ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/opencontainers/runtime-tools/issues/702"},"https://github.com/opencontainers/runtime-tools/issues/702")),(0,ce.kt)("p",null,"A similar issue applies to image-spec: ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/opencontainers/image-spec/issues/918"},"https://github.com/opencontainers/image-spec/issues/918")),(0,ce.kt)("p",null,"Podman 4.1 isn't stable yet as he needs to figure out what the dependencies are. It has, however, been uploaded to Debian/experimental today and is being built on the official Debian builders. Also, he needs to write upgrade notes for Podman v3.","*"," to v4.1. For instance, netavark is not currently available in Debian."),(0,ce.kt)("p",null,"Brent says not having Netavark would be problematic. Not much bug fixing going on with CNI. Theoretically, nothing would break."),(0,ce.kt)("p",null,"Reinhard will be looking to move Netavark to Debian. He'd love to have some volunteers, cf ",(0,ce.kt)("a",{parentName:"p",href:"https://bugs.debian.org/1009713"},"https://bugs.debian.org/1009713"),". Lokesh asked about the golang packaging team requirements, and Reinhard says not much experience is not necessary. ",(0,ce.kt)("a",{parentName:"p",href:"https://go-team.pages.debian.net/"},"https://go-team.pages.debian.net/")," for getting started."),(0,ce.kt)("p",null,"Wants to avoid unreleased dependencies. Introducing libraries to Debian is not always a quick thing to do."),(0,ce.kt)("p",null,"Going forward, we'll need to get Netavark/Aardvark into Debian long term."),(0,ce.kt)("h3",{id:"podman-api-specgencreate-options---2447-in-video---charlie-doern"},"Podman API specgen/create options - (24:47 in video) - Charlie Doern"),(0,ce.kt)("p",null,'Last year, Charlie rewired the infra container for pods to a "regular" container.'),(0,ce.kt)("p",null,"The Issue"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Infra container was redesigned to automatically receive most of the pod options."),(0,ce.kt)("li",{parentName:"ul"},"This means the infra spec is filled out with ",(0,ce.kt)("inlineCode",{parentName:"li"},"cmd/podman")," before any remote calls kick in"),(0,ce.kt)("li",{parentName:"ul"},"When a remote call happens, we cannot marshal the infra spec as that would expose far too many untested options to users that pods should not have"),(0,ce.kt)("li",{parentName:"ul"},"This causes all of the work for infra to be undone only to be recreated again in infra within the remote handling code")),(0,ce.kt)("p",null,"There's a difference in syntax that he's found. For instance, a SpecGenerator is attached for all types that have a creation process."),(0,ce.kt)("p",null,"SpecGenerator was first designed for the REST API, primarily for consumption for the JSON API. It was meant to offset the parsing required in the front-end work."),(0,ce.kt)("p",null,"Having a way to allow users to access infra spec in the API or a specific remote SpecGenerator."),(0,ce.kt)("p",null,"Paul's concerned that sending the infra is duplicated attributes would be sent across the wire, slowing things down. We need a single source of truth. He suggests removing the attributes from the POD spec and adding them only to the infra container."),(0,ce.kt)("p",null,"Matt is fine with that but thinks it's a Podman v5.0 delivery."),(0,ce.kt)("p",null,"Paul suggests moving from the Pod spec and leave/move it in infra spec. That way, duplicate fields with different data won't have to be figured out. Currently, we at times ignore the infra spec."),(0,ce.kt)("p",null,"So going foward, we'll remove resource limits from the pod spec and will expose the infra spec to the REST API. The downside is people would need to add the infra spec to the API."),(0,ce.kt)("p",null,"Dan is suggesting a major release for next January, Valentin isn't sure that's a good idea. Dan asked if we could bump the version of the API. We also can't break versions of the API, especially a ",(0,ce.kt)("inlineCode",{parentName:"p"},"-1")," to a ",(0,ce.kt)("inlineCode",{parentName:"p"},"-2"),"."),(0,ce.kt)("p",null,"Doing this would potentially detach the client and remote API versions. It's not a pretty thing to do, but possible. This is a real user issue."),(0,ce.kt)("p",null,"A pod spec should be a container spec with additional fields. We'll need to change the infra spec too."),(0,ce.kt)("h4",{id:"open-discussion--in-video---45"},"Open discussion (: in video) - 45"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Looking for major features for Podman for v4.2. One on the table is better ",(0,ce.kt)("inlineCode",{parentName:"li"},"podman play kube"),", possibly sigstore, more mac/windows work, and maybe podman desktop."),(0,ce.kt)("li",{parentName:"ol"},"Looking for Podman v4.1.1. to come out in the next few weeks, sometime in early June.")),(0,ce.kt)("h3",{id:"next-meeting-thursday-june-16-2022-1100-am-edt-utc-5"},"Next Meeting: Thursday June 16, 2022 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h2",{id:"june-16-2022-topics"},"June 16, 2022 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"})),(0,ce.kt)("h3",{id:"next-community-meeting-tuesday-june-7-2022-1100-am-edt-utc-5"},"Next Community Meeting: Tuesday June 7, 2022 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h3",{id:"possible-topics"},"Possible Topics:"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"})),(0,ce.kt)("p",null,"Meeting finished 11:48 a.m."),(0,ce.kt)("p",null,"Raw Meeting Chat:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"You\n11:00 AM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nYou\n11:03 AM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nMatt Heon\n11:04 AM\nhttps://github.com/containers/podman/issues/11940\n")))}Qe.isMDXComponent=!0;const Ze={},_e="Podman Community Meeting Notes",Xe=[{value:"October 4, 2022, 11:00 a.m. Eastern (UTC-5)",id:"october-4-2022-1100-am-eastern-utc-5",level:2},{value:"Attendees (24 total)",id:"attendees-24-total",level:3},{value:"Meeting Start: 11:02 a.m. EDT",id:"meeting-start-1102-am-edt",level:2},{value:"BlueJeans Recording",id:"bluejeans-recording",level:3},{value:"Distrobox Demo",id:"distrobox-demo",level:2},{value:"Luca Di Maio",id:"luca-di-maio",level:3},{value:"(1:37 in the video)",id:"137-in-the-video",level:4},{value:"Vault Test Suite",id:"vault-test-suite",level:2},{value:"Alex Scheel",id:"alex-scheel",level:3},{value:"(23:01 in the video)",id:"2301-in-the-video",level:4},{value:"Podman on Mac Installer Update",id:"podman-on-mac-installer-update",level:2},{value:"Ashley Cui",id:"ashley-cui",level:3},{value:"(42:50 in the video)",id:"4250-in-the-video",level:4},{value:"Open Forum/Questions?",id:"open-forumquestions",level:2},{value:"(44:34 in the video)",id:"4434-in-the-video",level:4},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday December 6, 2022, 11:00 a.m. Eastern (UTC-4)",id:"next-meeting-tuesday-december-6-2022-1100-am-eastern-utc-4",level:2},{value:"Next Cabal Meeting: Thursday November 17, 2022, 11:00 a.m. Eastern (UTC-4)",id:"next-cabal-meeting-thursday-november-17-2022-1100-am-eastern-utc-4",level:2},{value:"Meeting End: 11:56 a.m. Eastern (UTC-4)",id:"meeting-end-1156-am-eastern-utc-4",level:3},{value:"BlueJeans Chat copy/paste:",id:"bluejeans-chat-copypaste",level:2}],$e={toc:Xe},et="wrapper";function tt(e){let{components:t,...n}=e;return(0,ce.kt)(et,(0,Q.Z)({},$e,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting-notes"},"Podman Community Meeting Notes"),(0,ce.kt)("h2",{id:"october-4-2022-1100-am-eastern-utc-5"},"October 4, 2022, 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"attendees-24-total"},"Attendees (24 total)"),(0,ce.kt)("p",null,"Tom Sweeney, Alex Scheel, Luca Di Maio Chris Evich, Ashley Cui, Paul Holzinger, Nalin Dahyabhai, Giuseppe Scrivano, Preethi Thomas, Lokesh Mandvekar, Charlie Doern, Matt Heon, Mark Russell, Miloslav Trmac, Urvashi Mohnani, Mohan Boddu, Mohan Bodu, Eduardo Santiago, Christian Felder, Marcin Skarbek, Lokesh Mandvekar, Marcin Skarbek, Puvi Ganeshar, Stevan Le Meur, Steve Clark, Tim deBoer,"),(0,ce.kt)("h2",{id:"meeting-start-1102-am-edt"},"Meeting Start: 11:02 a.m. EDT"),(0,ce.kt)("h3",{id:"bluejeans-recording"},"BlueJeans ",(0,ce.kt)("a",{parentName:"h3",href:"https://www.youtube.com/watch?v=JNijOHL4_Ko"},"Recording")),(0,ce.kt)("h2",{id:"distrobox-demo"},"Distrobox Demo"),(0,ce.kt)("h3",{id:"luca-di-maio"},"Luca Di Maio"),(0,ce.kt)("h4",{id:"137-in-the-video"},"(1:37 in the video)"),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://podman.io/community/meeting/notes/2022-10-04/distrobox-presentation.pdf"},"Slides"),"\nDistrobox is a simple Posix Shell that wrap around Docker and Podman. It helps to remove the complexity of container runtimes. It is your entire userspace unbound and integrated with the base operating system"),(0,ce.kt)("p",null,"Why not chroot over Podman?"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Simpler to use than pure chroot"),(0,ce.kt)("li",{parentName:"ul"},"Battle-tested container engines"),(0,ce.kt)("li",{parentName:"ul"},"Easy to use image management"),(0,ce.kt)("li",{parentName:"ul"},"Healthy ecosystem of container images ready to use")),(0,ce.kt)("p",null,"Host Integration:"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Wayland an X programs"),(0,ce.kt)("li",{parentName:"ul"},"Audio"),(0,ce.kt)("li",{parentName:"ul"},"SSH and GPG Agent"),(0,ce.kt)("li",{parentName:"ul"},"Automatically Generate Desktop Entries"),(0,ce.kt)("li",{parentName:"ul"},"Launch host's command from container and vice versa")),(0,ce.kt)("p",null,"Usage"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Intuitive management commands:",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"create, enter, list, rm and stop"))),(0,ce.kt)("li",{parentName:"ul"},"Utilities",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"Upgrade will keep all containers up to date"),(0,ce.kt)("li",{parentName:"ul"},"ephemeral create, enter, destroy a temporary container"),(0,ce.kt)("li",{parentName:"ul"},"generate-entry - create a desktop icon")))),(0,ce.kt)("p",null,'Useful for "pet" containers that you don\'t want to remove/recreate all the time.'),(0,ce.kt)("p",null,"Use Cases"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Immutable Desktop",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"Endless OS (",(0,ce.kt)("a",{parentName:"li",href:"https://endlessos.com"},"https://endlessos.com"),")"),(0,ce.kt)("li",{parentName:"ul"},"Fedora Silverblue/Kinoite (https:getfedora.org/it/silverblue/, ",(0,ce.kt)("a",{parentName:"li",href:"https://kinoite.fedoraproject.org"},"https://kinoite.fedoraproject.org"),")"),(0,ce.kt)("li",{parentName:"ul"},"OpenSuse MicroOS (",(0,ce.kt)("a",{parentName:"li",href:"https://microos.opensuse.org"},"https://microos.opensuse.org"),")"),(0,ce.kt)("li",{parentName:"ul"},"SteamOS 3 (https:github.com/ValveSoftware/SteamOS/)"))),(0,ce.kt)("li",{parentName:"ul"},"Minimize base operating system",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"Less moving parts that can break"),(0,ce.kt)("li",{parentName:"ul"},"Userland can be easily replaced"),(0,ce.kt)("li",{parentName:"ul"},"Easier to make reproducible"))),(0,ce.kt)("li",{parentName:"ul"},"Sudoless setups",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"Enterprise setups where you can't be sudo, but you need a package manager. Easy to use Podman rootless containers here."))),(0,ce.kt)("li",{parentName:"ul"},"Mix and Match Distro",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"Custom kernel for abandoned hardware stuck on ancient distribution"),(0,ce.kt)("li",{parentName:"ul"},"Access to the latest software on an LTS/Stable release distribution"),(0,ce.kt)("li",{parentName:"ul"},"Access old software on a bleeding edge distribution: Distrobox ensures compatibility almost 10 years back in time.")))),(0,ce.kt)("p",null,"Diversity"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Host compatiblity with all the major distributions"),(0,ce.kt)("li",{parentName:"ul"},"Container compatibility with over 60 combinations of distributions and major versions"),(0,ce.kt)("li",{parentName:"ul"},"Mix and match distributions and version to enhance software availability.")),(0,ce.kt)("p",null,"Demo - (8:45 in the video)"),(0,ce.kt)("p",null,"Using Distrobox, quickly setup a container and he showed what was going on within the container. Including the local system user getting to their systemctl."),(0,ce.kt)("p",null,"The distrobox daemon starts in user space and can easily be used by the user who owns it."),(0,ce.kt)("p",null,"Distrobox also supports rootful containers with the ",(0,ce.kt)("inlineCode",{parentName:"p"},"--root")," option."),(0,ce.kt)("p",null,"Flexibility comes from the Podman side and Distrobox simiplifies the Podman command line for those that don't want to fully invest, but want the container experience. It also includes a ",(0,ce.kt)("inlineCode",{parentName:"p"},"--dry-run")," option to try the commands in advance."),(0,ce.kt)("p",null,"Heavily inspired from containers tool box on SilverBlue, but he needed more than that offered and that was where Distrobox was born. Core concept is the same he thought it might be easier to do at the entrypoints and a few other options that have caused a divergence. Toolbox is Fedora oriented with a dedicated image for it to work, Distrobox works with a number of cloud images. Currently about 65 different images work with it, Debian, ClearLinux, Gentoo and more."),(0,ce.kt)("p",null,"Running ClearLinux under Distrobox turned out to be faster than the host machine due to the ClearLinux optimizations."),(0,ce.kt)("h2",{id:"vault-test-suite"},"Vault Test Suite"),(0,ce.kt)("h3",{id:"alex-scheel"},"Alex Scheel"),(0,ce.kt)("h4",{id:"2301-in-the-video"},"(23:01 in the video)"),(0,ce.kt)("p",null,"Working for Hashicorp and working on the Vault project there."),(0,ce.kt)("p",null,"Demo - (25:26 in the video)"),(0,ce.kt)("p",null,"He had problems running Podman on a test suite and dove into it."),(0,ce.kt)("p",null,"He uses Podman on Ubuntu currently, had run on Fedora and noticed that Docker was being run so, enabled the podman.socket in the test suite."),(0,ce.kt)("p",null,"Some of his containers in Docker used a lot of memory and sometimes failed, yet when he changed to Podman that was no longer an issue."),(0,ce.kt)("p",null,"He ran into timeouts with Podman due to networks that Podman were trying to use but docker-radius in the environment was ignoring the requests. He added a PR to docker-radius, but it has yet to be accepted."),(0,ce.kt)("p",null,"His CI was spinning up Docker processes and that was failing in the environment too."),(0,ce.kt)("p",null,"He used a big hammer and changed the entrypoing to docker-radius to sleep. Probably not optimal, but it does work."),(0,ce.kt)("p",null,"He wanted to change Podman api calls to cli calls and the answer was to build a tarball. He built a way to create a context from code within the test case . Build the tarball, set it ups and send it along. So that removed the hack of doing the echo to the container writing the sleep."),(0,ce.kt)("p",null,"He can spin up a Vault test cluster, issue certs, and drop it into an nginx container. That spawns a container with the particular info that Vault needs."),(0,ce.kt)("p",null,"He's then able to copy the files that he needs into the containers, so they don't have to build the image each time. Especially so for certificates. Guven, they're on containers, they can run in parallel."),(0,ce.kt)("p",null,"He'd like to expose the vault cluster to talk to the test containers. Future work for Alex. He's thinking that he may need to use another container to do that communication."),(0,ce.kt)("h2",{id:"podman-on-mac-installer-update"},"Podman on Mac Installer Update"),(0,ce.kt)("h3",{id:"ashley-cui"},"Ashley Cui"),(0,ce.kt)("h4",{id:"4250-in-the-video"},"(42:50 in the video)"),(0,ce.kt)("p",null,"We have a packages installer and our building packages on GitHub. Signed for all of our releases and unsigned for RCs. So no need for Brew. It's all in GitHub."),(0,ce.kt)("h2",{id:"open-forumquestions"},"Open Forum/Questions?"),(0,ce.kt)("h4",{id:"4434-in-the-video"},"(44:34 in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Puvi running Jenkin builds daily. Spins up containers on a cluster. Trying to move to Podman from Docker due to the Dockershim being deprecated. They're using the DOcker.socket and want to use Podman, as the socket isn't secure. They tried rootless, but it's much slower due to the network. Worked much better in rootful and dropped fuse."),(0,ce.kt)("p",{parentName:"li"},"Luca suggested using a mount point which should help, but you have to watch if concurrent builds are in play."),(0,ce.kt)("p",{parentName:"li"},"Puvi is trying NFS mounts, but in Amazon, he'd have to use AFS, which is slow and costly."),(0,ce.kt)("p",{parentName:"li"},"Luca and Puvi discussed a number of configs to try, and that have been tried. Work ongoing."))),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"NA")),(0,ce.kt)("h2",{id:"next-meeting-tuesday-december-6-2022-1100-am-eastern-utc-4"},"Next Meeting: Tuesday December 6, 2022, 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"next-cabal-meeting-thursday-november-17-2022-1100-am-eastern-utc-4"},"Next Cabal Meeting: Thursday November 17, 2022, 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"meeting-end-1156-am-eastern-utc-4"},"Meeting End: 11:56 a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"bluejeans-chat-copypaste"},"BlueJeans Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Me11:00 AM\nhttps://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nMe11:06 AM\nhack md, please sign in: https://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nMark Russell11:23 AM\nThis is super cool\nalegrey9111:23 AM\nGreat too!\nLokesh Mandvekar11:29 AM\nis it just me hearing choppy audio ?\nMark Russell11:29 AM\nseems ok here\nLokesh Mandvekar11:29 AM\nack, thanks\nAshley Cui11:47 AM\nhttps://github.com/containers/podman/releases/tag/v4.2.1\nChristian Felder11:49 AM\naarch64 is meant to be used on Apple Silicon M1?\nMatt Heon11:51 AM\n@Christian Felder Yes\nChristian Felder11:57 AM\nThanks!\nAlex Scheel - HCP11:57 AM\nThank you!\nMohan Boddu11:58 AM\nThanks!\n")))}tt.isMDXComponent=!0;const nt={},at="Podman Community Cabal Meeting Notes",ot=[{value:"February 16, 2023 11:00 a.m. Eastern",id:"february-16-2023-1100-am-eastern",level:2},{value:"February 16, 2023 Topics",id:"february-16-2023-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"Podman Default Network: Enable DNS by default (0:57 in the video) - Matt Heon",id:"podman-default-network-enable-dns-by-default-057-in-the-video---matt-heon",level:3},{value:"Open discussion (29:17 in the video)",id:"open-discussion-2917-in-the-video",level:4},{value:"Next Meeting: Thursday, March 16, 2023, 11:00 a.m. EDT (UTC-5)",id:"next-meeting-thursday-march-16-2023-1100-am-edt-utc-5",level:3},{value:"Possible Topics",id:"possible-topics",level:2},{value:"Next Community Meeting: Tuesday, April 4, 2023, 11:00 a.m. EDT (UTC-4)",id:"next-community-meeting-tuesday-april-4-2023-1100-am-edt-utc-4",level:3},{value:"Possible Topics:",id:"possible-topics-1",level:3}],it={toc:ot},st="wrapper";function rt(e){let{components:t,...n}=e;return(0,ce.kt)(st,(0,Q.Z)({},it,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("p",null,"Attendees: Matt Heon, Nalin Dahyabhai, Paul Holzinger, Lokesh Mandvekar, Valentin Rothberg, Eduardo Santiago, Giuseppe Scrivano, Aditya Rajan, Preethi Thomas, Ashley Cui, Brent Baude, Chris Evich, Urvashi Mohnani, Martin Jackson, Max Ehlers, Matthew McComas, Peter Buffon"),(0,ce.kt)("h2",{id:"february-16-2023-1100-am-eastern"},"February 16, 2023 11:00 a.m. Eastern"),(0,ce.kt)("h2",{id:"february-16-2023-topics"},"February 16, 2023 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Podman Default Network: Enable DNS by default - Matt Heon")),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://youtu.be/Rn8SKgubXQ4"},"Recording")),(0,ce.kt)("p",null,"Meeting start: 11:02 a.m. Thursday, February 16, 2023"),(0,ce.kt)("h3",{id:"podman-default-network-enable-dns-by-default-057-in-the-video---matt-heon"},"Podman Default Network: Enable DNS by default (0:57 in the video) - Matt Heon"),(0,ce.kt)("p",null,"We currently don't currently start DNS on the container by default. So you can't talk to other containers by name."),(0,ce.kt)("p",null,"The question is, going forward, should we turn it on by default?"),(0,ce.kt)("p",null,"Paul thinks the concern might be having a DNS server running on each container."),(0,ce.kt)("p",null,"Brent thinks this will be a performance hit as another service will need to be run, and an up/down check will need to be run also."),(0,ce.kt)("p",null,'Docker compose on Podman currently runs on a network without DNS, so we may need to adjust. The "play kube" command may also need to be adjusted.'),(0,ce.kt)("p",null,"DNS is complex, and the more enablement you do, the more problems that can be encountered. Brent is concerned."),(0,ce.kt)("p",null,"Matt noted that only startup performance and shutdown performance that should be impacted the most. Paul thinks there may be extra latency for the first request."),(0,ce.kt)("p",null,"Valentin thinks we have had enough questions from customers asking why DNS doesn't work out of the gate, that it is worth looking into."),(0,ce.kt)("p",null,"Matt noted that changing the default network will be pretty trivial."),(0,ce.kt)("p",null,"Giuseppe asked if there is a security concern with containers being able to use DNS. Paul thinks that we're only providing name resolution, but it's not that much different than allowing for IP communication between containers."),(0,ce.kt)("p",null,"Paul thinks we should do a study of the plusses and minuses of the change and then make a decision from there. Regardless, we should make the selection process of the default network a be one-line change for ease of use."),(0,ce.kt)("p",null,"Matt would like to do it as it's an advantage over what Docker does He thinks it's a straight enhancement over Docker."),(0,ce.kt)("p",null,"Matt is proposing having Netavark set as default DNS to on, while CNI would remain as not defaulting to DNS."),(0,ce.kt)("p",null,"The question is, should this change, if it goes forward, go into a Podman 4.","*"," release, or the Podman 5.0 release? Is it a breaking change? Paul leans towards 5.0."),(0,ce.kt)("p",null,"Paul pointed out that we can't do this for CNI as it would break some functionality there."),(0,ce.kt)("p",null,"The leaning is toward implementing this at Podman v5.0 and making it easily configurable."),(0,ce.kt)("p",null,"Brent's concern is will the average user be able to update the conf file. He thinks it's easy to do, but finding it is sometimes hard to locate. Should we make it configurable from Podman itself? We could do a network-update command in Podman, or allow the user to configure it via a Podman command."),(0,ce.kt)("p",null,"Plumbing work to happen in the near future, final switch on Podman v5.0?"),(0,ce.kt)("h4",{id:"open-discussion-2917-in-the-video"},"Open discussion (29:17 in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Max asked about the WireGuard PR for Netavark.")),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/netavark/pull/472"},"Netavark PR")),(0,ce.kt)("p",null,"We had marked it as experimental. Paul says he hasn't had the time to do a proper review due to the size and the lack of WireGuard experience."),(0,ce.kt)("p",null,"Brent suggested that we might merge it, marking it as experimental, and then building some kind of gate around it."),(0,ce.kt)("p",null,"Brent and Matt will review it and work to make it in. Brent asked if Paul thought there was enough documentation surrounding it, especially pointers to WireGuard itself."),(0,ce.kt)("p",null,"Many thanks to Max for his contribution."),(0,ce.kt)("h3",{id:"next-meeting-thursday-march-16-2023-1100-am-edt-utc-5"},"Next Meeting: Thursday, March 16, 2023, 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h2",{id:"possible-topics"},"Possible Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"})),(0,ce.kt)("h3",{id:"next-community-meeting-tuesday-april-4-2023-1100-am-edt-utc-4"},"Next Community Meeting: Tuesday, April 4, 2023, 11:00 a.m. EDT (UTC-4)"),(0,ce.kt)("h3",{id:"possible-topics-1"},"Possible Topics:"),(0,ce.kt)("p",null,"Meeting finished 11:40 a.m."),(0,ce.kt)("p",null,"Raw Meeting Chat:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"The raw chat was not captured.\n")))}rt.isMDXComponent=!0;const lt={},ht="Podman Community Meeting",dt=[{value:"November 3, 2020 11:00 a.m. Eastern",id:"november-3-2020-1100-am-eastern",level:2},{value:"Attendees (36 total)",id:"attendees-36-total",level:3},{value:"Meeting Start: 11:03 a.m.",id:"meeting-start-1103-am",level:2},{value:"BlueJeans Recording",id:"bluejeans-recording",level:3},{value:"boot2podman/podman-machine",id:"boot2podmanpodman-machine",level:2},{value:"Anders Bj\xf6rklund",id:"anders-bj\xf6rklund",level:3},{value:"rise and fall of boot2podman",id:"rise-and-fall-of-boot2podman",level:4},{value:"Basically a varlink post-mortem",id:"basically-a-varlink-post-mortem",level:4},{value:"(1:40 in the video)",id:"140-in-the-video",level:5},{value:"What Red Hat Thinks - Design directions",id:"what-red-hat-thinks---design-directions",level:2},{value:"Brent Baude",id:"brent-baude",level:3},{value:"(20:55 in the video)",id:"2055-in-the-video",level:5},{value:"Short Image Name Pulling Demo",id:"short-image-name-pulling-demo",level:2},{value:"Valentin Rothberg",id:"valentin-rothberg",level:3},{value:"(27:30 in the video)",id:"2730-in-the-video",level:5},{value:"Questions?",id:"questions",level:2},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday December 1, 2020, 11:00 a.m. Eastern (UTC-5)",id:"next-meeting-tuesday-december-1-2020-1100-am-eastern-utc-5",level:2},{value:"Meeting End: 12:14 p.m.",id:"meeting-end-1214-pm",level:2},{value:"BlueJeans Chat copy/paste:",id:"bluejeans-chat-copypaste",level:2}],ut={toc:dt},mt="wrapper";function ct(e){let{components:t,...n}=e;return(0,ce.kt)(mt,(0,Q.Z)({},ut,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting"},"Podman Community Meeting"),(0,ce.kt)("h2",{id:"november-3-2020-1100-am-eastern"},"November 3, 2020 11:00 a.m. Eastern"),(0,ce.kt)("h3",{id:"attendees-36-total"},"Attendees (36 total)"),(0,ce.kt)("p",null,"Tom Sweeney, Brent Baude, Anders Bj\xf6rklund (afbjorklund), Greg Shomo, sshnaidm, Jordan Christiansen (xordspar0), Ralf Haferkamp, Paul Holzinger, Giuseppe Scrivano, Shenghao Yang, Ashley Cui, Brett Tofel, Alex Litvak, Nalin Dahyabhai, Qi Wang, Scott McCarty, Lokesh Mandvekar, Ed Haynes, Valentin Rothberg, Christian Felder, Holger Gantikow, James Cassell, Dan Walsh, Peter Hunt, Urvashi Mohnani"),(0,ce.kt)("h2",{id:"meeting-start-1103-am"},"Meeting Start: 11:03 a.m."),(0,ce.kt)("h3",{id:"bluejeans-recording"},"BlueJeans ",(0,ce.kt)("a",{parentName:"h3",href:"https://bluejeans.com/s/PwWkFkPIlI6"},"Recording")),(0,ce.kt)("h2",{id:"boot2podmanpodman-machine"},"boot2podman/podman-machine"),(0,ce.kt)("h3",{id:"anders-bj\xf6rklund"},"Anders Bj\xf6rklund"),(0,ce.kt)("h4",{id:"rise-and-fall-of-boot2podman"},"rise and fall of boot2podman"),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://boot2podman.github.io/"},"https://boot2podman.github.io/")),(0,ce.kt)("h4",{id:"basically-a-varlink-post-mortem"},"Basically a varlink post-mortem"),(0,ce.kt)("h5",{id:"140-in-the-video"},"(1:40 in the video)"),(0,ce.kt)("p",null,"Anders talked about his work in containers starting with chroot to jails, to zones, to openVZ, to LX and finally to Docker. Slide Deck ",(0,ce.kt)("a",{parentName:"p",href:"https://boot2podman.github.io/assets/Boot2PodmanProject.pdf"},"here"),"."),(0,ce.kt)("p",null,"Within Docker, runc, containerd and Moby project."),(0,ce.kt)("p",null,"What was very interesting to him was the boot2docker, a lightweight distribution based on Tiny Core Linux made specifically to run Docker containers. This was productized into the Docker toolbox."),(0,ce.kt)("p",null,"Base.Tiny Core Linux which runs on multiple architectures."),(0,ce.kt)("p",null,"His boot2podman project was to try and emulate boot2docker. Used a custom kernel, add-on initrd and build tools."),(0,ce.kt)("p",null,"When running containers from scratch you need kernel, build, packages (runc, Podman, conmon, cni-plugins, varlink Buildah, Skopeo) and others such as ssh. Varlink was used to run remote connections for Podman."),(0,ce.kt)("p",null,"Varlink tool and library talks to different interfaces and runs on a socket."),(0,ce.kt)("p",null,"Machine lets you create Podman hosts on computer, it creates servers with Podman on them, then configures the Podman client to talk to them."),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Docker to Podman conversion"),(0,ce.kt)("li",{parentName:"ul"},"Drop support for Swarm"),(0,ce.kt)("li",{parentName:"ul"},"Add the driver for QEMU"),(0,ce.kt)("li",{parentName:"ul"},"Drop support for cloud")),(0,ce.kt)("p",null,"boot2docker was recently deprecated and move to unmaintained image. boot2podman also deprecated due to varlink being replaced with REST API."),(0,ce.kt)("p",null,"Anders then ran a ",(0,ce.kt)("a",{parentName:"p",href:"https://boot2podman.github.io/2020/11/03/boot2podman-project.html"},"demo")," ",(0,ce.kt)("strong",{parentName:"p"},"(16:00 in video)"),". He does not yet have support for V2 Podman, but in the works."),(0,ce.kt)("h2",{id:"what-red-hat-thinks---design-directions"},"What Red Hat Thinks - Design directions"),(0,ce.kt)("h3",{id:"brent-baude"},"Brent Baude"),(0,ce.kt)("h5",{id:"2055-in-the-video"},"(20:55 in the video)"),(0,ce.kt)("p",null,"Determing priorities"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Resolve migration hurdles from Docker to Podman",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"Number 1 focus of the team at the moment."))),(0,ce.kt)("li",{parentName:"ul"},"What are we hearing?"),(0,ce.kt)("li",{parentName:"ul"},"What do we know?")),(0,ce.kt)("p",null,"The following is not a commitment from Red Hat, but what we think and hope to do."),(0,ce.kt)("p",null,"How we work"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Stakeholders",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"Upstream"),(0,ce.kt)("li",{parentName:"ul"},"Product Management"),(0,ce.kt)("li",{parentName:"ul"},"Distribution and OpenShfit"))),(0,ce.kt)("li",{parentName:"ul"},"Agile driven",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"3 week sprints"))),(0,ce.kt)("li",{parentName:"ul"},"Complications",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"No easy bugs"),(0,ce.kt)("li",{parentName:"ul"},"Bug counts")))),(0,ce.kt)("p",null,"Short Names (see next topic)"),(0,ce.kt)("p",null,"Upcoming priorities."),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},'Possible now with "compatibilty" RESTful interface'),(0,ce.kt)("li",{parentName:"ul"},"CI testing to prevent regressions",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"No obvious framework for using docker-py tests",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"Problems using swarm, working through that."))),(0,ce.kt)("li",{parentName:"ul"},"Wrote testsuite but needs completion"))),(0,ce.kt)("li",{parentName:"ul"},"Linchpin - Opens up possibilities for other applications.",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"Grype, for example, a vulnerbality scanner that uses docker-py that ran into an issue and has been addressed.")))),(0,ce.kt)("p",null,"Volume plugins\n",(0,ce.kt)("em",{parentName:"p"}," Ongoing requirement from users and customers\n")," Compatible with Docker"),(0,ce.kt)("p",null,"Docker compose\n",(0,ce.kt)("em",{parentName:"p"}," Ongoing requirement from users and customers\n")," podman-compose\n",(0,ce.kt)("em",{parentName:"p"}," Getting close\n")," Podman generate and play kube is strategic future."),(0,ce.kt)("p",null,"Network Alias\n",(0,ce.kt)("em",{parentName:"p"}," Longstanding upstream request\n")," ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman run --network-alias foo1 ..."),"\n",(0,ce.kt)("em",{parentName:"p"}," Wired into dnsname plugin.\n")," Backend and Frontend WIP PR's exist.\n",(0,ce.kt)("em",{parentName:"p"}," Opens up network connect and disconnect.\n")," Work is ongoing and needed for docker-compose."),(0,ce.kt)("p",null,"Clone (rename) containers\n",(0,ce.kt)("em",{parentName:"p"}," Longstanding upstream request\n")," Challenges our architecture where container description are immutable."),(0,ce.kt)("p",null,"Secrets\n",(0,ce.kt)("em",{parentName:"p"},' Add "secrets" to a container\n')," Lots of open-ended questions here yet, but design meeting pending. Ashley Cui driving."),(0,ce.kt)("p",null,"Mount image into container ","*"," Convenience command to allwo mounting of an image into a container in a single step."),(0,ce.kt)("p",null,"Help Needed"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Keeping bugs below 200."),(0,ce.kt)("li",{parentName:"ul"},"Need community to help us balance bugs and new features.\n",(0,ce.kt)("em",{parentName:"li"}," Reproducers alone are very helpful!\n")," Answer questions\n",(0,ce.kt)("em",{parentName:"li"}," Submit fixes\n")," Blogs"),(0,ce.kt)("li",{parentName:"ul"},"RESTful compatibilty endpoint for archive"),(0,ce.kt)("li",{parentName:"ul"},"Secure implementation of 'cp' for podman-remote"),(0,ce.kt)("li",{parentName:"ul"},"podman-py")),(0,ce.kt)("p",null,"(Note for Brent: Look into docker log drivers.)"),(0,ce.kt)("h2",{id:"short-image-name-pulling-demo"},"Short Image Name Pulling Demo"),(0,ce.kt)("h3",{id:"valentin-rothberg"},"Valentin Rothberg"),(0,ce.kt)("h5",{id:"2730-in-the-video"},"(27:30 in the video)"),(0,ce.kt)("p",null,'Valentin took over in the middle of Brent\'s talk.\n"debian" vs fully qualified "docker.io/library/debian:latest"'),(0,ce.kt)("p",null,"Ambiguity when completing short names, uses /etc/containers/registries.conf to determine where to pull from."),(0,ce.kt)("p",null,"Risk of hitting a malicious repository"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Depends on order of registries in list"),(0,ce.kt)("li",{parentName:"ul"},"registry.fedorproject.io, ..., docker.io")),(0,ce.kt)("p",null,"Solution: short name aliasing and prompting"),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/shortnames"},"https://github.com/containers/shortnames")," for more info."),(0,ce.kt)("p",null,"Valentin ran a demo on short names."),(0,ce.kt)("p",null,"This is to ship with Podman v2.2 along with a blog post describing it."),(0,ce.kt)("p",null,"(A number of questions in bluejeans chat on shortnames, see below.)"),(0,ce.kt)("h2",{id:"questions"},"Questions?"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Marcin Skarbek having problems starting a container in Podman v2.0.5. New issue incoming. Brent believes fixed by changes in upstream."),(0,ce.kt)("li",{parentName:"ol"},"Jordan Christiansen asked about podman play kube volume support. Peter Hunt said to report an issue if problem found which he suspects there is."),(0,ce.kt)("li",{parentName:"ol"},"Shenghao Yang asked about fuse-overlayfs to store in a NFS use case. The goal is to get there. Experimental now due to the uids that come into play. Long term goal is to get NFS to understand and use usernamespace safely.")),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("p",null,"None suggested, happy to take some! (",(0,ce.kt)("a",{parentName:"p",href:"mailto:tsweeney@redhat.com"},"tsweeney@redhat.com"),")"),(0,ce.kt)("h2",{id:"next-meeting-tuesday-december-1-2020-1100-am-eastern-utc-5"},"Next Meeting: Tuesday December 1, 2020, 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h2",{id:"meeting-end-1214-pm"},"Meeting End: 12:14 p.m."),(0,ce.kt)("h2",{id:"bluejeans-chat-copypaste"},"BlueJeans Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"tsweeney10:56 AM\nHackMD for notes and questions, please sign in there at the top! https://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nScott McCarty11:05 AM\nHello everyone!\nChristian Felder11:27 AM\nI don't want to interrupt the current session, but I've a question regarding boot2podman: If you publish a port is it published just on box or on the host as well?\nDAN (ME)11:29 AM\nWe connect via ssh tunnel, so no open ports on the VM by default.\nOther then ssh port.\nPodman v2 listens on local unix domain socket, and podman-remote uses ssh under the covers to connect to this unix domain socket.\nChristian Felder11:29 AM\nok... that's a bit different from the docker experience... if you use docker run -p it is published on the host although there is this vm behind the scenes\nafbjorklund11:30 AM\ndocker-machine opens 22 and 2376, but podman-machine does everything over 22 - although tunneled to a random local port\nDAN (ME)11:30 AM\nYou can setup Podman to listen on random ports, but we discourage this because of the security risks.\nafbjorklund11:30 AM\nthere is no publishing on the laptop, that is docker desktop rather than docker toolbox\n(when using docker-machine that was)\nmheon11:31 AM\n@Christian - ports are only published on the VM now.\nI think Dan is confusing port mapping and the API port\nDAN (ME)11:31 AM\nafbjorklund nice job on the presentation.\nafbjorklund11:31 AM\nthanks! it'll be on the blog site eventually\nDAN (ME)11:31 AM\nmheon I am talking about which port the podman socket listens on\nChristian Felder11:32 AM\nok from my experience I could telnet to a port on localhost (on the host machine) when using the docker-cli, e.g. docker run -p ...\nmheon11:32 AM\n@Dan I'm fairly certain the question is about `-p` for podman run\n@Christian - yes, that's not implemented yet\nChristian Felder11:32 AM\nalright thanks\nmheon11:33 AM\nI'd love to get it working, but there are only so many engineers on the project right now\nafbjorklund11:33 AM\nwhen you use this docker-machine/podman-machine setup, anything that you publish is available on the VM IP (rather than 127.0.0.1)\nChristian Felder11:33 AM\nthanks afbjorklund that was what i expected. I did a similar setup with podman-remote and a custom vm\nafbjorklund11:34 AM\nsome details are on https://github.com/boot2podman/machine\nAlex Litvak11:35 AM\nmissed previous speaker, will the video be posted ?\nDAN (ME)11:35 AM\nyes\nMe11:35 AM\nAlex, yes it will. At least a link on podman.io\nAlex Litvak11:35 AM\nthanks\nChristian Felder11:37 AM\ndocker.io/mariadb:latest -> docker.io/library/mariadb:latest (is the first a shortname as well?)\nmheon11:38 AM\n@Christian - It has a repository in it explicitly, so I would say no\nJames Cassell11:39 AM\ndoes it support cascading configs? can a user override only part of the system config?\nmheon11:39 AM\nI'll leave that one to Valentin\nDAN (ME)11:40 AM\nJames we will leave it to distros to choose which shortnames they want to ship by default.\nValentin Rothberg11:40 AM\n@Christian: Matt is right. docker.io/foo is a special case as Docker normalizes with library/\n@James: the registries.conf supports drop-in config files that allow to override previous entries\nDAN (ME)11:41 AM\ngithub.com/contaiers/shortnames, is just for disto based images at this point. If fedora wants to defaul mariadb to a fedora version, then this is up to fedora.\nValentin Rothberg11:41 AM\n`man containers-registries.conf.d` is the place to look\nChristian Felder11:42 AM\nI just stumbled accross this when using podman_image modules for ansible which checks for the image name because the code checks for the image name which changes when pulling from the shorter url which resolves to docker.io/library/...\nthanks for your answers\nJames Cassell11:43 AM\nthanks! drop-ins are great\nJames Cassell11:45 AM\nif docker-compose compat REST API works, does it make podman-compose irrelevant, since folks can just use the docker-compose binary to talk to podman?\nJames Cassell11:45 AM\nhttps://hackmd.io/fc1zraYdS0-klJ2KJcfC7w (reposting link from start)\nChristian11:46 AM\ndo you have an example of what won't be possible with docker-compose / docker-py ?\nmheon11:46 AM\nFor docker-py - anything in the Swarm APIs\nRenaming containers\nThose are the big two\nNetworking will have some limits for now but I think we can work through those\nAlex Litvak11:47 AM\nare docker log drivers a part ofthe picture?\nChristian11:48 AM\nthanks!\nafbjorklund11:57 AM\npodman-py, not to be confused with pypodman :-)\nmheon11:57 AM\nLesson here: Don't let engineers name things\nSagi Shnaidman11:59 AM\nYou can demonstrate podman modules for Ansible, for example :)\nafbjorklund12:00 PM\nit should be noted that minikube has support for podman, so you can use podman in order to run \"real\" kubernetes too\n(both podman v1 and v2 as of lately)\n`minikube start --driver=podman`\nGreg Shomo (Northeastern University)12:03 PM\nthank you all for your time\nErik Bernoth12:11 PM\nthanks for the greet meeting, have to leave. Bye\nafbjorklund12:13 PM\nPosted slides and demos on the boot2podman site\nMe12:13 PM\nThanks AB!\n")))}ct.isMDXComponent=!0;const pt={},gt="Podman Community Meeting",yt=[{value:"May 4, 2021 11:00 a.m. Eastern (UTC-4)",id:"may-4-2021-1100-am-eastern-utc-4",level:2},{value:"Attendees (36 total)",id:"attendees-36-total",level:3},{value:"May the Fourth be with You! - podman run --rm -it -e mode=stdout quay.io/tomsweeneyredhat/asciistarwars:latest",id:"may-the-fourth-be-with-you---podman-run---rm--it--e-modestdout-quayiotomsweeneyredhatasciistarwarslatest",level:4},{value:"Meeting Start: 11:05 a.m.",id:"meeting-start-1105-am",level:2},{value:"BlueJeans Recording",id:"bluejeans-recording",level:3},{value:"Podman and IPv6 Status",id:"podman-and-ipv6-status",level:2},{value:"Matt Heon",id:"matt-heon",level:3},{value:"(1:49 in the video)",id:"149-in-the-video",level:4},{value:"Running Docker, Podman, and even Kubernetes inside rootless Podman containers",id:"running-docker-podman-and-even-kubernetes-inside-rootless-podman-containers",level:2},{value:"Cesar Talledo - Nestybox",id:"cesar-talledo---nestybox",level:3},{value:"(5:10 in the video)",id:"510-in-the-video",level:4},{value:"Demo (20:55 in the video)",id:"demo-2055-in-the-video",level:5},{value:"Podman Python Client Demo",id:"podman-python-client-demo",level:2},{value:"Jhon Honce",id:"jhon-honce",level:3},{value:"(33:45 in the video)",id:"3345-in-the-video",level:4},{value:"Demo (40:32 in the video)",id:"demo-4032-in-the-video",level:5},{value:"Questions?",id:"questions",level:2},{value:"(47:30 in the video)",id:"4730-in-the-video",level:4},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday June 1, 2021, 11:00 a.m. Eastern (UTC-4)",id:"next-meeting-tuesday-june-1-2021-1100-am-eastern-utc-4",level:2},{value:"Meeting End: 11:55 a.m. Eastern (UTC-4)",id:"meeting-end-1155-am-eastern-utc-4",level:3},{value:"BlueJeans Chat copy/paste:",id:"bluejeans-chat-copypaste",level:2}],kt={toc:yt},wt="wrapper";function ft(e){let{components:t,...n}=e;return(0,ce.kt)(wt,(0,Q.Z)({},kt,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting"},"Podman Community Meeting"),(0,ce.kt)("h2",{id:"may-4-2021-1100-am-eastern-utc-4"},"May 4, 2021 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"attendees-36-total"},"Attendees (36 total)"),(0,ce.kt)("p",null,"Tom Sweeney, Brent Baude, Jhon Honce, Dan Walsh, Chris Evich, Lokesh Mandvekar, Urvashi Mohnani, Nalin Dahyabhai, Eduardo Santiago, Matt Heon, Ashley Cui, Giuseppe Scrivano, Anders Bj\xf6rklund, Paul Holzinger, Greg Shomo, Scott McCarty, Ed Haynes, Christian Felder, Eduardo Vega, Alex Litvak, Holger Gantikow"),(0,ce.kt)("h4",{id:"may-the-fourth-be-with-you---podman-run---rm--it--e-modestdout-quayiotomsweeneyredhatasciistarwarslatest"},"May the Fourth be with You! - ",(0,ce.kt)("inlineCode",{parentName:"h4"},"podman run --rm -it -e mode=stdout quay.io/tomsweeneyredhat/asciistarwars:latest")),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://www.redhat.com/sysadmin/may-fourth-podman"},"May the 4th Article")),(0,ce.kt)("h2",{id:"meeting-start-1105-am"},"Meeting Start: 11:05 a.m."),(0,ce.kt)("h3",{id:"bluejeans-recording"},"BlueJeans ",(0,ce.kt)("a",{parentName:"h3",href:"https://bluejeans.com/s/Qq_IsjrnOaG"},"Recording")),(0,ce.kt)("h2",{id:"podman-and-ipv6-status"},"Podman and IPv6 Status"),(0,ce.kt)("h3",{id:"matt-heon"},"Matt Heon"),(0,ce.kt)("h4",{id:"149-in-the-video"},"(1:49 in the video)"),(0,ce.kt)("p",null,"Working on improving Podman IPv6 support, the ability to set multiple static IP addresses for a cotainer, this will allow Podman to do --ip and --ipv6 on the same containers so you can have static IPs for both network types. Also work ongoing for different ip's at the same time for one container on different network types (one v4 and one v6 per network)."),(0,ce.kt)("p",null,"Support being worked on to allow Podman to automatically set IPv6 as the default network. The current default network does not support IPv6 at all. Working on improving support IPv6 in ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman network")," so via configuration options, you'll be able to automatically assign using this command."),(0,ce.kt)("p",null,"No work on IPv6 port forwarding in the next release, but sometime in the future. Looking at Podman v3.3 for delivery of the IPv6 improvements. Next relase v3.2 rc1 is being cut tomorrow."),(0,ce.kt)("h2",{id:"running-docker-podman-and-even-kubernetes-inside-rootless-podman-containers"},"Running Docker, Podman, and even Kubernetes inside rootless Podman containers"),(0,ce.kt)("h3",{id:"cesar-talledo---nestybox"},"Cesar Talledo - ",(0,ce.kt)("a",{parentName:"h3",href:"https://www.nestybox.com/"},"Nestybox")),(0,ce.kt)("h4",{id:"510-in-the-video"},"(5:10 in the video)"),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman.io/blob/main/community/meeting/notes/2021-05-04/sysbox-podman-community-meeting.pdf"},"slides")),(0,ce.kt)("p",null,"Podman integrated to running system level software inside of rootless containers."),(0,ce.kt)("p",null,"Developers of the Sysbox runtime, founders of Nestybox."),(0,ce.kt)("p",null,"Enhance containers to run most workloads that run in VMs, seamlessly and with strong isolation."),(0,ce.kt)("p",null,"systemd, Docker, Podman and K8s, etc are the system workloads they're looking to run, seamlessly and with strong isolation."),(0,ce.kt)("p",null,"A command like ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman run --userns=auto:size=65536 -it any-image")," could run a container running any system, easy, powerful and secure."),(0,ce.kt)("p",null,"They made the changes with sysbox-runc. Strong isolation (Linux User Namespace), Runs same workloads on VMs, seamlessly. No special images."),(0,ce.kt)("p",null,"OpenSource software."),(0,ce.kt)("p",null,"Features:\nUsernamespace on all containers\nfile-system ID shifting (shiftfs now, ID-mapped mounts soon)\nprocfs and sysfs virtualization\nsyscall interception\nInitial mount locking\nEasy preloading of inner container images\nSharing inner container images across Sysbox containers.\nEasy to load inner container images\nAllows for shared disk space of inner container images"),(0,ce.kt)("p",null,"Limitations\nLinux only\nNeed 5.5+, Ubuntu 5.0+\n90% OCI compatible\nSets up container environments to enable it to run system software, for instance '--privilege' option won't work, but that makes sense.\nSome workloads don't run inside the containers\nIPvs, kernel module loading, etc.\nSysbox is a daemon that must run as root."),(0,ce.kt)("p",null,"Tries not to get in the way of the syscalls"),(0,ce.kt)("h5",{id:"demo-2055-in-the-video"},"Demo (20:55 in the video)"),(0,ce.kt)("p",null,"Prefers Ubuntu, but deals with other linux."),(0,ce.kt)("p",null,"systemctl start sysbox\nsudo podman run --runtime=sysbox-runc -it --rm --userns=auto:size=65536 --hostname=syscont nestybox/ubuntu-bionic-systemd-docker"),(0,ce.kt)("p",null,"Showed the inside of the container with Docker already running, all inside the container."),(0,ce.kt)("p",null,"Solving a container with limit to cgroup with certain memory, then that's what you should see. They want to hide as much info of the host from inside the container."),(0,ce.kt)("p",null,(0,ce.kt)("strong",{parentName:"p"},"Summary")),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Currently runing system sofware in containers requires\n Insecure (privileged) containers\n Complex container images and commands\n\nWe need to change this\n Enables powerful use cases for containers (beyond micro-service deployment)\n\nSysbox is a next-gen runc designed for this.\n\nEnterprises are using it to replace VMs in many scenarios.\n")),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://github.com/nestybox/sysbox"},"Nestybox GitHub")),(0,ce.kt)("h2",{id:"podman-python-client-demo"},"Podman Python Client Demo"),(0,ce.kt)("h3",{id:"jhon-honce"},"Jhon Honce"),(0,ce.kt)("h4",{id:"3345-in-the-video"},"(33:45 in the video)"),(0,ce.kt)("p",null,"Python bindings are modeled after Docker py. Wanted to allow people to run their Docker py scripts."),(0,ce.kt)("p",null,"Podman py is up on ",(0,ce.kt)("a",{parentName:"p",href:"https://pypi.org/project/podman-py/"},"Pypi")," and ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman-py/blob/main/contrib/examples/demo.py"},"Demo")," on repo in GitHub."),(0,ce.kt)("p",null,"Python Podman going through the packagin process for Fedora now, RHEL later."),(0,ce.kt)("h5",{id:"demo-4032-in-the-video"},"Demo (40:32 in the video)"),(0,ce.kt)("p",null,"Created a pod, and removed containers and pods that were created."),(0,ce.kt)("p",null,"Showed code, craete client, shows version, api and min api. Pulled latest alpine image and created a pod and container in the pod, and then removes image, pod and containers. Then lists the images."),(0,ce.kt)("p",null,"Used the unix domain socket, new Pull Requests for ssh in the works and also tcp sockets."),(0,ce.kt)("p",null,"Bindings are now on par with ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman --remote")," for doing connections."),(0,ce.kt)("p",null,"Can you run Docker py and Podman py at the same time? Yes! No locking preventing that. Can even run podman --remote through the compatibiltiy layer."),(0,ce.kt)("h2",{id:"questions"},"Questions?"),(0,ce.kt)("h4",{id:"4730-in-the-video"},"(47:30 in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"No questions asked.")),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("h2",{id:"next-meeting-tuesday-june-1-2021-1100-am-eastern-utc-4"},"Next Meeting: Tuesday June 1, 2021, 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"meeting-end-1155-am-eastern-utc-4"},"Meeting End: 11:55 a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"bluejeans-chat-copypaste"},"BlueJeans Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},'Me10:55 AM\nPlease sign in on HackMD https://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nAnd "May the Fourt be with you!\nEdward Haynes11:19 AM\nI remember a few years ago Intel was working on "clear containers" to put very lightweight virt around each container for protection ... did this ever amount to anything?\nDan Walsh (rhatdan)11:20 AM\nEdward ClearContainers became Kata Containers, But they run with a virtualization layer, and their own kernel.\nRodny Molina11:21 AM\nhttps://github.com/nestybox/sysbox\nAlex Litvak11:21 AM\nbad audio\nDan Walsh (rhatdan)11:22 AM\nAlex it sounds fine here\nAlex Litvak11:23 AM\nsorry it look like a local problem\nAnders Bj\xf6rklund11:33 AM\nWhat is the biggest difference between this (product) and LXC ?\nRodny Molina11:34 AM\nSysbox is, by design, compatible with Docker, K8s and now Podman. LXC (and LXD) are not AFAIK.\nAnders Bj\xf6rklund11:35 AM\nSo a difference for the forward-looking but similar but for the backward-looking, got it. Thanks.\nRodny Molina11:38 AM\nEven for the backward-looking, Sysbox procfs/sysfs emulation goes further than what LXD is doing, so we believe you should be able to run many more system workloads in Sysbox when compared to LXD. To be fair, LXD has some features that we don\'t have.\nmanish11:39 AM\nnice cesar ... great project\nCesar Talledo11:39 AM\nthanks Manish!\nAnders Bj\xf6rklund11:39 AM\nWe originally used OpenVZ for this, which was how I got started with containers originally\nMatt Heon11:42 AM\nAh, wayland!\nLokesh Mandvekar11:43 AM\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1956841\njhonce11:45 AM\nssh ro-BRmMS9jtgcXdRW6eMRyH5zrQV@sfo2.tmate.io\nUwe11:55 AM\nthanx\nMe11:55 AM\nhttps://www.redhat.com/sysadmin/may-fourth-podman\n')))}ft.isMDXComponent=!0;const bt={},vt="Podman Community Meeting",Mt=[{value:"September 7, 2021 11:00 a.m. Eastern (UTC-4)",id:"september-7-2021-1100-am-eastern-utc-4",level:2},{value:"Attendees (18 total)",id:"attendees-18-total",level:3},{value:"Meeting Start: 11:03 a.m.",id:"meeting-start-1103-am",level:2},{value:"BlueJeans Recording",id:"bluejeans-recording",level:3},{value:"Official Debian/Ubuntu Packages Updates",id:"official-debianubuntu-packages-updates",level:2},{value:"Reinhard Tartler/Lokesh Mandvekar",id:"reinhard-tartlerlokesh-mandvekar",level:3},{value:"(1:42 in the video)",id:"142-in-the-video",level:4},{value:"Podman machine Updates",id:"podman-machine-updates",level:2},{value:"Matt Heon",id:"matt-heon",level:3},{value:"(4:17 in the video)",id:"417-in-the-video",level:4},{value:"Containerized DNA Analysis",id:"containerized-dna-analysis",level:2},{value:"Erik Bernoth",id:"erik-bernoth",level:3},{value:"(8:27 in the video)",id:"827-in-the-video",level:4},{value:"Meeting notes from Erik:",id:"meeting-notes-from-erik",level:5},{value:"Using Podman in an IDE",id:"using-podman-in-an-ide",level:2},{value:"Chris Short",id:"chris-short",level:3},{value:"(23:14 in the video)",id:"2314-in-the-video",level:4},{value:"Open Forum/Questions?",id:"open-forumquestions",level:2},{value:"(32:52 in the video)",id:"3252-in-the-video",level:4},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday October 5, 2021, 11:00 a.m. Eastern (UTC-4)",id:"next-meeting-tuesday-october-5-2021-1100-am-eastern-utc-4",level:2},{value:"Next Cabal Meeting: Thursday September 16, 2021, 10:00 a.m. Eastern (UTC-4)",id:"next-cabal-meeting-thursday-september-16-2021-1000-am-eastern-utc-4",level:2},{value:"Meeting End: 11:40 a.m. Eastern (UTC-4)",id:"meeting-end-1140-am-eastern-utc-4",level:3},{value:"BlueJeans Chat copy/paste:",id:"bluejeans-chat-copypaste",level:2}],It={toc:Mt},At="wrapper";function Tt(e){let{components:t,...n}=e;return(0,ce.kt)(At,(0,Q.Z)({},It,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting"},"Podman Community Meeting"),(0,ce.kt)("h2",{id:"september-7-2021-1100-am-eastern-utc-4"},"September 7, 2021 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"attendees-18-total"},"Attendees (18 total)"),(0,ce.kt)("p",null,"Tom Sweeney, Jhon Honce, Dan Walsh, Chris Evich, Urvashi Mohnani, Nalin Dahyabhai, Eduardo Santiago, Matt Heon, Paul Holzinger, Erik Bernoth, Charlie Doern, Chris Evich, Scott McCarty, Anders Bj\xf6rklund, Lokesh Mandvekar, Valentin Rothberg, Guillaume Rose, Rudolf Vesely"),(0,ce.kt)("h2",{id:"meeting-start-1103-am"},"Meeting Start: 11:03 a.m."),(0,ce.kt)("h3",{id:"bluejeans-recording"},"BlueJeans ",(0,ce.kt)("a",{parentName:"h3",href:"https://bluejeans.com/s/16n3v6p@XWp/"},"Recording")),(0,ce.kt)("h2",{id:"official-debianubuntu-packages-updates"},"Official Debian/Ubuntu Packages Updates"),(0,ce.kt)("h3",{id:"reinhard-tartlerlokesh-mandvekar"},"Reinhard Tartler/Lokesh Mandvekar"),(0,ce.kt)("h4",{id:"142-in-the-video"},"(1:42 in the video)"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Debian 11/bullseye ships with kernel 5.10 and Podman 3.0."),(0,ce.kt)("li",{parentName:"ul"},"Podman 3.2 from Debian experimental also works well per Reinhard's local testing."),(0,ce.kt)("li",{parentName:"ul"},'Debian "unstable" is now open for development. Work on shipping Podman 3.3 is currently underway.'),(0,ce.kt)("li",{parentName:"ul"},"Upcoming Ubuntu 21.10 release will likely include podman 3.2"),(0,ce.kt)("li",{parentName:"ul"},"Reinhard would like assistance with:",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"Identifying and upgrading package dependencies in Debian"),(0,ce.kt)("li",{parentName:"ul"},"Filing bugs on what needs to be upgraded"),(0,ce.kt)("li",{parentName:"ul"},"Preparing package uploads on the GitLab instance at salsa.debian.org"))),(0,ce.kt)("li",{parentName:"ul"},"Reinhard's contact info: siretart AT debian DOT org, siretart on GitHub")),(0,ce.kt)("h2",{id:"podman-machine-updates"},"Podman machine Updates"),(0,ce.kt)("h3",{id:"matt-heon"},"Matt Heon"),(0,ce.kt)("h4",{id:"417-in-the-video"},"(4:17 in the video)"),(0,ce.kt)("p",null,"In the past few weeks, a number of significant developments in desktop containerization. Due to that, we've seen an upswing in activity due to Podman machine and Podman in general."),(0,ce.kt)("p",null,"Two requests we're getting are the ability to mount a Docker compatible socket natively on the host. So you would not have to worry about sshing from your Mac or Windows machine into a Linux host."),(0,ce.kt)("p",null,"The second request is volume mount, which is not handled automatically now in podman machine. Lots of discussion about this, but no clear path forward at the moment, and we're hoping to change that."),(0,ce.kt)("p",null,"At the Cabal meeting next Thursday, September 15, at 10:00 a.m. EDT (UTC-4), we will be discussing the direction for Podman machine and volume mounts, and would love community involvement."),(0,ce.kt)("h2",{id:"containerized-dna-analysis"},"Containerized DNA Analysis"),(0,ce.kt)("h3",{id:"erik-bernoth"},"Erik Bernoth"),(0,ce.kt)("h4",{id:"827-in-the-video"},"(8:27 in the video)"),(0,ce.kt)("p",null,"Started a new project where friends are analyzing DNA. Looking to find out what the small markers are. In the picture, fly eyes colors are noted and can be used to denote the familial connections of the flies."),(0,ce.kt)("p",null,"Showed a tutorial for one of the tools, one included the read for DNA. Showed FASTQ that showed all the data points, including metadata. From this, they get a quality marker."),(0,ce.kt)("p",null,"The output shows a lot of dots and some char when there's a significant match. From this data, you can figure out if you have a mutation or not. Also, other essential markers that decide eye color and such. This takes a lot of computing power."),(0,ce.kt)("p",null,"There are vertical and horizontal analyzers that are needed. There are tools used, and Erik showed a script his friend uses, which takes a lot of time and does some multiprocessing. It takes a long time to complete."),(0,ce.kt)("p",null,"Can this be containerized? That's in his current project, and he is wondering if we have possible ways to containerize it. Erik would like input."),(0,ce.kt)("p",null,"Looking to build a way to use Podman to containerize this."),(0,ce.kt)("h5",{id:"meeting-notes-from-erik"},"Meeting notes from Erik:"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Intro ",(0,ce.kt)("a",{parentName:"li",href:"https://github.com/ecerami/ecerami.github.io/blob/master/samtools_primer.md"},"sequencing data crunching process"),"."),(0,ce.kt)("li",{parentName:"ol"},"YSEQ Specialty: ",(0,ce.kt)("a",{parentName:"li",href:"https://www.yseq.net/product_info.php?products_id=175886"},"Whole Genome Sequence with 400 bases (WGS400)")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("a",{parentName:"li",href:"https://genomes.yseq.net/WGS/400SE/STR_examples/"},"STR Example")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("a",{parentName:"li",href:"https://gist.github.com/tkrahn/7dfc51c2bb97a6d654378a21ea0a96d4"},"BWA Pipeline")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("a",{parentName:"li",href:"https://genomes.yseq.net/WGS/400SE/16672/16672_result_summary.txt"},"Result Summary Example")," and ",(0,ce.kt)("a",{parentName:"li",href:"https://genomes.yseq.net/WGS/400SE/16672/"},"Full Example (opt.)"),"\nFuture: ",(0,ce.kt)("a",{parentName:"li",href:"https://genomebiology.biomedcentral.com/articles/10.1186/s13059-020-1935-5"},"Nanopore?"))),(0,ce.kt)("h2",{id:"using-podman-in-an-ide"},"Using Podman in an IDE"),(0,ce.kt)("h3",{id:"chris-short"},"Chris Short"),(0,ce.kt)("h4",{id:"2314-in-the-video"},"(23:14 in the video)"),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://drive.google.com/file/d/1Elb5Pb8z7tkKRaBnewRBvDsby2bWduza/view"},"Video")),(0,ce.kt)("p",null,"Showed VSCode with the Remote Development extension installed, which he is running on his Mac. This can work on WSL/Windows too. In theory, you can create a container within it. It's looking at his local ssh config. He could be anywhere in the world and could run anything he wanted from his Linux machine."),(0,ce.kt)("p",null,"He ssh's into his Linux machine from VSCode, and VSCode opens up what it needs to the machine. He now has a terminal instance from his Mac on the remote Fedora box. So he's in the IDE using a terminal on his Fedora box and can run Podman commands as needed."),(0,ce.kt)("p",null,"Chris blurred out several data points for privacy reasons."),(0,ce.kt)("p",null,"He then showed the website on his Mac that he had run via Podman."),(0,ce.kt)("p",null,"Jhon Honce noted that we have people using the Docker plugin in VSCode to use Podman. It would be nice to get a Podman plugin at some point for VSCode."),(0,ce.kt)("h2",{id:"open-forumquestions"},"Open Forum/Questions?"),(0,ce.kt)("h4",{id:"3252-in-the-video"},"(32:52 in the video)"),(0,ce.kt)("p",null,"Dan is trying to get Docker Security Bench translated into Podman Security Bench. A long-term project and community involvement would be great."),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://discord.com/channels/852634929845239818/852634929845239824"},"Discord server")," is now up and bridged with the ",(0,ce.kt)("a",{parentName:"p",href:"https://matrix.to/#/#podman:matrix.org"},"Podman Matrix room"),"."),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("p",null,"Rootless container networking - Paul Holzinger\nPodman Security Bench - Dan Walsh"),(0,ce.kt)("h2",{id:"next-meeting-tuesday-october-5-2021-1100-am-eastern-utc-4"},"Next Meeting: Tuesday October 5, 2021, 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"next-cabal-meeting-thursday-september-16-2021-1000-am-eastern-utc-4"},"Next Cabal Meeting: Thursday September 16, 2021, 10:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"meeting-end-1140-am-eastern-utc-4"},"Meeting End: 11:40 a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"bluejeans-chat-copypaste"},"BlueJeans Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Me10:59 AM\nPlease sign in here; https://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nMe11:06 AM\nI can't hear Lokesh, is it just me?\nValentin Rothberg11:06 AM\nI hear him\nDan Walsh11:06 AM\nI hear him fine\nLokesh Mandvekar11:06 AM\ni'm done\nDan Walsh11:06 AM\nTom back to you\nLokesh Mandvekar11:06 AM\ntom, back to you\nDan Walsh11:07 AM\nWe can not hear you tom\nMe11:07 AM\nMatt, please take it\nMatt Heon11:07 AM\nTom, no audio from you\ncevich11:07 AM\nI blame Tom's cat.\njhonce11:08 AM\nNetwork issues are now spreading...\nMe11:09 AM\nI can hear now, had to reset all the audio options.\nIt flicked off when I plugged my headset in\nErik Bernoth11:11 AM\nWe still can\u2019t hear you\nErik Bernoth11:27 AM\nThanks, Scott. Good to know that someone already knows some about this topic area. :)\nScott McCarty (fatherlinux)11:31 AM\nLOL, oh man I LOVED bioinformatics\nI miss that work\nMaybe that will be my retirement :-)\nLokesh Mandvekar11:39 AM\nMehul is pronounced May-houl :)\nErik Bernoth11:39 AM\nMatrix also works well from the browser btw\nScott McCarty (fatherlinux)11:40 AM\nhttps://discord.gg/sKgupVHaGg\n")))}Tt.isMDXComponent=!0;const St={},Ct="Podman Community Cabal Meeting Notes",Nt=[{value:"November 18, 2021 11:00 a.m. Eastern",id:"november-18-2021-1100-am-eastern",level:2},{value:"November 18, 2021 Topics",id:"november-18-2021-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"Podman.io redesign ( 0:52 in video)",id:"podmanio-redesign--052-in-video",level:3},{value:"Forwarding Play Kube HTTP API ( 24:45 in video)",id:"forwarding-play-kube-http-api--2445-in-video",level:3},{value:"Adding docker.io as default to image name (30:54 in video)",id:"adding-dockerio-as-default-to-image-name-3054-in-video",level:3},{value:"Open discussion ( : in video)",id:"open-discussion---in-video",level:4},{value:"Next Meeting: Thursday December 16, 2021 11:00 a.m. EDT (UTC-5)",id:"next-meeting-thursday-december-16-2021-1100-am-edt-utc-5",level:3},{value:"Possible Topics:",id:"possible-topics",level:3}],Dt={toc:Nt},Pt="wrapper";function xt(e){let{components:t,...n}=e;return(0,ce.kt)(Pt,(0,Q.Z)({},Dt,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("p",null,"Attendees: Tom Sweeney, Aditya Rajan, Matt Heon, Brent Baude, Ashley Cui, Preethi Thomas, Urvashi Mohnani, Eduardo Santiago, Giuseppe Scrivano, Nalin Dahyabhai, Paul Holzinger, Anders Bj\xf6rklund, Dan Walsh, M\xe1ir\xedn Duffy, Michael Scherer, Lokesh Mandvekar, Shion Tanaka, Jhon Honce, Valentin Rothberg, Ed Haynes, Jakub Dzon, James Cassel, Mairin Duffy, Michael Scherer, Scott McCarty, Shion Tanaka, Mehul Arora,"),(0,ce.kt)("h2",{id:"november-18-2021-1100-am-eastern"},"November 18, 2021 11:00 a.m. Eastern"),(0,ce.kt)("h2",{id:"november-18-2021-topics"},"November 18, 2021 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Podman.io redesign - M\xe1ir\xedn Duffy"),(0,ce.kt)("li",{parentName:"ol"},"Forwarding Play Kube HTTP API configmaps query parameter to the container engine - Urvashi Mohnani"),(0,ce.kt)("li",{parentName:"ol"},"Discuss Adding docker.io to unqualified image name - ",(0,ce.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/pull/12321"},"https://github.com/containers/podman/pull/12321"))),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://www.youtube.com/watch?v=y9PxhYF-uNM"},"Recording")),(0,ce.kt)("p",null,"Meeting start: 11:03 a.m. EST Thursday, November 18, 2021"),(0,ce.kt)("h3",{id:"podmanio-redesign--052-in-video"},"Podman.io redesign ( 0:52 in video)"),(0,ce.kt)("p",null,"At this link, use the dropdown in the upper left corner to page through the mockups (they aren't hooked up to be click-thru yet):\n",(0,ce.kt)("a",{parentName:"p",href:"https://design.penpot.app/#/view/c1192050-2619-11ec-bdd0-f35c6ae458e9?page-id=c1192051-2619-11ec-bdd0-f35c6ae458e9&index=0&share-id=554e5be0-2b66-11ec-91a7-f08c5eccf3df"},"https://design.penpot.app/#/view/c1192050-2619-11ec-bdd0-f35c6ae458e9?page-id=c1192051-2619-11ec-bdd0-f35c6ae458e9&index=0&share-id=554e5be0-2b66-11ec-91a7-f08c5eccf3df")),(0,ce.kt)("p",null,"(This is using Penpot.app, an open-source UX tool.)"),(0,ce.kt)("p",null,'GTK as an example site. The main page redesign from some of Dan\'s talks and wondering to herself why would I want to use Podman? Prominent link to the docs, to GitHub, and more. The front page has the focus on "Give it a try". Then additional links to blogs and coloring books.'),(0,ce.kt)("p",null,"Looking for help on how the other tools tie together on the front page."),(0,ce.kt)("p",null,"Leaning toward GitHub pages using AsciiDoc with Jekyll. Might be able to use AsciiDoc to update contributing doc across projects. So you can pull sections from another project perhaps. This is a new process she's still working through."),(0,ce.kt)("p",null,"Showed the community page too, including Code of Conduct, chat, meeting mailing lists. Javascript to show the time zones of the maintainers would be nice. At the bottom, showed how to submit pull requests."),(0,ce.kt)("p",null,"Then she showed the Feature page, showing basic first steps. Getting Started, community page, find a page on the site similar to the one in GitHub."),(0,ce.kt)("p",null,"Shows features of cockpit UI, blog posts, and coloring book."),(0,ce.kt)("p",null,"Another page for folks just starting with Podman"),(0,ce.kt)("p",null,"We might want to add pages for Mac, Windows, and how to use Podman on it."),(0,ce.kt)("h3",{id:"forwarding-play-kube-http-api--2445-in-video"},"Forwarding Play Kube HTTP API ( 24:45 in video)"),(0,ce.kt)("p",null,"PR in question: ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/pull/12243"},"https://github.com/containers/podman/pull/12243")),(0,ce.kt)("p",null,"YAML is not getting cast correctly when sent. Jakub is wondering if the solution proposed to use a configmap is OK per the community. Paul asked how we should send the content to the server."),(0,ce.kt)("p",null,"Currently, it is a configmap that points to files, but Jakub would like to expand."),(0,ce.kt)("p",null,"Jhon likes it better as GoLang and other bindings wouldn't have to jump through many hoops. Brent thinks it's a reasonable approach along with Paul. Jakub will pursue."),(0,ce.kt)("h3",{id:"adding-dockerio-as-default-to-image-name-3054-in-video"},"Adding docker.io as default to image name (30:54 in video)"),(0,ce.kt)("p",null,"PR in question: ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/pull/12321"},"https://github.com/containers/podman/pull/12321")),(0,ce.kt)("p",null,"Michael talked through the PR. Basically, it will add \"docker.io\" if the image doesn't have any in it. This will be the default, if fully qualified, docker.io wouldn't be added."),(0,ce.kt)("p",null,"Docker does this and we're not fully compatible here. The full discussion in the PR at: ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/pull/12321#issuecomment-971412475"},"https://github.com/containers/podman/pull/12321#issuecomment-971412475")),(0,ce.kt)("p",null,"Dan thinks too many people have stumbled across this and doesn't think we should have to have them go to registry.conf to set their default."),(0,ce.kt)("p",null,"Valentin doesn't think we'll ever be compatible with Docker here as we allow aliases for image names. We also need to be compatible with atomic docker and it supports registries. Third, if we change this, we'll break current behavior. Fourth, a huge page to enforce docker.io due to the code structure in c/image. Valentin thinks registries.conf changes are the way to go to address this."),(0,ce.kt)("p",null,"Matt proposed that we should support the docker.io use case. Docker on RHEL doesn't do this. He's suggesting adding a flag in containers.conf to toggle this between adding and not adding docker.io to the image."),(0,ce.kt)("p",null,"Valentin warned this is likely to cause breaking changes in the code as changes in Buildah, Podman, Skopeo, c/image, and more."),(0,ce.kt)("p",null,'If we had "docker.io compat mode" in the system context, that would be the easiest way to get the info down, but it\u2019s still not an insignificant amount of work.'),(0,ce.kt)("p",null,"What's the chance of getting Moby to change their behavior? In the past, changes like that have been slow-moving."),(0,ce.kt)("p",null,"Dan likes the flag idea, but Valentin is concerned that this will be a huge change for a simple idea."),(0,ce.kt)("p",null,"Dan is concerned that if we don't make the change, we'll get bad feedback from users."),(0,ce.kt)("p",null,"We've made decisions in the past to not be compatible in this space."),(0,ce.kt)("p",null,"The consensus is that we want to do the right thing for the user, the hard part is figuring out the way to get this done. How is unknown. Brent doesn't want to implement something too large."),(0,ce.kt)("p",null,'Matt doesn\'t think this will be as bad as Valentin believes. However, build will probably "bad", but create might not be too bad.'),(0,ce.kt)("p",null,"The next step is to look at the compatibility library and see where the place is to do it."),(0,ce.kt)("h4",{id:"open-discussion---in-video"},"Open discussion ( : in video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"None, we ran out of time.")),(0,ce.kt)("h3",{id:"next-meeting-thursday-december-16-2021-1100-am-edt-utc-5"},"Next Meeting: Thursday December 16, 2021 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h3",{id:"possible-topics"},"Possible Topics:"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"})),(0,ce.kt)("p",null,"Raw Meeting Chat:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Brent Baude11:01 AM\nstepping away for a minute\nYou11:01 AM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nValentin Rothberg11:01 AM\n@Dan: I muted you since you gave an echo\nYou11:02 AM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nLokesh Mandvekar11:07 AM\nnew site gonna rock\nChristopher Evich11:08 AM\nYou matched the background water perspective to the icon perspective *wow*\nAnders F Bj\xf6rklund11:08 AM\na common theme between the sites would be nice\ni.e. linking podman and cri-o\nBrent Baude11:09 AM\nare we going to talk about our blogging problem/isssue ?\nMichael Scherer11:10 AM\nOSPO team can also provides openshift hosting, we have a cluster for community project, and so that's just a question of building one or more containers (we did it for project atomic, with 3 git repo combined)\nYou11:16 AM\nhttps://www.youtube.com/channel/UCk8PKFfMXESWNXgGG5U_F_w\nyoutube channel ^^^\nLokesh Mandvekar11:16 AM\nfor IRC link..maybe we can just link to the libera's web ui OR we could just redirect them to the matrix room, call me biased :)\nValentin Rothberg11:22 AM\nA seal eating an apple :)\nUrvashi Mohnani11:28 AM\nhttps://github.com/containers/podman/pull/12243\nValentin Rothberg11:28 AM\nGreat work. I am looking forward to see it in action :)\nYou11:29 AM\nhttps://github.com/containers/podman/pull/12243\nPR under discussion\nM\xe1ir\xedn Duffy11:29 AM\ni'm gonna drop now but feel free to reach out any time w q's / feedback / ideas etc, I'm lurking in the podman matrix room o/\nMichael Scherer11:34 AM\nhttps://github.com/containers/podman/pull/12321\nYou11:34 AM\nhttps://github.com/containers/podman/pull/12321\nMichael Scherer11:36 AM\nhttps://github.com/containers/podman/pull/12321#issuecomment-971412475 so that's the detail\nAnders F Bj\xf6rklund11:42 AM\nwe have big problems with this in minikube, where we try to present a common API towards images from docker, cri-o (podman) and containerd (ctr and buildctl).\nUnfortunately kubernetes has no global policy on how to specify images\nAnders F Bj\xf6rklund11:45 AM\n(also includes other things, like if image ID include a \"sha256:\" prefix or not)\nMatt Heon11:47 AM\nSmall things like that, we should fix\nNo reason not to\nre: sha256 prefix\nAnders F Bj\xf6rklund11:54 AM\ncontainerd is now making the full names more visible to people, if it is any consolation\nBrent Baude11:54 AM\ngreat! but the problem exists in what has historically been set and expected\nAnders F Bj\xf6rklund11:54 AM\n(when people change their kubernetes CRI, from docker/cri-docker over to containerd)\nieq-pxhy-jbh\n")))}xt.isMDXComponent=!0;const Bt={},Et="Podman Community Cabal Meeting Notes",Wt=[{value:"February 17, 2022 11:00 a.m. Eastern",id:"february-17-2022-1100-am-eastern",level:2},{value:"February 17, 2022 Topics",id:"february-17-2022-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"Meta package for manpages, config files - (0:50 in video) - Valentin Rothberg",id:"meta-package-for-manpages-config-files---050-in-video---valentin-rothberg",level:3},{value:"Open discussion (25:30 in video)",id:"open-discussion-2530-in-video",level:4},{value:"Next Meeting: Thursday March 17, 2022 11:00 a.m. EDT (UTC-5)",id:"next-meeting-thursday-march-17-2022-1100-am-edt-utc-5",level:3},{value:"Possible Topics:",id:"possible-topics",level:3}],jt={toc:Wt},Lt="wrapper";function Ht(e){let{components:t,...n}=e;return(0,ce.kt)(Lt,(0,Q.Z)({},jt,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("p",null,"Attendees: Tom Sweeney, Aditya Rajan, Matt Heon, Brent Baude, Ashley Cui, Chris Evich, Urvashi Mohnani, Giuseppe Scrivano, Nalin Dahyabhai, Paul Holzinger, Anders Bj\xf6rklund, Dan Walsh, Valentin Rothberg, Jhon Honce, Miloslav Trma\u010d, Charlie Doern, Lokesh Mandvekar, Oleg Bulatov, Flavian Missi, Niall Crowe, F. Poirotte,"),(0,ce.kt)("h2",{id:"february-17-2022-1100-am-eastern"},"February 17, 2022 11:00 a.m. Eastern"),(0,ce.kt)("h2",{id:"february-17-2022-topics"},"February 17, 2022 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Meta package for manpages, config files - Valentin Rothberg")),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://youtu.be/ysFO1s7h-YE"},"Recording")),(0,ce.kt)("p",null,"The meeting started at 11:02 a.m. Thursday, February 17, 2022"),(0,ce.kt)("h3",{id:"meta-package-for-manpages-config-files---050-in-video---valentin-rothberg"},"Meta package for manpages, config files - (0:50 in video) - Valentin Rothberg"),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/common/issues/925"},"Issue discussed")),(0,ce.kt)("p",null,"The ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/common"},"https://github.com/containers/common")," project is used for man pages, config files, and common files. Used by containers/storage, containers/image, containers/buildah, containers/podman. The containers/common package is pushed out in the containers-common package."),(0,ce.kt)("p",null,"First issue: Hard for downstream packagers to know what and when to package. The common package should only ship with Podman, but it's not transparent to downstream packagers. For them, it's hard to know when to ship, especially since there are four projects of note: c/storage, c/image, c/common, c/crun."),(0,ce.kt)("p",null,"Second issue: We have a high frequency of releases. I.e., recently 5 RC's of Podman. Which caused a lot of churn and problems for an arch-linux packager. The issue is ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/common/issues/925"},"here"),"."),(0,ce.kt)("p",null,"Dan wonders if there's a way to add links to GitHub repos to tie them together. Valentin doesn't think there's a way to do this via GitHub, but possibly via Git itself, and he thinks it might be hairy."),(0,ce.kt)("p",null,"Chris Evich mentioned ",(0,ce.kt)("a",{parentName:"p",href:"https://blog.developer.atlassian.com/the-power-of-git-subtree/?_ga=2-71978451-1385799339-1568044055-1068396449-1567112770"},"git-subtree")),(0,ce.kt)("p",null,"The problem remains if there's a Buildah or Podman that can use a particular version of the files in containers-common. It would be nice to have a packager grab version X of Podman, and that would then get all of the associated packages at the right versions."),(0,ce.kt)("p",null,"Miloslav Trmac suggested adding something to Podman update/create the containers-common package when Podman creates its package. This would require some Makefile work."),(0,ce.kt)("p",null,"Chris thinks there's an option in GitHub to create a tarball, but others pointed out it's only suitable for files in the physical repository."),(0,ce.kt)("p",null,"Currently, we're grabbing things from the main branch, but we should grab from what is listed in the go.mod file."),(0,ce.kt)("p",null,"Dan thinks putting Fedora's script into Podman and then working that back into the Fedora release cycles. It won't fix the issue but will at least make it obvious."),(0,ce.kt)("p",null,"This is something that needs to happen for Buildah and Podman. We don't need to worry about CRI-O as they have a different setup and config files."),(0,ce.kt)("p",null,"Dan and Lokesh will work together to try and make some progress in this space. This will mean moving update.sh, which will be renamed, into Podman."),(0,ce.kt)("p",null,"Another concern has been the number of release candidates we had for Podman v4.0 (5 RC's). This has worked well for the development team but has caused packagers massive headaches."),(0,ce.kt)("p",null,"Ideally, it would be nice if we could create a containers bundle. Lokesh has an upcoming blog that will talk about this too."),(0,ce.kt)("p",null,"Tom would like to make sure we can do an RC release as it helped QE. Valentin pointed out the issue lies in that we're moving along RCs for Podman, but also point releases, rather than RCs for Buildah, Skopeo, etc., which is where the churn is."),(0,ce.kt)("h4",{id:"open-discussion-2530-in-video"},"Open discussion (25:30 in video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"4.0 close to releasing. We are waiting on one last set of tests to finish successfully. Lokesh is working on documentation for netavark and aardvark-dns.")),(0,ce.kt)("p",null,"The network stack will remain on CNI if Podman already exists on a system that Podman v4.0 is installed/upgraded on. If the host has no Podman presence, they will run with the new netavark stack."),(0,ce.kt)("p",null,"The ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman system reset --force")," command should be used if moving up to Podman 4.0 with a host that used Podman v3.0 in the past."),(0,ce.kt)("p",null,"Podman v4.0 will not be in Fedora 35 as it's a breaking change but will be available with Fedora 36. On Fedora 35, you will be able to update from ",(0,ce.kt)("a",{parentName:"p",href:"https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman4/"},"Copr")," if you decide to."),(0,ce.kt)("p",null,"Looking at a week delay until the Mac and Windows versions are available."),(0,ce.kt)("p",null,"A discussion was had on how to handle a downgrade. Most likely, containers and images would have to be removed."),(0,ce.kt)("ol",{start:2},(0,ce.kt)("li",{parentName:"ol"},"Podman desktop update (38:37 in the video)\nDan noted that we're working with the developer on that. Potentially will merge CRC with the desktop. Meetings are coming up next week. Podman Desktop will not be released as part of Podman v4.0. Likely to be synchronized in the Fedora 36 release. The desktop the team is working on in Red Hat is Mac only via a Brew install on the side. This will pull in qemu as well.")),(0,ce.kt)("p",null,"Anders noted that qemu (from brew) has a lot of architectures within it, but that's making it close to a Gigabyte in size."),(0,ce.kt)("p",null,"Virtio-fs has been re-written in rust and can now be run on a Mac. There are two virtio-fs daemons, one in C, the other in Rust. The C version will be going away over time. Looking at Podman 4.2 or 4.3"),(0,ce.kt)("h3",{id:"next-meeting-thursday-march-17-2022-1100-am-edt-utc-5"},"Next Meeting: Thursday March 17, 2022 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h3",{id:"possible-topics"},"Possible Topics:"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"})),(0,ce.kt)("p",null,"Meeting finished 11:49"),(0,ce.kt)("p",null,"Raw Meeting Chat:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},'You11:00 AM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nYou11:02 AM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nValentin Rothberg11:03 AM\nhttps://github.com/containers/common/issues/925\nValentin Rothberg11:10 AM\nhttps://git-scm.com/docs/git-submodule\nChristopher Evich11:11 AM\nThis seems to be the "new" way:\nGiuseppe Scrivano11:11 AM\ncrun is using submodules to track changes to libocispec, and libocispec uses submodules for tracking runtime-spec and image-spec\nChristopher Evich11:11 AM\nhttps://blog.developer.atlassian.com/the-power-of-git-subtree/?_ga=2-71978451-1385799339-1568044055-1068396449-1567112770\n(git subtree)\nAnders F Bj\xf6rklund11:14 AM\nwouldn\'t this use versions ? (tags)\nor is packages building from git these days ?\nLokesh Mandvekar11:15 AM\nusually from tags, but sometimes from git commits\nAnders F Bj\xf6rklund11:16 AM\nbut still tarballs, rather than git clones\nLokesh Mandvekar11:16 AM\nyup, fedora buildsys doesn\'t allow network access\nLokesh Mandvekar11:32 AM\n`rhcontainerbot/podman4`\nhttps://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman4/\nLokesh Mandvekar11:34 AM\nFedora 35 and CentOS 9 Stream users should prefer that if they want the latest podman releases (will include RCs)\nAnders F Bj\xf6rklund11:36 AM\nyup, fedora-coreos-35.20220216.dev.0-qemu.x86_64.qcow2.xz has a "dev" in it\nAnders F Bj\xf6rklund11:39 AM\nand it does have 4.0.0-rc5 in it\nieq-pxhy-jbh\n')))}Ht.isMDXComponent=!0;const Rt={},Ot="Podman Community Meeting Notes",Jt=[{value:"June 7, 2022 11:00 a.m. Eastern (UTC-5)",id:"june-7-2022-1100-am-eastern-utc-5",level:2},{value:"Attendees (27 total)",id:"attendees-27-total",level:3},{value:"Meeting Start: 11:02 a.m. EST",id:"meeting-start-1102-am-est",level:2},{value:"BlueJeans Recording",id:"bluejeans-recording",level:3},{value:"Podman on Windows Update",id:"podman-on-windows-update",level:2},{value:"Jason Greene/Tom Sweeney",id:"jason-greenetom-sweeney",level:3},{value:"(1:04 in the video)",id:"104-in-the-video",level:4},{value:"Podman Desktop Update",id:"podman-desktop-update",level:2},{value:"Florent Benoit",id:"florent-benoit",level:3},{value:"(4:00 in the video)",id:"400-in-the-video",level:4},{value:"Podman Install on MacOS",id:"podman-install-on-macos",level:2},{value:"Gerard Braad",id:"gerard-braad",level:3},{value:"(22:00 in the video)",id:"2200-in-the-video",level:4},{value:"Podman Upcoming Releases Update",id:"podman-upcoming-releases-update",level:2},{value:"Brent Baude",id:"brent-baude",level:3},{value:"(25:10 in the video)",id:"2510-in-the-video",level:4},{value:"Open Forum/Questions?",id:"open-forumquestions",level:2},{value:"(29:00 in the video)",id:"2900-in-the-video",level:4},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday August 2, 2021, 11:00 a.m. Eastern (UTC-5)",id:"next-meeting-tuesday-august-2-2021-1100-am-eastern-utc-5",level:2},{value:"Next Cabal Meeting: Thursday June 16, 2021, 11:00 a.m. Eastern (UTC-5)",id:"next-cabal-meeting-thursday-june-16-2021-1100-am-eastern-utc-5",level:2},{value:"Meeting End: 11:46 a.m. Eastern (UTC-5)",id:"meeting-end-1146-am-eastern-utc-5",level:3},{value:"BlueJeans Chat copy/paste:",id:"bluejeans-chat-copypaste",level:2}],Ft={toc:Jt},Gt="wrapper";function Yt(e){let{components:t,...n}=e;return(0,ce.kt)(Gt,(0,Q.Z)({},Ft,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting-notes"},"Podman Community Meeting Notes"),(0,ce.kt)("h2",{id:"june-7-2022-1100-am-eastern-utc-5"},"June 7, 2022 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"attendees-27-total"},"Attendees (27 total)"),(0,ce.kt)("p",null,"Tom Sweeney, Jhon Honce, Chris Evich, Matt Heon, Ashley Cui, Eduardo Santiago, Valentin Rothberg, Paul Holzinger, Nalin Dahyabhai, Giuseppe Scrivano, Preethi Thomas, Lokesh Mandvekar, Niall Crowe, Charlie Doern, Dan Walsh, Brent Baude, Aditya Rajan, Dev Kumar, Florent Benoit, Gerard Braad, Ionut Stoica, Jake Correnti, Karthik Elango, Mark Russell, Miloslav Trmac, Nalin Dahyabhai, Pavel, Preethi Thomas, Stevan Le Meur, Tim deBoer, Urvashi Mohnani"),(0,ce.kt)("h2",{id:"meeting-start-1102-am-est"},"Meeting Start: 11:02 a.m. EST"),(0,ce.kt)("h3",{id:"bluejeans-recording"},"BlueJeans ",(0,ce.kt)("a",{parentName:"h3",href:"https://www.youtube.com/watch?v=lherM_ah3GU"},"Recording")),(0,ce.kt)("h2",{id:"podman-on-windows-update"},"Podman on Windows Update"),(0,ce.kt)("h3",{id:"jason-greenetom-sweeney"},"Jason Greene/Tom Sweeney"),(0,ce.kt)("h4",{id:"104-in-the-video"},"(1:04 in the video)"),(0,ce.kt)("p",null,"Jason was going to present today but had a recent COVID diagnosis and could not attend. Instead, Tom talked briefly about his recent blog ",(0,ce.kt)("a",{parentName:"p",href:"https://www.redhat.com/sysadmin/run-podman-windows"},"post")," talking about how to install the new Podman Windows installer, which is ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/releases/download/v4.1.0/podman-v4.1.0.msi"},"here")," The Podman YouTube ",(0,ce.kt)("a",{parentName:"p",href:"https://youtube.com/c/Podman"},"channel")," also has a ",(0,ce.kt)("a",{parentName:"p",href:"https://www.youtube.com/watch?v=zHOC5QkhLVw"},"video")," of the process that Tom did to do the installation on Windows. Jason has also created a detailed ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/docs/tutorials/podman-for-windows.md"},"tutorial")," for the installer and the Podman on Windows Client. Hopefully, Jason will be able to present at the next meeting."),(0,ce.kt)("h2",{id:"podman-desktop-update"},"Podman Desktop Update"),(0,ce.kt)("h3",{id:"florent-benoit"},"Florent Benoit"),(0,ce.kt)("h4",{id:"400-in-the-video"},"(4:00 in the video)"),(0,ce.kt)("p",null,"The project is located ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman-desktop"},"here")," on GitHub. The desktop lets you run in Windows or macOS."),(0,ce.kt)("p",null,"Demo - 4:35 in the video"),(0,ce.kt)("p",null,"Showed Gui listing Containers, Images, and Preferences. He was also able to do things on the command line, and they showed up in the desktop. He showed how he could pull an image from quay.io from the desktop."),(0,ce.kt)("p",null,"Some Plugins are also available. He showed one for Podman, and now he can see more details of the images."),(0,ce.kt)("p",null,'The desktop just watches the Podman Socket and is not polling all the time. You can use either rootful or rootless. You can\'t do that through the Desktop, but you can start the "podman machine" as rootful or rootless, and the Desktop will use the one available.'),(0,ce.kt)("p",null,"Currently, the desktop is using a socket, so it might be possible for it to use ssh to use a podman machine on a remote host. A probable future enhancement."),(0,ce.kt)("p",null,"Pods are not currently supported but are part of the future plan as a feature. Need more requests via GitHub to get it a bit more precedence."),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https:/github.com/containers/podman-desktop/wiki/Roadmap"},"Roadmap")," in their Wiki with the features planned. The developers are looking for more help in the development of the tool."),(0,ce.kt)("p",null,"Brent wonders if there was still an open issue about machine events between the Desktop and Podman development teams. Brent will work with the Desktop team to close the loop as he thinks he has a solution."),(0,ce.kt)("h2",{id:"podman-install-on-macos"},"Podman Install on MacOS"),(0,ce.kt)("h3",{id:"gerard-braad"},"Gerard Braad"),(0,ce.kt)("h4",{id:"2200-in-the-video"},"(22:00 in the video)"),(0,ce.kt)("p",null,"Working on a test release on a different repo. Works on M1 and Intel. The current location is ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers-contribs/podman-installer/releases"},"here"),". When complete, it will be part of the regular Podman release and would be added to the assets section in Podman releases."),(0,ce.kt)("h2",{id:"podman-upcoming-releases-update"},"Podman Upcoming Releases Update"),(0,ce.kt)("h3",{id:"brent-baude"},"Brent Baude"),(0,ce.kt)("h4",{id:"2510-in-the-video"},"(25:10 in the video)"),(0,ce.kt)("p",null,'The next Release is v4.2 and likely a 4.1.x prior. Release candidates for v4.2 should be coming out in July with a target of mid-August for a final release. Quite a number of commits already. A lot of bug fixes due to a Red Hat internal bug squish week and "ToDo" fixes in the code. Updates to Podman machine and other enhancements are also included.'),(0,ce.kt)("p",null,"Podman v4.1.1 sometime later this week per Matt Heon."),(0,ce.kt)("h2",{id:"open-forumquestions"},"Open Forum/Questions?"),(0,ce.kt)("h4",{id:"2900-in-the-video"},"(29:00 in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Can you tell when podman machine has an update? Currently no. If you have a new Podman, it will pull machine too. Brent hopes to update GUI later to show an update to the CoreOS image. The dev team knows about this, but it's not a non-trivial fix to make this happen.")),(0,ce.kt)("p",null,"An issue to be created for this, Brent to create. (Issue)","[https://github.com/containers/podman/issues/14514]"),(0,ce.kt)("ol",{start:2},(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Dan has opened a PR against qemu to break it up for different distro needs. This slims down the footprint of the binary. The size went from 40 MB to 4 MB. Bugzilla concerning this ",(0,ce.kt)("a",{parentName:"p",href:"https://bugzilla.redhat.com/show_bug.cgi?id=2061584"},"here"))),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Pavel is having problems with Syslog from Podman. The issue isn't showing errors, and it isn't working. So it's very hard to debug. The issue is in crun and we'll have Giuseppe look into the problem."))),(0,ce.kt)("p",null,"Pavel to update his (discussion](",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/discussions/12693"},"https://github.com/containers/podman/discussions/12693"),")."),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Podman on Mac installer.")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Podman on Windows"))),(0,ce.kt)("h2",{id:"next-meeting-tuesday-august-2-2021-1100-am-eastern-utc-5"},"Next Meeting: Tuesday August 2, 2021, 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h2",{id:"next-cabal-meeting-thursday-june-16-2021-1100-am-eastern-utc-5"},"Next Cabal Meeting: Thursday June 16, 2021, 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"meeting-end-1146-am-eastern-utc-5"},"Meeting End: 11:46 a.m. Eastern (UTC-5)"),(0,ce.kt)("h2",{id:"bluejeans-chat-copypaste"},"BlueJeans Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Me11:00 AM\nhttps://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nStevan Le Meur11:05 AM\nsorry!\nStevan Le Meur11:11 AM\nFeel free to share feedback, issues, ideas on the repository: https://github.com/containers/podman-desktop\nFlorent Benoit11:20 AM\nhttps://github.com/containers/podman-desktop/wiki/Roadmap\nGerard Braad11:21 AM\nit sounbsd like the wrong mic is used\nmuch better!\nGerard Braad11:22 AM\nWould it be possible to also plug something?\nbaude11:23 AM\nplug?\nGerard Braad11:23 AM\nWe have been working on a test release of the Podman installer for macOS (Intel and M1), and would like feedback\nStevan Le Meur11:23 AM\n\ud83d\udc4d\nMe11:23 AM\nSure thing Gerard, do you want to do a quick update after this wraps?\nGerard Braad11:23 AM\nPlease\nbaude11:23 AM\nyes please\nGerard Braad11:24 AM\nhttps://github.com/containers-contribs/podman-installer/releases\n\nWe will propose it this week as a PR, but have experienced some delays on our end.\nGerard Braad11:28 AM\nThank you guys\nionut stoica11:31 AM\nI do have a Q\nCan you know preemptively when a podman machine has update ?\nMicrophone dead! :(\nGerard Braad11:32 AM\nSo this is about a 'Update notification' ?\nionut stoica11:33 AM\nYes, some users wanted to know as they certify their envs and analyze all they bring in\nGerard Braad11:34 AM\nDoes an issue exist to track this?\nLet's create?\nionut stoica11:34 AM\n:) Awesome!\nGerard Braad11:35 AM\nWe have the same issue around CRC for the image. So le's create this and I'll ping you Ionut\nGerard Braad11:38 AM\n@ionut @baude I added an issue for this: https://github.com/containers/podman/issues/14514\nDaniel (rhatdan) Walsh11:39 AM\ntom https://bugzilla.redhat.com/show_bug.cgi?id=2061584\nMe11:39 AM\nthx dan\nMe11:41 AM\nThx Gerard, added it and the BZ to the mtg notes\nGerard Braad11:41 AM\n:+1 Thanks. I remember Baude and I also talked about this particular issue in February or so. It is not an easy problem to solve, but it is worthwhile to collect the issues and possible solutions.\nbaude11:44 AM\ni have to step away\nMe11:44 AM\ngithub.com/podman/discussions\nFlorent Benoit11:44 AM\nhttps://github.com/containers/podman/discussions\nMe11:44 AM\nhttps://github.com/containers/podman/discussions\nMark Russell11:46 AM\nthanks, Tom!\n")))}Yt.isMDXComponent=!0;const Ut={},qt="Podman Community Cabal Meeting Notes",zt=[{value:"November 17, 2022 11:00 a.m. Eastern",id:"november-17-2022-1100-am-eastern",level:2},{value:"November 17, 2022 Topics",id:"november-17-2022-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"Docker Compose Support from the Command Line - (0:55 in the video) - Dan Walsh",id:"docker-compose-support-from-the-command-line---055-in-the-video---dan-walsh",level:3},{value:"Docker Socket helper on macOS enabled by default - (28:50 in the video) - Florent Benoit",id:"docker-socket-helper-on-macos-enabled-by-default---2850-in-the-video---florent-benoit",level:3},{value:"Open discussion (35:30 in the video)",id:"open-discussion-3530-in-the-video",level:4},{value:"Next Meeting: Thursday, December 15, 2022, 11:00 a.m. EDT (UTC-5)",id:"next-meeting-thursday-december-15-2022-1100-am-edt-utc-5",level:3},{value:"December 15, 2022 Topics",id:"december-15-2022-topics",level:2},{value:"Next Community Meeting: Tuesday, December 6, 2022, 11:00 a.m. EDT (UTC-5)",id:"next-community-meeting-tuesday-december-6-2022-1100-am-edt-utc-5",level:3},{value:"Possible Topics:",id:"possible-topics",level:3}],Vt={toc:zt},Kt="wrapper";function Qt(e){let{components:t,...n}=e;return(0,ce.kt)(Kt,(0,Q.Z)({},Vt,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("p",null,"Attendees: Matt Heon, Dan Walsh, Nalin Dahyabhai, Paul Holzinger, Lokesh Mandvekar, Valentin Rothberg, Mohan Boddu, Eduardo Santiago, Giuseppe Scrivano, Aditya Rajan, Urvashi Mohnani, Preethi Thomas, Ashley Cui, Florent Benoit, Martin Jackson, Charlie Drage, Lorenzo Prosseda, Luca Fuse, Steven Le Meur,"),(0,ce.kt)("h2",{id:"november-17-2022-1100-am-eastern"},"November 17, 2022 11:00 a.m. Eastern"),(0,ce.kt)("h2",{id:"november-17-2022-topics"},"November 17, 2022 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Docker Compose Support from the Command Line - Dan Walsh")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Docker Socket helper on macOS enabled by default - Florent Benoit"),(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"(It is enabled by default on Windows but needs an extra step on macOS")))),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://youtu.be/HIzZYPpE304"},"Recording")),(0,ce.kt)("p",null,"Meeting start: 11:02 a.m. Thursday, November 17, 2022"),(0,ce.kt)("h3",{id:"docker-compose-support-from-the-command-line---055-in-the-video---dan-walsh"},"Docker Compose Support from the Command Line - (0:55 in the video) - Dan Walsh"),(0,ce.kt)("p",null,"Podman Desktop is asking to add Docker Compose. The Desktop folks are getting a lot of pull from the community about using Docker Compose from the Desktop."),(0,ce.kt)("p",null,"Stevan believes Rancher supports this based on the container type."),(0,ce.kt)("p",null,"We could do either Podman Compose or vendor in Docker Compose from Docker. We'd need to go to the latest version of Docker Compose with the highest available Golang to make it work with Podman."),(0,ce.kt)("p",null,"Since we have to use client/server services, Dan thinks Docker Compose would be the way to go. Plus, it has good usage by the community. Podman Compose needs further work. Either way, a lot of work is necessary to make it happen."),(0,ce.kt)("p",null,"Martin has been involved with Docker Compose and uses it outside of Podman. He thinks having Docker Compose would be useful. He thinks Kube support would be upgraded for Podman, too, with Docker Compose."),(0,ce.kt)("p",null,"Let's say ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman kube")," does 75% of Docker Compose, but Docker Compose has become the deFacto standard. It's also an easy-to-understand format. Martin prefers it over Kube YAML for ease of use. He feels there would be value in having Docker Compose work under Podman."),(0,ce.kt)("p",null,"The latest Docker Compose has a few new commands that aren't in the Python library. You can run the Docker Compose v2 as standalone, and you don't need Docker to run also. This makes it more likely it could be used by Podman."),(0,ce.kt)("p",null,'Dan would be happiest if we could exec to Docker Compose rather than having to vendor or ingrain it into Podman. Brent is concerned about the reaction of this by our community when we note that Podman claims "Docker Compose" support, and we\'re only shipping the client. This is where the idea of using a plugin for him has come from.'),(0,ce.kt)("p",null,"A plugin would just be a CLI, and Dan is worried about increasing the size of the Podman binary if we do this."),(0,ce.kt)("p",null,"Matt thinks we need to ship the Docker Compose v2 client within the image, and it doesn't need to be integrated into Podman."),(0,ce.kt)("p",null,"We will need to figure out how to make a supported version for RHEL/Red Hat. Currently, if there's a problem with Docker Compose, we report it upstream but don't fix it. Once we ingrain it, the onus comes onto the Red Hat team for RHEL support."),(0,ce.kt)("p",null,"Dan has heard from customers is they are waiting to move to Podman Desktop until Docker Compose functionality is available."),(0,ce.kt)("p",null,"Stevan is documenting these kinds of requests from customers."),(0,ce.kt)("p",null,"Florent wondered which socket, Docker Compose or Podman, would be called. Matt suggests using a symlink from Podman to Docker, but this could be a problem if both were installed."),(0,ce.kt)("p",null,"From a Red Hat perspective, we'll need to get \u201cbuy-in\u201d from our product management team. We'll need to build a case, but that shouldn't be too hard to do. Florent has opened an ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/issues/16548"},"issue")," to address this socket problem."),(0,ce.kt)("p",null,"This is a similar situation to Dockerfile. We need to support all of the functionality there, and once we take on Docker Compose, we'll need to do that there too."),(0,ce.kt)("p",null,"Docker Compose is the last piece of the Docker-controlled container world that Podman does not handle well currently."),(0,ce.kt)("p",null,"Brent thinks that if we can provide Docker Compose support, the community will love it. The hard part will be finding the time to do the work and then support it over time."),(0,ce.kt)("h3",{id:"docker-socket-helper-on-macos-enabled-by-default---2850-in-the-video---florent-benoit"},"Docker Socket helper on macOS enabled by default - (28:50 in the video) - Florent Benoit"),(0,ce.kt)("p",null,"We have a number of people studying Podman and how it's attached to the Podman Socket. It's not working all the time with the Podman Machine in Mac. By default, the Podman socket is mounted for Windows."),(0,ce.kt)("p",null,"In Windows, if it's not finding Docker being mounted, then it mounts the Podman socket. Florent would like to do similar on the mac."),(0,ce.kt)("p",null,"Paul is concerned that the Mac would require root, which is not enabled by default."),(0,ce.kt)("p",null,"Ashley doesn't think root will be needed for this. Homebrew doesn't, so she thinks opt might not need root-level privileges."),(0,ce.kt)("p",null,"Dan suggests that we talk to Gerard to figure out a workaround. We could make the change such that at installation, it would optionally ask for a root password. Florent to open up an ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/issues/16547"},"issue")," against Podman to see if we can move this forward."),(0,ce.kt)("p",null,"On Linux, we shipped Podman-Docker, which takes care of this issue. Docker has a new change in this area, and it may not require root for the socket. Further investigation/study is to be done."),(0,ce.kt)("h4",{id:"open-discussion-3530-in-the-video"},"Open discussion (35:30 in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Issue Triage on Podman. (35:30 in the video)")),(0,ce.kt)("p",null,"Paul has noted an increase of issues reported against much older versions of Podman and issues that are incomplete. In addition, bugs reported against RHEL are being logged as issues rather than Bugzillas, as they should be."),(0,ce.kt)("p",null,"Brent thinks anything against Podman v1 and v2 should just be closed, and the people told to move up to a newer version."),(0,ce.kt)("p",null,'We might add a "unable to reproduce" flag that would close an issue if it was around for 30+ days.'),(0,ce.kt)("p",null,"A robot to ask for the ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman info")," output in an issue would also be nice."),(0,ce.kt)("p",null,"Reporters don't always report the information that's needed to resolve the issue."),(0,ce.kt)("p",null,"It would be nice to have AI that could move GitHub issues that should be discussions automatically."),(0,ce.kt)("p",null,"It would also be nice to block comments on issues that have been closed for several months or more."),(0,ce.kt)("p",null,"Podman Desktop has fields that they use in their issue template. The Podman team will look at what they're doing and see if we can align a bit better. The document is ",(0,ce.kt)("a",{parentName:"p",href:"https://docs.github.com/en/communities/using-templates-to-encourage-useful-issues-and-pull-requests/configuring-issue-templates-for-your-repository#creating-issue-forms"},"here"),". Brent and Mohan will poke at this further."),(0,ce.kt)("ol",{start:2},(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Podman 4.3 update (47:08 in the video)\nAbout three weeks old at this point. A new Podman v4.3.2 will come out sometime in December after an upcoming bug week."),(0,ce.kt)("p",{parentName:"li"},"Then Podman v4.4 RCs are likely to come out in late January.")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},(0,ce.kt)("inlineCode",{parentName:"p"},"podman kube play")," volume issue (48:30 in the video)\nMartin asked about the volume ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/pull/16420"},"issue")," with the ",(0,ce.kt)("inlineCode",{parentName:"p"},"kube play")," command. Podman Kube Play doesn't work with volumes that are associated with the Kube YAML. On restart, the volumes don't work. Team to look at this for Podman v4.4 at the latest."),(0,ce.kt)("p",{parentName:"li"},"Also upcoming in Podman v4.4 is a focus on performance, updates to podman machine, network improvements, podman Kube fixes, quadlet changes, a new ",(0,ce.kt)("inlineCode",{parentName:"p"},"--dns")," selector option, and pasta support."))),(0,ce.kt)("h3",{id:"next-meeting-thursday-december-15-2022-1100-am-edt-utc-5"},"Next Meeting: Thursday, December 15, 2022, 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h2",{id:"december-15-2022-topics"},"December 15, 2022 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"None Suggested")),(0,ce.kt)("h3",{id:"next-community-meeting-tuesday-december-6-2022-1100-am-edt-utc-5"},"Next Community Meeting: Tuesday, December 6, 2022, 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h3",{id:"possible-topics"},"Possible Topics:"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"MinIO Demo - Will Dinyes"),(0,ce.kt)("li",{parentName:"ol"},"Kubernetes Demo -")),(0,ce.kt)("p",null,"Meeting finished at 11:57 a.m."))}Qt.isMDXComponent=!0;const Zt={},_t="Podman Community Cabal Meeting Notes",Xt=[{value:"March 16, 2023 11:00 a.m. Eastern",id:"march-16-2023-1100-am-eastern",level:2},{value:"March 16, 2023 Topics",id:"march-16-2023-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"Podman and SQLite (0:45 in the video) - Matt Heon",id:"podman-and-sqlite-045-in-the-video---matt-heon",level:3},{value:"Hack/Perf Scripts (7:07 in the video) - Valentin Rothberg",id:"hackperf-scripts-707-in-the-video---valentin-rothberg",level:3},{value:"Container Tools (podman) test day (24:15 in the video) - Mohan/Lokesh/Sumantro",id:"container-tools-podman-test-day-2415-in-the-video---mohanlokeshsumantro",level:3},{value:"Open discussion (49:00 in video)",id:"open-discussion-4900-in-video",level:4},{value:"Next Meeting: Thursday, April 20, 2023, 11:00 a.m. EDT (UTC-5)",id:"next-meeting-thursday-april-20-2023-1100-am-edt-utc-5",level:3},{value:"Possible Topics",id:"possible-topics",level:2},{value:"Next Community Meeting: Tuesday, April 4, 2023, 11:00 a.m. EDT (UTC-5)",id:"next-community-meeting-tuesday-april-4-2023-1100-am-edt-utc-5",level:3},{value:"Possible Topics:",id:"possible-topics-1",level:3}],$t={toc:Xt},en="wrapper";function tn(e){let{components:t,...n}=e;return(0,ce.kt)(en,(0,Q.Z)({},$t,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("p",null,"Attendees: Matt Heon, Nalin Dahyabhai, Paul Holzinger, Lokesh Mandvekar, Valentin Rothberg, Eduardo Santiago, Giuseppe Scrivano, Preethi Thomas, Ashley Cui, Brent Baude, Chris Evich, Urvashi Mohnani, Martin Jackson, Mohan Boddu, Lance Lovette, and Sumantro Mukherjee"),(0,ce.kt)("h2",{id:"march-16-2023-1100-am-eastern"},"March 16, 2023 11:00 a.m. Eastern"),(0,ce.kt)("h2",{id:"march-16-2023-topics"},"March 16, 2023 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Podman and SQLite - Matt Heon"),(0,ce.kt)("li",{parentName:"ol"},"Hack/Perf scripts - Valentin Rothberg"),(0,ce.kt)("li",{parentName:"ol"},"Container Tools (podman) test day - Mohan/Lokesh/Sumantro")),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://youtu.be/k_88s2RQm5Q"},"Recording")),(0,ce.kt)("p",null,"Meeting start 11:03 a.m. EDT Thursday, March 16, 2023"),(0,ce.kt)("h3",{id:"podman-and-sqlite-045-in-the-video---matt-heon"},"Podman and SQLite (0:45 in the video) - Matt Heon"),(0,ce.kt)("p",null,'BoltDB is used currently as the database engine for Podman. We have encountered issues with BoltDB and discovered that BoltDB, for all intents and purposes, is no longer supported. The database can be corrupted after a power outage if the timing is badly "right".'),(0,ce.kt)("p",null,"Matt has looked into SQLite and has worked up replacement routines. By default, starting in August, new Podman installs will get SQLite. Later, the BoltDB databases may be converted, method TBD."),(0,ce.kt)("p",null,"So far, a slight performance increase with SQLite, a 30 to 40-millisecond speed up with container commands."),(0,ce.kt)("p",null,"Nothing for the user to do, except maybe initialize a database conversion routine."),(0,ce.kt)("p",null,"This should be out in Podman v4.5."),(0,ce.kt)("p",null,"Currently, the plan is to have ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman system reset")," clear the database, and scripts are being looked into also, but no promises. Matt thinks he'll keep BoltDB around for at least a year."),(0,ce.kt)("h3",{id:"hackperf-scripts-707-in-the-video---valentin-rothberg"},"Hack/Perf Scripts (7:07 in the video) - Valentin Rothberg"),(0,ce.kt)("p",null,"Showed a configurable script that drives the test. It uses ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/sharkdp/hyperfine"},"Hyperfine"),". It shows the output of a variety of Docker and Podman commands."),(0,ce.kt)("p",null,'The script consists of a "prepare" command to set things up in advance, but it does not have a post-test run process capability.'),(0,ce.kt)("p",null,"The scripts are under ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/tree/main/hack/perf"},"hack/perf")," on GitHub; contributions are gratefully accepted."),(0,ce.kt)("p",null,"Brent asked if you could run just one engine? No, these scripts are written in mind to compare two engines. But the scripts could be modified; or new ones created to work with just one engine."),(0,ce.kt)("p",null,"For cleanup, Valentin put procedures in the startup scripts."),(0,ce.kt)("p",null,"Dan thinks it would be nice to have a run.sh to feed commands into the test to check on those particular commands. Valentin likes the idea, but for cleaning/setting stuff up as you should do for a perf test, Valentin found the scripts to be easier to handle."),(0,ce.kt)("p",null,"Dan would like to be able to flop the order of Docker and Podman runs. He thinks the kernel may pre-load stuff that sometimes makes the second engine faster."),(0,ce.kt)("p",null,"This is helpful for not only comparing Docker/Podman but also different versions of Podman."),(0,ce.kt)("h3",{id:"container-tools-podman-test-day-2415-in-the-video---mohanlokeshsumantro"},"Container Tools (podman) test day (24:15 in the video) - Mohan/Lokesh/Sumantro"),(0,ce.kt)("p",null,"Similar to Fedora test days. He does FCOS test days and wants to add a cycle for when Podman has a new version to test."),(0,ce.kt)("p",null,"As a requirement, we need to get Podman latest into FCOS so the team could run the tests with it."),(0,ce.kt)("p",null,"They could grab Podman packages from the Fedora Test systems before it goes to stable."),(0,ce.kt)("p",null,"Generally, Podman releases every two months in general, with Release Candidates two weeks prior."),(0,ce.kt)("p",null,"The biggest one for us is install testing. Matt thinks running our system tests on FCOS would be good, but Brent thinks that environment might be challenging due to the packages that would have to be added to the FCOS image. Sumantro said we could instead use Workstation for the test."),(0,ce.kt)("p",null,"Generally, FCOS is used as a server, while FCOS workstation is more client-side."),(0,ce.kt)("p",null,"Paul is unsure of the advantage of running system tests in this environment. He thinks it would be better if we had users running tests rather than automated ones."),(0,ce.kt)("p",null,"Lokesh would prefer to start this in the second week of April or later."),(0,ce.kt)("p",null,"Mohan asked if they can do performance testing as well. An example test ",(0,ce.kt)("a",{parentName:"p",href:"https://testdays.fedoraproject.org/events/152"},"app"),". Sumantro could write stuff up and maintain it. We could potentially use Valentin\u2019s tests, but we need to figure out how to determine baselines and retain them."),(0,ce.kt)("p",null,"Mohan also asked if multiple architectures could be tested. The challenge here is to find the machines that can be used."),(0,ce.kt)("p",null,"Chris pointed out that along with the test results, we need to capture the system setup, down to the kernel versions that were in play."),(0,ce.kt)("p",null,"Dan noted that we don't alway get our release notes out in a timely manner, and we should in order to help this testing. The issue with that is the time necessary to put the notes together. Building a chopped version more quickly might be doable, but will need investigation. We should at least be able to get a list of issues out more quickly."),(0,ce.kt)("p",null,"Paul thinks it would not be a problem to run a benchmark with a before version and then the test version of Podman."),(0,ce.kt)("p",null,"FYI, here's a ",(0,ce.kt)("a",{parentName:"p",href:"https://fedoraproject.org/wiki/QA:Testcase_Podman"},"Podman Test Case")," that was used in the past."),(0,ce.kt)("p",null,"As far as ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman machine")," goes, we could test on FCOS Workstation, then the testing would be useful and valuable."),(0,ce.kt)("p",null,"Mohan wondered if they had any Mac/Windows based testing. They do have some, that can be used."),(0,ce.kt)("p",null,"Paul noted the big thing is writing up the test cases to see what should be tested. Most of the CI is for regression testing only. He suggests that we might ask people provide test cases within a Pull Request statement."),(0,ce.kt)("p",null,"What is the next steps for moving forward with this?",(0,ce.kt)("br",{parentName:"p"}),"\n","Sumantro needs a pointer to tests that are not covered. He could do so via issues on the GitHub. Targeting mid-April for the first test run."),(0,ce.kt)("h4",{id:"open-discussion-4900-in-video"},"Open discussion (49:00 in video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Lance asked how the port works between the mac, machine and the container. If he publishes the port, it seems to be exposed on the mac. He wants to know if he can connect the port to the podman machine directly rather than the mac. Paul says not doable now, but we can take a feature request in GitHub and will publsh it."),(0,ce.kt)("p",{parentName:"li"},"Brent asked if he wanted to publish the port beyond the machine or did he just want to hit it from the mac. Slirpnetns or passt is a bit of a black hole, and you throw something in there, then it comes out where we told it to, and it's hard to select it. The problem is your running rootless, so there are limitations."),(0,ce.kt)("p",{parentName:"li"},"The virtual machine is isolated from the MacOS, ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/gvisor-tap-vsock"},"gvproxy")," is the glue that lets you do port handling."),(0,ce.kt)("p",{parentName:"li"},"You will need root privs not only in the 'podman machine vm' but also on the MacOS."),(0,ce.kt)("p",{parentName:"li"},(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/gvisor-tap-vsock"},"gvproxy")," is under containers on GitHub, and we contribute it."),(0,ce.kt)("p",{parentName:"li"},"This ",(0,ce.kt)("a",{parentName:"p",href:"https://www.redhat.com/sysadmin/run-containers-mac-podman"},"article")," was helpful to Lance for all of this."))),(0,ce.kt)("p",null,"2) Brent asked if ssh keys need to be encrypted in the view of others. A ",(0,ce.kt)("a",{parentName:"p",href:"https://www.redhat.com/sysadmin/run-containers-mac-podman"},"Discussion")," was started in GitHub. We had one request recently and we're leaning towards doing keychain, but there's been several challenges with that."),(0,ce.kt)("p",null," If they used encrypted keys, the user would be prompted for the password with every command. Adding a key to the key ring has proven to be challenging. Paul thinks this can be done securely with ssh, Brent asked Paul to write up a proposal for the changes he's suggesting. The user may run into issue when dealing with keys for the podman machine. Brent is trying to figure out the amount of work for it all."),(0,ce.kt)("h3",{id:"next-meeting-thursday-april-20-2023-1100-am-edt-utc-5"},"Next Meeting: Thursday, April 20, 2023, 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h2",{id:"possible-topics"},"Possible Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"None discussed")),(0,ce.kt)("h3",{id:"next-community-meeting-tuesday-april-4-2023-1100-am-edt-utc-5"},"Next Community Meeting: Tuesday, April 4, 2023, 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h3",{id:"possible-topics-1"},"Possible Topics:"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"None discussed")),(0,ce.kt)("p",null,"Meeting finished 12:08 p.m."),(0,ce.kt)("p",null,"Raw Meeting Chat:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"You\n11:02\u202fAM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nMartin Jackson\n11:11\u202fAM\nI think the speedup was in milli-seconds, not micro-seconds? Perhaps I misheard\nMatt Heon\n11:11\u202fAM\nYeah, milliseconds\nYou\n11:12\u202fAM\nThanks for the touch up.\nMatt Heon\n11:12\u202fAM\nDB writes are ~2x as fast with SQLite. Reads are a bit slower, but those only take tens of microseconds, so it doesn't really matter.\nWrites being ~5ms for SQLite versus ~10ms for Bolt. Most of which is fsync.\nMohan Boddu\n11:19\u202fAM\nSomeone at the door, bbiab\nMohan Boddu\n11:27\u202fAM\nback\nYou\n11:29\u202fAM\nValentin, have you shared the hack/perf scripts with Yiqiao and the rest of the QE team?\nValentin Rothberg\n11:29\u202fAM\n@Tom, no, I didn't share them with QE. But I see where you're going. It's probably a good idea to let them know.\nPreethi Thomas\n11:35\u202fAM\nYou may have already talked about it as I a only half listening. How about podman-machine/podman-remote tests on FCOS?\nSumantro Mukherjee\n11:36\u202fAM\nhttps://testdays.fedoraproject.org/events/152\nSumantro Mukherjee\n11:44\u202fAM\nhttps://fedoraproject.org/wiki/QA:Testcase_Podman\nPaul Holzinger\n11:52\u202fAM\ngit log --all --grep='\\[NO NEW TESTS NEEDED\\]'\nBrent Baude\n11:52\u202fAM\ni have a question as well\nLokesh Mandvekar\n11:53\u202fAM\nbtw, if someone can back me up on the rpm side, then we don't need to wait for me to get back\nMatt Heon\n11:54\u202fAM\nCould we route the Podman subnet from OS X to the VM? That would let (root) containers be accessed directly from OS X\nLance Lovette\n12:01\u202fPM\nhttps://www.redhat.com/sysadmin/run-containers-mac-podman\nYou\n12:01\u202fPM\nTY!\nBrent Baude\n12:01\u202fPM\nhttps://github.com/containers/podman/discussions/17795\n")))}tn.isMDXComponent=!0;const nn={},an="Podman Community Meeting",on=[{value:"December 1, 2020 11:00 a.m. Eastern (UTC-5)",id:"december-1-2020-1100-am-eastern-utc-5",level:2},{value:"Attendees (35 total)",id:"attendees-35-total",level:3},{value:"Meeting Start: 11:03 a.m.",id:"meeting-start-1103-am",level:2},{value:"BlueJeans Recording",id:"bluejeans-recording",level:3},{value:"Introducing Network Aliases",id:"introducing-network-aliases",level:2},{value:"Matt Heon",id:"matt-heon",level:3},{value:"(1:50 in the video)",id:"150-in-the-video",level:4},{value:"Podman Split Brain API",id:"podman-split-brain-api",level:2},{value:"Jhon Honce",id:"jhon-honce",level:3},{value:"(12:33 in the video)",id:"1233-in-the-video",level:4},{value:"Demo containers.conf usage",id:"demo-containersconf-usage",level:2},{value:"Dan Walsh",id:"dan-walsh",level:3},{value:"(22:34 in video)",id:"2234-in-video",level:4},{value:"Podman development update",id:"podman-development-update",level:2},{value:"Brent Baude",id:"brent-baude",level:3},{value:"(38:30 in the video)",id:"3830-in-the-video",level:4},{value:"Discussion on a Podman forum.",id:"discussion-on-a-podman-forum",level:2},{value:"(44:28 in the video)",id:"4428-in-the-video",level:4},{value:"Any pain points?",id:"any-pain-points",level:2},{value:"(49:19 in the video)",id:"4919-in-the-video",level:4},{value:"systemd discussion",id:"systemd-discussion",level:2},{value:"(51:19 in the video)",id:"5119-in-the-video",level:4},{value:"Questions?",id:"questions",level:2},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"NOTE no January meeting.",id:"note-no-january-meeting",level:3},{value:"(54:03 in the video)",id:"5403-in-the-video",level:4},{value:"Next Meeting: Tuesday February 2, 2020, 11:00 a.m. Eastern (UTC-5)",id:"next-meeting-tuesday-february-2-2020-1100-am-eastern-utc-5",level:2},{value:"Meeting End: 12:03 p.m. Eastern (UTC-5)",id:"meeting-end-1203-pm-eastern-utc-5",level:3},{value:"BlueJeans Chat copy/paste:",id:"bluejeans-chat-copypaste",level:2}],sn={toc:on},rn="wrapper";function ln(e){let{components:t,...n}=e;return(0,ce.kt)(rn,(0,Q.Z)({},sn,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting"},"Podman Community Meeting"),(0,ce.kt)("h2",{id:"december-1-2020-1100-am-eastern-utc-5"},"December 1, 2020 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"attendees-35-total"},"Attendees (35 total)"),(0,ce.kt)("p",null,"Tom Sweeney, Brent Baude, Jhon Honce, Reinhard Tartler, Dan Walsh, Chris Evich, Lokesh Mandvekar, Anders Bj\xf6rklund, Greg Shomo, Urvashi Mohnani, Nalin Dahyabhai, Qi Wang, Eduardo Santiago, Ed Haynes, Sally O'Malley, James Cassell, Scott McCarty, Christian Felder, Valentin Rothberg, Christian Korneck, Neal Gompa, Brian Smith, Giuseppe Scrivano, Joe Crist, Joe Doss, Miloslav Trmac, Pablo Greco, Parker Van Roy, Peter Hunt, Preethi Thomas, James Ault"),(0,ce.kt)("h2",{id:"meeting-start-1103-am"},"Meeting Start: 11:03 a.m."),(0,ce.kt)("h3",{id:"bluejeans-recording"},"BlueJeans ",(0,ce.kt)("a",{parentName:"h3",href:"https://bluejeans.com/s/aOaqCoRSJB4/"},"Recording")),(0,ce.kt)("h2",{id:"introducing-network-aliases"},"Introducing Network Aliases"),(0,ce.kt)("h3",{id:"matt-heon"},"Matt Heon"),(0,ce.kt)("h4",{id:"150-in-the-video"},"(1:50 in the video)"),(0,ce.kt)("p",null,"Podman v2.2 came out last night. Network connect lets you take an existing container and will let you connect to another containers network."),(0,ce.kt)("p",null,"Still limited, calling it initial support."),(0,ce.kt)("p",null,"Second thing is network aliases. Podman allows you to access other containers by its name. Supported since v1.6. Useful for database container and a http container that you want to talk to. Network alias allows you to add further names to the containers to make it even easier to communicate with."),(0,ce.kt)("p",null,"A new ",(0,ce.kt)("inlineCode",{parentName:"p"},"dnsname")," plugin is required. Existing networks from ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman network connect")," are not compatible as-is but are simple to upgrade (small change to their config)."),(0,ce.kt)("p",null,"Matt started a demo (",(0,ce.kt)("a",{parentName:"p",href:"https://asciinema.org/a/376554"},"https://asciinema.org/a/376554"),") ",(0,ce.kt)("strong",{parentName:"p"},"(4:59 in the video)"),"."),(0,ce.kt)("p",null,"The demo showed how you can use either the name of the container or its newly established alias to do a run command against."),(0,ce.kt)("p",null,"He then demo'd setting up a network connection."),(0,ce.kt)("h2",{id:"podman-split-brain-api"},"Podman Split Brain API"),(0,ce.kt)("h3",{id:"jhon-honce"},"Jhon Honce"),(0,ce.kt)("h4",{id:"1233-in-the-video"},"(12:33 in the video)"),(0,ce.kt)("p",null,"Community was resistant to a new API that differed greatly from Docker. Podman v2.0 featured API v2.0.x. Split brain comes form DNS split brain . We have an api that is Docker compatible and one that is not. The two trees are versioned independently."),(0,ce.kt)("p",null,"Moving to Podman and API v3.X for both in the near future. We needed improvements especially in newlines where we've run into issues with v2.0. V3.0 will complete more of the compatibility resources. It will add new commands such as network connect and disconnect. Also removal of the varlink API which will cause the size of the binary to be slimmed down."),(0,ce.kt)("p",null,"Brent also talked about slimming down other areas of Podman as well in v3.0. Dan pointed out the help that the community has provided in tuning the API."),(0,ce.kt)("p",null,"See ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/tree/main/test/apiv2/rest_api"},"API tests using python requests library")," for examples."),(0,ce.kt)("h2",{id:"demo-containersconf-usage"},"Demo containers.conf usage"),(0,ce.kt)("h3",{id:"dan-walsh"},"Dan Walsh"),(0,ce.kt)("h4",{id:"2234-in-video"},"(22:34 in video)"),(0,ce.kt)("p",null,"Dan talked about containers.conf which will allow for users to change the default settings for the container engine on the host."),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"/usr/share/containers/containers.conf is the main file to use."),(0,ce.kt)("li",{parentName:"ul"},"/etc/containers/containers.conf is the secondary file which an admin can use to change for all container projects (Buildah, Podman, Skopeo, etc.)"),(0,ce.kt)("li",{parentName:"ul"},"$HOME/.config/containers/containers.conf is used by an individual user to configure their rootless containers.")),(0,ce.kt)("p",null,"The containers.conf file allows for sysctl to be configured/toggled. There are many options within the files."),(0,ce.kt)("p",null,"Does rootless ignore the /etc/containers/containers.conf version? It does not per Dan."),(0,ce.kt)("p",null,"Neal Gompa asked if we could provide a containers.conf.d similar to registries.conf.d which makes it even easier to tailor. Dan said it's been thought about and we'd be amiable to it being included."),(0,ce.kt)("p",null,"Dan then did a demo."),(0,ce.kt)("p",null,"HPC had massive amounts of containers and want to set up defaults. A blog is in the works."),(0,ce.kt)("p",null,"James Cassell asked about libpod.conf. It's gone away and been replaced by containers.conf."),(0,ce.kt)("h2",{id:"podman-development-update"},"Podman development update"),(0,ce.kt)("h3",{id:"brent-baude"},"Brent Baude"),(0,ce.kt)("h4",{id:"3830-in-the-video"},"(38:30 in the video)"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("p",{parentName:"li"},"Podman v2.2 was just cut yesterday Nov 30, 2020 and upstream was switched to v3.0 development. Varlink was removed from Fedora 33 which will have Podman 3.0. Fedora 32 will not have Podman v3.0.")),(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("p",{parentName:"li"},"Podman 2.1.1 will be in RHEL 8.3.1 to be released in Feb 2021, and RHEL 8.4 in May 2021 will have Podman v3.0.")),(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("p",{parentName:"li"},"The Debian and Ubuntu distro packages currently ship with varlink enabled at build time, and ship with systemd units."))),(0,ce.kt)("h2",{id:"discussion-on-a-podman-forum"},"Discussion on a Podman forum."),(0,ce.kt)("h4",{id:"4428-in-the-video"},"(44:28 in the video)"),(0,ce.kt)("p",null,"Joe Doss suggested a Podman category on this forum: ",(0,ce.kt)("a",{parentName:"p",href:"https://discussion.fedoraproject.org/c/server/coreos/5"},"https://discussion.fedoraproject.org/c/server/coreos/5")," like FCOS?\nTom Sweeney pointed out there is a podman wiki and the mailing list. Thought was expanding the wiki would be useful. Matt Heon would like a place to document what people are doing and how which would probably fit well with a forum or a Wiki. Tom Sweeney to look into setting up a forum in the fedoraproject.org site."),(0,ce.kt)("h2",{id:"any-pain-points"},"Any pain points?"),(0,ce.kt)("h4",{id:"4919-in-the-video"},"(49:19 in the video)"),(0,ce.kt)("p",null,"Brent Baude asked the attendees if they had any pain points with Podman:"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("p",{parentName:"li"},"--cache-from on image building, huge pain not having that.")),(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("p",{parentName:"li"},"jitsi-meet and k3d working in podman?")),(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("p",{parentName:"li"},"we would certainly like to see integration between podman and MPI versions: e.g. mpirun podman imagename to launch a job on some HPC nodes in a rootless podman environment....")),(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("p",{parentName:"li"},"Has cgroup functionaly matured more, especially with systemd. This is still ongoing.")),(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("p",{parentName:"li"},"handling ",(0,ce.kt)("inlineCode",{parentName:"p"},"isDeaultGateway")," properly in podman network create (currenlty it is hard-coded to false in NewHostLocalBridge) - I already created an issue ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/issues/8483"},"#8483")))),(0,ce.kt)("h2",{id:"systemd-discussion"},"systemd discussion"),(0,ce.kt)("h4",{id:"5119-in-the-video"},"(51:19 in the video)"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Joe Doss asked if the interaction between Podman and systemd in regards to cgroups is in a mature state? He's had issues with rootless Podman and systemd. Matt Heon said work has been done, but more work needed.\n\nValentin noted that \"how to\" run a rootless container with systemd is documented in the man pages, but it's not always the greatest place to find info. More blogs and how-tos would be nice to have, from both Red Hat and the community.\n\nA blog post with example config files for this example (running a rootless container with systemd) would be excellent...\n")),(0,ce.kt)("h2",{id:"questions"},"Questions?"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"James Cassell asked about how libpod.conf is handled. In v2.0 we swapped out the default reading order so containers.conf is now read first. The libpod.conf file is still supported, but it is suggested to move to containers.conf which is used by more projects (Buildah, Skopeo) other than Podman. We may drop it in v3.0, something to discuss by the development team."),(0,ce.kt)("li",{parentName:"ul"},"If a containers.conf has specified a volume, but it doesn't exist? The intent of the question was a way to have a container disable parts of containers.conf (or all of it) and not obey global configuration. This is not presently possible - containers.conf is intended to be a global configuration for all containers. It is possible to override individual settings manually, or for a specific user by adding a containers.conf for the user. We may reevaluate this in the future."),(0,ce.kt)("li",{parentName:"ul"},"Is there a way to send a particular option to a particular container using this (containers.conf)? We don't currently have a way to do that specifically at this time.")),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("h3",{id:"note-no-january-meeting"},(0,ce.kt)("strong",{parentName:"h3"},"NOTE")," no January meeting."),(0,ce.kt)("h4",{id:"5403-in-the-video"},"(54:03 in the video)"),(0,ce.kt)("p",null,"Two Proposed Topics:"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"systemd with containers - Valentin Rothberg"),(0,ce.kt)("li",{parentName:"ul"},"Docker compose with Podman - Brent Baude")),(0,ce.kt)("h2",{id:"next-meeting-tuesday-february-2-2020-1100-am-eastern-utc-5"},"Next Meeting: Tuesday February 2, 2020, 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"meeting-end-1203-pm-eastern-utc-5"},"Meeting End: 12:03 p.m. Eastern (UTC-5)"),(0,ce.kt)("h2",{id:"bluejeans-chat-copypaste"},"BlueJeans Chat copy/paste:"),(0,ce.kt)("p",null,(0,ce.kt)("strong",{parentName:"p"},"Note:")," Many thanks to James Cassell for capturing the Bluejeans chat!"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Tom Sweeney10:56 AM\nPlease sign in at HackMD: https://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nMe11:08 AM\nyes\nGuest 511:14 AM\nso the alias is for a hostname or networks? -- I'm confused on what exactly is aliased.\nBrent Baude11:14 AM\nyes\nmheon11:14 AM\nIt's basically a DNS CNAME\nGuest 511:14 AM\nbut it is bound to the network. So if the container gets disconnected, the alias is dangling?\nmheon11:15 AM\nThe alias is removed from the container when we disconnect\nGuest 511:15 AM\nthanks!\nmheon11:16 AM\nhttps://asciinema.org/a/376554\nMe11:16 AM\nlooks like 2.1.1 is the newest available in updates-testing on Fedora 33\nDaniel (rhatdan) Walsh11:16 AM\nI saw it this morning.\nBrent Baude11:16 AM\npodman-2.2.0-1.fc32 and fc33 just built\nDaniel (rhatdan) Walsh11:17 AM\nkoji latest-pkg f33-updates-candidate podman\nMe11:17 AM\ngreat! probably hasn't made it to the mirrors yet\nBrent Baude11:17 AM\nit needs bodhi first\nhttps://bodhi.fedoraproject.org/updates/FEDORA-2020-fd0574be76\nNeal Gompa11:17 AM\nhey all!\nBrent Baude11:17 AM\nhttps://bodhi.fedoraproject.org/updates/FEDORA-2020-c9a8fdbd34\nafbjorklund11:17 AM\npodman 2.2.0 is out for ubuntu (ironically enough)\nNeal Gompa11:18 AM\nwell, not for stable releases :)\nand not in the official repos\neven hirsute still only has podman 2.0.6\nafbjorklund11:18 AM\nWill there be a 2.1.2 ?\nBrent Baude11:19 AM\nno\nDaniel (rhatdan) Walsh11:19 AM\nMaster branch is now on 3.0-devel\nBrent Baude11:19 AM\nlets talk versions in wrap up?\nMe11:19 AM\npodman 2.2.0 has buildah 1.18?\nmheon11:20 AM\nYes - 1.18.0\nJoe Doss11:22 AM\n100% agree Neal\nMe11:29 AM\nDoes rootless ignore the /etc/containers/containers.conf version?\nMe11:35 AM\nlibpod.conf?\nGuest 511:35 AM\nhow to disable options on the command-line that are specified in the configuration file?\nJoe Doss11:36 AM\nOnline Documentation on containers.conf?\nBrent Baude11:36 AM\ncmds overrule conf files\nGuest 511:36 AM\nExample: if containers.conf is specifying some volume, but I have a usecase where that must not exist?\nah, ok. makes sense\nMe11:36 AM\nthanks! containers.conf sounds great\nMe11:37 AM\n\"WARN[0000] Found deprecated file /etc/containers/libpod.conf, please remove. Use /etc/containers/containers.conf to override defaults.\"\nGuest 511:39 AM\naah, thanks for the clarification. the distinction between appendable and non-appendable option wasn't obvious to me\nGuest 511:41 AM\nfor clarity, it was an explorative question, I don't have a specific use-case in mind\nGuest 511:45 AM\ndebian does right now (for better or worse)\nubuntu is following debian\nI'd love to drop it, but evidently, nomad-podman is still depending on it\nPablo Greco11:46 AM\ndid I understand correctly, there won't be podman 2.2.x in RHEL?\nChristian Korneck11:47 AM\nunrelated general question: I kind of miss an equivalent to the Docker Forum for Podman where users can exchange about their Podman usage. Stuff that can get verbose. (I think github issues are more dev related?). Would it maybe make sense to create some forum (i.e. by enabling github discussions on the gh repo)?\nBrent Baude11:47 AM\ngood question\nlets talk about it\nMe11:48 AM\nmailing list\nafbjorklund11:48 AM\nWe talked about it last meeting, but podman-machine and minikube were both using varlink. Currently frozen at podman 1.9.3\nMinikube now also supports podman2, so it will use whatever version is on the server (actually looks for \"varlink\" binary)\nChristian Korneck11:49 AM\nok, let me try and jump on the mailinglist :)\nNeal Gompa11:49 AM\nhttps://lists.podman.io\nUwe11:49 AM\nThe list is fine\nJoe Doss11:50 AM\n+1 on a single source of truth for online docs.\nNeal Gompa11:50 AM\ngotta jump off, bye y'all\nJoe Doss11:50 AM\nBye Neal\nafbjorklund11:51 AM\nI have three audio dials\nJoe Doss11:52 AM\nRegarding a forum Maybe a Podman category on https://discussion.fedoraproject.org/c/server/coreos/5 like FCOS?\nmheon11:53 AM\nWe definitely do get questions there\nJoe Doss11:53 AM\nwould be a fast and easy way to get community discussion going for Podman that is not a mailing list.\n--cache-from on image building\nhuge pain not having that.\nGuest 511:54 AM\njitsi-meet and k3d working in podman ? ;-)\nwould be my pet peeves :-)\nJA11:54 AM\nwe would certainly like to see integration between podman and MPI versions: e.g. mpirun podman imagename to launch a job on some HPC nodes....\nPablo Greco11:55 AM\nDan, nnow that gitlab-runner works, it is for me ;)\nChristian Felder11:55 AM\nhandling ``isDeaultGateway`` properly in podman network create (currenlty it is hard-coded to false in NewHostLocalBridge) - I already created an issue #8483\nBrent Baude11:56 AM\nyup got that\nJA11:57 AM\nin a rootless-podman environment...\nMe11:57 AM\nCOPY between stages in multi-stage build seems to hash every file, even if neither of the previous stages changed, which slows down cached rebuilds\nPablo Greco11:57 AM\nNeed to go, $work meeting, thanks!\nafbjorklund11:58 AM\nAbout k3d: do have crio-in-podman running with minikube (even with podman v2)\nJA12:01 PM\na blog post with example config files for this example (running a rootless container with systemd) would be excellent...\nGuest 512:03 PM\nI agree with Joe!\nGreg Shomo (Northeastern)12:03 PM\nthank you all for your time && have a good one\nJoe Doss12:03 PM\nThanks folks\nChristian Felder12:03 PM\nThanks!\nUwe12:04 PM\nthanks, cu\nTom Sweeney12:08 PM\nJames Cassell if you're still on line, could you cut/paste the bluejeans chat into the bottom of the hackmd please?\nDitto anyone else who may still be here.\nMe12:12 PM\nyes, will do\n")))}ln.isMDXComponent=!0;const hn={},dn="Podman Community Meeting",un=[{value:"June 1, 2021 11:00 a.m. Eastern (UTC-4)",id:"june-1-2021-1100-am-eastern-utc-4",level:2},{value:"Attendees (24 total)",id:"attendees-24-total",level:3},{value:"Meeting Start: 11:03 a.m.",id:"meeting-start-1103-am",level:2},{value:"BlueJeans Recording",id:"bluejeans-recording",level:3},{value:"General Announcements",id:"general-announcements",level:2},{value:"Tom Sweeney",id:"tom-sweeney",level:3},{value:"Podman and TYE",id:"podman-and-tye",level:2},{value:"Tom Deseyn",id:"tom-deseyn",level:3},{value:"(3:00 in the video)",id:"300-in-the-video",level:4},{value:"Slides",id:"slides",level:4},{value:"Podman v3.2.0 Updates",id:"podman-v320-updates",level:2},{value:"Matt Heon",id:"matt-heon",level:3},{value:"(15:50 in the video)",id:"1550-in-the-video",level:4},{value:"Podman in Kubernetes",id:"podman-in-kubernetes",level:2},{value:"Urvashi Mohnani",id:"urvashi-mohnani",level:3},{value:"(20:18 in the video)",id:"2018-in-the-video",level:4},{value:"Podman Machine Updates",id:"podman-machine-updates",level:2},{value:"Brent Baude",id:"brent-baude",level:3},{value:"(32:00 in the video)",id:"3200-in-the-video",level:4},{value:"Slides",id:"slides-1",level:4},{value:"Questions?",id:"questions",level:2},{value:"(38:44) in the video)",id:"3844-in-the-video",level:4},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday August 3, 2021, 11:00 a.m. Eastern (UTC-4)",id:"next-meeting-tuesday-august-3-2021-1100-am-eastern-utc-4",level:2},{value:"Meeting End: 11:57 a.m. Eastern (UTC-4)",id:"meeting-end-1157-am-eastern-utc-4",level:3},{value:"BlueJeans Chat copy/paste:",id:"bluejeans-chat-copypaste",level:2}],mn={toc:un},cn="wrapper";function pn(e){let{components:t,...n}=e;return(0,ce.kt)(cn,(0,Q.Z)({},mn,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting"},"Podman Community Meeting"),(0,ce.kt)("h2",{id:"june-1-2021-1100-am-eastern-utc-4"},"June 1, 2021 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"attendees-24-total"},"Attendees (24 total)"),(0,ce.kt)("p",null,"Tom Sweeney, Brent Baude, Jhon Honce, Dan Walsh, Chris Evich, Urvashi Mohnani, Nalin Dahyabhai, Eduardo Santiago, Matt Heon, Ashley Cui, Paul Holzinger, Greg Shomo, Tom Deseyn, Andrew Slice, Anders Bj\xf6rklund, Shion Tanaka, Alex Litvak, Juanje Ojeda, Deepak Bhole, Eduardo Vega, Falsal Rzzzak, Juanje Ojeda, Omair Majid, Peter Hunt, Preethi Thomas, Uwe Reh"),(0,ce.kt)("h2",{id:"meeting-start-1103-am"},"Meeting Start: 11:03 a.m."),(0,ce.kt)("h3",{id:"bluejeans-recording"},"BlueJeans ",(0,ce.kt)("a",{parentName:"h3",href:"https://bluejeans.com/s/3fO@uV5g9KF"},"Recording")),(0,ce.kt)("h2",{id:"general-announcements"},"General Announcements"),(0,ce.kt)("h3",{id:"tom-sweeney"},"Tom Sweeney"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"No July Meeting due to holiday and vacations, we meet next on Tuesday August 3rd."),(0,ce.kt)("li",{parentName:"ul"},"The Podman IRC channel is moving. We've left the Freenode server and now the #podman channel lives on the Libera server.")),(0,ce.kt)("h2",{id:"podman-and-tye"},"Podman and TYE"),(0,ce.kt)("h3",{id:"tom-deseyn"},"Tom Deseyn"),(0,ce.kt)("h4",{id:"300-in-the-video"},"(3:00 in the video)"),(0,ce.kt)("h4",{id:"slides"},(0,ce.kt)("a",{parentName:"h4",href:"https://github.com/containers/podman.io/blob/main/community/meeting/notes/2021-06-01/tye_meets_podman.pdf"},"Slides")),(0,ce.kt)("p",null,"Tom is working for Red Hat on .NET. His team has been building and packaging .Net on Red Hat Enterprise Linux (RHEL) and OpenShift Container Platform (OCP) for about the past five years. Focus on cloud development. TYE is from Microsoft and is meant to ease development of .NET based applications. TYE was not originally working with Podman, but he worked with the Podman team to get it to work. That was delivered earlier this year. Many of these features were also needed by Docker Compose."),(0,ce.kt)("p",null,"Two use cases, Development and Deployment."),(0,ce.kt)("p",null,"Development"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Run several services",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},".Net applications"),(0,ce.kt)("li",{parentName:"ul"},"Containers",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"Let them find one another"))),(0,ce.kt)("li",{parentName:"ul"},"Dashboard"),(0,ce.kt)("li",{parentName:"ul"},"Debugging"),(0,ce.kt)("li",{parentName:"ul"},"Watch")))),(0,ce.kt)("p",null,"Deployment"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Containerize"),(0,ce.kt)("li",{parentName:"ul"},"Generate Kubernetes manifest"),(0,ce.kt)("li",{parentName:"ul"},"Service binding")),(0,ce.kt)("p",null,"Demo (7:00 in the video)"),(0,ce.kt)("p",null,"TYE has a command line interface. The ",(0,ce.kt)("inlineCode",{parentName:"p"},"tye run")," command will bring up a dashboard of services. He can then traverse through the services in the GUI."),(0,ce.kt)("p",null,"TYE started the applications and the containers for each service including the ports. Each service has a log that can be looked at and metrics from .NET within the GUI."),(0,ce.kt)("p",null,"This was all done via a yaml file that defined the services. Based on this, TYE launched the applications."),(0,ce.kt)("p",null,"(Demo End 11:35)"),(0,ce.kt)("p",null,"Tom showed a second slide."),(0,ce.kt)("p",null,"Blue boxes are containers, red boxes are regular applications running on the host."),(0,ce.kt)("p",null,"TYE allows you to connect to a running application and debug it."),(0,ce.kt)("p",null,"TYE started two containers. For both backend and frontend proxies uses the loopback provided by Podman. Now in .NET he can debug within the provided interface from .NET. Under the covers it's using Podman v3.0 as it was using Docker before."),(0,ce.kt)("p",null,"TYE is a single host tool for developers."),(0,ce.kt)("h2",{id:"podman-v320-updates"},"Podman v3.2.0 Updates"),(0,ce.kt)("h3",{id:"matt-heon"},"Matt Heon"),(0,ce.kt)("h4",{id:"1550-in-the-video"},"(15:50 in the video)"),(0,ce.kt)("p",null,"Currently on final RC, hoping to get final release today or in the next few days."),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/releases/tag/v3.2.0-rc3"},"Podman v3.2.0-rc3 Release Notes")),(0,ce.kt)("p",null,"Features:"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Docker compose is supported with rootless Podman."),(0,ce.kt)("li",{parentName:"ul"},"Rootless CNI networking should work on any architecture."),(0,ce.kt)("li",{parentName:"ul"},"Podman Machine commands to handle virtual machines, most useful for MacOS."),(0,ce.kt)("li",{parentName:"ul"},"Podman generate Kube updates"),(0,ce.kt)("li",{parentName:"ul"},"podman start --all now works"),(0,ce.kt)("li",{parentName:"ul"},"Changes made to allow Podman to work better in a container. Blog post incoming with details.")),(0,ce.kt)("h2",{id:"podman-in-kubernetes"},"Podman in Kubernetes"),(0,ce.kt)("h3",{id:"urvashi-mohnani"},"Urvashi Mohnani"),(0,ce.kt)("h4",{id:"2018-in-the-video"},"(20:18 in the video)"),(0,ce.kt)("p",null,"Demos for running Podman inside a Kubernetes cluster. Still slightly experimental."),(0,ce.kt)("p",null,"Urvashi has a local Kubernetes cluster up and is running CRI-O as her container runtime engine. Easiest way to run things is to have privileged set to true in the cluster and she ran a user set to 1000."),(0,ce.kt)("p",null,'She ran a simple Podman container inside of a Kubernetes container to do a "Hello" to sysout.'),(0,ce.kt)("p",null,"She then built within the Kubernetes container. Even though the Kubernetes container is privileged, the Podman container within is not and is using usernamespace."),(0,ce.kt)("p",null,"Now she showed running as an unprivileged Kubernetes container, and to do that you need to set selinux to permissive mode. That's necessary as the containers can't mount all the file systems that they need to run. You also need to mount the dev fuse device as that's needed for the overlayfs file system."),(0,ce.kt)("p",null,"She then ran a nonprivileged container within a nonprivileged Kubernetes containers. Showed doing builds, but errors can occur. Need to change ",(0,ce.kt)("inlineCode",{parentName:"p"},"--isolation")," to chroot in the ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman build")," command."),(0,ce.kt)("p",null,"Ran Podman in a unprivileged container, but the Podman container was run as root."),(0,ce.kt)("p",null,"You can also run Podman service on your host and leave a socket entry to your container. This is done with a volume mount of the socket. You can then run ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman --remote")," command against that socket."),(0,ce.kt)("p",null,"If you use CRI-O as your runtime engine, you can add a user and a node annotation to your runtime. But it is experimental at the moment in Kubernetes and CRI-O. However, that tells CRI-O to create your container within your usernamespace."),(0,ce.kt)("p",null,"A blog coming out for running Podman in Kubernetes and it will become part of the official documentation."),(0,ce.kt)("h2",{id:"podman-machine-updates"},"Podman Machine Updates"),(0,ce.kt)("h3",{id:"brent-baude"},"Brent Baude"),(0,ce.kt)("h4",{id:"3200-in-the-video"},"(32:00 in the video)"),(0,ce.kt)("h4",{id:"slides-1"},(0,ce.kt)("a",{parentName:"h4",href:"https://github.com/containers/podman.io/blob/main/community/meeting/notes/2021-06-01/podman_machine.pdf"},"Slides")),(0,ce.kt)("p",null,"Why run Podman Machine on Linux rather than run it on the host? It makes sense from a MacOS. Would be good where you wanted to run containers and wanted to have some level of separation. Also good for testing on a Linux machine before moving it to Windows or Mac. Could also be good to see if Podman works with other Linux Operating Systems other than your native system."),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"What's in development?",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"Working custom images for x86_64 Linux and MacOS and aarch64 Linux and aarch MacOS"),(0,ce.kt)("li",{parentName:"ul"},"Port forwarding on hot"),(0,ce.kt)("li",{parentName:"ul"},"Some buggy code that needs testing"))),(0,ce.kt)("li",{parentName:"ul"},"Remaining obstacles",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"Merge development code"),(0,ce.kt)("li",{parentName:"ul"},"Packaging for both Linux and Brew"),(0,ce.kt)("li",{parentName:"ul"},"aarch64 support for FCOS is pending (will lead with x86_64)"),(0,ce.kt)("li",{parentName:"ul"},"Upstream merge of qemu support for M1"))),(0,ce.kt)("li",{parentName:"ul"},"Looking forward",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"Need a reasonably performant sollution for mounting from host"),(0,ce.kt)("li",{parentName:"ul"},"Work with FCOS team to reduce size of base image.")))),(0,ce.kt)("p",null,"It makes sense that you'd run Linux on MacOS to create a container, but why do so on Linux? Possibly to test different archtectures, to maintain a level of separation between the host and the container, or running a separate Linux distribution. Good for proof of concept testing to make sure the container will run on Windows or Mac in the machine."),(0,ce.kt)("h2",{id:"questions"},"Questions?"),(0,ce.kt)("h4",{id:"3844-in-the-video"},"(38:44) in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"More general discussions during the meeting for a more general discussion? If you have an idea that you'd like discussed, talk to Tom Sweeney to setup a meeting with folks. Might do IRC meetings too for a set time.")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Kubernetes on Podman? Running Podman on Kubernetes now (see Urvashi's demo above). Using CRI-O in Podman basically. It would be nice to have a Kublet that queries Podman.")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Can you sign an image in Kubernetes then use that in Kubernetes? We have simple signing in Podman with GPG, but Kubernetes doesn't understand this."))),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("p",null,"Topic suggestion: Using Podman to sign images in k8s and then using signed images in k8s ? (Focus on GPG signing.)"),(0,ce.kt)("h2",{id:"next-meeting-tuesday-august-3-2021-1100-am-eastern-utc-4"},"Next Meeting: Tuesday August 3, 2021, 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"meeting-end-1157-am-eastern-utc-4"},"Meeting End: 11:57 a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"bluejeans-chat-copypaste"},"BlueJeans Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Me10:56 AM\nPlease sign in https://hackmd.io/fc1zraYdS0-klJ2KJcfC7w?edit\nbaude11:01 AM\nyou have to unmute me\nit says you muted me\nMatt Heon11:23 AM\nhttps://github.com/containers/podman/releases/tag/v3.2.0-rc3\n(These are marked as preliminary but they're almost-final - just a few more changes planned)\nFaisal Razzak11:33 AM\nWill we have documentation for podman inside k8s ?\nAlex Litvak11:33 AM\npodman in lxc?\nMatt Heon11:35 AM\nAFAIK LXC is usually run rootless, which is probably going to be problematic\nLikely can be convinced to work but it's going to take effort\n@Faisal the intent is for the blog to be the documentation - we're going to host a copy on the website and keep updating it as things change\nAlex Litvak11:36 AM\nI will give it a shot and report but most of mine lxcs are privileged\nMatt Heon11:36 AM\nAh, that should be a lot easier\nMay have to add /dev/fuse to get fuse-overlayfs working\nFaisal Razzak11:48 AM\nTopic: Using podman to sign images in k8s and then using signed images in k8s ?\nI want to focus on GPG signing and not notary\nMe11:51 AM\n Fun Fact: A chef's tall hat (officially known as a \"toque\") is traditionally made with 100 pleats, meant to represent the 100 ways to cook an egg.\nFaisal Razzak11:52 AM\nThe effort to integrate podman with codesign or any other interface. Are these meetings public or can I participate ?\nFaisal Razzak11:55 AM\nok, I will\nI have background in code signing using GPG and PKCS11 interfaces\nUwe Reh11:56 AM\nby\n")))}pn.isMDXComponent=!0;const gn={},yn="Podman Community Cabal Meeting Notes",kn=[{value:"September 16, 2021 11:00 a.m. Eastern",id:"september-16-2021-1100-am-eastern",level:2},{value:"September 16, 2021 Topics",id:"september-16-2021-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"Build an Image with a Template File (0:42 in video)",id:"build-an-image-with-a-template-file-042-in-video",level:4},{value:"Podman Desktop (1:30 in video)",id:"podman-desktop-130-in-video",level:4},{value:"Podman machine volume mounts (39:10 in video)",id:"podman-machine-volume-mounts-3910-in-video",level:4},{value:"Open discussion (50:20 in video)",id:"open-discussion-5020-in-video",level:4},{value:"Next Meeting: Thursday October 21, 2021 10:00 a.m. EDT (UTC-4)",id:"next-meeting-thursday-october-21-2021-1000-am-edt-utc-4",level:3},{value:"Possible Topics:",id:"possible-topics",level:3}],wn={toc:kn},fn="wrapper";function bn(e){let{components:t,...n}=e;return(0,ce.kt)(fn,(0,Q.Z)({},wn,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("p",null,"One-hour meeting on the third Thursday of every month at 10:00 a.m. US/Eastern (UTC-4) to deep dive into topics on the agenda. Please add your name at the end of the topic so we know who the topic owner is.\nMeeting ID: ",(0,ce.kt)("a",{parentName:"p",href:"https://meet.google.com/ieq-pxhy-jbh"},"https://meet.google.com/ieq-pxhy-jbh")),(0,ce.kt)("p",null,"Try out ",(0,ce.kt)("a",{parentName:"p",href:"https://www.worldtimebuddy.com/?pl=1&lid=5,0&h=5&date=9/16/2021%7C3&hf=1"},"WorldTimeBuddy")),(0,ce.kt)("p",null,"Attendees: Tom Sweeney, Brent Baude, Christopher Fergeau, Chris Evich, Matej Vasek, Mehul Arora, Miloslav Trmac, Nalin Dahyabhai, Scott McCarty, Urvashi Mohnani, Eduardo Santiago, Guillaume Rose, Hugh Campbell (Riot Games in a personal capacity), Dan Walsh, Anders Bj\xf6rklund, Ashley Cui, Matt Heon, Paul Holzinger, Praveen Kumar, Gerard Braad, Giuseppe Scrivano, Lokesh Mandvekar, Kerry Zamore"),(0,ce.kt)("h2",{id:"september-16-2021-1100-am-eastern"},"September 16, 2021 11:00 a.m. Eastern"),(0,ce.kt)("h2",{id:"september-16-2021-topics"},"September 16, 2021 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Podman Desktop"),(0,ce.kt)("li",{parentName:"ol"},"Podman machine volume mounts"),(0,ce.kt)("li",{parentName:"ol"},"Open Discussion")),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://drive.google.com/file/d/1kCm-AK0Gqpk5Eua3m26agzxIp8NLR73x/view?usp=drive_web"},"Recording")),(0,ce.kt)("p",null,"Meeting start:10:04 a.m. Thursday, September 16, 2021"),(0,ce.kt)("h4",{id:"build-an-image-with-a-template-file-042-in-video"},"Build an Image with a Template File (0:42 in video)"),(0,ce.kt)("p",null,"Topic for next month from: ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/stellarpower"},"https://github.com/stellarpower"),"\nProposal here: ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/buildah/issues/3479"},"https://github.com/containers/buildah/issues/3479")),(0,ce.kt)("h4",{id:"podman-desktop-130-in-video"},"Podman Desktop (1:30 in video)"),(0,ce.kt)("p",null,"The topic has gotten very hot over the past few weeks. People want some form of desktop presence. The big focus is on stop/start and status of things running. The maintainers wanted to solicit the community to find out what they think. If we just do what Docker does, then it might not be enough. We want to make it better if possible."),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/issues/11494"},"https://github.com/containers/podman/issues/11494")," - Discussion in play online."),(0,ce.kt)("p",null,"Dan would like Podman to remain as a CLI tool, with the Desktop as an optional wrapper that could be used."),(0,ce.kt)("p",null,"Gerard - people want a desktop application that integrates well and can be considered a first-class citizen. In addition to start/stop/status, also reinitialization. Will it be a tray application or something that supplements your view?"),(0,ce.kt)("p",null,"Dan - we're hearing that compose doesn't work on Mac due to the socket not being set up. Do we want to expose registry.conf and how to handle the sockets."),(0,ce.kt)("p",null,"What is the initial goal? Is it a windows tray application, but that might be very information-dense with many containers. Want to be able to query logs on a container."),(0,ce.kt)("p",null,"Brent's take is that knowing what users want will help us make decisions and that's part of our current process."),(0,ce.kt)("p",null,"Gerard - you have to watch the scale, so there may not be a single solution. So we need to identify what it looks like at the start."),(0,ce.kt)("p",null,"Scott would like to ensure functionality. He'd like to be able to run docker compose and it would just work. He also wants to be able to serve a super user along with a novice user."),(0,ce.kt)("p",null,"Dan sees the desktop as managing connections. The podman that runs on a mac, is podman remote. Cockpit might be a player in this space when you're trying to look at the containers. One of our pain points on the mac was figuring out how to connect to your linux server. Most of that was solved with podman machine. So that's why he sees this as more of a management system."),(0,ce.kt)("p",null,"In the future, we might have podman machine that could handle different VM types (Ubuntu, RHEL, SUSE) either local or remote to the system."),(0,ce.kt)("p",null,"Anders with docker machine you could have many machines going at once, but with Docker desktop has only one machine running in the background. He anticipates the machine concept in Podman will be almost hidden, something most users wouldn't have to be aware of."),(0,ce.kt)("p",null,"In chat, Gerard noted: Podman Dekstop might not be the right name, as the desktop (local VM) is just a small part of the puzzle. The key point seems the connectivity and view/status of these connections."),(0,ce.kt)("p",null,"Anders thinks there might be one desktop to handle the machines, and another to handle the containers."),(0,ce.kt)("p",null,"Brent asked about brew in the enterprise as we've gotten some push back from folks on its use."),(0,ce.kt)("p",null,"Gerard doesn't think it will be much of a concern, but Dan noted that some enterprise customers are blocking the use."),(0,ce.kt)("p",null,'We will package in brew, the question outstanding is whether or not to provide another "more trusted" place to get a hold of the podman and/or desktop software. This would be used by enterprise customers who need to load only software with more verification than brew provides.'),(0,ce.kt)("p",null,"Hugh struggles with keeping his folks from running with root in containers. If he could get Podman Desktop to be like 80% of what Docker Desktop does. It would help people understand that more container tech than just Docker. At Riot, they want to get stuff done as quickly as possible, so it needs to be easy/fast."),(0,ce.kt)("p",null,"For Riot, the Docker announcement caught them by surprise."),(0,ce.kt)("p",null,"Is not running root in a container the most important point of interest? Hugh would like it to be there, at very least made the people aware of the badness of running as root as they started to do that. Perhaps some kind of slider to select root/non-root, eg. setting the compatibility level (security settings?)."),(0,ce.kt)("p",null,"Dan can't envision why you'd need root inside most containers in a game devel environment. He thinks they might not be aware of security."),(0,ce.kt)("p",null,"Will write up a Product Specification document for what Podman will provide."),(0,ce.kt)("p",null,"For the tray, Brent wants to know if \u201cshift\u201d is the only way to provide it. Gerard create a tray app in go but ran into a lack of options while developing. So it held them back from being integrated with the system."),(0,ce.kt)("p",null,"Their issue with not using a native application, then the product wasn't as crisp-looking and deeply integrated with the OS. Eg. Minishift tried to use Golang with a library from lantern, but this lead to issues around integration. ",(0,ce.kt)("a",{parentName:"p",href:"https://www.electronjs.org/"},"Electron")," is a development environment that creates desktop applications in JavaScript and web pages. you can you CSS to make the look and feel just right. The output is usable in Linux, Mac, and Windows. GitHub Desktop, VSCode, Discord, and the Slack desktop app are based on Electron for instance. The advantage might be that some of the Cockpit components might be (re)used."),(0,ce.kt)("h4",{id:"podman-machine-volume-mounts-3910-in-video"},"Podman machine volume mounts (39:10 in video)"),(0,ce.kt)("p",null,"For mac volumes, no native support. Using a reverse mount with ssh to the host. Matt Heon would like to get to using a flag to the mount from the machine command. He would like to get something out quickly."),(0,ce.kt)("p",null,"His target would be native support in about a year (Fall 2022)."),(0,ce.kt)("p",null,"Anders has a use case where a home directory can be mounted on a root directory in the VM, but you need to add a prefix. Anders ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/pull/11454"},"PR")),(0,ce.kt)("p",null,"Does Docker Desktop do what Podman should do? Per what Matt has seen, it does, but he's not sure about the performance issues. However, that's probably the same or similar issue in Docker and Podman."),(0,ce.kt)("p",null,"Podman remote client will need to be a lot smarter than it is now. Anders PR is a quick startup solution, but further work will be needed from there."),(0,ce.kt)("p",null,"Some of the stuff that Anders has seen in Desktop, is a little less secure than he thinks it should be."),(0,ce.kt)("p",null,"SSHfs is what Gerard has used and it seems to have worked well for his environment. Something that Matt is looking into using."),(0,ce.kt)("p",null,"Dan doesn't think we want mounting storage for an image from the mac to the VM."),(0,ce.kt)("p",null,"The advantage of using ssh, it's ubiquitous."),(0,ce.kt)("p",null,"The first pass should be using SSHfs."),(0,ce.kt)("h4",{id:"open-discussion-5020-in-video"},"Open discussion (50:20 in video)"),(0,ce.kt)("p",null,"1.) What's the WSL2 status?"),(0,ce.kt)("p",null,"Brent said there's a document or a script to make it less painful. Dan noted that the Podman team is working with Microsoft. Gerard would like to see a document. Brent noted it should be here very soon, but the person working on it is not part of Red Hat, not in the meeting, and he doesn't want to promise things."),(0,ce.kt)("p",null,"2.) Cost of Podman Desktop?"),(0,ce.kt)("p",null,"We're targeting free open-source."),(0,ce.kt)("p",null,"3.) What is ETA for the Desktop?"),(0,ce.kt)("p",null,"Brent hopes to solve the volume, needs M1 support for qemu. Those need to be done first, then we would look at Desktop. If nodejs, we'll need help or will have to learn it."),(0,ce.kt)("p",null,"We need to have an initial release by January 1, 2022. Then build from there. A full-bodied release later in 2022."),(0,ce.kt)("p",null,"4.) Has anyone run into Podman Machine Build is a lot slower than Docker."),(0,ce.kt)("p",null,"Matt has a link to someone reporting the issue."),(0,ce.kt)("h3",{id:"next-meeting-thursday-october-21-2021-1000-am-edt-utc-4"},"Next Meeting: Thursday October 21, 2021 10:00 a.m. EDT (UTC-4)"),(0,ce.kt)("h3",{id:"possible-topics"},"Possible Topics:"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Build an Image with a Template File"),(0,ce.kt)("li",{parentName:"ol"},"How to handle weekly releases of Desktop, circleCI, appveyor? Desktop builds (like Electron based), install package generation, or signing on macOS required more than the usual offers that are available.")),(0,ce.kt)("p",null,"Raw BlueJeans:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"You10:01 AM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nHugh Campbell10:02 AM\nHi everyone\nPraveen Kumar10:02 AM\nHello everyone\nGerard Braad10:03 AM\n@Praveen if you have connection issuesyou can also ping me on Slack if more is needed\nDaniel Walsh10:03 AM\nAgenda doc: https://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nGerard Braad10:06 AM\nSome form:\n * status indication (VM)\n * controls (start, stop)\nPraveen Kumar10:06 AM\nneed to rejoin, not able to hear anything :(\nGerard Braad10:13 AM\nThis is actually the same I wanna know ;-)\nGerard Braad10:15 AM\nThis means a easy switch between configurations\nand a springboard to a developer prompt for this\nGerard Braad10:17 AM\n^^ @dan @scott ^^\nGerard Braad10:20 AM\nPodman Dekstop might not be right name, as the desktop (local VM) is just a small part of the puzzle. The key point seems the connecitivity and view/status of these conections\nScott McCarty10:22 AM\nBRB\nGerard Braad10:23 AM\nthe VM is just another endpoint/another podman you can connect to.\nthe tray and/or app might have very different tasks. the application (dialogs) will show the details of the connection and the containers\nwhile the tray might show the lifecycle management and the possible connections\nHugh Campbell10:27 AM\nWe use brew here at Riot with our Macs and brew is a good solution but knowing developers here - it doesn't have to be an exact 1:1 but if 80% of Podman Desktop for Mac can be like Docker Desktop for Mac it's would help make transition so much easier\nGerard Braad10:28 AM\n^^ :+1 right. but I believe for Brew and Choco there is a docker-desktop and docker-cli package, right?\nHugh Campbell10:28 AM\nI believe so but don't quote me on that\nGerard Braad10:30 AM\nI believe on mac you have the two kinds of users; those that want a dmg/pkg, and those that want brew\nBrent Baude10:30 AM\ncorrect\nGerard Braad10:30 AM\nand on Windows you start to see the same with wanting and .exe msi or using choco inst\nAnders F Bj\xf6rklund10:30 AM\nI dunno, I wanted rpm and port :-)\nGerard Braad10:30 AM\n;-)\nGerard Braad10:31 AM\nis that PNAELV ?\nGerard Braad10:34 AM\nPretty much like the Firewall/Internet Security slider in Windows :-)\nsetting a 'compatibility level'\nAnders F Bj\xf6rklund10:39 AM\nhere is my quick last night poc for doing a cross-platform (Qt) systray in a cross-platform language (C++):\nhttps://github.com/afbjorklund/podman-systray\nso far it has the icon :-)\nHugh Campbell10:39 AM\nVSCode\nGerard Braad10:40 AM\n^^ VS Code is developeed using electron\nErik Bernoth10:40 AM\nSlack and Discord might be written in Electron, iirc\nHugh Campbell10:41 AM\nI believe they are as well for Mac\nGerard Braad10:43 AM\n@Dan the advatnage of Electron is that the Cockpit components can most likely can be reused\nGerard Braad10:44 AM\n^^^ can I add this reference to the doc?\n@Tom\nYou10:45 AM\nGerard, please and thank you!\nAnders F Bj\xf6rklund10:48 AM\nhttps://github.com/containers/podman/pull/11454\nYou10:48 AM\nty Anders!\nHugh Campbell10:49 AM\nNative would be awesome but 80-85% of what is there currently in Docker Desktop for Podman Desktop would be great for my devs\nAnders F Bj\xf6rklund10:54 AM\na lot of interesting things happening with \"macOS subsystem for Linux\" (lima)\nmight be on par with WSL, although unofficial (Apple never supports other OS)\nGerard Braad11:00 AM\n@Tom https://github.com/gbraad\nMehul Arora11:03 AM\nyes, it is\nHugh Campbell11:04 AM\nThanks everyone!\nKherry Zamore11:05 AM\nthanks\nieq-pxhy-jbh\n")))}bn.isMDXComponent=!0;const vn={},Mn="Podman Community Meeting Notes",In=[{value:"December 7, 2021 11:00 a.m. Eastern (UTC-5)",id:"december-7-2021-1100-am-eastern-utc-5",level:2},{value:"Attendees (18 total)",id:"attendees-18-total",level:3},{value:"Meeting Start: 11:03 a.m.",id:"meeting-start-1103-am",level:2},{value:"BlueJeans Recording",id:"bluejeans-recording",level:3},{value:"Netavark Status",id:"netavark-status",level:2},{value:"Matt Heon",id:"matt-heon",level:3},{value:"(1:52 in the video)",id:"152-in-the-video",level:4},{value:"Podman on Windows Demo",id:"podman-on-windows-demo",level:2},{value:"Jason Greene via Tom Sweeney",id:"jason-greene-via-tom-sweeney",level:3},{value:"(10:12 in the video)",id:"1012-in-the-video",level:4},{value:"Meeting Announcement",id:"meeting-announcement",level:2},{value:"Open Forum/Questions?",id:"open-forumquestions",level:2},{value:"(26:00) in the video)",id:"2600-in-the-video",level:4},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday February 1, 2021, 11:00 a.m. Eastern (UTC-5)",id:"next-meeting-tuesday-february-1-2021-1100-am-eastern-utc-5",level:2},{value:"Next Cabal Meeting: Thursday December 16, 2021, 11:00 a.m. Eastern (UTC-5)",id:"next-cabal-meeting-thursday-december-16-2021-1100-am-eastern-utc-5",level:2},{value:"Meeting End: 11:37 a.m. Eastern (UTC-5)",id:"meeting-end-1137-am-eastern-utc-5",level:3},{value:"BlueJeans Chat copy/paste:",id:"bluejeans-chat-copypaste",level:2}],An={toc:In},Tn="wrapper";function Sn(e){let{components:t,...n}=e;return(0,ce.kt)(Tn,(0,Q.Z)({},An,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting-notes"},"Podman Community Meeting Notes"),(0,ce.kt)("h2",{id:"december-7-2021-1100-am-eastern-utc-5"},"December 7, 2021 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"attendees-18-total"},"Attendees (18 total)"),(0,ce.kt)("p",null,"Tom Sweeney, Jhon Honce, Chris Evich, Urvashi Mohnani, Matt Heon, Chris Evich, Anders Bj\xf6rklund, Ashley Cui, Aditya Rajan, Rudolf Vesely, Shion Tanaka, Eduardo Santiago, Valentin Rothberg, Paul Holzinger, Nalin Dahyabhai, Martin Jackson, Preethi Thomas, Ionut Stoica"),(0,ce.kt)("h2",{id:"meeting-start-1103-am"},"Meeting Start: 11:03 a.m."),(0,ce.kt)("h3",{id:"bluejeans-recording"},"BlueJeans ",(0,ce.kt)("a",{parentName:"h3",href:"https://youtu.be/WUk_ZzVThd8"},"Recording")),(0,ce.kt)("h2",{id:"netavark-status"},"Netavark Status"),(0,ce.kt)("h3",{id:"matt-heon"},"Matt Heon"),(0,ce.kt)("h4",{id:"152-in-the-video"},"(1:52 in the video)"),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/netavark"},"netavark")),(0,ce.kt)("p",null,"Dumping the network stack for a new one in Podman 4.0, one that we will own and control. Netavark is mostly working for IPv4 and a firewall driver is close to being completed."),(0,ce.kt)("p",null,"Podman with netavark GitHub repo: ",(0,ce.kt)("a",{parentName:"p",href:"https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman-next/"},"https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman-next/")),(0,ce.kt)("p",null,"Looking to replece DNS Server within Podman too with this change. The goal is to have a container with as many networks as you'd want. Testers are very welcomed. Bug reports to the netavark for network issues, against Podman in it's GitHub if more Podman related."),(0,ce.kt)("h2",{id:"podman-on-windows-demo"},"Podman on Windows Demo"),(0,ce.kt)("h3",{id:"jason-greene-via-tom-sweeney"},"Jason Greene via Tom Sweeney"),(0,ce.kt)("h4",{id:"1012-in-the-video"},"(10:12 in the video)"),(0,ce.kt)("p",null,"(We had trouble with the video sharing, Tom Sweeney narrated badly...)"),(0,ce.kt)("p",null,"Jason's first video showed how to run Podman on a Windows machine using WSL. It basically has the same look, feel as the macOS variant does. Jason talked about the architecutre under the covers and things he wants to improve upon. The direct ",(0,ce.kt)("a",{parentName:"p",href:"https://youtu.be/KIGeWpd91Z0"},"Video")," can be found on YouTube along with Jason's Update ",(0,ce.kt)("a",{parentName:"p",href:"https://youtu.be/ub2m15yW-fg"},"Video")," which was not shown in the meeting. The update shows his progress and how Podman can be installed on a Windows machine that doesn't have WSL."),(0,ce.kt)("p",null,"The quality is much better there than in the meetings recording."),(0,ce.kt)("h2",{id:"meeting-announcement"},"Meeting Announcement"),(0,ce.kt)("p",null,"Going to hold this meeting every other month on the first Tuesday of the month starting in Feburary (even numbered months). The Cabal meeting will remain a monthly meeting on the third Thursday of each month."),(0,ce.kt)("h2",{id:"open-forumquestions"},"Open Forum/Questions?"),(0,ce.kt)("h4",{id:"2600-in-the-video"},"(26:00) in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Podman on Fedora32 on Windows doesn't go easy.\nMatt thinks this is a systemd issue and more invesigation is needed.")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Ionut Stoica is working on a project to add tools for front end work. ",(0,ce.kt)("a",{parentName:"p",href:"https://iongion.github.io/podman-desktop-companion/"},"https://iongion.github.io/podman-desktop-companion/")," It's kind of Cockpit like. Hopes to add more in the future. Looking at Windows and mac, but needs to work on compilation issues. Easier on the Mac, but needs to use Lima. Will check in with Jason Greene"))),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("p",null,"None specified."),(0,ce.kt)("h2",{id:"next-meeting-tuesday-february-1-2021-1100-am-eastern-utc-5"},"Next Meeting: Tuesday February 1, 2021, 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h2",{id:"next-cabal-meeting-thursday-december-16-2021-1100-am-eastern-utc-5"},"Next Cabal Meeting: Thursday December 16, 2021, 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"meeting-end-1137-am-eastern-utc-5"},"Meeting End: 11:37 a.m. Eastern (UTC-5)"),(0,ce.kt)("h2",{id:"bluejeans-chat-copypaste"},"BlueJeans Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Me10:53 AM\nPlease sign in https://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nMatt Heon11:06 AM\nhttps://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman-next/\nMatt Heon11:08 AM\nhttps://github.com/containers/netavark\nMe11:09 AM\nDid I share anything?\nMe11:25 AM\nOh good, I can see people talking, but I can't hear anything\nPavel11:26 AM\nI'm trying to run Podman on Fedora35 WS and it doesn't go easy: the home area concept conflicts with podman storge conf\nChris Evich11:26 AM\nTom, if you're talking we can't hear you :(\nPavel11:27 AM\nUser's home is not static - it is mounted dynamically\nMe11:27 AM\nI've lost my audio, I can't hear, trying to get it bak.\nChristian Felder11:27 AM\nI think Marin Jackson's Audio isn't working either\n(Martin Jackson) - sorry typo\niongion11:32 AM\nhttps://iongion.github.io/podman-desktop-companion/\niongion11:33 AM\nhttps://github.com/iongion/podman-desktop-companion\nMe11:35 AM\ntsweeney@redhat.com\niongion11:37 AM\nIonut Stoica\n")))}Sn.isMDXComponent=!0;const Cn={},Nn="Podman Community Cabal Meeting Notes",Dn=[{value:"March 17, 2022 11:00 a.m. Eastern",id:"march-17-2022-1100-am-eastern",level:2},{value:"March 17, 2022 Topics",id:"march-17-2022-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"/etc/hosts in containers - (1:30 in video) - Paul Holzinger",id:"etchosts-in-containers---130-in-video---paul-holzinger",level:3},{value:"Mac OS Volume Mounts - (28:40 in video) - Brent Baude",id:"mac-os-volume-mounts---2840-in-video---brent-baude",level:3},{value:"Podman pod create - What happens when all containers stop... - (37:12 in the video) - Dan Walsh",id:"podman-pod-create---what-happens-when-all-containers-stop---3712-in-the-video---dan-walsh",level:3},{value:"Open discussion (45:50 in video)",id:"open-discussion-4550-in-video",level:4},{value:"Next Meeting: Thursday April 21, 2022 11:00 a.m. EDT (UTC-5)",id:"next-meeting-thursday-april-21-2022-1100-am-edt-utc-5",level:3},{value:"Next Community Meeting: Tuesday April 5, 2022 11:00 a.m. EDT (UTC-5)",id:"next-community-meeting-tuesday-april-5-2022-1100-am-edt-utc-5",level:3},{value:"Possible Topics:",id:"possible-topics",level:3}],Pn={toc:Dn},xn="wrapper";function Bn(e){let{components:t,...n}=e;return(0,ce.kt)(xn,(0,Q.Z)({},Pn,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("p",null,"Attendees: Tom Sweeney, Aditya Rajan, Matt Heon, Brent Baude, Ashley Cui, Chris Evich, Giuseppe Scrivano, Nalin Dahyabhai, Paul Holzinger, Anders Bj\xf6rklund, Dan Walsh, Valentin Rothberg, Jhon Honce, Miloslav Trma\u010d, Charlie Doern, Lokesh Mandvekar, Eduardo Santiago, Christian Felder, Flavian Missi, Lance Lovette, Martin Jackson, Oleg Bulatov, Preethi Thomas"),(0,ce.kt)("h2",{id:"march-17-2022-1100-am-eastern"},"March 17, 2022 11:00 a.m. Eastern"),(0,ce.kt)("h2",{id:"march-17-2022-topics"},"March 17, 2022 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"/etc/hosts in containers - Paul Holzinger"),(0,ce.kt)("li",{parentName:"ol"},"Mac OS Volume Mounts - Brent Baude"),(0,ce.kt)("li",{parentName:"ol"},"Podman pod create - Exit when containers exit? - Dan Walsh")),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://youtu.be/wvENxqMjuLI"},"Recording")),(0,ce.kt)("p",null,"Meeting start 11:02 a.m. Thursday March 17, 2022"),(0,ce.kt)("h3",{id:"etchosts-in-containers---130-in-video---paul-holzinger"},"/etc/hosts in containers - (1:30 in video) - Paul Holzinger"),(0,ce.kt)("p",null,"We don't currently support network connect/disonnect with /etc/host getting updated."),(0,ce.kt)("p",null,"If we generate an /etc/hosts in the container, we use the entries from the host if there are none in the container."),(0,ce.kt)("p",null,"For slirp4netns we use the contaienr host name."),(0,ce.kt)("p",null,"When we have several entries for the bridge network case, should we use the first, or all, or somehow pick/choose? Matt thinks we should use all that don't have duplicates. If we encounter a duplicate, we should take the first one found and ignore the rest. So a user entry should trump all, and the rest should be in priority order."),(0,ce.kt)("p",null,"For pods, you must add an entry for each container. When the container is stopped, it has to remove this entry."),(0,ce.kt)("p",null,"Make sure hosts.containers.internal is only added. Matt asked if we could do something other than 127.0.0.1 for the localhost value. Paul noted that's not the behavior some people expect. So Paul thinks we could use the public IP of the container."),(0,ce.kt)("p",null,"Dan noted that some people want a no-host option, in which case we'll use the values found in the image."),(0,ce.kt)("p",null,"There's a potential information leak if we use the entries from the hosts /etc/hosts in the container as we'd add the host\u2019s IP to the containers version of the file."),(0,ce.kt)("p",null,"We should allow users to disable host.containers.internal in the containers.conf."),(0,ce.kt)("p",null,"The problem Lance is running into is he's running many containers in the network. He's hoping to configure the /etc/hosts in the container at run time rather than build time. He wants to ensure that each container has a different IP for the same first name. So the /etc/hosts should be different per container."),(0,ce.kt)("p",null,"He'd like a way to have a different /etc/hosts file per container. Issue on ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/aardvark-dns/issues/82"},"GitHub"),"."),(0,ce.kt)("p",null,"Lance is seeing containers sharing the info. We do that for containers in a shared network namespace or containers in a Pod."),(0,ce.kt)("h3",{id:"mac-os-volume-mounts---2840-in-video---brent-baude"},"Mac OS Volume Mounts - (28:40 in video) - Brent Baude"),(0,ce.kt)("p",null,"Brent is working with Anders, and they're trying to get their heads around the feature. Currently, if you need to add one, you need to remove your machine and add it, which is not optimal."),(0,ce.kt)("p",null,"One thought was to add the user\u2019s mount in macOS, so there'd be a direct path. Like $HOME to $HOME. This is what Docker is doing and Anders thinks this is what people expect. It also allows for other mounts to be used. You may need to reboot, but you don't have to delete the user."),(0,ce.kt)("p",null,"It should be configurable in containers.conf so people can change it as wanted."),(0,ce.kt)("p",null,"This should be in Podman v4.1 if things go right."),(0,ce.kt)("p",null,"Lima is doing read-only by default. Dan thinks we should add a ",(0,ce.kt)("inlineCode",{parentName:"p"},":ro")," option that can be added to allow this functionality."),(0,ce.kt)("h3",{id:"podman-pod-create---what-happens-when-all-containers-stop---3712-in-the-video---dan-walsh"},"Podman pod create - What happens when all containers stop... - (37:12 in the video) - Dan Walsh"),(0,ce.kt)("p",null,"An issue came up this week where someone was running a pod and when what they thought was the primary container exited, the pod continued running, and they didn't expect that. Dan would like to see an option that would tell Podman what to do when a container exits that is running inside of a pod."),(0,ce.kt)("p",null,"There are three possible options:"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Ignore - the container exit (current default), the pod keeps running."),(0,ce.kt)("li",{parentName:"ol"},"Close - if any container exits, then the pod exits"),(0,ce.kt)("li",{parentName:"ol"},"Restart - if the container exits, the pod would restart it. Similar to systemd. It should be overrideable per container.")),(0,ce.kt)("p",null,"Dan would like comments/thoughts? A thought that the restart policy might not work in systemd. Valentin thinks that if the last container exits, then the pod should as well."),(0,ce.kt)("p",null,"Matt thinks we don't need the option, rather, we should just stop the pod when the last container stops, as Valentin noted. We currently have the restart option for a container, so if someone wanted to ensure the pod stayed up, they could use that restart option."),(0,ce.kt)("p",null,"Valentin thinks we need to allow a pod to start without containers and then add containers to it. So we shouldn't stop the pod if it hasn't had a container inside of it."),(0,ce.kt)("p",null,"On further reflection, Dan thinks the ignore might not be a useful case. Dan thinks if we change the default to keep the pod up unless there are no longer any containers within, then we won't need to add the options. Cleanup would need to change to verify that there aren't any containers running, and if not, then kill the pod."),(0,ce.kt)("p",null,"Lance has noted catatonit orphans and wonders if this might be related. Will post a bug if he can ID a pattern."),(0,ce.kt)("h4",{id:"open-discussion-4550-in-video"},"Open discussion (45:50 in video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Podman v4.0 updates. - Brent Baude\nPodman v4.0 has been going well, especially given the new content. We are now focusing on things that need to be added. A number of CI, memory, and other internal to the build systems things to add in the near term. That will be good as we'll be able to work on bugs as they arise. The Red Hat team has a bug list max, and we just hit that, so we'll be focusing on that over the next week or two."),(0,ce.kt)("p",{parentName:"li"},"For features, work is ongoing for cosign. Jhon will be working on Homebrew improvements. Urvashi is working on a YAML to Kubernetes integration. Matt is working on Docker compose v2. So far, that's going very well. Also, a number of blog posts."),(0,ce.kt)("p",{parentName:"li"},"The new features mentioned will be in v4.1 and v4.2. Podman v4.1 will be out roughly in late April 2022."),(0,ce.kt)("p",{parentName:"li"},"Virtio-fs is being worked on with qemu, which should then be useable on Planet 9 and mac. This will allow multiple UIDs to be used on a Mac once complete. That's probably a longer-term project."),(0,ce.kt)("p",{parentName:"li"},"Work is ongoing within Red Hat for a Desktop](",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/desktop"},"https://github.com/containers/desktop"),")"))),(0,ce.kt)("h3",{id:"next-meeting-thursday-april-21-2022-1100-am-edt-utc-5"},"Next Meeting: Thursday April 21, 2022 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h3",{id:"next-community-meeting-tuesday-april-5-2022-1100-am-edt-utc-5"},"Next Community Meeting: Tuesday April 5, 2022 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h3",{id:"possible-topics"},"Possible Topics:"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"None")),(0,ce.kt)("p",null,"Meeting finished 11:56"),(0,ce.kt)("p",null,"Raw Meeting Chat:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"\nDaniel Walsh\n10:57 AM\nhttps://www.redhat.com/sysadmin/podman-transfer-container-images-without-registry\nYou\n11:00 AM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nLance Lovette\n11:22 AM\nhttps://github.com/containers/aardvark-dns/issues/82\nAshley Cui\n11:54 AM\nhttps://github.com/containers/desktop\n")))}Bn.isMDXComponent=!0;const En={},Wn="Podman Community Cabal Meeting Notes",jn=[{value:"July 21, 2022 11:00 a.m. Eastern",id:"july-21-2022-1100-am-eastern",level:2},{value:"July 21, 2022 Topics",id:"july-21-2022-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"Man Page Clean Up - (1:12 in video) - Ed Santiago",id:"man-page-clean-up---112-in-video---ed-santiago",level:3},{value:"Podman Desktop Update - (11:12 in video) - Stevan Le Meur && Florent Benoit",id:"podman-desktop-update---1112-in-video---stevan-le-meur--florent-benoit",level:3},{value:"crun Update - Dan Walsh and Giuseppe Scrivano (18:55 in video)",id:"crun-update---dan-walsh-and-giuseppe-scrivano-1855-in-video",level:3},{value:"Open discussion (29:18 in video)",id:"open-discussion-2918-in-video",level:4},{value:"Next Meeting: Thursday August 18, 2022 11:00 a.m. EDT (UTC-5)",id:"next-meeting-thursday-august-18-2022-1100-am-edt-utc-5",level:3},{value:"August 18, 2022 Topics",id:"august-18-2022-topics",level:2},{value:"Next Community Meeting: Tuesday August 2, 2022 11:00 a.m. EDT (UTC-5)",id:"next-community-meeting-tuesday-august-2-2022-1100-am-edt-utc-5",level:3},{value:"Possible Topics:",id:"possible-topics",level:3}],Ln={toc:jn},Hn="wrapper";function Rn(e){let{components:t,...n}=e;return(0,ce.kt)(Hn,(0,Q.Z)({},Ln,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("p",null,"Attendees: Matt Heon, Nalin Dahyabhai, Paul Holzinger, Karthik Elango, Charlie Doern, Lokesh Mandvekar, Niall Crowe, Dan Walsh, Valentin Rothberg, Miloslav Trmac, Mohan Bodu, Florent Benoit, Stevan Le Meur, Eduardo Santiago, Giuseppe Scrivano, Aditya Rajan, Urvashi Mohnani, Preethi Thomas, Jake Correnti, Ashley Cui"),(0,ce.kt)("h2",{id:"july-21-2022-1100-am-eastern"},"July 21, 2022 11:00 a.m. Eastern"),(0,ce.kt)("h2",{id:"july-21-2022-topics"},"July 21, 2022 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Man Page Clean Up - Ed Santiago"),(0,ce.kt)("li",{parentName:"ol"},"An update on Podman Desktop - Stevan Le Meur && Florent Benoit"),(0,ce.kt)("li",{parentName:"ol"},"Possible Topics: new OCI Runtimes? WASM for example. Also Podman support for zstd and gzip format at the same time.")),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://youtu.be/aV6RYlF9Ocs"},"Recording")),(0,ce.kt)("p",null,"Meeting start 11:02 a.m. Thursday July 21, 2022"),(0,ce.kt)("h3",{id:"man-page-clean-up---112-in-video---ed-santiago"},"Man Page Clean Up - (1:12 in video) - Ed Santiago"),(0,ce.kt)("p",null,"Ed has found a number of duplicate pages in the man pages. Has considered moving them from md format to rst. Ed is asking for help. Does anyone want to convert to rst? Or are there other options?"),(0,ce.kt)("p",null,"Currently there's a way to changes a small number of md to md.in files. Can we leverage that? Some of the interesting challenge with this is we leverage ReadTheDocs to publish the man pages automatically. Further investigation is needed in this space. If we can just use the md.in files and get those into the ReadTheDocs, that might be doable. The thing that needs to be checked if the pages would disappear from the GitHub site."),(0,ce.kt)("p",null,"So more looking needs to be done in how GitHub handles the markdown resolution. Dan thinks we should go forward with the change. This will allow coders to do an update in one place for an option that is used by more than one command."),(0,ce.kt)("h3",{id:"podman-desktop-update---1112-in-video---stevan-le-meur--florent-benoit"},"Podman Desktop Update - (11:12 in video) - Stevan Le Meur && Florent Benoit"),(0,ce.kt)("p",null,"0.0.5 Released:"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Onboarding sequence (to initialize and/or start podman machine)"),(0,ce.kt)("li",{parentName:"ul"},"Revamp UI for containers, images"),(0,ce.kt)("li",{parentName:"ul"},"Windows: Installation of podman + update of podman"),(0,ce.kt)("li",{parentName:"ul"},"Proxies for linux/macos but not yet windows (will work with Podman 4.2)"),(0,ce.kt)("li",{parentName:"ul"},"Help page")),(0,ce.kt)("p",null,"Early Adopter Program: Accessible from ",(0,ce.kt)("a",{parentName:"p",href:"https://podman-desktop.io/"},"podman-desktop.io")),(0,ce.kt)("p",null,"Stevan showed how the new search functionality is working on the desktop. Help system allows one to contact the developers with questions."),(0,ce.kt)("p",null,"For Windows, they are waiting for Podman v4.2 due to proxy issues on Windows. More work underway, and looking for contributors."),(0,ce.kt)("p",null,"They are asking users to join the early adopter program, which is linked from the top of the web page. They especially would like to find users for the program, not just developers."),(0,ce.kt)("h3",{id:"crun-update---dan-walsh-and-giuseppe-scrivano-1855-in-video"},"crun Update - Dan Walsh and Giuseppe Scrivano (18:55 in video)"),(0,ce.kt)("p",null,"Latest crun ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/crun/releases/tag/1.5"},"release"),", has changes for Wasmedge 0.10 support. This is not shipped by default. Free to try it out right now, and they're looking for users to test with. They hope to find people to play with this functionality. This will help to enhance the oci runtimes so you could run different runtimes more easily, such as Wasm. Possibly this could be used for Java or Javascript. The next version of crun in Fedora will have this subpackage, but it won't be enabled. Need to get packages for Wasm into Fedora yet. Krun, similar to Kata containers with full KVM separataion. It's lighter and missing features that Kata has. Should be able to do ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman --run krun")," to enable. Lokesh and Dan talked aobut the packaging for krun and Podman. Dan thinks we'll have a number of packages over time. For more ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/crun/blob/main/docs/wasm-wasi-example.md"},"information")),(0,ce.kt)("h4",{id:"open-discussion-2918-in-video"},"Open discussion (29:18 in video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Pushing both images on podman push. This comes into play when you're pushing partial images. If we move to this, which uses zstd instead of gzip, it could potentialy break Docker and other container engine compatibility. The thought is to give users a number of conversion formats that could be used when pushing images. This may require two images to be pushed at the same time. Likely a containers.conf setting to select compression algorithm or to allow multiple pushes at once. Valentin had thought that when selecting an image from a manifest or an oci index, many clients pick the first one. So existing clients would cointinue to work. If we want to do the cstandard search, we'd have to traverse the full list first. Very early design discussions are going on. He expects cost to be minimal as traversing the manifest list is much smaller than the images on the repository. So gzip would still be in play to keep other container engines happy, but newer versions could start pushing this new zstd format. Once we have a prototype, this will be opened up to OCI for further review. We could then create PR's in other container engines such as Docker. No current design document, but one will be added to the discussion section for Podman on GitHub")),(0,ce.kt)("h3",{id:"next-meeting-thursday-august-18-2022-1100-am-edt-utc-5"},"Next Meeting: Thursday August 18, 2022 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h2",{id:"august-18-2022-topics"},"August 18, 2022 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"None Discussed")),(0,ce.kt)("h3",{id:"next-community-meeting-tuesday-august-2-2022-1100-am-edt-utc-5"},"Next Community Meeting: Tuesday August 2, 2022 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h3",{id:"possible-topics"},"Possible Topics:"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"None discussed")),(0,ce.kt)("p",null,"Meeting finished 11:45 a.m."),(0,ce.kt)("p",null,"Raw Meeting Chat:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"You11:01 AM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nEd Santiago11:03 AM\nhttps://github.com/containers/podman/pull/14931\nAditya Rajan11:21 AM\nhttps://github.com/containers/crun/releases/tag/1.5\nAditya Rajan11:31 AM\nhttps://github.com/containers/crun/blob/main/docs/wasm-wasi-example.md\nPreethi Thomas11:43 AM\nlol\nvoluntell\n")))}Rn.isMDXComponent=!0;const On={},Jn="Podman Community Meeting Notes",Fn=[{value:"December 6, 2022 11:00 a.m. Eastern (UTC-5)",id:"december-6-2022-1100-am-eastern-utc-5",level:2},{value:"Attendees (16 total)",id:"attendees-16-total",level:3},{value:"Meeting Start: 11:02 a.m. EST",id:"meeting-start-1102-am-est",level:2},{value:"BlueJeans Recording",id:"bluejeans-recording",level:3},{value:"MinIO Demo",id:"minio-demo",level:2},{value:"Will Dinyes - MinIO",id:"will-dinyes---minio",level:3},{value:"(1:12 in the video)",id:"112-in-the-video",level:4},{value:"Slides",id:"slides",level:4},{value:"Demo (7:18 in the video)",id:"demo-718-in-the-video",level:4},{value:"Embedding inside an AutoSD Image",id:"embedding-inside-an-autosd-image",level:2},{value:"Ygal Blum - Red Hat",id:"ygal-blum---red-hat",level:3},{value:"(16:26 in the video)",id:"1626-in-the-video",level:4},{value:"Slides",id:"slides-1",level:4},{value:"Demo (22:45 in the video)",id:"demo-2245-in-the-video",level:4},{value:"Open Forum/Questions?",id:"open-forumquestions",level:2},{value:"(33:34 in the video)",id:"3334-in-the-video",level:4},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday February 7, 2022, 11:00 a.m. Eastern (UTC-5)",id:"next-meeting-tuesday-february-7-2022-1100-am-eastern-utc-5",level:2},{value:"Next Cabal Meeting: Thursday December 15, 2022, 11:00 a.m. Eastern (UTC-5)",id:"next-cabal-meeting-thursday-december-15-2022-1100-am-eastern-utc-5",level:2},{value:"Meeting End: 11:46 a.m. Eastern (UTC-5)",id:"meeting-end-1146-am-eastern-utc-5",level:3},{value:"BlueJeans Chat copy/paste:",id:"bluejeans-chat-copypaste",level:2}],Gn={toc:Fn},Yn="wrapper";function Un(e){let{components:t,...a}=e;return(0,ce.kt)(Yn,(0,Q.Z)({},Gn,a,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting-notes"},"Podman Community Meeting Notes"),(0,ce.kt)("h2",{id:"december-6-2022-1100-am-eastern-utc-5"},"December 6, 2022 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"attendees-16-total"},"Attendees (16 total)"),(0,ce.kt)("p",null,"Tom Sweeney, Will Dinyes, Ygal Blum, Chris Evich, Ashley Cui, Paul Holzinger, Nalin Dahyabhai, Giuseppe Scrivano, Preethi Thomas, Matt Heon, Miloslav Trmac, Urvashi Mohnani, Mohan Bodu, Ed Santiago, Martin Jackson, Lance L, Florent Benoit, Brent Baude"),(0,ce.kt)("h2",{id:"meeting-start-1102-am-est"},"Meeting Start: 11:02 a.m. EST"),(0,ce.kt)("h3",{id:"bluejeans-recording"},"BlueJeans ",(0,ce.kt)("a",{parentName:"h3",href:"https://www.youtube.com/watch?v=GZNazm39wEo"},"Recording")),(0,ce.kt)("h2",{id:"minio-demo"},"MinIO Demo"),(0,ce.kt)("h3",{id:"will-dinyes---minio"},"Will Dinyes - MinIO"),(0,ce.kt)("h4",{id:"112-in-the-video"},"(1:12 in the video)"),(0,ce.kt)("h4",{id:"slides"},(0,ce.kt)("a",{target:"_blank",href:n(31976).Z},"Slides")),(0,ce.kt)("p",null,"MinIO\u2019s Interest in Podman is to have a platform to run test cases for their courses."),(0,ce.kt)("p",null,"MinIO is an S3 compatible API, the de facto standard for Object storage"),(0,ce.kt)("p",null,"MinIO includes Single Sign On, Object Locking, Encryption & Tamper-proof, Lambda Compute, Protects against code and bit rot protection, and Server Side Bucket Replication."),(0,ce.kt)("p",null,"It's a small server and can be installed just about anywhere."),(0,ce.kt)("p",null,"Lots of use cases.\nBig Data/Machine Learning\nHDFS replacements\nHigh-Performance Data lake/warehouse infrastructure\nCloud Native applications"),(0,ce.kt)("p",null,"You can move your data without being locked into a particular platform."),(0,ce.kt)("p",null,"He uses Podman and MinIO for the development environment and for quick stand-ups. MinIO is open-source and free to use. He can containerize MinIO for even further portability."),(0,ce.kt)("h4",{id:"demo-718-in-the-video"},"Demo (7:18 in the video)"),(0,ce.kt)("p",null,"Ran Podman on a Mac. MinIO needs to attach to actual storage. He ran 'podman machine init -v /tmp/data:/Minio/data' followed by 'podman machine start'"),(0,ce.kt)("p",null,"He can now change the data in MinIO after running a large ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman run")," command."),(0,ce.kt)("p",null,"It pulled down an image from quay.io, and it brought up the MinIO console. It showed data for his content that he was using elsewhere. All very easily and quickly."),(0,ce.kt)("p",null,"Runs on less than 100 MB and can be easily migrated to the cloud."),(0,ce.kt)("p",null,"Potential use cases? Could it be used for a backup situation? Yes, it fits this scenario well for S3 backups. If S3 is being used already, MinIO can actually be dropped in as a replacement. You can then back up to any cloud that you want."),(0,ce.kt)("h2",{id:"embedding-inside-an-autosd-image"},"Embedding inside an AutoSD Image"),(0,ce.kt)("h3",{id:"ygal-blum---red-hat"},"Ygal Blum - Red Hat"),(0,ce.kt)("h4",{id:"1626-in-the-video"},"(16:26 in the video)"),(0,ce.kt)("h4",{id:"slides-1"},(0,ce.kt)("a",{target:"_blank",href:n(18064).Z},"Slides")),(0,ce.kt)("p",null,'Taking "Build once RUn anywhere to the Edge"\nWorks on the Ecosystem Engineering and works on Red Hat team looking to envision how to run containers on automobiles.'),(0,ce.kt)("p",null,"Build Once, Run Anywhere\nCoined by Sun Microsystems\nAbility to write Java code once and run it anywhere\nExpanded by the use of Container Images"),(0,ce.kt)("p",null,"Two Base Elements\nContainer Image\nRunning Instructions"),(0,ce.kt)("p",null,"The instructions format may vary:\nCommand line arguments\nDocker-Compose file\nKubernetes YAML"),(0,ce.kt)("p",null,"Using ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman kube play"),", users can reuse K8S YAML file"),(0,ce.kt)("p",null,"Podman is daemonless, who will monitor the container when it stops? systemd is use. Tools like ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman generate systemd"),', soon "Quadlet" to facilitate this.'),(0,ce.kt)("p",null,"OSBuild is a tool for composing O/S images, it allows embedding files and enabling of services in the image. You can compose an image for an edge device using it."),(0,ce.kt)("h4",{id:"demo-2245-in-the-video"},"Demo (22:45 in the video)"),(0,ce.kt)("p",null,"Showed simulation for the engine and radio. When the engine goes in reverse, the volume decreased for the radio. The volume goes up on acceleration, and then up/down on channel changes."),(0,ce.kt)("p",null,"Applied a yaml file to an openshift cluster. Created a volume and an application, then applied the engine and radio using their yaml files."),(0,ce.kt)("p",null,"It shows an easy way to run Podman or Kubernetes using the same YAML file."),(0,ce.kt)("p",null,"The ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman kube play")," command will ignore things it doesn't understand and works well with using/running things in the Kurbernetes space."),(0,ce.kt)("p",null,"He used that command to get the engine, radio up in Podman, with the same messages shown. So you can reuse Kubernetes Yaml in Podman, which is especially helpful in a test environment when you don't want to use up a lot of CPU time/space."),(0,ce.kt)("h2",{id:"open-forumquestions"},"Open Forum/Questions?"),(0,ce.kt)("h4",{id:"3334-in-the-video"},"(33:34 in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Quadlet will that be in Podman? Yes, in Podman v4.4, and set for RHEL 8.8/9.2 is current plans but still under consideration. Martin has been looking at quadlet lately and has been impressed by it so far.")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"blog.podman.io - new blog site that was demo'd, including a couple of new articles. Lot's of link tidying up to do, and need to port older blogs.")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Matt noted that Podman v4.3 is done now. Podman v4.4 RC in mid to late January 2023."))),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"None suggested")),(0,ce.kt)("h2",{id:"next-meeting-tuesday-february-7-2022-1100-am-eastern-utc-5"},"Next Meeting: Tuesday February 7, 2022, 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h2",{id:"next-cabal-meeting-thursday-december-15-2022-1100-am-eastern-utc-5"},"Next Cabal Meeting: Thursday December 15, 2022, 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"meeting-end-1146-am-eastern-utc-5"},"Meeting End: 11:46 a.m. Eastern (UTC-5)"),(0,ce.kt)("h2",{id:"bluejeans-chat-copypaste"},"BlueJeans Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Brent Baude11:39 AM\nhttps://blog.podman.io/\n")))}Un.isMDXComponent=!0;const qn={},zn="Podman Community Meeting Notes",Vn=[{value:"April 4, 2023 11:00 a.m. Eastern (UTC-5)",id:"april-4-2023-1100-am-eastern-utc-5",level:2},{value:"Attendees (17 total)",id:"attendees-17-total",level:3},{value:"Meeting Start: 11:03 a.m. EST",id:"meeting-start-1103-am-est",level:2},{value:"Video Recording",id:"video-recording",level:3},{value:"Netavark Plugins",id:"netavark-plugins",level:2},{value:"Paul Holzinger",id:"paul-holzinger",level:3},{value:"(1:30 in the video)",id:"130-in-the-video",level:4},{value:"Demo (1:45 in the video)",id:"demo-145-in-the-video",level:4},{value:"Podman Machine OS Demo",id:"podman-machine-os-demo",level:2},{value:"Ashley Cui",id:"ashley-cui",level:3},{value:"(9:07 in the video)",id:"907-in-the-video",level:4},{value:"Demo - (9:14 in the video)",id:"demo---914-in-the-video",level:3},{value:"Podman Database Update",id:"podman-database-update",level:2},{value:"Matt Heon",id:"matt-heon",level:3},{value:"(19:18 in the video)",id:"1918-in-the-video",level:4},{value:"Open Forum/Questions?",id:"open-forumquestions",level:2},{value:"(23:45 in the video)",id:"2345-in-the-video",level:4},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday, June 6, 2023, 11:00 a.m. Eastern (UTC-4)",id:"next-meeting-tuesday-june-6-2023-1100-am-eastern-utc-4",level:2},{value:"Next Cabal Meeting: Thursday, April 20, 2023, 11:00 a.m. Eastern (UTC-4)",id:"next-cabal-meeting-thursday-april-20-2023-1100-am-eastern-utc-4",level:2},{value:"Meeting End: 11:33 a.m. Eastern (UTC-4)",id:"meeting-end-1133-am-eastern-utc-4",level:3},{value:"Google Meet Chat copy/paste:",id:"google-meet-chat-copypaste",level:2},{value:"Raw Google Meet Transcription",id:"raw-google-meet-transcription",level:2}],Kn={toc:Vn},Qn="wrapper";function Zn(e){let{components:t,...n}=e;return(0,ce.kt)(Qn,(0,Q.Z)({},Kn,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting-notes"},"Podman Community Meeting Notes"),(0,ce.kt)("h2",{id:"april-4-2023-1100-am-eastern-utc-5"},"April 4, 2023 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"attendees-17-total"},"Attendees (17 total)"),(0,ce.kt)("p",null,"Ashley Cui, Brent Baude, Christopher Evich, Daniel Walsh, Ed Haynes, Ed Santiago Munoz, fpoirotte, Giuseppe Scrivano, Jake Correnti, Mark Russell, Matt Heon, Mohan Boddu, Nalin Dahyabhai, Paul Holzinger, Tom Sweeney, Urvashi Mohnani, Valentin Rothberg"),(0,ce.kt)("h2",{id:"meeting-start-1103-am-est"},"Meeting Start: 11:03 a.m. EST"),(0,ce.kt)("h3",{id:"video-recording"},"Video ",(0,ce.kt)("a",{parentName:"h3",href:"https://youtu.be/B1OynYGBHz8"},"Recording")),(0,ce.kt)("h2",{id:"netavark-plugins"},"Netavark Plugins"),(0,ce.kt)("h3",{id:"paul-holzinger"},"Paul Holzinger"),(0,ce.kt)("h4",{id:"130-in-the-video"},"(1:30 in the video)"),(0,ce.kt)("h4",{id:"demo-145-in-the-video"},"Demo (1:45 in the video)"),(0,ce.kt)("p",null,"The next Netavark will introduce plug-in support for the network. Paul showed a Rust plugin and ran through the code. He copied it to /usr/local/netavark. Now when he does podman info, it shows the plugin. He then did ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman network create --driver host-device-plugin --interface-name test1 test1"),", and it created the ",(0,ce.kt)("inlineCode",{parentName:"p"},"test1")," network."),(0,ce.kt)("p",null,"You can code what you want, and he's provided a simple Rust interface. To use, you need to define a create and teardown function in your plugin."),(0,ce.kt)("p",null,"You can then do a ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman network inspect test1")," to show the characteristics of the plugin."),(0,ce.kt)("p",null,"The goal is to allow CNI plugins to be modified into Netavark plugins using this ability in the future."),(0,ce.kt)("h2",{id:"podman-machine-os-demo"},"Podman Machine OS Demo"),(0,ce.kt)("h3",{id:"ashley-cui"},"Ashley Cui"),(0,ce.kt)("h4",{id:"907-in-the-video"},"(9:07 in the video)"),(0,ce.kt)("p",null,"A new suite of commands in ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman machine")," lets you build a container image and add packages into your VM on the Mac."),(0,ce.kt)("h3",{id:"demo---914-in-the-video"},"Demo - (9:14 in the video)"),(0,ce.kt)("p",null,"She created a machine. Then showed a Containerfile with RHCOS to build an image using a regular ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman build")," command."),(0,ce.kt)("p",null,"She then used apply from the image to the machine, and it bumped the Podman version on the machine, which took effect after the machine was rebooted."),(0,ce.kt)("p",null,"Useful for folks that want to try different versions of Podman in the machine, especially useful for testing. You only need to know about Containerfile information, rather than the VM's interfaces."),(0,ce.kt)("p",null,"It supports pulling the images from anywhere. So you could push an image to a registry, then multiple users could pull the image and get the same image at each one.."),(0,ce.kt)("p",null,"Brent thought of two use cases. One to run the latest Podman in the machine, great for development. Also useful for non-native arch builds in the machine."),(0,ce.kt)("p",null,"Matt asked about OS reversion and whether updates would happen automatically. Ashley said it should, but she's still testing the scenarios."),(0,ce.kt)("h2",{id:"podman-database-update"},"Podman Database Update"),(0,ce.kt)("h3",{id:"matt-heon"},"Matt Heon"),(0,ce.kt)("h4",{id:"1918-in-the-video"},"(19:18 in the video)"),(0,ce.kt)("p",null,"An update that should be invisible, but just as a heads up. The database system is currently BoltDB and we thought it did what we needed. However, a number of data corruption issues with BoltDB have arisen lately, and not a lot of support from the providers."),(0,ce.kt)("p",null,"The Podman team decided that it was no longer safe to use BoltDB, nor support it. So a new SQLlite interface is being used. In Podman v4.5, it will be available for use, but will not be the default. Likely that in Podman v4.6 it will be the default."),(0,ce.kt)("p",null,"We expect better stability, better performance, especially in large reads of images."),(0,ce.kt)("p",null,"Most people won't care about this for the near future. We will announce BoltDB deprecation and then provide scripts to change over later on."),(0,ce.kt)("h2",{id:"open-forumquestions"},"Open Forum/Questions?"),(0,ce.kt)("h4",{id:"2345-in-the-video"},"(23:45 in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"When is Podman v4.5 coming out?\nIdealy late next week, RC1 came out yesterday, and the final version late next week with a couple of RCs before the final.")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Next version of Podman in RHEL will be Podman v4.6 in RHEL 8.9/9.3. Podman v4.4.1 will be in RHEL 8.8/9.2."))),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Quadlet demo."),(0,ce.kt)("li",{parentName:"ol"},"Podman v4.5 Demo - Matt"),(0,ce.kt)("li",{parentName:"ol"},"QM quadlet - Dan"),(0,ce.kt)("li",{parentName:"ol"},"Podman Desktop v1.0 - Stevan Le Meur")),(0,ce.kt)("h2",{id:"next-meeting-tuesday-june-6-2023-1100-am-eastern-utc-4"},"Next Meeting: Tuesday, June 6, 2023, 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"next-cabal-meeting-thursday-april-20-2023-1100-am-eastern-utc-4"},"Next Cabal Meeting: Thursday, April 20, 2023, 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"meeting-end-1133-am-eastern-utc-4"},"Meeting End: 11:33 a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"google-meet-chat-copypaste"},"Google Meet Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"https://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nYou11:04\u202fAM\nIf you have not signed in, please do so in hackmd: https://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nBrent Baude11:10\u202fAM\nthis is awesome\nPaul Holzinger11:12\u202fAM\nnetavark plugins PR: https://github.com/containers/netavark/pull/509\nneeds someone to review and merge :)\nMatt Heon11:13\u202fAM\nI'm on it. After lunch at least.\n")),(0,ce.kt)("h2",{id:"raw-google-meet-transcription"},"Raw Google Meet Transcription"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"ieq-pxhy-jbh (2023-04-04 11:02 GMT-4) - Transcript\nAttendees\nAshley Cui, Brent Baude, Christopher Evich, Daniel Walsh, Ed Haynes, Ed Santiago Munoz, fpoirotte, Giuseppe Scrivano, Jake Correnti, Mark Russell, Matt Heon, Mohan Boddu, Nalin Dahyabhai, Paul Holzinger, Tom Sweeney, Urvashi Mohnani, Valentin Rothberg\nTranscript\nThis editable transcript was computer generated and might contain errors. People can also change the text after it was created.\nTom Sweeney: Hello everybody. Welcome to the Clubman community meeting today is Tuesday, April 4, 2023. Just as a reminder, we are. We have this meeting every other month on the even numbered months, we talked about all things podman or containers with any kind of demo or discussions along those lines. Topics are driven by people sending me stuff for me asking people or people coming along and or sometimes within our groups being asked to set something here. And again, anything for pop, man, build a Scorpio or any of their Well, probably be helpful if I actually shared my screen as well.\nTom Sweeney: Build our Scorpio and related projects, I'll be taking meeting notes today within the hack. MD, If you see something that put in that's incorrect or you want to add a link or something to that, please feel free to do so. And then for today, we will be talking about net of our plugins with Paul Holzinger. Then Ashley Q, Ashley will be doing a five man, machine OS demonstration for us. And then that will be talking about podman updates for to the database that we're working on right now coming out soon. And then we'll be talking about topics for next meeting And/or. Any open discussions that you want to have So, with all that, I'm going to stop presenting and I'm going to hand it over to Paul.\nPaul Holzinger: Okay. I am going to share the screen.\nPaul Holzinger: so, none of our plugins is for a way to Manage certain extra wishes which you want in your network setup. So with C&i where you could customize a lot, you could write your own plugins and network only supported Bridge. Make VLAN and no IPV then.\nPaul Holzinger: that's, That's good, but not enough for some users. So, with the next version we gonna introduce plug-in support and network, And I'm going to show very quick. I have a small example. Written in. Rust.\nPaul Holzinger: It's so the concept is pretty simple, you're plugging can create a network config. Then it needs to do. set up, which is just, Like, set up would be. Creating an interface in a container namespace and connecting it to the host. And you can do pretty much what you want. That's whatever you call. And tear down should pretty much. Be the inverse of setup. So we moved in the face again. And yeah, that's that's pretty much it. That I can. I can link to PR afterwards where there's a documentation holder. And convict chase and looks and how it works. Pretty much. And with that, I have a simple.\nPaul Holzinger: Simple plugin here. Host device plugin. I Copied to the. User local like never Mark directory, which can be configured and containers.com. And now, if I have to. Portman info. I should see. On the network that it detected. The plugin here. and that means I should be able to do a simple portman network create Driver. And then host device plugin. And the host device. Plugin is example, is just very simple one that Most host interface into the container, and if you stop the container, we move the interface back to the host.\nPaul Holzinger: And that there's a new option. I will editor in something.\nPaul Holzinger: Interface Name and I create already created an interface like on my host. I have a test one. And then I give a network name. Also test one so I can show the interface. Just one. And if, you know, run a container, Apartment run. Network test One. Alpine. And take a look. Test one must moved in. And if I show again, it's back. So if I Run this in the background pretty quick. Just to show that. It was really moved 10 seconds. Let's see the interface is gone.\n00:05:00\nPaul Holzinger: If we made this moment,\nPaul Holzinger: no, no I'm just yeah now the container stopped it's big so,\nPaul Holzinger: Let's just a very simple example. You can. Code, whatever you want in there. And I provided a simple rust interface. To automatically take care of. the so it's a it's a external binary you have A sub command for create, for setup for teardown. And if you use the Small rust binding. It will take care of the setup and stuff and then you just Let me see if I can increase the size. Yes.\nPaul Holzinger: like the that's the pretty much what you need in your plugin and you import You import the trade? And then, you must define. a create function, a setup function, which gets the like the path for the network and Yeah, this settings like the third like the network config I can. it's You get order in for you, you can put in a network config and do whatever you're like. So if you do the\nPaul Holzinger: Network inspect.\nPaul Holzinger: So this kind of information your your plugin sees as well. And then you can decide what you want to do. And if you use the - subnet option and stuff, you have the top nets in here like like you are used to, if you Inspect, the normal network, like you have all all the information. And with that, I'm done if there are any questions, please ask them now. Or later.\nDaniel Walsh: You see people modifying CNI plugins to work with us? The goal.\nPaul Holzinger: That's that's the goal. So because we are gonna deprecate, CNI at like remove it. At some point, we are going to remove the roof to the support and to have a way for some people who are currently having their own custom work. They need to Adapt to to this new one or use a standard driver or there are many ways to set up network of even without that you can use a custom network namespace path. But with this it's pretty simple because the setup and teardown is is built into portman right in into the container life cycle with all having to manage anything as\nPaul Holzinger: and advantage to the scene icon and instead I integrated the support into Portman network Create as well. So you know we've seen eye plugins custom stuff, you need to manage your CONFIGS on there and place it in the right direction. With that, you're just network create and\nPaul Holzinger: Hey, Google.\nDaniel Walsh: Very nice.\nTom Sweeney: Any other questions?\nTom Sweeney: Right, thanks Paul. Look great. Ashley Potman Machine West, demo\nAshley Cui: Yeah, I'm gonna share my screen. I demo this already and the container plumbing days but I'm going to show it again for those who aren't that conference but basically we have a new command in podmachine called Padme Machine OS, apply or It's a suite of commands applies. The only one in there at the current moment but what it allows you to do is Ontrador Cora Space Systems which is the default OS for Padre, Machine on Mac and Linux it allows you to take a container image and\nAshley Cui: Add packages based on or build a container image from like a container file and an ad packages into your VM, through rpmos tree,\u2026\nTom Sweeney: Off.\nAshley Cui: which is the package manager for Fedora chorus. So I'm just going to play my demo over here. So I'm going to start a\u2026\n00:10:00\nTom Sweeney: because,\nAshley Cui: where I'm going to make a new podman machine and parts of these. Are sped up for four times sake but it's all like yeah. Anyway,\nAshley Cui: And then I'm going to start the machine that I just created so this is just like kind of your vanilla machine. Nothing special inside of it, just your default pond machine. And then, so I'm going to check the podman version and outside the machine. Is the server is, or the server inside the machine is 441, and then the client outside the machine is 4.5. And then. So now I have this container file, it's kind of a standard container file from, but it has Fedora Cross as the base image and what what I'm doing is I'm running rpmos tree and updating containers or podman and it's friends to the most latest upstream version on main and also removing a bunch of stuff. um, and so I'm going to use this container file and build an image.\nAshley Cui: And also tag it correctly. I assume\nAshley Cui: and then, so it's gonna this is just a standard podman build like there's nothing special in a regular podium builds command\nAshley Cui: And so now we have this image that we just built. in our, Local storage.\nAshley Cui: And then again, checking the cloud inversion inside the VM, it's 441 outside, it's 4.5. And now I'm going to do a pod machine osupply to the and specify the image that I just built and it should apply it to the default POD machine. You can use if your pottery machine is, you know, name something else. You can use that as a second argument and it will apply it to that machine. And then I for Is to take effect, you have to reboot your machine.\nAshley Cui: And then now if you take a look at diversion inside of the VM, the pod machine, it's upgraded to 4.5 dev so you can see. So this feature is like particularly useful for people who want to experiment with different packages and versions of podium inside the the pod inside the machine. So I guess like For example, like the desktop team uses this or can use this if they want the latest upstream version of podman inside of their pod machine to like, tests and stuff. And again like it allows users to customize the machine in a familiar way so you don't have to go and build new VMs and learn like VM tooling you can you can use what you know which is like container files and building images in order to customize and put whatever you need inside of the VM.\nAshley Cui: By by just building images and using problems, you know, a supply. So that's that's basically the demo if anybody has any questions.\nDaniel Walsh: Showed you updated from container storage inside of the machine. That was So could it could I call could I do that with a registry?\nAshley Cui: Yes.\nAshley Cui: Yes. So it supports anything that like podcast supports it, anything that like Scopia supports, you can pull it from a registry, you can pull it from local. You can do a bunch of stuff. Yeah.\nDaniel Walsh: So if I if I was a company I wanted to do this I could push to a right. I could push it update to a registry and then every one of my users on all the different machines automatically. Do they have do that machine update from a registry and everybody would get the same version. Correct.\nAshley Cui: Yes, absolutely. Yeah.\nDaniel Walsh: Cool.\nBrent Baude: I'll just add that. I think there were two use cases in mind. When we went through this design, and Ashley showed the one where we can run the Latest pod man inside the machine, which is great for development and testing. The other one we've had in in mind is the folks that are wanting to do various multi-arch, or non-native arts. Builds or runs or testing, where they need some commute package to be on there. Which does not come as a default. So this is a easy way to plop those on real quick and be able to do whatever it is. You you had in mind.\n00:15:00\nDaniel Walsh: so, two weeks from now with new Core or West comes out. And gets updated what happens? Then\nBrent Baude: What?\nDaniel Walsh: We have to rerun the apply is. Rebuilt with rebuild. And then do we really apply, right?\nBrent Baude: Are you wanting to revert or\u2026\nDaniel Walsh: now, I'm just saying so I've added I guess there's an example.\nBrent Baude: do you want to get done?\nDaniel Walsh: There's a question out on One of the issues, someone wanted installed QM user. You know, that's 390 and\u2026\nBrent Baude: Yep.\nDaniel Walsh: so they install it, they go through this procedure, they install it. And we're running for OS 37 and 37.1 comes out. Now they want to update,\u2026\nBrent Baude: Sure.\nDaniel Walsh: they're gonna have to go through this procedure again to\nBrent Baude: If they no longer require the 390 packages, they could just simply take, take the update. or they could just execute a rebuild, which would in the container file would have from you\u2026\nDaniel Walsh: Okay.\nBrent Baude: with latest which would mean the new version that the door chorus just made, so then A simple rebuild would be enough to do it and and ideally users would be doing a stop of CI. Type things or off of github actions. Where if a repo changes, it would just automatically build and that way they consume, and then it wouldn't be on the user's shoulders to do that manual. Work.\nMatt Heon: Question. If I were to decide to switch back from my custom OS supply, to say Standard F cost, the stable train, does that put me back on automatic updates or am I going to have to do something to get back on automatically updating?\nAshley Cui: So I'm working on the current OS revert. The way that it works right now is it should I put you back on automatic updates? Because I think the automatic update driver is called like Syncotti and that if it detects that you're on a regular stream of fedora, then it should automatically update from what I've seen. Not 100% sure, but from my testing, but it just depends on like what your base was before I believe.\nTom Sweeney: Any other questions for Ashley?\nBrent Baude: This is going to end when you the one of the things that takes a little getting used to here is we'd very much have had a feeder in Fedora chorus. But now this pivot you have to think of your OS as a container image. And then those all those things we've learned about being an image, maintenance applies,\nTom Sweeney: Pretty. I'm hearing anything else at this point, so I think I'm going to turn it over to Matt for the podman database update.\nMatt Heon: All right, so this is in updates on some internal things on podman that you should not have to care about but unfortunately, you may have to with the coming future. Uh, so podman has a back-end database and if you're just upon an user not developer you probably have no knowledge of this because it's used purely for internal things. We used to store the state of containers and figuration containers, things like that. Um and this was previously in something called Bolt DB, which is a native glen better database, very simple and we thought that it did everything we needed. However, over the last year, so we've become aware of an increasing number of reports of data corruption with both dB to the poor. I wouldn't call it common, but if you are to shut your computer down on expectantly, while Bolt is doing something, there is apparently a fairly good chance that you're going to end up with an unusual database.\n00:20:00\nMatt Heon: Which means all your containers are gone, basically, requires complete recreate. So we've been looking into this for a while now and we came to the conclusion that it was not really safe to continue using Bull TB. It was unmaintained, there was basically no error handling. There was no path to data recovery and it didn't seem like it would be reasonably possible to create or to fix it rather. So that it did not corrupt itself. So we have investigated alternative database solutions and we now have an alternative database driver written up that uses SQLite instead. So right now, this is just gonna be a tech preview thing that is going to come out with the next partner and release Pod Man. Four, five of the next couple weeks and it's not going to be default for now it's just for people who want to opt into testing it at some point in the future. Probably Paul man for six we're going to see about making it the default for new installations.\nMatt Heon: existing insulations, will continue to use both DB And at some point in the further off future, we will investigate removing multi-b completely. And basically, having only SQLite and again, primary things you can expect from this transition. One stability Pod, man will stop eating its own database in cases of unexpected power loss. That's obviously, plus two performance in some operations, especially read operations. If you have large wise of containers and you're doing something like a podman PS, you can expect a significant performance boost. And three long term stability, we feel that SQLite has a much more vibrant and large community than volt dB does and as such there's a lot more potential future growth there in terms of performance, in terms of stability.\nMatt Heon: Potentially features but we're probably not using those. It's going to be a very simple database driver still. So generally speaking, you probably should not have to care about this for this foreseeable future, but at some point in the future, we are going to be announcing a the deprecation and removable DB And when we do that, we will have steps for you to take to get on the new SQLite driver if you haven't already and you probably won't have to. Because again, new installations will be switched over to SQLite. Won't before that And that is a general summary of what to expect with our move to seek lights. Why we're doing it? What to expect\nTom Sweeney: like,\nMatt Heon: Any questions?\nTom Sweeney: Very quiet bunch today.\nTom Sweeney: Right, I'm not hearing any questions for that. So I think we'll do is go on to the open form and questions that just ask. Are there any general questions or comments that you want to make?\nDaniel Walsh: I'll guess I'll ask a question that I potentially know the answer to One is pardman Ford, our five coming out.\nMatt Heon: Ideally next week late next week, we have rc1 just came out yesterday.\nTom Sweeney: Five.\nMatt Heon: I'm expecting an rc2 later this week potentially an rc3 early. Next week. If we feel, we need it and then a final late next week.\nDaniel Walsh: Okay, and I guess the other question would be what versions are gonna be showing up in the next version of Rella?\nMatt Heon: What are five will not be one of those. We're expecting our next major. Drop into Rel /. Centos stream is going to be for six, which will probably be more of a late summer type of time frame.\nDaniel Walsh: So, I, I would follow that. So right now, apartment 4.4 that one, I think, is that, right? Tom is gonna be in real 902 in Raleigh.8.\nDaniel Walsh: As I asked loaded questions.\n00:25:00\nMatt Heon: Yeah, we're expecting a 4.6 in nine three and eight nine, I believe. And yeah. Generally speaking, we're going to continue on the same sort of cadence, we had before retargeting for ish, releases per year pot man. And two of those will end up in Ralph from here on out.\nTom Sweeney: And whatever. It's worth the 441, which will be in podman 8892 will be released. sometime in early May\nTom Sweeney: and then the fourth sixth version will be able to sometime in January. I want to say no February. Getting dates.\nDaniel Walsh: Hey.\nTom Sweeney: Yeah, did somebody popping? but the question,\nTom Sweeney: Or comment.\nTom Sweeney: Okay. Also, while we're here, anybody have any Topics Suggestions For the next meeting in June 6, we have one for a quadlet demo already.\nMatt Heon: Will probe that would not be a bad time to show off podman 4-5. We're still firming some things up right now. So we couldn't really don't want today but we should have a good summary of what's in four or five by the next meeting.\nTom Sweeney: But anybody else or any other questions otherwise we're going to quite a bit early today but that's not a bad thing.\nTom Sweeney: Okay, then we'll just I'll just remind for the next meetings. We are having a meeting on Tuesday, June 6th for the Quad Man community meeting which again is the demo, kind of meetings, and our next cabal meeting for the community will be on Thursday, April 20th, which is two weeks from this Thursday, I believe. And those meetings are used mostly for design. Kind of work for plugin or any technical discussions related to the to the code base. Pretty much. And we're always happy to have comments or suggestions or topics for other. One of those, please be afraid to send me an email directly or put stuff up in the discuss discussion forums that we have on Github for providing. And unless anybody has anything else I'm going to End the recording.\nTom Sweeney: Okay, recordings done. Anybody wants anything off offline other than Hi? Jake. Good to see you again.\nJake Correnti: Everyone's good to see you.\nDaniel Walsh: Hey, Jake. And yeah at that time Tom I probably do a QM, the qmse Linux thing that I've done internally so I can do that for the next. To explain how we're using Quad LED Auto.\nTom Sweeney: For the next demo or for the community meeting. Okay.\nDaniel Walsh: Yeah. Next next community meeting\nTom Sweeney: That.\nDaniel Walsh: and hopefully, we can get an update from five main desktop at that point since they'll be just about to go 1.0 What's the date of that?\nTom Sweeney: Not know, actually, do you know?\nAshley Cui: Many 22nd.\nDaniel Walsh: What's the date of the next cabal? I mean, the next Emma.\nTom Sweeney: Yeah, well, the next ball is April 20th. The next community meeting is June 6th.\nDaniel Walsh: Yeah, so we could have them fell just release 1.0 so he probably should have them back into a demonstration.\nTom Sweeney: I'll check with stuff on.\nTom Sweeney: Right. I'm gonna Close up the meeting. I'm not hearing anything else, folks. Enjoy your lunch dinner breakfast. Whatever. Take care.\nEd Santiago Munoz: Let's work everybody.\nMohan Boddu: Thank you.\nMeeting ended after 00:30:00 \ud83d\udc4b\n")))}Zn.isMDXComponent=!0;const _n={},Xn="Podman Community Meeting",$n=[{value:"February 2, 2021 11:00 a.m. Eastern (UTC-5)",id:"february-2-2021-1100-am-eastern-utc-5",level:2},{value:"Attendees (49 total)",id:"attendees-49-total",level:3},{value:"Meeting Start: 11:03 a.m.",id:"meeting-start-1103-am",level:2},{value:"BlueJeans Recording",id:"bluejeans-recording",level:3},{value:"Podman v3.0 Overview",id:"podman-v30-overview",level:2},{value:"Matt Heon",id:"matt-heon",level:3},{value:"(1:50 in the video)",id:"150-in-the-video",level:4},{value:"Breaking changes.",id:"breaking-changes",level:4},{value:"Demo",id:"demo",level:4},{value:"Podman with Docker Compose Demo",id:"podman-with-docker-compose-demo",level:2},{value:"Brent Baude",id:"brent-baude",level:3},{value:"(11:20 in the video)",id:"1120-in-the-video",level:4},{value:"Misc Demos",id:"misc-demos",level:2},{value:"Tom Sweeney",id:"tom-sweeney",level:3},{value:"(18:10 in the video)",id:"1810-in-the-video",level:4},{value:"GitHub Discussions",id:"github-discussions",level:2},{value:"Questions?",id:"questions",level:2},{value:"(24:50 in the video)",id:"2450-in-the-video",level:4},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday March 2, 2021, 11:00 a.m. Eastern (UTC-5)",id:"next-meeting-tuesday-march-2-2021-1100-am-eastern-utc-5",level:2},{value:"Meeting End: 11:51 a.m. Eastern (UTC-5)",id:"meeting-end-1151-am-eastern-utc-5",level:3},{value:"BlueJeans Chat copy/paste:",id:"bluejeans-chat-copypaste",level:2}],ea={toc:$n},ta="wrapper";function na(e){let{components:t,...n}=e;return(0,ce.kt)(ta,(0,Q.Z)({},ea,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting"},"Podman Community Meeting"),(0,ce.kt)("h2",{id:"february-2-2021-1100-am-eastern-utc-5"},"February 2, 2021 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"attendees-49-total"},"Attendees (49 total)"),(0,ce.kt)("p",null,"Tom Sweeney, Brent Baude, Jhon Honce, Dan Walsh, Chris Evich, Lokesh Mandvekar, Urvashi Mohnani, Nalin Dahyabhai, Eduardo Santiago, Valentin Rothberg, Giuseppe Scrivano, Miloslav Trmac, Parker Van Roy, Preethi Thomas, JJ Asghar, Hendrik Haddorp, Dan Walsh, Eric The IT Guy, Ashley Cui, Greg Shomo, Lee Whitty, Anders Bj\xf6rklund, Jacob Lindgren, Christian Felder, Alex Litvak, Paul Holzinger, Rodrique Heron"),(0,ce.kt)("h2",{id:"meeting-start-1103-am"},"Meeting Start: 11:03 a.m."),(0,ce.kt)("h3",{id:"bluejeans-recording"},"BlueJeans ",(0,ce.kt)("a",{parentName:"h3",href:"https://bluejeans.com/s/UNt8jSU7IH2"},"Recording")),(0,ce.kt)("h2",{id:"podman-v30-overview"},"Podman v3.0 Overview"),(0,ce.kt)("h3",{id:"matt-heon"},"Matt Heon"),(0,ce.kt)("h4",{id:"150-in-the-video"},"(1:50 in the video)"),(0,ce.kt)("p",null,"Podman 3.0 will be the largest ever. Expecting an RC3 later this week, 3.0 final by Wednesday of next week. Docker Compose support is a large one, along with podman rename. Copy support for remote clieantadded for copying in and out of containers using the http API. A number of network changes added by Paul Holzinger such as network reload, network ls, network create, and more. Networks now have ID's and labels. Podman checkpoint now supports with previous and checkpoint. Full details ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/RELEASE_NOTES.md"},"here"),"."),(0,ce.kt)("h4",{id:"breaking-changes"},"Breaking changes."),(0,ce.kt)("p",null,"Shortnames for CI now prompts for which image you want by default. This is only on a TTY, will not break any scripts. A security feature. In the future if shortnames are set to strict in Podman, scripts will break too, but you will be able set an alias. More info ",(0,ce.kt)("a",{parentName:"p",href:"https://www.redhat.com/sysadmin/container-image-short-names"},"here"),"."),(0,ce.kt)("p",null,"The podman load command no longer accepts a NAME","[:TAG]",", this was incompatible with Docker prior."),(0,ce.kt)("p",null,"The legacy Varlink API has been removed."),(0,ce.kt)("h4",{id:"demo"},"Demo"),(0,ce.kt)("p",null,"Matt started the demo (8:00 in the video):"),(0,ce.kt)("p",null,"Showed how to rename a container. The functionality works on rootful and rootless."),(0,ce.kt)("p",null,"Release notes for v3.0:",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/RELEASE_NOTES.md"},"here")),(0,ce.kt)("h2",{id:"podman-with-docker-compose-demo"},"Podman with Docker Compose Demo"),(0,ce.kt)("h3",{id:"brent-baude"},"Brent Baude"),(0,ce.kt)("h4",{id:"1120-in-the-video"},"(11:20 in the video)"),(0,ce.kt)("p",null,'A number of folks told us they had not moved to Podman from Docker due to a lack of "podman compose".'),(0,ce.kt)("p",null,"Docker-compose is a tool that talks to the docker.sock or podman.sock talking Docker API"),(0,ce.kt)("p",null,"Podman-compose is a wrapper around podman that translates docker-compose yaml files into podman commands."),(0,ce.kt)("p",null,"Now Docker-compose will just talk to podman.sock now."),(0,ce.kt)("p",null,"Brent did demo (13:42 in the video):"),(0,ce.kt)("p",null,"Using a yaml from Docker directly."),(0,ce.kt)("p",null,'"Not terribly exciting, it just does what it does."'),(0,ce.kt)("p",null,"We've had requests for Docker compoese and changes. The initial goal is to make it work rootful with Podman. it does so now. We've had requests for rootless which is feasible, but more work is necessary. It is only rootful for v3.0."),(0,ce.kt)("p",null,"Docker Compose articles:"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("a",{parentName:"li",href:"https://www.redhat.com/sysadmin/podman-docker-compose"},"https://www.redhat.com/sysadmin/podman-docker-compose")),(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("a",{parentName:"li",href:"https://www.redhat.com/sysadmin/compose-kubernetes-podman"},"https://www.redhat.com/sysadmin/compose-kubernetes-podman"))),(0,ce.kt)("p",null,"That second article is where Podman is heading."),(0,ce.kt)("h2",{id:"misc-demos"},"Misc Demos"),(0,ce.kt)("h3",{id:"tom-sweeney"},"Tom Sweeney"),(0,ce.kt)("h4",{id:"1810-in-the-video"},"(18:10 in the video)"),(0,ce.kt)("p",null,"Tom ran a demo to show some small new addtions that might have been lost in the shuffle. He showed the new ",(0,ce.kt)("inlineCode",{parentName:"p"},"--from")," and ",(0,ce.kt)("inlineCode",{parentName:"p"},"--stdin")," options for the ",(0,ce.kt)("inlineCode",{parentName:"p"},"buildah bud")," and ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman build")," commands, plus the new ",(0,ce.kt)("inlineCode",{parentName:"p"},"--list-tags")," option for the ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman search")," command."),(0,ce.kt)("p",null,"Demo Started (18:30 in the video)"),(0,ce.kt)("h2",{id:"github-discussions"},"GitHub Discussions"),(0,ce.kt)("p",null,"Podman has turned on the GitHub Discussions platform for the use of the community. Ask any questions you want there, make announcements of interest, or just drop in and say hi! It's under the \"Discussions\" link on the top of Podman's GitHub page, or directly at: ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/discussions"},"https://github.com/containers/podman/discussions")),(0,ce.kt)("h2",{id:"questions"},"Questions?"),(0,ce.kt)("h4",{id:"2450-in-the-video"},"(24:50 in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"When will v3.0 be available. Next week upstream, should be available in Fedora shortly after that. Hoping to have it in Ubuntu or Debian a bet after that. Centos streams soon after we release and in RHEL 8.4 which is scheduled sometime at the end of May."),(0,ce.kt)("p",{parentName:"li"},"Goal is to make things seamless as possible.")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Red Hat team is working on stabilization changes in the next few weeks. Focus on Mac developments. We think we're feature complete with Docker with the Podman v3.0 release. Work going on for refactoring Podman to hopefully decrease the size of the Podman library. Work continues on getting along with Kubernetest")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Static binaries will be added for v3.0, as there have been some breakage with the nixpackage. Chris has just added a fix for the nix issue.")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Containers Plumbing Conferene coming up in March, March 9 and 10 for four hours each day. Sign up here: ",(0,ce.kt)("a",{parentName:"p",href:"https://containerplumbing.org/"},"https://containerplumbing.org/"))),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Difference between Podman Compose and Docker Compose. Podman compose was written by the community which Dan believes was used to wrap docker yaml files and translate them to direct Podman commands.")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Can you elaborate on the issue with renaming infra-containers ? Matt did something quickly and it has some limitations that will be removed in v3.1. But should work fine for v3.0.")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"New Podman discussions on GitHub: ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/discussions"},"https://github.com/containers/podman/discussions"))),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Journald support. We thought it was working fine with k8s file system. Should be fixed completey in v3.1.")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Brent asked for any missing features that have not been added to GitHub. Anders talked about next generation of boot2docker/boot2podman (and docker-machine/podman-machine), see ",(0,ce.kt)("a",{parentName:"p",href:"https://boot2podman.github.io/"},"https://boot2podman.github.io/")," for details.")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Dan pointed out that we've moved our default run time library from runc to crun. We should still support both."))),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("h2",{id:"next-meeting-tuesday-march-2-2021-1100-am-eastern-utc-5"},"Next Meeting: Tuesday March 2, 2021, 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("p",null,"Setting goal to make April meeting in the evening East Coast, 8 to 10 pm."),(0,ce.kt)("h3",{id:"meeting-end-1151-am-eastern-utc-5"},"Meeting End: 11:51 a.m. Eastern (UTC-5)"),(0,ce.kt)("h2",{id:"bluejeans-chat-copypaste"},"BlueJeans Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"SETTINGS\nEVERYONEDIRECT MESSAGES\nMe10:47 AM\nPlease Sign in using the meeting notes and/or add questions at the end for the Q&A\nhttps://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nRodrique Heron11:00 AM\nwill this be recorded?\nawesome\nValentin Rothberg11:09 AM\nMore on short-name aliasing here: https://www.redhat.com/sysadmin/container-image-short-names\nChristian Felder11:12 AM\ndoes podman rename work with rootless as well?\nthanks\nMatt Heon11:13 AM\nFYI, release notes for 3.0 live at https://github.com/containers/podman/blob/main/RELEASE_NOTES.md\nExpect a few more bugfixes to trickle in before final release\nEdward Haynes11:13 AM\nis it called Podman Compose?\nDaniel (rhatdan) Walsh11:13 AM\nNo that is a different thing.\nEdward Haynes11:13 AM\nok\nDaniel (rhatdan) Walsh11:14 AM\nDocker-compose is a tool that talks to the docker.sock or podman.sock talking Docker API\nPodman-compose is a wrapper around podman that translates docker-compose yaml files into podman commands.\nEdward Haynes11:14 AM\nSo Docker-compose will just talk to podman.sock now\nDaniel (rhatdan) Walsh11:14 AM\nyes\nEdward Haynes11:14 AM\ngotcha\nDaniel (rhatdan) Walsh11:15 AM\nAs well as docker-py.\nJacob Lindgren11:18 AM\nboring is good!\nScott McCarty11:18 AM\nVery nice!\nEdward Haynes11:18 AM\nWe don't want things TOO boring or we'd all be out of a job\nBrent Baude11:22 AM\nre: docker-compose, here are a couple of articles ...\nhttps://www.redhat.com/sysadmin/podman-docker-compose\nhttps://www.redhat.com/sysadmin/compose-kubernetes-podman\nthe latter is really a glimpse into where Podman is heading.\nJacob Lindgren11:23 AM\noh i like this. I used skopeo inspect for this before.\nBrent Baude11:25 AM\ncool, i missed tht one dan/tom\nGShomo (Northeastern)11:27 AM\nwhich distribution/releases can expect to see podman-3.0 ?\nMatt Heon11:28 AM\n@GShomo Fedora should see it quickly. We actually disabled autobuilds for Ubuntu/Debian/CentOS in OBS, though\nWe will reenable them once we have verified the release is stable\nOBS doesn't have a real process for verifying the builds are functional so we sometimes end up shipping broken packages\nAnd we'd like to avoid this\nLokesh Mandvekar11:31 AM\n@gshomo: if you can spare some resources, newer packages will be available quicker on the testing project. See: https://podman.io/getting-started/installation#installing-development-versions-of-podman\nChristian Felder11:35 AM\non our own OBS appliance we've two projects, stable and testing, and we first build in testing and our CI does something once the package has been built in testing, at the moment for our rpm packages just installing them... But basically you could run several steps afterwards in your CI if you want to ingetrate OBS into your release pipeline\nValentin Rothberg11:36 AM\nhttps://containerplumbing.org/\nGShomo (Northeastern)11:36 AM\ncan you elaborate on the issue with renaming infra-containers ?\nAnders Bj\xf6rklund11:38 AM\n\"Registration will open on February 1, 2021.\"\nMatt Heon11:40 AM\n@GShomo - I did things the quick way, instead of the right way, to get things landed in time for 3.0\nI will have this fixed for 3.1\nIt's a silly limitation from my doing things quickly :-)\nAlex Litvak11:41 AM\nwhat are the changes for journald support?\nGShomo (Northeastern)11:41 AM\nthank you !\nAlex Litvak11:44 AM\nthank you\nLudovic Cavajani11:44 AM\nThanks !\nMe11:45 AM\nFun Fact: In 1976 an LA secretary named Jannene Swift officially married a 50 pound rock in a ceremony witnessed by more than 20 people. Perhaps the first \"Pet Rock\"?\nJJ Asghar11:47 AM\nfyi: https://containerplumbing.org/register seems to say it's going to open on the 1st.... :'(\nChristian Felder11:48 AM\nI had to adjust some kernel settings in the past when I started some more containers (around 40)... - user.max_inotify_instances, fs.inotify.max_user_watches\nwould be nice to have some guidelines on that settings, although this might be not a podman only issiue...\nDevin Parrish11:49 AM\nThanks!\nJames Cassell11:49 AM\nwhere do we find recordings of this and past meetings?\n(Tom Sweeney responded verbally, podman.io under https://podman.io/community/meeting/. A link on each set of notes.)\nChristian Felder11:49 AM\nOk. I'll open an issue\nThanks\nJames Cassell11:50 AM\nthanks\nLokesh Mandvekar11:50 AM\nChristian Felder: RE: OBS, I'll be working on a change which will allow building debian packages from the rpm spec files, (thanks to Neal Gompa) ..maybe migrate that to upstream repos as well\n")))}na.isMDXComponent=!0;const aa={},oa="Podman Community Cabal Meeting",ia=[{value:"July 15, 2021 10:00 a.m. Eastern (UTC-4)",id:"july-15-2021-1000-am-eastern-utc-4",level:2},{value:"Attendees (24 total)",id:"attendees-24-total",level:3},{value:"Meeting Start: 10:05 a.m.",id:"meeting-start-1005-am",level:2},{value:"Video Recording (You'll need to request access to view, we'll try to change that for the next meeting.)",id:"video-recording-youll-need-to-request-access-to-view-well-try-to-change-that-for-the-next-meeting",level:3},{value:"Copy an image from container storage to another container storage",id:"copy-an-image-from-container-storage-to-another-container-storage",level:3},{value:"(9:50 in the video)",id:"950-in-the-video",level:4},{value:"New Features for podman play kube",id:"new-features-for-podman-play-kube",level:3},{value:"(27:25 in the video)",id:"2725-in-the-video",level:4},{value:"Discussion with Training Team",id:"discussion-with-training-team",level:3},{value:"(44:45 in the video)",id:"4445-in-the-video",level:4},{value:"Open discussion",id:"open-discussion",level:3},{value:"(48:55 in the video)",id:"4855-in-the-video",level:4},{value:"Next Meeting: Thursday August 19, 2021 10:00 a.m. EDT (UTC-4)",id:"next-meeting-thursday-august-19-2021-1000-am-edt-utc-4",level:3},{value:"Meeting End: 10:56 a.m. Eastern (UTC-4)",id:"meeting-end-1056-am-eastern-utc-4",level:3}],sa={toc:ia},ra="wrapper";function la(e){let{components:t,...n}=e;return(0,ce.kt)(ra,(0,Q.Z)({},sa,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting"},"Podman Community Cabal Meeting"),(0,ce.kt)("h2",{id:"july-15-2021-1000-am-eastern-utc-4"},"July 15, 2021 10:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"attendees-24-total"},"Attendees (24 total)"),(0,ce.kt)("p",null,"Matt Heon, Mehul Arora, Miloslav Trmac, Nalin Dahyabhai, Paul Holzinger, Pavel Sosin, Reinhard Tartier, Urvashi Mohnani, Valentin Rothberg, Tom Sweeney, Anders Bjorklund, Ashley Cui, Brent Baude, Charlie Doern, Chris Evich, Dan Walsh, Ed Haynes, Ed Santiago, Erik Bernoth, Lokesh Mandvekar."),(0,ce.kt)("h2",{id:"meeting-start-1005-am"},"Meeting Start: 10:05 a.m."),(0,ce.kt)("h3",{id:"video-recording-youll-need-to-request-access-to-view-well-try-to-change-that-for-the-next-meeting"},"Video ",(0,ce.kt)("a",{parentName:"h3",href:"https://drive.google.com/file/d/1hdLMicPfI9NA_MEuGaHGtyIgw6v28Ojg/view"},"Recording")," (You'll need to request access to view, we'll try to change that for the next meeting.)"),(0,ce.kt)("p",null,"Started out with general discussion of the meetings purpose going forward. We then went around and did introduction of each of the attendees."),(0,ce.kt)("h3",{id:"copy-an-image-from-container-storage-to-another-container-storage"},"Copy an image from container storage to another container storage"),(0,ce.kt)("h4",{id:"950-in-the-video"},"(9:50 in the video)"),(0,ce.kt)("p",null,(0,ce.kt)("inlineCode",{parentName:"p"},"podman image scp")," - Ed Santiago wanted an easy way to move stuff from container storage to container storage. Charlie Doern originally created a PR and after discussion, a number of options were discussed (see ",(0,ce.kt)("a",{parentName:"p",href:"./Podman_Image_SCP.pdf"},"slides"),")"),(0,ce.kt)("p",null,"Two thoughts are towards sticking with ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman image scp"),". This is doable now with bash scripting, but Dan would like it as a part of command line interface."),(0,ce.kt)("p",null,"Why use \"colon colon\"? To keep it away from the ssh protocol, we're using it as a key to note it's a ssh remote call. Whereas a single colon would be looked at as a transport."),(0,ce.kt)("p",null,'Erik noted he liked the feature. You don\'t need to set up registries for different users. He is concerned it might be confusing to new users. He would set aside "save" and "load" to backup types of commands.'),(0,ce.kt)("p",null,"The goal is to not tranform the image, it should be exactly the same before and after. Including multi-layer images. If the target has some of the layers already in place, you might want only copy the layers that don't exist."),(0,ce.kt)("p",null,'We might look at "git pull" and "git push" for possible examples.'),(0,ce.kt)("p",null,"This would allow copying from one machine to another."),(0,ce.kt)("p",null,'Should we use "scp" to "cp" or "copy". Anders saw a lot of bike shedding with scp versus cp in Kurbernetes. Something to consider. We started with "scp" as it does use ssh under the covers and clues the user in.'),(0,ce.kt)("p",null,'Should we use "scp://" and be another transport. The problem with that is it would require another service.'),(0,ce.kt)("h3",{id:"new-features-for-podman-play-kube"},"New Features for ",(0,ce.kt)("inlineCode",{parentName:"h3"},"podman play kube")),(0,ce.kt)("h4",{id:"2725-in-the-video"},"(27:25 in the video)"),(0,ce.kt)("p",null,"The play kube command has been growing due to user command. Customers have been using yamls, find something isn't yet covered, and so we've added commands to satisfy the need."),(0,ce.kt)("p",null,"It would be good to get input from the community about what futher work is needed to ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman play kube"),". If you have ideas, please open a discussion"),(0,ce.kt)("p",null,"Dan wonders if we could look at the functionality of Docker Compose and then ingrain them into 'podman play kube'. A number of use cases have been found in yaml files used for OpenShift."),(0,ce.kt)("p",null,"Looking atwo things: Be able to build similar to how Docker Compose does based on Docker files."),(0,ce.kt)("p",null,"Init containers that would be run after a pod infra container. They would do init/setup jobs, then the rest of the pods would kick off. This is a standard feature in Kubernetes."),(0,ce.kt)("p",null,"Any further ideas: Erik thinks this is a key feature and many are using composed. Play kube is very valuable as it moves things into kubernetes easily. We could potentially ask someone from OKD or other discussion groups."),(0,ce.kt)("p",null,"Currently play kube and systemd don't play well together, so that would be a nice addition if it can. Valentin discussed the current status."),(0,ce.kt)("p",null,"We currently don't have a ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman play kube stop"),", would that be good? Erik was asked if this would be useful. Erik thinks it would be good."),(0,ce.kt)("p",null,"Podman's goal isn't to compete against Kubernetes, but to allow users to move to a single host environment."),(0,ce.kt)("h3",{id:"discussion-with-training-team"},"Discussion with Training Team"),(0,ce.kt)("h4",{id:"4445-in-the-video"},"(44:45 in the video)"),(0,ce.kt)("p",null,"Doing training and ran into issue and couldn't debug it. Issue raised with ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/issues/10482"},"https://github.com/containers/podman/issues/10482")),(0,ce.kt)("p",null,"Perhaps we could invite someone from the training team to discuss how the training can be improved/worked on. Dan thinks it might be just due to the time necessary to develop the training. May be do it in a container."),(0,ce.kt)("h3",{id:"open-discussion"},"Open discussion"),(0,ce.kt)("h4",{id:"4855-in-the-video"},"(48:55 in the video)"),(0,ce.kt)("p",null,"Brent asked if people move on IRC to libera. Most have. Lokesh noted the IRC channel is using Matrix. ",(0,ce.kt)("a",{parentName:"p",href:"https://kparal.wordpress.com/2021/06/01/connecting-to-libera-chat-through-matrix/"},"https://kparal.wordpress.com/2021/06/01/connecting-to-libera-chat-through-matrix/")),(0,ce.kt)("p",null,'Cabal meetings purpose "What\'s the future of Podman" type of discussions.'),(0,ce.kt)("h3",{id:"next-meeting-thursday-august-19-2021-1000-am-edt-utc-4"},"Next Meeting: Thursday August 19, 2021 10:00 a.m. EDT (UTC-4)"),(0,ce.kt)("h3",{id:"meeting-end-1056-am-eastern-utc-4"},"Meeting End: 10:56 a.m. Eastern (UTC-4)"))}la.isMDXComponent=!0;const ha={},da="Podman Community Meeting",ua=[{value:"October 5, 2021 11:00 a.m. Eastern (UTC-4)",id:"october-5-2021-1100-am-eastern-utc-4",level:2},{value:"Attendees (23 total)",id:"attendees-23-total",level:3},{value:"Meeting Start: 11:03 a.m.",id:"meeting-start-1103-am",level:2},{value:"BlueJeans Recording",id:"bluejeans-recording",level:3},{value:"Podman on M1 Mac Status",id:"podman-on-m1-mac-status",level:2},{value:"Ashley Cui",id:"ashley-cui",level:3},{value:"(6:30 in the video)",id:"630-in-the-video",level:4},{value:"DIY Networking in rootless containers",id:"diy-networking-in-rootless-containers",level:2},{value:"Paul Holzinger",id:"paul-holzinger",level:3},{value:"(10:09 in the video)",id:"1009-in-the-video",level:4},{value:"Podman Security Bench",id:"podman-security-bench",level:2},{value:"Dan Walsh",id:"dan-walsh",level:3},{value:"(24:00 in the video) 27",id:"2400-in-the-video-27",level:4},{value:"Podman v3.4 Announcement",id:"podman-v34-announcement",level:2},{value:"Matt Heon",id:"matt-heon",level:3},{value:"(29:45 in the video)",id:"2945-in-the-video",level:4},{value:"Support \u2013format tables in ps output",id:"support-format-tables-in-ps-output",level:2},{value:"Jhon Honce",id:"jhon-honce",level:3},{value:"(35:40 in the video)",id:"3540-in-the-video",level:4},{value:"Podman build \u2013platform lists",id:"podman-build-platform-lists",level:2},{value:"Nalin Dahyabhai",id:"nalin-dahyabhai",level:3},{value:"(37:44 in the video)",id:"3744-in-the-video",level:4},{value:"Volume Demos",id:"volume-demos",level:2},{value:"Aditya Rajan",id:"aditya-rajan",level:3},{value:"(44:16 in the video)",id:"4416-in-the-video",level:4},{value:"Open Forum/Questions?",id:"open-forumquestions",level:2},{value:"(51:10) in the video) 55",id:"5110-in-the-video-55",level:4},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday November 2, 2021, 11:00 a.m. Eastern (UTC-4)",id:"next-meeting-tuesday-november-2-2021-1100-am-eastern-utc-4",level:2},{value:"Next Cabal Meeting: Thursday October 21, 2021, 10:00 a.m. Eastern (UTC-4)",id:"next-cabal-meeting-thursday-october-21-2021-1000-am-eastern-utc-4",level:2},{value:"Meeting End: 11:59 a.m. Eastern (UTC-4)",id:"meeting-end-1159-am-eastern-utc-4",level:3},{value:"BlueJeans Chat copy/paste:",id:"bluejeans-chat-copypaste",level:2}],ma={toc:ua},ca="wrapper";function pa(e){let{components:t,...n}=e;return(0,ce.kt)(ca,(0,Q.Z)({},ma,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting"},"Podman Community Meeting"),(0,ce.kt)("h2",{id:"october-5-2021-1100-am-eastern-utc-4"},"October 5, 2021 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"attendees-23-total"},"Attendees (23 total)"),(0,ce.kt)("p",null,"Tom Sweeney, Jhon Honce, Dan Walsh, Chris Evich, Urvashi Mohnani, Nalin Dahyabhai, Eduardo Santiago, Matt Heon, Paul Holzinger, Erik Bernoth, Chris Evich, Scott McCarty, Anders Bj\xf6rklund, Lokesh Mandvekar, Valentin Rothberg, Guillaume Rose, Rudolf Vesely, Ashley Cui, Brent Baude, Shion Tanaka, Marcin Skarbek, Aditya Rajan, Giuseppe Scrivan, Rudolf Vesely"),(0,ce.kt)("h2",{id:"meeting-start-1103-am"},"Meeting Start: 11:03 a.m."),(0,ce.kt)("h3",{id:"bluejeans-recording"},"BlueJeans ",(0,ce.kt)("a",{parentName:"h3",href:"https://bluejeans.com/s/X3NY6qgSlKQ"},"Recording")),(0,ce.kt)("h2",{id:"podman-on-m1-mac-status"},"Podman on M1 Mac Status"),(0,ce.kt)("h3",{id:"ashley-cui"},"Ashley Cui"),(0,ce.kt)("h4",{id:"630-in-the-video"},"(6:30 in the video)"),(0,ce.kt)("p",null,"Patch for M1 in qemu upstream, but not merged. However, it is available on homebrew at the moment. If you install qemu using homebrew, you can use Podman correctly."),(0,ce.kt)("p",null,"Demo (started at 7:30)"),(0,ce.kt)("p",null,"What works on an Intel Mac should now work on an M1. Now working on volumes and also trying to get a GUI together. Looking at putting together a window-bar."),(0,ce.kt)("h2",{id:"diy-networking-in-rootless-containers"},"DIY Networking in rootless containers"),(0,ce.kt)("h3",{id:"paul-holzinger"},"Paul Holzinger"),(0,ce.kt)("h4",{id:"1009-in-the-video"},"(10:09 in the video)"),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://podman.io/community/meeting/notes/2021-10-05/Podman-Rootless-Networking.pdf"},"Slides")),(0,ce.kt)("p",null,"Talking rootless network without extra privileges.\nProxy into rootless is done via Slirp4netns. It uses this stack to tap into the interface in the container namespace. Supports port forwarding."),(0,ce.kt)("p",null,"A few settings are used for rootless users. Can use allow_host_loopback to reach the 10.0.2.2 loopback. Off by default as it's a security hole."),(0,ce.kt)("p",null,"You can also enable_ipv6 and specify the port_handler."),(0,ce.kt)("p",null,"Rootless CNI networking uses an extra network namespace to execute the CNI plugins. Only works for bridge networks. Inter container communication works out of the box. The IP address assigned to the container is not reachable from the host network namespace. You need to use port forwarding."),(0,ce.kt)("p",null,"DIY Networking. You can set up your own interfaces, but first, you need to create network interfaces on the host, which requires root priv. Once done, Podman can talk to them using ",(0,ce.kt)("inlineCode",{parentName:"p"},"--network=none")," option with the ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman container init")," command."),(0,ce.kt)("p",null,"Rudolf to work with Paul to update the tutorial and possibly do a demo next time."),(0,ce.kt)("h2",{id:"podman-security-bench"},"Podman Security Bench"),(0,ce.kt)("h3",{id:"dan-walsh"},"Dan Walsh"),(0,ce.kt)("h4",{id:"2400-in-the-video-27"},"(24:00 in the video) 27"),(0,ce.kt)("p",null,"Based on the security bench from Docker. Doesn't yet have all the same functionality."),(0,ce.kt)("p",null,"Demo (Started at 24:54)"),(0,ce.kt)("p",null,"It needs to run at root, not yet available on rootless."),(0,ce.kt)("p",null,"CLI does a whole bunch of security checks. At the end, it gives you a security score. It shows where you're having trouble with each of the checks. It's now available upstream."),(0,ce.kt)("p",null,"Dan would like to get it to run in rootless mode and look at containers.conf. Would love community help."),(0,ce.kt)("h2",{id:"podman-v34-announcement"},"Podman v3.4 Announcement"),(0,ce.kt)("h3",{id:"matt-heon"},"Matt Heon"),(0,ce.kt)("h4",{id:"2945-in-the-video"},"(29:45 in the video)"),(0,ce.kt)("p",null,"New 3.4 release that came out last week. We are switching focus on v4.0. Network working, pointing at January 2022 release. There will not be a 3.5.0 in between."),(0,ce.kt)("p",null,"In 3.4, changes to Podman play and generate cube. Init containers are now available to run in a pod."),(0,ce.kt)("p",null,"We can now build images with ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman play kube"),". This makes it act more like ",(0,ce.kt)("inlineCode",{parentName:"p"},"docker compose"),". You can use a Containerfile to build an image with this command."),(0,ce.kt)("p",null,"Yaml file can now tear down pod or pods with the ",(0,ce.kt)("inlineCode",{parentName:"p"},"--down")," command, plus a number of new pod related commands. See the ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/RELEASE_NOTES.md"},"release notes")," for more info."),(0,ce.kt)("h2",{id:"support-format-tables-in-ps-output"},"Support \u2013format tables in ps output"),(0,ce.kt)("h3",{id:"jhon-honce"},"Jhon Honce"),(0,ce.kt)("h4",{id:"3540-in-the-video"},"(35:40 in the video)"),(0,ce.kt)("p",null,"Podman uses golang tab writer and formatter for all the commands."),(0,ce.kt)("p",null,"Demo (started at 36:00)"),(0,ce.kt)("p",null,"Showed a number of different ways to remove headings, so you can now use table to show which fields you want."),(0,ce.kt)("h2",{id:"podman-build-platform-lists"},"Podman build \u2013platform lists"),(0,ce.kt)("h3",{id:"nalin-dahyabhai"},"Nalin Dahyabhai"),(0,ce.kt)("h4",{id:"3744-in-the-video"},"(37:44 in the video)"),(0,ce.kt)("p",null,"The ",(0,ce.kt)("inlineCode",{parentName:"p"},"--platform")," option in the ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman build")," command to specify other platforms."),(0,ce.kt)("p",null,"DEMO 37:47 in demo."),(0,ce.kt)("p",null,"The ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman build")," command now takes multiple values for its ",(0,ce.kt)("inlineCode",{parentName:"p"},"--platform")," option. The platform option lets you build for machines other than what you are currently running Podman on."),(0,ce.kt)("p",null,"The ",(0,ce.kt)("inlineCode",{parentName:"p"},"--manifest")," target is used too. Allow you to build a manifest list and then add the image to the list. A number of cleanups have been done on internal libraries to make this work."),(0,ce.kt)("p",null,'When building multiple architectures in one build, the "STEP" output in the build will show which architecture.'),(0,ce.kt)("p",null,"The ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman manifest list")," command will show the multiple platforms used."),(0,ce.kt)("h2",{id:"volume-demos"},"Volume Demos"),(0,ce.kt)("h3",{id:"aditya-rajan"},"Aditya Rajan"),(0,ce.kt)("h4",{id:"4416-in-the-video"},"(44:16 in the video)"),(0,ce.kt)("p",null,"Demo (Started at 44:27)"),(0,ce.kt)("p",null,"First demonstrated adding an overlay over rootfs. Exported alpine and created dir for rootfs and tarred it out to a directory. So tried running with ",(0,ce.kt)("inlineCode",{parentName:"p"},"--rootfs rootfs/:0")," and created a file in the container. On the host, the file is not there."),(0,ce.kt)("p",null,"A new option for volumes to create overlay over Podman's volume. It created the test volume. Again made a file and found it was created on the container but not on the host due to the ",(0,ce.kt)("inlineCode",{parentName:"p"},":0")," specification."),(0,ce.kt)("p",null,"These are temp volumes and last only as long as the container lasts and you can't commit the data."),(0,ce.kt)("h2",{id:"open-forumquestions"},"Open Forum/Questions?"),(0,ce.kt)("h4",{id:"5110-in-the-video-55"},"(51:10) in the video) 55"),(0,ce.kt)("p",null,"Are there any plans for an arm-on-intel/intel-on-arm for Podman machine? Not at this time, but we are willing to see if there's enough push for that. Nalin asked if you could run using a multi-platform build maybe? Brent will note it for possible futures. If the community wants to do it, we'd be happy to merge it, but not currently in the plan by the maintainers to do it themselves."),(0,ce.kt)("p",null,"Will Podman support OpenZFS? Willing to take a PR."),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"DIY Networking Part II")),(0,ce.kt)("h2",{id:"next-meeting-tuesday-november-2-2021-1100-am-eastern-utc-4"},"Next Meeting: Tuesday November 2, 2021, 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"next-cabal-meeting-thursday-october-21-2021-1000-am-eastern-utc-4"},"Next Cabal Meeting: Thursday October 21, 2021, 10:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"meeting-end-1159-am-eastern-utc-4"},"Meeting End: 11:59 a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"bluejeans-chat-copypaste"},"BlueJeans Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Lokesh Mandvekar10:58 AM\ned, is this the right link ?\nMe11:00 AM\nPlease sign in on the meeting notes: https://hackmd.io/fc1zraYdS0-klJ2KJcfC7w?both\nAditya11:02 AM\nwe can hear you dan\nDan Walsh11:03 AM\nGret\nGreat\nLokesh Mandvekar11:09 AM\ndo people wanna try switching to google meet if everyone's having problems?\nErik Bernoth11:10 AM\nGood idea Lokesh\nAnders Bj\xf6rklund11:11 AM\nCan you run amd64 containers on the arm64, like OOTB ?\nMatt Heon11:12 AM\nWe were discussing that, and I think the answer is not OOTB but it only requires one package to be installed\nErik Bernoth11:12 AM\nDan\u2018s screenshots seems to work. Paul, can you also try for a sec?\nAnders Bj\xf6rklund11:13 AM\nSounds good! I guess it is not related the to the VM itself, but user qemu\nMatt Heon11:15 AM\nThe perf is a little questionable, because it's nested virt, and the inner virt is also virtualizing the architecture\nBut it is definitely doable\nAnders Bj\xf6rklund11:16 AM\noh, it's like 10x slower (at least)\nbut sometimes useful\nDan Walsh11:18 AM\nPaul I can set these fields in containers.conf correct?\nAditya11:21 AM\n@tom i can go next switched to chromium\nPaul Holzinger11:27 AM\nhave to drop now, bye\nAnders Bj\xf6rklund11:46 AM\nWas there any update on volumes in podman machine ?\nbaude11:47 AM\nno updates\nAnders Bj\xf6rklund11:47 AM\n:-)\nbaude11:48 AM\nwe are making progress on the whole thing, but it is a slow march\nAnders Bj\xf6rklund11:48 AM\nlima is taking this samba detour\nMarcin Skarbek11:49 AM\nOpenZFS started working on the user/mount nanespaces support with LXC in mind, but that could be interesting in rootless context https://github.com/openzfs/zfs/pull/12263\nShion Tanaka11:54 AM\nAre there any plans for an arm-on-Intel/Intel-on-arm for the Podman machine?\nbaude11:54 AM\nno\nShion Tanaka11:54 AM\nOk, thanks\nAnders Bj\xf6rklund11:55 AM\nyou can use podman-on-fedora-on-lima, if you want to run cross-arch VM\n")))}pa.isMDXComponent=!0;const ga={},ya="Podman Community Cabal Meeting Notes",ka=[{value:"December 16, 2021 11:00 a.m. Eastern",id:"december-16-2021-1100-am-eastern",level:2},{value:"December 16, 2021 Topics",id:"december-16-2021-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"Lima (0:35 in video) - Anders, Matt",id:"lima-035-in-video---anders-matt",level:3},{value:"Detect default network backend (40:40 in video) - Paul, Matt",id:"detect-default-network-backend-4040-in-video---paul-matt",level:3},{value:"Open discussion ( 50:10 in video)",id:"open-discussion--5010-in-video",level:4},{value:"Next Meeting: Thursday January 20, 2022 11:00 a.m. EDT (UTC-5)",id:"next-meeting-thursday-january-20-2022-1100-am-edt-utc-5",level:3},{value:"Possible Topics:",id:"possible-topics",level:3}],wa={toc:ka},fa="wrapper";function ba(e){let{components:t,...n}=e;return(0,ce.kt)(fa,(0,Q.Z)({},wa,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("p",null,"Attendees: Tom Sweeney, Aditya Rajan, Matt Heon, Brent Baude, Ashley Cui, Chris Evich, Preethi Thomas, Urvashi Mohnani, Eduardo Santiago, Giuseppe Scrivano, Nalin Dahyabhai, Paul Holzinger, Anders Bj\xf6rklund, Dan Walsh, Valentin Rothberg, Flavian Missi, Jhon Honce, Lorenzo M. Catucci, Miloslav Trmac, Scott McCarty"),(0,ce.kt)("h2",{id:"december-16-2021-1100-am-eastern"},"December 16, 2021 11:00 a.m. Eastern"),(0,ce.kt)("h2",{id:"december-16-2021-topics"},"December 16, 2021 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Lima - Anders, Matt"),(0,ce.kt)("li",{parentName:"ol"},"How to detect default network backend (CNI or netavark) - Paul, Matt")),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://www.youtube.com/watch?v=f4dXfsFmDck"},"Recording")),(0,ce.kt)("p",null,"Meeting start 11:02 a.m. Thursday, December 16, 2021"),(0,ce.kt)("h3",{id:"lima-035-in-video---anders-matt"},"Lima (0:35 in video) - Anders, Matt"),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://github.com/lima-vm/sshocker"},"Lima")),(0,ce.kt)("p",null,"Podman machine is a way to launch virtual machines, mostly on OSX, to run Podman containers from. Issues with Volumes. Thinking about replacing the back end of podman machine with Lima."),(0,ce.kt)("p",null,"Brent thinks it might not be a good match as there are some tech issues. For instance, he couldn't find anything related to ignition. It's a competing cloud-init tool and it doesn't play well with qemu. It also pulls in containerd code. The YAML support is tailored to containerd."),(0,ce.kt)("p",null,"On the Lima project page, motivation is to promote containerd. Rancher has debranded and used Lima in the background on Mac. The big hurdle is ignition."),(0,ce.kt)("p",null,"Benefits of Lima: Volumes and port forwarding. Possible to use the same solution without abandoning all of the drivers. We could potentially borrow solutions, as the backend is qemu for lima. Lima uses ssh for forwarding, so different solutions for the back end. Potentially could use Fedora in addition to CoreOS."),(0,ce.kt)("p",null,"Currently, we can't use Fedora due to ignition. Cloud-init doesn't install there by default, but we could install it. Brent found it in Fedora 35, though, so it might not be there in prior versions."),(0,ce.kt)("p",null,"Anders made some sample YAML files","*"," for Fedora 35. Lima works as podman machine does. The difference between Lima and podman machine now is volume support. Anders has a PR for providing sshfs volume support for podman machine."),(0,ce.kt)("p",null,"*"," Examples for lima: ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/afbjorklund/fedora-lima"},"https://github.com/afbjorklund/fedora-lima")),(0,ce.kt)("p",null,"To get parity with Lima/Docker in podman machine, we'd need to get Ander's ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/pull/12584"},"sshfs PR")," (and ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/pull/11454"},"virtfs PR"),") merged."),(0,ce.kt)("p",null,"Dan likes the ssh solution. We might be able to do virtfs later."),(0,ce.kt)("p",null,"Brent's concern with Lima is managing mounts as the containers go up and down. It might be problematic. The volume work for podman machine won't be able to use the current mount code, we need to do something in podman start."),(0,ce.kt)("p",null,'We might get push back as this wouldn\'t be the Docker behavior. We are trying to make the volume handling on Mac to be as simple as possible for the end-user. Anders thinks we might be able to have an "advanced users" solution that would allow for configuration; otherwise, you\'d get a default "easy" setup. A number of possible solutions were bantered about.'),(0,ce.kt)("p",null,"Big advantage, Lima can support all distros except CoreOS. Podman machine could theoretically do that via cloud-init, but an engineering effort."),(0,ce.kt)("p",null,"Currently using qemu to launch machines, Lima is a layer on ssh. It is very similar to what docker machine was a while back. It doesn't support ignition. The upside is we could more easily run on Ubuntu and other distros. You might not be able to run the container on a variety of distros. Rancher nerdctl and Lima are both trying to get into this space."),(0,ce.kt)("p",null,"We most likely could get volumes into podman machine than getting Lima into it. We could potentially wire Lima in later."),(0,ce.kt)("p",null,"Scott talks about value creation. Would Rancher/Suse collaboration help? The other side is what the customer would get from using Lima vs. podman machine?"),(0,ce.kt)("p",null,"Most of the solutions don't think sshfs is a good long-term solution but a stepping stone."),(0,ce.kt)("p",null,"Dan is leaning towards doing what we're doing with sshfs. This will be at least the short term solution, will evaluate further for a longterm"),(0,ce.kt)("h3",{id:"detect-default-network-backend-4040-in-video---paul-matt"},"Detect default network backend (40:40 in video) - Paul, Matt"),(0,ce.kt)("p",null,"For Podman 4.0, how to detect default network backend (CNI or netavark)"),(0,ce.kt)("p",null,(0,ce.kt)("strong",{parentName:"p"},"Requirement:")," existing installs should continue to use CNI, new installs use netavark."),(0,ce.kt)("p",null,"Working on netavark and want to install it, but with the current cni, it could cause breaking changes."),(0,ce.kt)("p",null,"On the first startup, we could check for images and containers. If none, switch to netavark."),(0,ce.kt)("p",null,"You can't use CNI and netavark in parallel, or things will go awry. For new or clean installs, it should be fine."),(0,ce.kt)("p",null,"To switch, change the setting in network.conf to netavark. By default, it's an empty value."),(0,ce.kt)("p",null,'Should we add a "nag" for people using CNI to bump up? Will we be getting bug reports on it? Matt thinks long-term, it would be good to support CNI. Matt would like to throw an error when trying to run IPv6 on CNI to let them know they\'re on netavark. We need to be careful not to overload the user with suggestions.'),(0,ce.kt)("p",null,"We need to get documentation together telling folks how to convert from CNI to netavark. Probably will need some kind of reset procedure."),(0,ce.kt)("h4",{id:"open-discussion--5010-in-video"},"Open discussion ( 50:10 in video)"),(0,ce.kt)("p",null,"No further discussion"),(0,ce.kt)("h3",{id:"next-meeting-thursday-january-20-2022-1100-am-edt-utc-5"},"Next Meeting: Thursday January 20, 2022 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h3",{id:"possible-topics"},"Possible Topics:"),(0,ce.kt)("p",null,"None set."),(0,ce.kt)("p",null,"Raw Meeting Chat:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"You11:00 AM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nYou11:03 AM\nPlease sign in: https://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nAditya Rajan11:13 AM\nhttps://github.com/qemu/qemu/blob/master/docs/specs/fw_cfg.txt\n-fw_cfg\nBrent Baude11:14 AM\n$ rpm -qa | grep cloud\nfedora-release-identity-cloud-35-33.noarch\nfedora-release-cloud-35-33.noarch\ncloud-init-20.4-7.fc35.noarch\ncloud-utils-growpart-0.31-9.fc35.noarch\nChristopher Evich11:16 AM\nya, I just double-checked too, my bad.\nAshley Cui11:20 AM\nhttps://github.com/containers/podman/pull/12584\nYou11:21 AM\nTY AC!\nAshley Cui11:21 AM\nand i guess this too: https://github.com/containers/podman/pull/11454\nValentin Rothberg11:24 AM\nbrb\nieq-pxhy-jbh\n")))}ba.isMDXComponent=!0;const va={},Ma="Podman Community Meeting",Ia=[{value:"April 5, 2022 11:00 a.m. Eastern (UTC-5)",id:"april-5-2022-1100-am-eastern-utc-5",level:2},{value:"Attendees (17 total)",id:"attendees-17-total",level:3},{value:"Meeting Start: 11:02 a.m. EST",id:"meeting-start-1102-am-est",level:2},{value:"BlueJeans Recording",id:"bluejeans-recording",level:3},{value:"Docker Compose v2 and Podman v4.0.2 update",id:"docker-compose-v2-and-podman-v402-update",level:2},{value:"Matt Heon",id:"matt-heon",level:3},{value:"(1:39 in the video)",id:"139-in-the-video",level:4},{value:"Ubuntu 22.04 LTS and Stopping Kubic support",id:"ubuntu-2204-lts-and-stopping-kubic-support",level:2},{value:"Lokesh Mandvekar",id:"lokesh-mandvekar",level:3},{value:"(6:14 in the video)",id:"614-in-the-video",level:4},{value:"Podman Desktop Update",id:"podman-desktop-update",level:2},{value:"Ashley Cui",id:"ashley-cui",level:3},{value:"(14:30 in the video)",id:"1430-in-the-video",level:4},{value:"Podman Volume Mounts on Mac Demo",id:"podman-volume-mounts-on-mac-demo",level:2},{value:"Brent Baude",id:"brent-baude",level:3},{value:"(18:45 in the video)",id:"1845-in-the-video",level:4},{value:"Open Forum/Questions?",id:"open-forumquestions",level:2},{value:"(22:46 in the video)",id:"2246-in-the-video",level:4},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday June 7, 2021, 11:00 a.m. Eastern (UTC-5)",id:"next-meeting-tuesday-june-7-2021-1100-am-eastern-utc-5",level:2},{value:"Next Cabal Meeting: Thursday April 21, 2021, 11:00 a.m. Eastern (UTC-5)",id:"next-cabal-meeting-thursday-april-21-2021-1100-am-eastern-utc-5",level:2},{value:"Meeting End: 11:27 a.m. Eastern (UTC-5)",id:"meeting-end-1127-am-eastern-utc-5",level:3},{value:"BlueJeans Chat copy/paste:",id:"bluejeans-chat-copypaste",level:2}],Aa={toc:Ia},Ta="wrapper";function Sa(e){let{components:t,...n}=e;return(0,ce.kt)(Ta,(0,Q.Z)({},Aa,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting"},"Podman Community Meeting"),(0,ce.kt)("h2",{id:"april-5-2022-1100-am-eastern-utc-5"},"April 5, 2022 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"attendees-17-total"},"Attendees (17 total)"),(0,ce.kt)("p",null,"Tom Sweeney, Jhon Honce, Chris Evich, Matt Heon, Chris Evich, Ashley Cui, Eduardo Santiago, Valentin Rothberg, Paul Holzinger, Nalin Dahyabhai, Giuseppe Scrivano, Preethi Thomas, Lokesh Mandvekar, Niall Crowe"),(0,ce.kt)("h2",{id:"meeting-start-1102-am-est"},"Meeting Start: 11:02 a.m. EST"),(0,ce.kt)("h3",{id:"bluejeans-recording"},"BlueJeans ",(0,ce.kt)("a",{parentName:"h3",href:"https://t.co/FUPhuBAE7l"},"Recording")),(0,ce.kt)("h2",{id:"docker-compose-v2-and-podman-v402-update"},"Docker Compose v2 and Podman v4.0.2 update"),(0,ce.kt)("h3",{id:"matt-heon"},"Matt Heon"),(0,ce.kt)("h4",{id:"139-in-the-video"},"(1:39 in the video)"),(0,ce.kt)("p",null,"Compose v2 just came out and will be supported in Podman v4.1 or higher. (Currently upstream). Matt shared ",(0,ce.kt)("a",{parentName:"p",href:"https://asciinema.org/a/onBRxqPs9bpyvbbdeJOYXHvj5"},"Demo"),". It showed two running web servers that were brought up and then down. It was cleaned up as appropriately and Compose v2 is working rather well at this point."),(0,ce.kt)("p",null,"Just released Podman 4.0.3, including a minor CVE fix. No plan for 4.0.4 yet, but we will likely go to 4.1 next. Also cutting a 3.4.5 for distributions that want to stay in Podman 3."),(0,ce.kt)("h2",{id:"ubuntu-2204-lts-and-stopping-kubic-support"},"Ubuntu 22.04 LTS and Stopping Kubic support"),(0,ce.kt)("h3",{id:"lokesh-mandvekar"},"Lokesh Mandvekar"),(0,ce.kt)("h4",{id:"614-in-the-video"},"(6:14 in the video)"),(0,ce.kt)("p",null,"First LTS release with Podman, Skopeo and Buildah in the default repositories. Podman 3.4. Buildah 1.23, and Skopeo 1.4."),(0,ce.kt)("p",null,"If you're using packages from the Kubic repos, you should uninstall those before upgrading Ubuntu to 22.04 LTS and use packages from the default repositories going forward."),(0,ce.kt)("p",null,"Announcement on podman.io: ",(0,ce.kt)("a",{parentName:"p",href:"https://podman.io/blogs/2022/04/05/ubuntu-2204-lts-kubic.html"},"https://podman.io/blogs/2022/04/05/ubuntu-2204-lts-kubic.html")),(0,ce.kt)("h2",{id:"podman-desktop-update"},"Podman Desktop Update"),(0,ce.kt)("h3",{id:"ashley-cui"},"Ashley Cui"),(0,ce.kt)("h4",{id:"1430-in-the-video"},"(14:30 in the video)"),(0,ce.kt)("p",null,"Abandoned the UI built with swift for another UI. We're working with another group that is more web ui oriented."),(0,ce.kt)("p",null,"Showed how to manage a podman machine in theory, but it is broken at the moment. You can create containers from a Dockerfile or a Containerfile or an image. Once created, the image shows in the GUI, then you can create the container from the image."),(0,ce.kt)("p",null,"This GUI does a lot more than the previous. The old one worked with podman machines mostly, this one deals with images and containers too. The new GUI is also expandable, lots of work ongoing."),(0,ce.kt)("p",null,"https://github/containers/Desktop is the project. Happy to have contributors."),(0,ce.kt)("h2",{id:"podman-volume-mounts-on-mac-demo"},"Podman Volume Mounts on Mac Demo"),(0,ce.kt)("h3",{id:"brent-baude"},"Brent Baude"),(0,ce.kt)("h4",{id:"1845-in-the-video"},"(18:45 in the video)"),(0,ce.kt)("p",null,"Demo"),(0,ce.kt)("p",null,"Shows how to get a volume mount on a mac. He started a machine prior. The ",(0,ce.kt)("inlineCode",{parentName:"p"},"-v")," option with the init command sets up the volume."),(0,ce.kt)("p",null,"Many thanks to Anders Bj\xf6rklund for the work on the volumes on the mac."),(0,ce.kt)("h2",{id:"open-forumquestions"},"Open Forum/Questions?"),(0,ce.kt)("h4",{id:"2246-in-the-video"},"(22:46 in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"What happens with std out/in with journald? Logs, stderr and stdout in the journal? If you're running journald logging, the output doesn't get into the host journal. Could you volume map /dev/log into the container from the log to make sure it gets in the hosts journal. (10:54 in the video)")),(0,ce.kt)("p",null,"Matt thinks systemd should be run into the container to help make that work. Valentin thinks you should see the output of journalctl. He's not sure if journalctl will do that by default. Further discussions to happen in Discord/IRC."),(0,ce.kt)("ol",{start:2},(0,ce.kt)("li",{parentName:"ol"},"Brent said that 4.1 should bring some notable enhancements including a ",(0,ce.kt)("inlineCode",{parentName:"li"},"podman inspect")," command, liveness probes, and more.")),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Podman on Windows Demo/Update - Jason Green")),(0,ce.kt)("h2",{id:"next-meeting-tuesday-june-7-2021-1100-am-eastern-utc-5"},"Next Meeting: Tuesday June 7, 2021, 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h2",{id:"next-cabal-meeting-thursday-april-21-2021-1100-am-eastern-utc-5"},"Next Cabal Meeting: Thursday April 21, 2021, 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"meeting-end-1127-am-eastern-utc-5"},"Meeting End: 11:27 a.m. Eastern (UTC-5)"),(0,ce.kt)("h2",{id:"bluejeans-chat-copypaste"},"BlueJeans Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Me11:01 AM\nPlease Sign in at: https://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nMatthew Heon11:04 AM\nhttps://asciinema.org/a/onBRxqPs9bpyvbbdeJOYXHvj5\nValentin Rothberg11:18 AM\n@Lance, can you run the following commands to test?\n1) podman run --name=test --replace ubi8 echo Hello World!\n2) journalctl --user -b CONTAINER_NAME=test\nAshley Cui11:21 AM\nhttps://github.com/containers/desktop\n")))}Sa.isMDXComponent=!0;const Ca={},Na="Podman Community Meeting",Da=[{value:"August 2, 2022 11:00 a.m. Eastern (UTC-5)",id:"august-2-2022-1100-am-eastern-utc-5",level:2},{value:"Attendees ( total)",id:"attendees--total",level:3},{value:"Meeting Start: 11:02 a.m. EST",id:"meeting-start-1102-am-est",level:2},{value:"BlueJeans Recording",id:"bluejeans-recording",level:3},{value:"Fetchit Demo",id:"fetchit-demo",level:2},{value:"Sally O'Malley/Ryan Cook",id:"sally-omalleyryan-cook",level:3},{value:"(1:40 in the video)",id:"140-in-the-video",level:4},{value:"Moving pods and containers to Kubernetes cluster with 'podman kube apply'",id:"moving-pods-and-containers-to-kubernetes-cluster-with-podman-kube-apply",level:2},{value:"Urvashi Mohnani",id:"urvashi-mohnani",level:3},{value:"(27:38 in the video)",id:"2738-in-the-video",level:4},{value:"Podman Desktop Updates",id:"podman-desktop-updates",level:2},{value:"Florent Benoit & Stevan Le Meur",id:"florent-benoit--stevan-le-meur",level:3},{value:"(37:10 in the video)",id:"3710-in-the-video",level:4},{value:"Open Forum/Questions?",id:"open-forumquestions",level:2},{value:"(47:35 in the video)",id:"4735-in-the-video",level:4},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday, October 4, 2022, 11:00 a.m. Eastern (UTC-4)",id:"next-meeting-tuesday-october-4-2022-1100-am-eastern-utc-4",level:2},{value:"Next Cabal Meeting: Thursday, September 15, 2022, 11:00 a.m. Eastern (UTC-4)",id:"next-cabal-meeting-thursday-september-15-2022-1100-am-eastern-utc-4",level:2},{value:"Meeting End: 11:54 a.m. Eastern (UTC-4)",id:"meeting-end-1154-am-eastern-utc-4",level:3},{value:"BlueJeans Chat copy/paste:",id:"bluejeans-chat-copypaste",level:2}],Pa={toc:Da},xa="wrapper";function Ba(e){let{components:t,...n}=e;return(0,ce.kt)(xa,(0,Q.Z)({},Pa,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting"},"Podman Community Meeting"),(0,ce.kt)("h2",{id:"august-2-2022-1100-am-eastern-utc-5"},"August 2, 2022 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"attendees--total"},"Attendees ( total)"),(0,ce.kt)("p",null,"Tom Sweeney, Chris Evich, Ashley Cui, Valentin Rothberg, Paul Holzinger, Nalin Dahyabhai, Giuseppe Scrivano, Preethi Thomas, Lokesh Mandvekar, Niall Crowe, Charlie Doern, Dan Walsh, Jake Correnti, Aditya Rajan, Karthik Elango, Mark Russell, Miloslav Trmac, Stevan Le Meur, Sally O'Malley, Ryan Cook, Urvashi Mohnani, Mohan Boddu, Florent Benoit, Martin Jackson, Mohan Bodu, Stephen Adams, Joseph Sawaya"),(0,ce.kt)("h2",{id:"meeting-start-1102-am-est"},"Meeting Start: 11:02 a.m. EST"),(0,ce.kt)("h3",{id:"bluejeans-recording"},"BlueJeans ",(0,ce.kt)("a",{parentName:"h3",href:"https://youtu.be/Ee-boJpjSvA"},"Recording")),(0,ce.kt)("h2",{id:"fetchit-demo"},"Fetchit Demo"),(0,ce.kt)("h3",{id:"sally-omalleyryan-cook"},"Sally O'Malley/Ryan Cook"),(0,ce.kt)("h4",{id:"140-in-the-video"},"(1:40 in the video)"),(0,ce.kt)("p",null,"(Slides)","[./Fetchit_demo.pdf]"),(0,ce.kt)("p",null,"Fetchit allows managing container deployments at scale. The repo is ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/fetchit"},"here")),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"GitOps driven deployment"),(0,ce.kt)("li",{parentName:"ul"},"Host interacts directly with Git rather than through an intermediary"),(0,ce.kt)("li",{parentName:"ul"},"Podman Go bindings"),(0,ce.kt)("li",{parentName:"ul"},"Not Kubernetes dependent"),(0,ce.kt)("li",{parentName:"ul"},"Lift and shift hardware")),(0,ce.kt)("p",null,"Podman's Go bindings helped a lot in creating containers and doing related operations."),(0,ce.kt)("p",null,"How does Fetchit Happen?"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Pull in git/image assets"),(0,ce.kt)("li",{parentName:"ul"},"Cron based scheduling"),(0,ce.kt)("li",{parentName:"ul"},"Podman socket"),(0,ce.kt)("li",{parentName:"ul"},"Dynamic reload of Fetchit configuration")),(0,ce.kt)("p",null,"The Podman socket allows for either root or user access."),(0,ce.kt)("p",null,"Fetchit helps to solve resource-constrained environments."),(0,ce.kt)("p",null,"Fetchit runs in a Podman container, can run systemd, ansible, filetransfer, and other options."),(0,ce.kt)("p",null,"Configuration reload allows to reload the configuration and uses Podman's prune command to clean up cruft."),(0,ce.kt)("p",null,"What's next for Fetchit?"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"GitSign to verify commits"),(0,ce.kt)("li",{parentName:"ul"},"Image verification cosign or similar solution"),(0,ce.kt)("li",{parentName:"ul"},"Ansible-pull")),(0,ce.kt)("p",null,"Dan noted that sigstore functionality will be baked into Podman v4.2 and Fetchit should be able to used it for signature verification."),(0,ce.kt)("p",null,"Demos (12:40 in the video)"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Scale up"),(0,ce.kt)("li",{parentName:"ul"},"Podman Kube + Clean up"),(0,ce.kt)("li",{parentName:"ul"},"Podman systemd")),(0,ce.kt)("p",null,"Showed the Fetchit config file, launched an RHEL 8 instance on Amazon, and kept it tiny. Added Podman install instructions and launched 10 instances at once. All systems up, and no touching necessary from Ryan. This runs the commands on each node, and they go to the git location to get their instructions."),(0,ce.kt)("p",null,"Sally then demo'd running Fetchit as a user server as non-root. It showed the containers spinning up, doing their work, and then cleaning themselves up afterward."),(0,ce.kt)("p",null,"The second demo is for the fetchit kube play method. It looks for a Yaml file in a Git repo, and Fetchit will grab them. It created containers and pods and started up Nginx. After prune runs, the images will be cleaned up."),(0,ce.kt)("p",null,"They need to be careful to not reinvent Kubernets or Ansible."),(0,ce.kt)("h2",{id:"moving-pods-and-containers-to-kubernetes-cluster-with-podman-kube-apply"},"Moving pods and containers to Kubernetes cluster with 'podman kube apply'"),(0,ce.kt)("h3",{id:"urvashi-mohnani"},"Urvashi Mohnani"),(0,ce.kt)("h4",{id:"2738-in-the-video"},"(27:38 in the video)"),(0,ce.kt)("p",null,"New command ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman kube apply"),". Currently, there's a ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman kube generate")," command that lets you create your kube yaml based on your pods, containers, etc. The apply command enables you to deploy a kube yaml to a Kubernetes cluster when a kubeconfig file is given."),(0,ce.kt)("p",null,"Urvashi then showed how it all worked in the demo."),(0,ce.kt)("p",null,"Demo (28:20 in the video)"),(0,ce.kt)("p",null,"Generated kube mypod and the did ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman kube apply")),(0,ce.kt)("p",null,"Created a new namespace and generated a new service file and applied it. She then showed the services, and it showed the pod was created."),(0,ce.kt)("p",null,"Kubeconfig file can hold info for multiple clusters."),(0,ce.kt)("h2",{id:"podman-desktop-updates"},"Podman Desktop Updates"),(0,ce.kt)("h3",{id:"florent-benoit--stevan-le-meur"},"Florent Benoit & Stevan Le Meur"),(0,ce.kt)("h4",{id:"3710-in-the-video"},"(37:10 in the video)"),(0,ce.kt)("p",null,"Podman Desktop latest new features:"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("p",{parentName:"li"},"Onboarding sequence (home page), detects if podman runs and ability to start it")),(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("p",{parentName:"li"},"Registry Support")),(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("p",{parentName:"li"},"Proxy configuration")),(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("p",{parentName:"li"},"Revamped UI for containers and images")),(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("p",{parentName:"li"},"Windows: Install of podman + Podman Desktop")),(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("p",{parentName:"li"},"Help page"),(0,ce.kt)("p",{parentName:"li"},"0.0.6 will be released along with Podman 4.2\nDemo video: ",(0,ce.kt)("a",{parentName:"p",href:"https://www.youtube.com/watch?v=br8b6DUHpD8"},"https://www.youtube.com/watch?v=br8b6DUHpD8")))),(0,ce.kt)("p",null,"Demo (40:10 in the video)"),(0,ce.kt)("p",null,"Early Adopter Program:\nAsking users to join the early adopter program, which is linked from the top of podman-desktop.io web page. Especially looking for users interesting into providing feedback and getting involved on shaping up the tool."),(0,ce.kt)("p",null,"Links:"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"github.com/containers/podman-desktop"),(0,ce.kt)("li",{parentName:"ul"},"podman-desktop.io")),(0,ce.kt)("h2",{id:"open-forumquestions"},"Open Forum/Questions?"),(0,ce.kt)("h4",{id:"4735-in-the-video"},"(47:35 in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Protections on prune in Fetchit? If you're worried about losing, you can run in an drun manually instead. The 'podman prune' does images not volume. Fetchit would only prune a volume if not images/containers used it."),(0,ce.kt)("li",{parentName:"ol"},"4.2 rc3 going out soon, v4.2 on Fedora on Aug 15.")),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Podman on Mac installer.")),(0,ce.kt)("h2",{id:"next-meeting-tuesday-october-4-2022-1100-am-eastern-utc-4"},"Next Meeting: Tuesday, October 4, 2022, 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"next-cabal-meeting-thursday-september-15-2022-1100-am-eastern-utc-4"},"Next Cabal Meeting: Thursday, September 15, 2022, 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"meeting-end-1154-am-eastern-utc-4"},"Meeting End: 11:54 a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"bluejeans-chat-copypaste"},"BlueJeans Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Me10:57 AM\nPlease sign in here: https://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nMe11:00 AM\nPlease sign in here: https://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nMe11:02 AM\nhttps://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nValentin Rothberg11:02 AM\nGood to see you Sally and Ryan!\nMark Russell11:04 AM\nyay Fetchit!\nAdi11:19 AM\n@ryan: So cool. Is the process running cron which checks for consistency with repo running on each instance or just running on the controlling host ?\nDaniel (rhatdan) Walsh11:20 AM\nIt is running on each node. There is no controlling node, all nodes are going to git location and getting their instructions.\nRyan Cook11:24 AM\nDan nailed it. All nodes operate independently\nAdi11:26 AM\nAh i see nice !!! all nodes independent and git as single source of truth\nAdi11:30 AM\n@ryan: if kube is implemented is it under consideration to distribute replica of pods across nodes ? If yes I think a central API server would be needed\nSally O'Malley11:31 AM\nwe (fetchit) also closely watching this kube-apply - we'll be adding this function to fetchit - to combine w/ a minimal k8s env such as microshift\nMiloslav Trmac11:40 AM\nEither it\u2019s a personal cluster, in which case the user has a kubeconfig, or it is an enterprise shared one, in which case login can get complex (OpenID via a browser) and we probably don\u2019t want to deal with that.\nAdi11:41 AM\n@miloslav yes i meant the same\nPreethi Thomas11:47 AM\nlol\nAdi11:49 AM\n@miloslav: also if its prod or stage cluster the workload is directly moving from podman to cluster which might become issue\nRyan Cook11:54 AM\nthank you all!\nStevan Le Meur11:54 AM\nthanks all!\nFlorent Benoit11:55 AM\nthanks, bye\nMe11:55 AM\n")))}Ba.isMDXComponent=!0;const Ea={},Wa="Podman Community Cabal Meeting Notes",ja=[{value:"Jauary 19, 2023 11:00 a.m. Eastern",id:"jauary-19-2023-1100-am-eastern",level:2},{value:"January 19, 2023 Topics",id:"january-19-2023-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"Podman v4.4 Update - (0:50 in the video) - Matt Heon",id:"podman-v44-update---050-in-the-video---matt-heon",level:3},{value:"Autoclosing issues in GitHub - (2:54 in the video) - Ed Santiago",id:"autoclosing-issues-in-github---254-in-the-video---ed-santiago",level:3},{value:"Time-to-merge-tool using AI - (26:12 in the video) - Aakanksha Duggal",id:"time-to-merge-tool-using-ai---2612-in-the-video---aakanksha-duggal",level:3},{value:"Open discussion (52:42 in the video)",id:"open-discussion-5242-in-the-video",level:4},{value:"Next Meeting: Thursday, February 16, 2023, 11:00 a.m. EDT (UTC-5)",id:"next-meeting-thursday-february-16-2023-1100-am-edt-utc-5",level:3},{value:"Possible Topics",id:"possible-topics",level:2},{value:"Next Community Meeting: Tuesday, February 7, 2023 11:00 a.m. EDT (UTC-5)",id:"next-community-meeting-tuesday-february-7-2023-1100-am-edt-utc-5",level:3},{value:"Possible Topics:",id:"possible-topics-1",level:3}],La={toc:ja},Ha="wrapper";function Ra(e){let{components:t,...a}=e;return(0,ce.kt)(Ha,(0,Q.Z)({},La,a,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("p",null,"Attendees: Matt Heon, Dan Walsh, Nalin Dahyabhai, Paul Holzinger, Lokesh Mandvekar, Valentin Rothberg, Eduardo Santiago, Giuseppe Scrivano, Aditya Rajan, Preethi Thomas, Ashley Cui, Stevan Le Meur, Jeremy Buseman, Aakanksha Duggal, Brent Baude, Christopher Evich, Leon N, Thomas Gonzales, Urvashi Mohnani, Lance Lovette, Martin Jackson"),(0,ce.kt)("h2",{id:"jauary-19-2023-1100-am-eastern"},"Jauary 19, 2023 11:00 a.m. Eastern"),(0,ce.kt)("h2",{id:"january-19-2023-topics"},"January 19, 2023 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Podman v4.4 Update - Matt Heon")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Autoclosing issues - Ed Santiago\nA. ",(0,ce.kt)("a",{parentName:"p",href:"https://issues.redhat.com/browse/RUN-1721"},"https://issues.redhat.com/browse/RUN-1721"))),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Time-to-merge-tool using AI - Aakanksha Duggal\nA. ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/redhat-et/time-to-merge-tool"},"website"),"\nB. contact : ",(0,ce.kt)("a",{parentName:"p",href:"mailto:aduggal@redhat.com"},"aduggal@redhat.com")))),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://youtu.be/YCi6KuC9ESw"},"Recording")),(0,ce.kt)("p",null,"Meeting start 11:02 a.m. Thursday, January 19, 2023"),(0,ce.kt)("h3",{id:"podman-v44-update---050-in-the-video---matt-heon"},"Podman v4.4 Update - (0:50 in the video) - Matt Heon"),(0,ce.kt)("p",null,"No release notes yet, working on them for the next RC. Podman v4.4 RC2 out recently, RC3 soon with release notes. Final a week or so later. It will include Quadlet support."),(0,ce.kt)("h3",{id:"autoclosing-issues-in-github---254-in-the-video---ed-santiago"},"Autoclosing issues in GitHub - (2:54 in the video) - Ed Santiago"),(0,ce.kt)("p",null,"Ed doesn't think we should be autoclosing issues with any of the tools. Ed proposes a possible jetsam tag which would be used to mark a potential issue to close. Issue noted ",(0,ce.kt)("a",{parentName:"p",href:"https://issues.redhat.com/browse/RUN-1721"},"here"),' - "podman: spike create EOL policies for issues and PRs". Valentin concurs.'),(0,ce.kt)("p",null,"If Dan sees an issue go stale after 30 days without any activity, he removes them. The ones that are getting removed are generally lower priority that the community hasn't picked up."),(0,ce.kt)("p",null,"Ed is thinking about making a table to note inactive issues and wonders if it would be of help."),(0,ce.kt)("p",null,"Dan thinks the table is good for features so that we can review those with a person before it gets closed."),(0,ce.kt)("p",null,"Valentin thinks that, in general, humans should make the decision to close an issue, not a bot."),(0,ce.kt)("p",null,"Not a lot of support for autoclosing, so Ed is abandoning the idea."),(0,ce.kt)("p",null,"Paul and Brent would like to lock closed PRs or Issues after 30 days."),(0,ce.kt)("p",null,"Chris said GitHub actions might be useable to resort issues into categories like look at this now. For instance this ",(0,ce.kt)("a",{parentName:"p",href:"https://gist.github.com/rh-container-bot/f505b6fb78db279855862e035629f8aa#file-images-md"},"bot")),(0,ce.kt)("p",null,"Paul is concerned about older versions of Podman that issues are getting reported against and the time necessary to do fix them."),(0,ce.kt)("p",null,"Valentin wants to be careful with these and not just dismiss them as they might also be upstream."),(0,ce.kt)("h3",{id:"time-to-merge-tool-using-ai---2612-in-the-video---aakanksha-duggal"},"Time-to-merge-tool using AI - (26:12 in the video) - Aakanksha Duggal"),(0,ce.kt)("p",null,(0,ce.kt)("a",{target:"_blank",href:n(87903).Z},"Slides"),"\n",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/redhat-et/time-to-merge-tool"},"Project on GitHub")),(0,ce.kt)("p",null,"AI4CI - Open Source AIOps toolkit"),(0,ce.kt)("p",null,"Lack of metrics for Open Source data."),(0,ce.kt)("p",null,"The AI4CI supports CI/CD and software dev process"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Data Collection"),(0,ce.kt)("li",{parentName:"ul"},"Metrics"),(0,ce.kt)("li",{parentName:"ul"},"ML Services"),(0,ce.kt)("li",{parentName:"ul"},"Open source AIOps template")),(0,ce.kt)("p",null,"The tool measures the time to merge a PR into the GitHub Project. Can be used to id bottlenectks. Historical data of issues, commits and PRs."),(0,ce.kt)("p",null,"It gives new contributors an estimate of how long a PR will take to go through the process.."),(0,ce.kt)("p",null,"It Collects Data - Features - Model Building - Training Actions - Make predictions."),(0,ce.kt)("p",null,"Gives project features."),(0,ce.kt)("p",null,"Models service is done by GitHub actions."),(0,ce.kt)("p",null,"The Workflow can be started two ways in training and inference mode."),(0,ce.kt)("p",null,"It trains for each individual repository. Used currently by openshift, ansible, and others."),(0,ce.kt)("p",null,"It requires an action.yaml file and a few other files."),(0,ce.kt)("p",null,"Demo - (36:24 in the video)"),(0,ce.kt)("p",null,"Aakanksh showed her repo and walked through the files that need to be put into place within the GitHub workflows."),(0,ce.kt)("p",null,'Once setup, you can go to "Actions" and click on the training.'),(0,ce.kt)("p",null,"There is also an ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/AICoE/elyra-aidevsecops-tutorial/issues/532#issuecomment-1347919300"},"autoclose")),(0,ce.kt)("h4",{id:"open-discussion-5242-in-the-video"},"Open discussion (52:42 in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Podman v4.4 RC2 errors\nMartin Jackson noted an issue with CNI errors on Podman 4.4 RC2. ",(0,ce.kt)("a",{parentName:"li",href:"https://bodhi.fedoraproject.org/updates/FEDORA-2023-a0f754c701"},"Issues"))),(0,ce.kt)("h3",{id:"next-meeting-thursday-february-16-2023-1100-am-edt-utc-5"},"Next Meeting: Thursday, February 16, 2023, 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h2",{id:"possible-topics"},"Possible Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"None discussed.")),(0,ce.kt)("h3",{id:"next-community-meeting-tuesday-february-7-2023-1100-am-edt-utc-5"},"Next Community Meeting: Tuesday, February 7, 2023 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h3",{id:"possible-topics-1"},"Possible Topics:"),(0,ce.kt)("p",null,"Meeting finished 11:59 a.m."),(0,ce.kt)("p",null,"Raw Meeting Chat:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"You11:00\u202fAM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nLokesh Mandvekar11:04\u202fAM\nv4.4.0-rc2 will be available in updates-testing soon https://bodhi.fedoraproject.org/updates/?packages=podman\nYou11:05\u202fAM\nhttps://issues.redhat.com/browse/RUN-1721\nMiloslav Trmac11:10\u202fAM\nI think it\u2019s fair to close stale issues on which we can take no action - bugs with information required to debug not provided, PRs (for features we don\u2019t otherwise care about) where the submitter has gone away.\nFor things that were determined to be real bugs or real features we might want, we just don\u2019t have capacity for, I can\u2019t see any benefit to closing them that couldn\u2019t just as well be obtained by sorting by recent updates, and ignoring the older ones.\nChristopher Evich11:22\u202fAM\ne.g. https://gist.github.com/rh-container-bot/f505b6fb78db279855862e035629f8aa#file-images-md\nChristopher Evich11:25\u202fAM\nmarkdown-table posted by 'exuanbo/actions-deploy-gist' github-action.\nMiloslav Trmac11:26\u202fAM\nIf we are overworked, one option is to just do less; another is to farm out some of the effort to other people. In that sense, asking reporters to reproduce on mainline might be a good tradeoff? OTOH it could very well cost us important bugs that would not reach us.\nBrent Baude11:27\u202fAM\nPaul is tugging on a good thread here ... can we get a separate cabal to talk about ubuntu?\nYou11:29\u202fAM\nAakanksha's project: https://github.com/redhat-et/time-to-merge-tool\nYou11:35\u202fAM\nI suspect Preethi is enthralled....\nYou11:42\u202fAM\nCan you ignore a particular user's PRs? I'm thinking dependabot/bot users who would potentially mess up the curve for most \"real\" people.\nYou11:51\u202fAM\nAakanksha, can you ping me by email so I can have you email address please?\nAakanksha Duggal11:52\u202fAM\nhttps://github.com/AICoE/elyra-aidevsecops-tutorial/issues/532#issuecomment-1347919300\nMiloslav Trmac11:54\u202fAM\nIs the ML model interpretable, i.e. can it give us insight into causes / correlations?\nAakanksha Duggal11:54\u202fAM\n@miloslav - not yet, but something we plan to look into.\nPreethi Thomas11:55\u202fAM\nThanks Aakansha for presenting\nLokesh Mandvekar11:56\u202fAM\nhttps://bodhi.fedoraproject.org/updates/FEDORA-2023-a0f754c701\nChristopher Evich11:57\u202fAM\nYa, thanks Aakansha, it's a really neat way to use AI/ML.\nAakanksha Duggal11:57\u202fAM\nThank you for having me. Please feel free to contact me if needed. :)\nieq-pxhy-jbh\n")))}Ra.isMDXComponent=!0;const Oa={},Ja="Podman Community Cabal Meeting Notes",Fa=[{value:"April 20, 2023 11:00 a.m. Eastern",id:"april-20-2023-1100-am-eastern",level:2},{value:"April 20, 2023 Topics",id:"april-20-2023-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"Possible Podman 5 features (1:14 in the video) - Dan Walsh - 1",id:"possible-podman-5-features-114-in-the-video---dan-walsh---1",level:3},{value:"Bug Week (54:51 in the video) - Matt Heon",id:"bug-week-5451-in-the-video---matt-heon",level:3},{value:"Open discussion (49:00 in the video)",id:"open-discussion-4900-in-the-video",level:4},{value:"Next Meeting: Thursday, May 18, 2023, 11:00 a.m. EDT (UTC-5)",id:"next-meeting-thursday-may-18-2023-1100-am-edt-utc-5",level:3},{value:"Possible Topics",id:"possible-topics",level:2},{value:"Next Community Meeting: Tuesday, June 6, 2023, 11:00 a.m. EDT (UTC-5)",id:"next-community-meeting-tuesday-june-6-2023-1100-am-edt-utc-5",level:3},{value:"Possible Topics:",id:"possible-topics-1",level:3}],Ga={toc:Fa},Ya="wrapper";function Ua(e){let{components:t,...n}=e;return(0,ce.kt)(Ya,(0,Q.Z)({},Ga,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("p",null,"Attendees: Matt Heon, Paul Holzinger, Lokesh Mandvekar, Valentin Rothberg, Eduardo Santiago, Giuseppe Scrivano, Preethi Thomas, Ashley Cui, Brent Baude, Chris Evich, Urvashi Mohnani, Martin Jackson, Mohan Boddu, Dan Walsh, Anders Bjorklund, Shion Tanaka, Stevan Le Meur,"),(0,ce.kt)("h2",{id:"april-20-2023-1100-am-eastern"},"April 20, 2023 11:00 a.m. Eastern"),(0,ce.kt)("h2",{id:"april-20-2023-topics"},"April 20, 2023 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Possible Podman 5 features - Dan Walsh/All\n","*","SQLite"),(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"hyperV"),(0,ce.kt)("li",{parentName:"ul"},"Mac Native Virt"),(0,ce.kt)("li",{parentName:"ul"},"Drop CNI"),(0,ce.kt)("li",{parentName:"ul"},"Drop Cgroup V1"),(0,ce.kt)("li",{parentName:"ul"},"ZSTD By default"),(0,ce.kt)("li",{parentName:"ul"},"podman build -> build farm support"),(0,ce.kt)("li",{parentName:"ul"},'(refactor podman machine) <-- not "feature" but ...'),(0,ce.kt)("li",{parentName:"ul"},"making manifest lists by default"),(0,ce.kt)("li",{parentName:"ul"},"Use OCI images for podman machine",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"podman <-> podman machine versioning ..."))),(0,ce.kt)("li",{parentName:"ul"},"assimilate podman machine services"))),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Bug week reminder/participation invitation - Matt Heon"))),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://youtu.be/_NnWUqyaBmw"},"Recording")),(0,ce.kt)("p",null,"Meeting started at 11:02 a.m. Thursday, April 20, 2023"),(0,ce.kt)("h3",{id:"possible-podman-5-features-114-in-the-video---dan-walsh---1"},"Possible Podman 5 features (1:14 in the video) - Dan Walsh - 1"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"SQLite - Works underway."),(0,ce.kt)("li",{parentName:"ul"},'hyperV - Up for testing. Talk to Brent about the "decoder ring"'),(0,ce.kt)("li",{parentName:"ul"},"Mac Native Virt - doing qemu not on Mac, Apple is making qemu less attractive for multi-arch, so we're looking at Mac native virtualization and working on it today, targeting Podman v4.6."),(0,ce.kt)("li",{parentName:"ul"},"Drop CNI - Looking at dropping the CNI network. Currently, Netavark is the default for the latest. We are looking at dropping CNI as of RHEL 10. If we don't, then the RHEL team will need to support it for ten years or so from when RHEL 10 is released. Matt thinks the code cleanup is the most significant benefit."),(0,ce.kt)("li",{parentName:"ul"},"Drop Cgroup V1 - Similar to dropping CNI and more important to Dan as systemd is about to drop support for cgroup v1. We are looking at Podman v5.0 for this too. We need to be sure that we don't mess up partners such as Ubuntu LTS. Another thing to watch for is Chromebook users use a Debian base, and that might be problematic too. Anders pointed out that his Ubuntu 22.04 has systemd/cgroups v2"),(0,ce.kt)("li",{parentName:"ul"},"ZSTD By default - using the ZSTD compression algorithm instead of gzip. Older versions of Docker don't support ZSTD, so that's a bit of a concern. The thought is to let the user pick or push to versions of the image. A lot quicker downloads with ZSTD over gzip. A problem with pushing two images, people may have to pay for storing or pushing multiple images. The thought is to default to ZSTD and allow users to configure back to gzip in their containers.conf file. The compression happens only during push/pull. The format of the image on disk or in the registry remains the same. Brent would like to get buy-in from Quay, but they won't likely step up until we, or someone else, starts using ZSTD more frequently. The Moby shipped with Fedora now uses ZSTD."),(0,ce.kt)("li",{parentName:"ul"},"podman build -> build farm support - Nalin is working on this to allow building of an image for multiple architectures. Nalin is making it a very easy to specify with podman build command line options. You wouldn't need to deal with manifests nor have any need to deal with a second VM running another architecture, it would just work. It will build natively, not in emulation mode. Under development at the moment."),(0,ce.kt)("li",{parentName:"ul"},'(refactor podman machine) <-- not "feature" but ... - After the Apple hypervisor work is complete, some refactoring of the podman machine might be a good thing to do for speed. This might be done earlier than Podman v5. Dan also noted that we\'re thinking about moving podman machine to a separate repo. We might draw more interest in contributing if we did move it.'),(0,ce.kt)("li",{parentName:"ul"},"making manifest lists by default - when you pull an image to a system, by default, you don't always get a list. If you have a multi-arch image, this can be a problem. Looking into being able to pull manifest lists down so multi-arch images could be better supported. The thinking is to turn this on by default in Podman v5 and then allow users to opt out of it. Matt is concerned that someone might get angry as manifest lists (JSON file) will show up that haven't been there before. Brent suggests we hide the lists as much as possible."),(0,ce.kt)("li",{parentName:"ul"},"Use OCI images for podman machine"),(0,ce.kt)("li",{parentName:"ul"},"podman <-> podman machine versioning ... This allows you to enforce that the version of the client dictates the version of the guest podman machine. That way you run only the version that is supported in your environment. This also helps the development team by not needing to supporting multi version combinations."),(0,ce.kt)("li",{parentName:"ul"},"assimalate podman machine services - for running a podman machine depending on the hypervisor and the Operating System, it is required to have a number of services running due to a number of microservices. The talk is to move it all under one potentially."),(0,ce.kt)("li",{parentName:"ul"},"Anders talked about some storage ideas (",(0,ce.kt)("inlineCode",{parentName:"li"},"ipfs://"),") that had been kicked around in the past and is wondering if any work has gone on that. It would allow layers to be split across multiple files. This would be in c/storage. Matt thinks\n",(0,ce.kt)("a",{parentName:"li",href:"https://archive.fosdem.org/2022/schedule/event/container_ipfs_image/"},"https://archive.fosdem.org/2022/schedule/event/container_ipfs_image/"))),(0,ce.kt)("h3",{id:"bug-week-5451-in-the-video---matt-heon"},"Bug Week (54:51 in the video) - Matt Heon"),(0,ce.kt)("p",null,"Podman/Buildah teams are doing a bug fix week next week. We're encouraging people to help or point out bugs important to you. Then stability releases after that. So afterward, we'd be at Podman v4.5.1."),(0,ce.kt)("h4",{id:"open-discussion-4900-in-the-video"},"Open discussion (49:00 in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Martin was asking about Quadlet and was it going from tech preview to fully supported. Martin uses Quadlet and is really liking it. He thinks it's one of the best features in Podman. Dan noted we've gotten a lot of nice feedback, but now we need to get the word out. As we move to edge devices, Quadlet will be more critical."),(0,ce.kt)("li",{parentName:"ol"},"Dan talked about Valentin's thought to never break on upgrade to a new version. For Dan it's more about pushing the envelope, otherwise you get old code. Dan has broken things in the past to secure code. Dan believes both viewpoints are valid. Matt suggests that we might support a v4.0 Podman for a while longer, but that would only have bug fixes, not new enhancements.")),(0,ce.kt)("h3",{id:"next-meeting-thursday-may-18-2023-1100-am-edt-utc-5"},"Next Meeting: Thursday, May 18, 2023, 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h2",{id:"possible-topics"},"Possible Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"containersh - Dan Walsh"),(0,ce.kt)("li",{parentName:"ol"},"Storage - allow layers to be split across multiple files. - Anders Bjorklund")),(0,ce.kt)("h3",{id:"next-community-meeting-tuesday-june-6-2023-1100-am-edt-utc-5"},"Next Community Meeting: Tuesday, June 6, 2023, 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h3",{id:"possible-topics-1"},"Possible Topics:"),(0,ce.kt)("p",null,"None Discussed"),(0,ce.kt)("p",null,"Meeting finished 11:58 a.m."),(0,ce.kt)("p",null,"Raw Meeting Chat:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"You11:02\u202fAM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nYou11:05\u202fAM\nPlease sign in or add to the meeting notes: https://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nAnders F Bj\xf6rklund11:17\u202fAM\nmy Ubuntu 22.04 has systemd/cgroups v2\nBrent Baude11:22\u202fAM\nty Anders\nBrent Baude11:51\u202fAM\ni need to drop as well\nAnders F Bj\xf6rklund11:51\u202fAM\nhttps://archive.fosdem.org/2022/schedule/event/container_ipfs_image/\nieq-pxhy-jbh\n\n")),(0,ce.kt)("p",null,"Raw Transcript"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"ieq-pxhy-jbh (2023-04-20 17:03 GMT+2) - Transcript\nAttendees\nAnders F Bj\xf6rklund, Ashley Cui, Brent Baude, Christopher Evich, Daniel Walsh, Ed Santiago Munoz, Lokesh Mandvekar, Martin Jackson, Matt Heon, Mohan Boddu, Paul Holzinger, Preethi Thomas, Shion Tanaka, Stevan Le Meur, Tom Sweeney, Tom Sweeney's Presentation, Valentin Rothberg\nTranscript\nThis editable transcript was computer generated and might contain errors. People can also change the text after it was created.\nTom Sweeney: Have and there it is. Welcome everybody. This is April 20th 2023. This is the Podman Community cabal meeting for this meeting. We usually talk about design issues or thoughts for Pod, man. And today we have a good slate of stuff for Pod Man, 50 features, which is coming up. Container essay, and then also talk about Bug Week. So We have a hack MD going, I've put a link into the comments here for Google meet. Please go ahead and add your comments since there is we go along or if I'm going to try and take notes and if I mess up, please go ahead and correct me or add links as appropriate. So giving all that I have Dan walshill first with possible pod, man, 5 features and\nDaniel Walsh: Okay, can you put up the\nDaniel Walsh: You put up the feet, the slide or\u2026\nTom Sweeney: Yeah.\nDaniel Walsh: whatever. thing, everybody slides, shining it shining into\nDaniel Walsh: Okay. so, I view Major releases in two ways, and balance is going to be pushing back on this. So it could get entertainment entertaining a little bit. I view a major release as being A milestone of marketing more than just being, you know, having it like In the real world when relate. Well, nine well-10 comes out. It's not only a chance to say we have new functionality but it's also a chance for marketing. You know, isn't it great that we move this far ahead? So I'd like to, you know, over the years when we had different versions of Pod Man, Come Out. It was not only we didn't do it just for breaking changes but we also did it so much from marketing. So I think with podman 2 came out, we added\nDaniel Walsh: We moved. I think we that was the first time we added in the new API and FOD, Man, 3 came out. We added appointment, three came out, we had a new API and pod, man. 4 came out, We added, You know, some of the pipe, my machine functionality and other things like that. So when we look at now, it's been well. This is probably planned for the end of the year early next year. So it's gonna be two years since Pod, Man Full came out at that point. So the question I have is what, what did the long-range things that we'd like to see in a marketing event for five man. Five on a second thing is, is when we come up with the major release, it gives us a chance to change the defaults in such a way that potentially, they could break break people. And obviously that's something that we want to avoid.\nDaniel Walsh: If at all possible but sometimes it's it's necessary in order to move forward. So things I threw down for ideas for podman 5 and again, these don't have to wait for apartment five. They're just major things that are going on in the Pod, Man world right now.\nDaniel Walsh: That I I see moving forward and I just threw down a few ideas right now this for those. That don't know, there is a pod man, internal database right now is based on multi B and it's felt by the maintainers of the database that it was important to force to support ability. We saw a lot of corruptions happening and multi B and we felt that the upstream for both DB was not as responsive or not as active as we'd like. And so we wanted to switch to something a little more stable which was ask you a light. And so that's actually in Part-man 405 right now, you can actually test With.\nDaniel Walsh: SQLite. But I'm at apartment 5, we'd switch. The default to SQL Light. Obviously upgrades would continue in both DB, but if you did a restart reset, then you switched SQLite There's also a big effort for the lots and lots of uses on Windows cannot support.\nDaniel Walsh: Wsl. Usually it's something inside the company that says, they don't like wsl or whatever reason it is and they've asked us to support five main machine for Native virtualization. So on Windows, the first version of that is going to be Hyper-V, which is being heavily worked on right now. When Brent is there? Is that available at all right? Now for testing\n00:05:00\nBrent Baude: It's actually done.\nBrent Baude: There's some official stuff that needs to go into fossa and ignition. But and some nits to smooth over in podman. but, Yeah, you just need the secret decoder ring. For me to get the image.\nDaniel Walsh: Yeah. And I don't I mean again this you know probably obviously is going to come out probably in four six might be you know just you won't need the Dakota ring to turn it on at that point or but it's it's something that we want to again market that we have new architecture. Just are not new virtualization support.\nBrent Baude: Yep.\nDaniel Walsh: Secondarily to that is on the max right now. We support qemu for running our podman machines. And there's been a lot of requests for sporting that native virtualization. Mac apples actually, making it much more attractive or\nDaniel Walsh: Making c** you much less attractive as a solution based on some of this stuff they're doing for support of multi-atch building. So that's sort of driving us towards native virtualization Plus, we believe that we can get better performance by using Verdeo of SD instead of playing nine for volume mounting into the containers. This is something the darker currently supports. So we will be doing some time in the next six months or so we moving, or adding support for native Mac. Virtualization anything you want to say on that Brent.\nBrent Baude: Started working on it today, hope to have it done for four six.\nDaniel Walsh: Okay. The next one is, now we start to get into system controvers. So, not only three above would necessarily be breaking changes.\nDaniel Walsh: The next one would be potentially more controversial, which would be to drop CNI support right now. We if you run containers, With pod man. The default that you get on a fresh installed pod, man is neta back for networking stack. We currently also continue to support CNI, but the idea would be, Can we get rid of the CNI code? Can we get rid of the support headache of CNI? And really, this to me, is more guided towards a real 10 type release thing and that\nDaniel Walsh: when we sign up for new version of podman releases on a particular rail, we're signing up for 10 years of support. So the question is, Do we want to support? CNI 12 years from now on top of Pod, Man. Now, obviously, we can never break. We can't break REL support on Level Eight Row 9. So CNI support. But can we start to get rid of it by default? and I think that, Mainly for people on here that ends up being somewhat of a time sink. For a matte and Paul.\nDaniel Walsh: Hopefully would start to disappear as we move forward and more people use it, but it would clean up the code base to get rid of C and I altogether out of it. Any comments by Matt Paul on that.\nDaniel Walsh: Yeah, I mean the one benefit also of saying we're dropping CNI is that it can convince people to switch over to Netovac easier than feeling like they're gonna get it supported for? Forever.\nMartin Jackson: That.\nMartin Jackson: There.\nDaniel Walsh: The next one is also similar and probably more to me, more important. Is that we right now, I believe system D is about to drop support for C groups, V1, Um, so that I think, I don't know if it's Fedora 38, if there are 39 is no longer going to support sea Groups, B to be one. So can we start to look at dropping support for cigarettes for you, one for our tool chain. So I think the primary tool there would be like Seron and run c start to think about it as well as I'm not sure how much We do in Pod man for that, but it's probably they're certain flags. That would have to be start to be removed since then. All I can make sense in the cedar must be two worlds. Um, and again, I think that's just for long range support. right now, from a rel,\n00:10:00\nDaniel Walsh: point of view around 9:00 defaults to see groups V2 relate on the single three one but rallied is going into\nDaniel Walsh: Support mode. I think, either, I think in either the next release of the one after is going to be in full support mode so that We shouldn't be. Adding new features to see them to be one or in that dying out. Anybody want to comment on that?\nBrent Baude: I do proposed timing. of the podman 5, I think would have A big influence on that particular topic. I actually really like this idea.\nBrent Baude: There's some distribution benefits to this.\nBrent Baude: But I think one of the things we'll have to do is if we did it today, we'd be cutting off. The two lts's of Ubuntu, right? Is that correct? Is a mantu gone to see groups, we too. They might happen to know.\nChristopher Evich: I think the latest one is.\nAnders F Bj\xf6rklund: I think 22.\nBrent Baude: Okay. Yeah, so it's just something to contemplate as Who we lose? If we do that and but otherwise, I'm completely comfortable with this.\nChristopher Evich: But the old ubuntu's, the old lts a bunches, they just won't update. Right. They they're going to just keep running the older apartment. Should.\nBrent Baude: Yeah, it was sort being unaware that their V2 now so is our V2 lts.\nValentin Rothberg: No.\nBrent Baude: That's what we need.\nValentin Rothberg: I also think that who's is using V1 still. So, if we Cut, or if we would drop.\nDaniel Walsh: Christopher.\nMartin Jackson: A lot of Chromebook users are on old Debians\u2026\nBrent Baude: So, maybe\nMartin Jackson: because of the Chromebook Chromebook default virtualization scheme and I think they might be stuck to.\nBrent Baude: So, Dan sounds like, maybe we need to Kind of understand what everyone else is V2 plans. Sort of look like But again. we could theoretically, just Do it and\nBrent Baude: deal with the consequences.\nDaniel Walsh: Yeah.\nPaul Holzinger: I one question.\nDaniel Walsh: so,\nPaul Holzinger: how much C group code is actually important because isn't most of it done by the runtimes,\nMatt Heon: There's a fair bit of complexity involved in how we do system unit container and how we do the Pod C groups in particular Pod, resource limits involve a fair bit of, super one for C2 last, I checked those would be the big ones. I would say. It's not a huge amount of code, but it is, it is some of the most complicated code. If you've ever seen the code to set up our potsy groups, It's a horrifying massive. If statements\nDaniel Walsh: Yeah.\nBrent Baude: I like the idea. I'd sure like to keep kicking it around.\nDaniel Walsh: So the next one will get even more controversial, which is so we've been kicking around this idea of moving away from Jesus image format. to Zstd both have been supported for several years and\nMartin Jackson: it's\nDaniel Walsh: The spec. but, Docker did not release for over three years. So, Giuseppe had a pull request into Docker. Back in 2002 and that finally got merged and they released a version with it. In March. so, they had him released from March of twenty two, thousands of my 2023. The.\n00:15:00\nDaniel Walsh: We have women kicking around the idea of supporting what we've currently support both zsdd. And Jesus format for images. And it's been supported for many years. In Container D, Cryo and the rest of the world other than darker, And it's been in pod man. For I think every version of pod man, all the way back to one dot six. Maybe not 106. So which is or else seven?\nDaniel Walsh: The problem is that no one creates images with this format because Of Docker, not being able to support the older versions of darker, not being able to support it. we have ideas about potentially, Allowing you users to Check Pick which format they want to basically in containers duck off, pick which formats, that they want to push images to container registry with, and the options would be zstd gzip or a combination of both. So they could basically have but use it within have to pay the price of Pushing two versions of images to container registries and container registries, that would have to store.\nDaniel Walsh: Two versions of the same image. One compressed with each one of them and pod, man, and tools, based on Containers image would be smart enough to pick out the zestd one. If it existed. So, the benefits of their cost and benefits. And we stick with Gzip, we're stuck with the same format that we've been using for years, but old dark versions of darker support it And they can continue to use it. If we force everybody to go to Zstd then old versions of dark are don't support it but everybody in\nDaniel Walsh: The new versions of Pod Man. Not new versions of darker and all versions of our tool change. Get the benefits of better, better compression Quicker downloads in the case of Pod Man and Cryo and those tools they get you weight Grow quicker downloads since it's the pulling down individual files instead of entire images just a different false at a difference. The third option that combination of both has the Problem of you would have to if you're paying for the bandwidth of pushing images that you'd have to pay for additionals, content being pushed, as well as if you're paying for the cost of storing of images. Then you have to pay for both and we potentially could hear bad things from container. Registries who don't want, you know, who are paying the content paying to store both types of content. So,\nDaniel Walsh: the my proposal for Ralph's, for\nDaniel Walsh: Five would be to, we just switch the default to ZSTD thinking that to be a large enough install base of of dockers out there at that point and for people who don't want to use it, they could just simply change the containers that cost to point to Jesus want to to do both. And, but my fear is that we don't do this then. When Pod Man 6 comes up three years from now we're still going to be having this this debate. So you know can we push this forward?\nMatt Heon: I think risk here is a lot lower than the CNI. And what do you call it secrets? We want stuff because we're not dropping code.\nDaniel Walsh: Yeah. Also distributions can, if distributors want to ship a Canadian stock off, that stays the Gzip, then they have the full ability to do it, This just questioning what should be the default format? We go forward with at that point.\nDaniel Walsh: Any other comments?\nBrent Baude: Yeah. How does it? How does it work? In terms of you, you mentioned push but in terms of run or other actions, if, if the STD is the default, Are we saying, can you have a local container storage that has both formats?\nDaniel Walsh: So it's only I'm push and pull. So when it, when it gets put on to your desk, you don't have the format any longer. The big think of this is more pushing and\u2026\nBrent Baude: Okay.\nDaniel Walsh: this is the problem is if you've tried to pull one these images with an older version of Docker, you will fail. It'll come back with that saying,\u2026\n00:20:00\nBrent Baude: Okay, but\nDaniel Walsh: unsupported format.\nBrent Baude: But I think what you're saying is, there's, you know, both formats would still be perfectly usable. It's just be a swap.\nDaniel Walsh: Yes. Which means\u2026\nBrent Baude: So if container registries didn't\nDaniel Walsh: if I meant stats to push images, that can't be used by older versions of darker. That's that's with the dot, that's where we're gonna get. We're gonna get paid as being anti-unity or anti You know. Oci or something at that point.\nBrent Baude: So, I I would, I would be in favor of this. The one thing I would want some sort of commitment from Let's say somebody like Cui. That they would be there be a way to build. Zstd. On their end.\nBrent Baude: because, A lot of us. Use. Combinations of GITHUB and CUI. And auto building.\nDaniel Walsh: Yeah.\nBrent Baude: and one one, like one image, I can think of in particular is Fedora chorus has a\nBrent Baude: They have a image they use for building for coros. And that image is updated weekly. And it's four and a half gig. But I believe it's built, you know, hands off. So it'd be one of those. One of my questions would be If we if we switch, that would be, this would be more effective if if more people could take advantage of it,\nDaniel Walsh: Yeah, but to me to me that's this is where the check of the egg situation is sort of like the old before we force sea groups, V2. Like Oh no. One support secretly too. Why don't they support it? Because no one uses secret too. So, until we start pushing zsdd images. if you went to Cui and said, You know, will you build with CSD? They're like, well, no one uses the STD so it's sort of\nDaniel Walsh: yeah.\nValentin Rothberg: The problem with cstd is that it's in contrast to see Group C group. You fail immediately on the client. So the users. While with Csdd, it may be a silent change entirely transparent to the user. But when they pushed their images, some of their clients may break because they're still using older. so the let's say, The the error multiplication happens, much further. And much more transitively than for secret security.\nDaniel Walsh: Right.\nDaniel Walsh: Yeah. And I guess so that to follow, I mean, I would argue that we are We did this. When we started supporting OCI because older versions of darker, at the time didn't support OCI images. But at that time, Paul Man was brand new so it wasn't I guess people who would expect it to, Potentially cause more breakage than it would now.\nValentin Rothberg: But also, any any breakage can be negative marketing as well. As much as any major major version. I personally perceive major version bumps as all yet, another breaking change.\nDaniel Walsh: So we can't we can hold off on that one that argument to the end. Since that's the\nDaniel Walsh: I don't see that. I mean potentially we push both but then we're gonna get bad news, you know, by the fall but then we get bad. Press from people saying we're using up twice as much bandwidth twice, as much storage.\nDaniel Walsh: But maybe that's the value one but I don't think it valid one is. Oh, we'll just wait, Yes more before. Does anybody ever use a zdd because You know, at some point in the future, there's gonna be enough docker clients out there that Supporting an old ones and\u2026\nValentin Rothberg: Like, I think it should be a\nDaniel Walsh: I could hear you autos Old Ubuntu is an old. rails and all, well must bad shape, but\nAnders F Bj\xf6rklund: but I think,\nValentin Rothberg: I think it should be stepwise migration where, you know, since it's a containers, conflict can be configurable. So Fedora can go first and just Change the standard compression in only in Fedora to see standard without this being built-in, default, setting for Portman, which would then affect all other distributions as well. so, I think that there are ways to, you know, increase, The usage and\u2026\n00:25:00\nDaniel Walsh: Yeah.\nValentin Rothberg: the user-based step by step and not use the big hammer and switch or try to switch everybody at the same time. I think in Fedora, you know, this is probably at least in this immediate community an easier. Test that\nDaniel Walsh: It and in the movie that she and the Moby that ship by Fedora supports the format. So it's not if you live in a fedora pure environment, you're not going to be bit by this.\nDaniel Walsh: So I could go along with that. Just doing his containers.com and leave the standard. Leave it to fall to the STD for built into package, config into common. Yeah.\nBrent Baude: Yeah.\nDaniel Walsh: Okay.\nDaniel Walsh: I guess. Those that on the call right now, the next one is the concept of the build farm. And nalin. Did a demo of this? I don't know if that was an internal or external. a few weeks ago, the basic idea is as We're hearing more and more people who want to build. Images for multiple formats. So from multiple architectures, And a lot of people, it's a fairly complex. Tooling of fairly complex effort to build image for multiple architectures, especially if you're not building them with some kind of emulation mode. Um, So the the basic idea would be say you're on a Mac. You're saying, I'm too Mac and you're building.\nDaniel Walsh: I'm chips based images and then you want to build x86 image and you want to push both of those to a registry so that you create a new full buyer image and it's too architectures. While doing that is fairly complex and what? Nowlin is demonstrated with the tool. He called Build Farm was the ability to Do that automatically taking advantage of.\nDaniel Walsh: Connections. So now on you on the call,\nDaniel Walsh: Put you on the spot.\nTom Sweeney: Nobody's no way on pidgeot today.\nDaniel Walsh: That one's away on Pto. Okay? So the the basic idea would be to to you do a pod man. Build - platform equals am AMD, 64 comma. I'm calm or power and what would happen is odd, Man. Built Odd, Man client would look through its connection database to see if it has connections to the different architectures and then would launch the bills on the different architectures. So say you had set up three ssh connections to build service to be able to perform the builds on a remote system. Then it would pull the images back to the local system create a manifest list and actually assembly entire image and push it out to a registry. So it wouldn't be you wouldn't have to deal with manifest. You wouldn't have to deal with\nDaniel Walsh: Any any special needs for running multiple, you're sitting on a Mac and two and you had two VMs running two podium machines running one for X86 and one for on then if you build with a - platform I'm an x86 they would go out and to the two different VMs on the local Mac and would build the images and then reassemble them back on the default one and then push that to a registry. So that's what we're looking at for podman, builds farm support. And again, it's not looking at emulation mode. This is looking to build natively or On a native VM running an emulation mode, but as opposed then other basically allowing us to fully assemble those on it.\nDaniel Walsh: Any questions on that?\nAnders F Bj\xf6rklund: and I think that Bill Kit is doing this and I think the killer feature for Kubernetes was Windows containers, being able to build those remotely Because most of the Linux ones could be cross-compiled but not windows.\nDaniel Walsh: The problem across compilation, is, as well as twofold one, it's low, and it's potentially very buggy. I know that in the real world, Well, if you refuses to support cross compilation because it's just not this exact same as native. Now, certain architects, if you're building golang code, it's not as big a problem, but if you're building standard seat code, just to see libraries, I just felt to be way too risky to to support cross country.\n00:30:00\nAnders F Bj\xf6rklund: no, the equipment, this one was gold coat and I mean, and also You couldn't do workarounds if there was some across compilation issues but it's still a good feature. Of course, to be able to have remote bare metal, builders for performance reasons.\nDaniel Walsh: Yeah, yeah. And I'm like having what we're looking at here, Actually more of the client driven solution, then the server driven solutions so that you would just have to set up two two and more connection databases to different architectures and either run that VMs locally or remotely. It's just taking advantage of what basically what Pod man remote currently does to assemble these? I think build kid is more on the service side, so you'd have to have, you know, rely on a server. Being set up to do the multiatch builds. Um so anyways it's something that we'd like to get to match the functionality. That's in build kit now but take advantage of what we have with. Basically, the connection database empowerment.\nDaniel Walsh: So the next one, someone else put in.\nBrent Baude: Yeah, I can do that final comment.\nDaniel Walsh: So I'm gonna let that Yeah, you run the bathroom. All right, I'll be back.\nBrent Baude: Yep, final comment on the bit on that build farm though is I think there's a I've no objection with the feature. That's it's a good feature. I think also though there's A a couple of nuggets of gold on the topic of Cross architecture. Period. Throughout Potman.\nAnders F Bj\xf6rklund: and I think also now that build decks gone default that has kind of upped the competition if you\nBrent Baude: Yeah. So as I think about Batman Moore as a whole, I think there are several areas where architecture plays a role and\nBrent Baude: but, Starting with. My gripe about being able to pull the wrong architecture. And attempt to execute it.\nAnders F Bj\xf6rklund: It. Yeah but I mean there are some nice things like being able to use Kubernetes pod builders and stuff like that, that this could be a nice features to have also important.\nAnders F Bj\xf6rklund: I mean, with, with a root, let's capabilities and everything. You have a You have a whole dockering doctor, a customer to migrate. I think the life. Of course.\nBrent Baude: Indeed. Okay, so Timewise here. I'll try to be efficient. the first one was,\nBrent Baude: After that, apple hypervisor stuff is done.\nBrent Baude: Someone probably not me needs to sit down. and contemplate a refactoring of machine code, there's Plenty of duplication that can be removed. I think there's there's a couple of changes in how we do things that could be. Implemented such as factory or build type patterns.\nBrent Baude: And things along those lines. Again, that's not really a feature, it's not something that users would know about. So it could be It could be set as a goal for V5. Or it could just be done in four dot whatever. And no one be the wiser.\nDaniel Walsh: Fall. Yeah, On similar we have discussed potentially moving part man. Machine out of podman into it, separate repository whether we want to or not people are using pottery machine for uses other than just pod man. and so, it potentially could get if we moved it to a separate repo, then potentially you get more people to coming work on it as a separate project. So there are, there are thoughts going around that.\nBrent Baude: Agreed. I've been sort of asking questions around the team as many of them all know as to whether we should start. Making manifest lists more, integral to podman. So to me that's an open question. But but Dan wanted? wanted edge, sort of ideas that You know, are gonna push things a little bit and This might be one of those again, it involves. some compatibility issues as well as registry things, but I wonder if it's something we should start doing.\n00:35:00\nDaniel Walsh: Yep, for those that don't know when you pull an image right now. To a system by default. We don't have a minute. We don't necessarily pull down and manifest list with the difference between an image in a manifest list. Is that If you have a multi-atch image then you have a manifest list of defines the different arches that are in the image by default. Right? Now a very common era that we hit is people pull down a different architectures image. That becomes a default image and then if you go to run at image layer, say, Pull down Alpine for For arm and you're an x86-64. Now you go run the command. Just do a pod Man. Run commander later and you think that you're gonna re-pull a\nDaniel Walsh: X86 image and run that no you end up running the command on top of the image that you pull down. If we had a manifest list, then we could change the behavior so that if you did Pull an image for different architecture. You would get put into the manifest list, if you rent to run it and we could run the native, We pull the native one down or just have the native one available so moving to a manifest list by default again.\nDaniel Walsh: Because the world's moved pretty much when darker happened and over the last first, say eight years of container worlds. It was one architecture x86 with, you know, a tiny bit of different architectures in the world and I think over the because of what Apple has done and the rise of arm. Now we're seeing that there's two architectures out there you know better and you know if risky happens or there could be three architectures and so suddenly we'll work living in a world with Supporting multi arch should be the default as opposed to this one often. And that's what that's why I would like to see us move to manifest list as by default.\nBrent Baude: I think the last time that we talked about this, we sort of came to the conclusion that what we'd be talking about here is in rather than an opt-in. This would be an opt out. So that would be the big change is that we would just turn it on. And allow users to opt out of it. As a way to start. Getting people to use it. Kind of like SC Linux.\nBrent Baude: Anything anyone want to comment on this one or honesty, Linux?\nMatt Heon: How seriously is this going to Sorry?\nPaul Holzinger: I can.\nMatt Heon: Go go Ed.\nPaul Holzinger: No, I, I totally support the idea of having manifests because I never understood the current behavior that you just used to take from your native image and then all of the sudden, it's Like no use, I can understand what's happening here. So I I think that that makes much more sense.\nBrent Baude: I don't think they need to understand it either or should have to\nPaul Holzinger: It right, right? That's the thing. Like the current behavior never made sense to me. So,\nBrent Baude: Go ahead, Matt.\nMatt Heon: How seriously is this going to affect? Like I don't think we can change the way. Say Odd man Inspects works on images. Is this going to seriously affect my workflow? If I'm used to only using podman and spec podman history, all the image specific commands. My concern would be that suddenly I start getting different output because it's a manifest list, not an image and\nDaniel Walsh: I think it would just default to the unaid about this would allow us, I believe to always default to the native arch. So if you do a pod,\u2026\nBrent Baude: Correct.\nDaniel Walsh: man, if you do a pod man pulled - platform equals, And then you do a pod, man. Inspect Image. Without the dash dash equals it. You'd get the native format one as opposed to the one.\nMatt Heon: Okay. Yeah.\nDaniel Walsh: That's the goal and\u2026\nMatt Heon: I'm sure.\nDaniel Walsh: I'm making up since we haven't done this and I haven't experimented with it but that was that's the goal.\nBrent Baude: These are just ideas.\nMatt Heon: We're going to blow something up. We're going to make someone very angry because all of a sudden, they're making manifest list that they didn't know even were a thing. But I don't, I agree.\nDaniel Walsh: Yeah. Commitment.\nMatt Heon: That's a good idea and I don't think we can avoid us.\nBrent Baude: What did you say? We're gonna make users, make manifest lists.\n00:40:00\nDaniel Walsh: Right.\nDaniel Walsh: Those that don't know on this call, manufactless is just a JSON file on this. Yeah.\nBrent Baude: Yeah, and I would suggest that we make every bit of effort to hide that. There's a manifest list from people.\nDaniel Walsh: Yeah.\nBrent Baude: unless, People know about it and want to alter specifically the manifest list. I think there's a set of rules. We could kind of come up with that, that would allow for that. Okay, we best move on.\nBrent Baude: The the next one is around this podman machine and the OCI images. This is this is essentially where you can build your own images or we could distribute our images, or epcot's images via something like quick,\nBrent Baude: This is a pretty big advantage for us. It, it also has a few upsides, one of which I listed there, but\nBrent Baude: this is, this could be a potentially breaking visible change in the sense that we're changing how pot Padman machine gets its content So that's why I have it kind of associated with five, but I also the same time we'd be using this. My plan was that we would use this to enforce this. That the version of the client, dictates the version of the guest. And so, if you have a Mac and you're using pie man for eight, you're gonna or rather five, oh, you're gonna get a 50. You're gonna get a 50.\nBrent Baude: Guest operating environment. Inside the machine and if you're at five one, you'll get a five one. This eliminates, our problem of mismatched. Clients and servers so to speak. It's sort of a double whammy.\nDaniel Walsh: it also allows people to lock in, at a specific version, so as we, as we start to go out for\nDaniel Walsh: Enterprise customers. They're going to want to building for. You know. A specific version of the operating system. I want to build on that up that level of the operating system so they can Guarantee that this will work with the podmin for six version of odd men. For instance of say that is five five seven and they want their service are all at five three. Then they can log in and build on a five, three based image.\nBrent Baude: Yeah.\nDaniel Walsh: Test.\nAnders F Bj\xf6rklund: And what is the, what is the difference between this and having a URL for the image?\nBrent Baude: It's the the image is, is different on there. So For example. Today, we pull down a few cow for qmu. In and\u2026\nAnders F Bj\xf6rklund: Yeah.\nBrent Baude: so in the future, we would pull down an OCI image.\nBrent Baude: Not a cute girl.\nAnders F Bj\xf6rklund: Right. But I mean, if you wanted to fix the version, you could do that by providing a custom image to direct. But this would make it easier to host.\nBrent Baude: Yeah, we're\nAnders F Bj\xf6rklund: It doesn't.\nBrent Baude: It would, but we're desperately trying to stay out of the developing our own fedora chorus and having to do things outside of what Fedora chorus, the team offers.\nAnders F Bj\xf6rklund: That was just wondering if there was a benefit if you had a Web server serving images. Today, if there was a benefit of moving it to OCI images in a registry instead.\nBrent Baude: And yeah, I don't know. but the tagging of the, you know, the tagging ability there and how image, registries are organized are Quite beneficial.\nAnders F Bj\xf6rklund: Yeah, and I guess you don't have to maintain two different types of servers would be. A benefit to some.\nBrent Baude: Something like that. Yep.\nDaniel Walsh: You know.\nChristopher Evich: The city and Cdns aspect. This one.\nDaniel Walsh: Right. We'd like to get to a world where all software shipped fear. Image. It's basically image repositories which Are whether they're coming as containers or operating systems.\n00:45:00\nAnders F Bj\xf6rklund: Or packages. Yeah. Yeah.\nBrent Baude: Okay? And the last one you guys have for those that are on the team, you've heard me kick this topic around recently and it's Probably appropriate for for V5 since it theoretically is a change that users would be impacted by. But essentially right now for running Padman machine depending on the hypervisor and the operating system being used, we have to have various services. running, whether it would be traffic forwarding, whether it would be for vsoc, listening, Whether it might be for Vert. Iowa Fest. And so on.\nBrent Baude: VF Kit would be another one. so, we've talked about whether we should continue to have these microservices and try to continue to manage them as such or whether we assimilate. Into a single service with Microservices underneath it. So that's an idea.\nDaniel Walsh: Any comments on any of this, anybody else have ideas of what they would like to see us have in padman 5.\nDaniel Walsh: Good everybody.\nAnders F Bj\xf6rklund: And dance, some of those storage ideas.\nMartin Jackson: It is.\nDaniel Walsh: Go Anders.\nAnders F Bj\xf6rklund: Yeah, so and there was some talk about like IPF storage and similar. I compared to peer storage and so on. I was wondering if any of that is coming to containers image and therefore podman.\nAnders F Bj\xf6rklund: So that you could both split up your your layers into smaller files and then distribute those files. With our peer-to-peer type of registry.\nDaniel Walsh: I guess Valentin or Miller's life, if you thought about that or Giuseppe.\nAnders F Bj\xf6rklund: And also talk on Foster. I might\nMatt Heon: We have none of those people on the call. Dan Unfortunately, Valentin actively early. So I think it's a I think it's a good idea.\nDaniel Walsh: Um, yeah. Yeah, and just The Anders, could we put that in for discussion on the next Meetup? The next one of these, That seems like a decent conversation.\nAnders F Bj\xf6rklund: Yes.\nDaniel Walsh: I'll also move container shell. To the next discussion for those that don't. I've had two meetings in the last week with different customers who are looking to control users on a service. So the idea would be potentially to allow us to customize their environment. Basically imagine logging into a system, getting stuck into a, A container. And that's what I just calling a container shelf and now, but we don't have time for that. Martin, you get to talk my talk.\nMartin Jackson: Okay, sure. I was wondering, you know, with the, the kind of marketing aspect of the major rep whether Quadlet would get promoted from, you know, kind of experimental tech preview to, you know, fully supported and, and get some more marketing around it.\nDaniel Walsh: Yeah yes definitely. Although sometimes we do that that's more of a real thing than a necessarily.\nMartin Jackson: Yeah.\nDaniel Walsh: Yeah you know but yeah definitely quadlet would be police fully supported at that time, matter fact, container shell would be Also looking at extending quadlet to allow use users to define quadlets for users. As opposed to quadrant for system services. So that's\nPaul Holzinger: Speaking. And speaking for upstream, I would say Quadlet is fully supported like we five bucks, we fix bucks. People come in with ideas. So\nMartin Jackson: Oh, I'm using the heck out of quadlet and I love it. You know, I I it is it is one of the coolest things to happen in the pod, man, ecosystem, you know, in my mind like ever, I've got it running game servers, I've got it, running my automatic ripping machine and since we're being recorded, I'm not going to incriminate myself, but, you know, I love it.\n00:50:00\nDaniel Walsh: Good. we got no, we've gotten a lot of nice feedback and now now the idea is to get more of the word out to get People blogging people, it's showing, I would love to have people start to distribute quadlets and saying, This is how I run this service underneath, you know, system D. And as we move to a judge devices, I think quadlet is critical.\nMartin Jackson: I I totally agree with that thought.\nDaniel Walsh: And it's really, really simple. So that's what I think. That's what everybody likes about it.\nDaniel Walsh: So it's Valentin left. We don't have to so valentin's. I'll I'll be the devil's advocate and make myself Valentin. Now he without you is that we never break anybody, he wants He wanted to talk about\nDaniel Walsh: Sort of. Leanestabolus's idea that you never break an application by updating the kernel and i we could argue back and forth, obviously don't want to break people but we also don't want to be Carrying old crafty code for forever. So the for me, it's more about pushing the envelope. So, my concern is that when you don't, Break anybody? You end up with the same code that you had in 2012. So for instance, I pushed updates that have broken people to make things more secure, because some the false picked by darker war were bad. So my concern when we say we never break anybody is that we get stuck.\nDaniel Walsh: You know, just doing stuff the same way as we have for the last 10 years even though they're a better ways like Zstd for storing images and you know, and we have a even secretary too. It's like we get stuck. As he was three one forever. So sort of the Fedora mattress mantra is what I like which is okay. Let's push people to its these these new changes and some people are going to drag drag behind and we try to keep them as happy as possible. But we need to push the the technologies and I think this is partly why Docker was in a relief for three years is because they get stuck in this. And those quandary. So but I agree that both arguments are valid and you know, since a lot of the people in this call are supporting rel for 10 years, we're going to be stuck supporting this stuff for\nDaniel Walsh: You know many many years but I think we can push the upstream a little bit faster to take advantage of new technologies as they come along.\nMatt Heon: It would be an easier sell if we Publicly maintained long-term support branches of V4 for a longer time. I think our upstream position is that V4 is going to go out of support the very moment that V5 comes out. We do have to support it for REL for a while, but that's not really an upstream thing. So maybe we could formally announce upstream support of some degree for a long-term fee for branch just to keep people. Overall, we do the breaking change v5 thing.\nDaniel Walsh: Yeah. But people have to understand that they won't be getting new features. So if on the floor, yeah. Okay,\u2026\nMartin Jackson: I mean I think I think people kind of get that they wouldn't be getting new features with that kind of thing.\nDaniel Walsh: for example.\nMartin Jackson: But In.\nAnders F Bj\xf6rklund: I'm not sure if you seen the Ubuntu support for podman people want a stable version and the latest version at the same time in Debian, stable release. But but I viewed apartments support is not so much kernel, it's more like Python. So you would have Python 2 and I thought that were like Be around forever and then you have a Python 3 that you try to push to people and no one will take it.\nDaniel Walsh: Right. I know it took it until Fedora basically turned off by then too, right? So\nAnders F Bj\xf6rklund: Yeah. And that in a decade past or something. That's your\nTom Sweeney: And just looking at the clock I'm gonna push a little bit to wrap us up here. Matt that you want to say anything about the demo or on bookfix week before you head out.\nMatt Heon: Sure, I can keep this quick. So the Pod Man Core team is going to be doing a bug week for the next week. Not just the podman team builder and Scorpio and everyone else should be involved as well. But as part of this, we are encouraging. Anyone who wants to fix bugs or have bug fixed, please focus. And let us know that you can see or something high priority or even better. Please comment on a book and say I'd like to work on this next week and we will get it assigned to you or try and get a prioritized. And the goal is to guys make books we can fix over the next week and then do some stability releases week after\n00:55:00\nDaniel Walsh: Yeah. So what we work on the next week will be in five man four or five dot one. This is the goal. To put more.\nMatt Heon: Yeah, we'll do a\nChristopher Evich: It might be might be worth putting that invitation out on the mailing list.\nMatt Heon: Yeah, I can send an email.\nTom Sweeney: Okay, great. That word running out of clocks. So I am going to just announce real quickly that we're having our next meeting on May 18th for the Cabal and then June 6th for the community meeting. And I'd like to thank you all for being here. Today, I'm gonna hang up on the recorder.\nTom Sweeney: No recording. Anybody want to say anything other than let's go to lunch?\nTom Sweeney: Or dinner, depending on where you're at.\nTom Sweeney: Right folks, that's it. Thank you so much. Bye.\nAnders F Bj\xf6rklund: Yeah, bye.\nMeeting ended after 00:56:50 \ud83d\udc4b\n\n")))}Ua.isMDXComponent=!0;const qa={},za="Podman Community Meeting",Va=[{value:"March 2, 2021 11:00 a.m. Eastern (UTC-5)",id:"march-2-2021-1100-am-eastern-utc-5",level:2},{value:"Attendees (35 total)",id:"attendees-35-total",level:3},{value:"Meeting Start: 11:03 a.m.",id:"meeting-start-1103-am",level:2},{value:"BlueJeans Recording",id:"bluejeans-recording",level:3},{value:"Multi-arch capabilities in Podman and Buildah",id:"multi-arch-capabilities-in-podman-and-buildah",level:2},{value:"Dan Walsh",id:"dan-walsh",level:3},{value:"(1:44 in the video)",id:"144-in-the-video",level:4},{value:"podman-py roadmap",id:"podman-py-roadmap",level:2},{value:"Jhon Honce",id:"jhon-honce",level:3},{value:"(13:45 in the video)",id:"1345-in-the-video",level:4},{value:"Podman Packages on Kubic",id:"podman-packages-on-kubic",level:2},{value:"Lokesh Mandvekar",id:"lokesh-mandvekar",level:3},{value:"(23:06 in the video)",id:"2306-in-the-video",level:4},{value:"krunvm demonstration",id:"krunvm-demonstration",level:2},{value:"Sergio Lopez",id:"sergio-lopez",level:3},{value:"(28:35 in the video)",id:"2835-in-the-video",level:4},{value:"Tent demonstration",id:"tent-demonstration",level:2},{value:"Farhan Chowdury",id:"farhan-chowdury",level:3},{value:"(40:56 in the video)",id:"4056-in-the-video",level:4},{value:"Containers Plumbing Conference -",id:"containers-plumbing-conference--",level:2},{value:"Questions?",id:"questions",level:2},{value:"(51:20) in the video)",id:"5120-in-the-video",level:4},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday April 6, 2021, 8:00 p.m. Eastern (UTC-4)",id:"next-meeting-tuesday-april-6-2021-800-pm-eastern-utc-4",level:2},{value:"Meeting End: 12:01 p.m. Eastern (UTC-5)",id:"meeting-end-1201-pm-eastern-utc-5",level:3},{value:"Fun Fact:",id:"fun-fact",level:2},{value:"BlueJeans Chat copy/paste:",id:"bluejeans-chat-copypaste",level:2}],Ka={toc:Va},Qa="wrapper";function Za(e){let{components:t,...n}=e;return(0,ce.kt)(Qa,(0,Q.Z)({},Ka,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting"},"Podman Community Meeting"),(0,ce.kt)("h2",{id:"march-2-2021-1100-am-eastern-utc-5"},"March 2, 2021 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"attendees-35-total"},"Attendees (35 total)"),(0,ce.kt)("p",null,"Tom Sweeney, Brent Baude, Jhon Honce, Dan Walsh, Chris Evich, Lokesh Mandvekar, Urvashi Mohnani, Nalin Dahyabhai, Eduardo Santiago, Valentin Rothberg, Giuseppe Scrivano, Miloslav Trmac, Parker Van Roy, Preethi Thomas, Neal Gompa, Matt Heon, Greg Shomo, Dan Walsh, Mayur Shetty, Ed Haynes, Juanje Ojeda, Ashley Cui, Christian Felder, Paul Holzinger, Shion Tanaka, Alex Litvak, Divyansh Kamboj, Marcin Skarbek, Sergio Lopez, James Cassell"),(0,ce.kt)("h2",{id:"meeting-start-1103-am"},"Meeting Start: 11:03 a.m."),(0,ce.kt)("h3",{id:"bluejeans-recording"},"BlueJeans ",(0,ce.kt)("a",{parentName:"h3",href:"https://bluejeans.com/s/w9MNLQGTmf3"},"Recording")),(0,ce.kt)("h2",{id:"multi-arch-capabilities-in-podman-and-buildah"},"Multi-arch capabilities in Podman and Buildah"),(0,ce.kt)("h3",{id:"dan-walsh"},"Dan Walsh"),(0,ce.kt)("h4",{id:"144-in-the-video"},"(1:44 in the video)"),(0,ce.kt)("p",null,"Dan started with a demo on multi-arch. Highlited qemu-user-static which is required to be installed. It allows a Linux kernel to run multi-arch under qemu."),(0,ce.kt)("p",null,"He showed ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman build --pull --manifest myimage /tmp/test")," this created a manifest image with a link to the one he's creating."),(0,ce.kt)("p",null,"Then he specified an arch of arm64 ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman build --pull --manifest myimage --arch arm64 /tmp/test")," and then s390 ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman build --pull --manifest myimage --arch s390 /tmp/test")," and it pulled that architecture version of the image all while being on an x86 machine."),(0,ce.kt)("p",null,(0,ce.kt)("inlineCode",{parentName:"p"},"podman manifest inspect myimage")," shows it has 3 different images as part of it."),(0,ce.kt)("p",null,"Let's you build and manipulate multi-arch images locally or through the tool. It's a new feature as of Podman v3.0."),(0,ce.kt)("p",null,"Linux kernel is smart enough to run it under the right architecture due to qemu and a runtime binary loader. Applicable on X86 on a Raspberry Pi."),(0,ce.kt)("p",null,"Used UBI for the demo, careful doing in Fedora as it can take a long time, especially in comparision to RHEL."),(0,ce.kt)("p",null,"Neal asked if you could build it for multi arch and then push without having to do push by hand for each. Dan pointed out that's what the manifest flag is pointed towards. Currently in ",(0,ce.kt)("inlineCode",{parentName:"p"},"buildah bud"),", ",(0,ce.kt)("inlineCode",{parentName:"p"},"buildah commit")," and ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman build"),". That's all in Podman v3.0 and Buildah v1.19.6"),(0,ce.kt)("h2",{id:"podman-py-roadmap"},"podman-py roadmap"),(0,ce.kt)("h3",{id:"jhon-honce"},"Jhon Honce"),(0,ce.kt)("h4",{id:"1345-in-the-video"},"(13:45 in the video)"),(0,ce.kt)("p",null,"Jhon gave a road map of where we're going."),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("a",{parentName:"li",href:"https://github.com/containers/podman-py"},"https://github.com/containers/podman-py")," - Repository\n\u2022 ",(0,ce.kt)("a",{parentName:"li",href:"https://docker-py.readthedocs.io/en/stable/"},"https://docker-py.readthedocs.io/en/stable/")," - Document\n\u2022 ",(0,ce.kt)("a",{parentName:"li",href:"https://github.com/containers/podman-py/pull/53"},"https://github.com/containers/podman-py/pull/53")," - Committed PR1\n\u2022 ",(0,ce.kt)("a",{parentName:"li",href:"https://github.com/containers/podman-py/pull/55"},"https://github.com/containers/podman-py/pull/55")," - In flight PR2")),(0,ce.kt)("p",null,"Stubbed out ssh adapter, but not much code yet. If you want to drive pods, you'll be able to do so via calls to libpod from Pyton. Want to emulate success of the Podman API and hope to replicate it for Python too in this project. Will publish to python py (Jhon verify). Targeting Python 3.6 and Podman 3."),(0,ce.kt)("p",null,"What's different than using docker-py?\nYou have script that works with pod. docker-py won't give you access to pods, podman-py will. So you'll be able to move docker-py script and then add pod manipulation to it."),(0,ce.kt)("p",null,'How does libpod go work from python?\npodman-py communicates with Podman service via RESTful API between python and libpod go code. The URL\'s will in essence have "/libpod" embedded within.'),(0,ce.kt)("p",null,"Will unprivileged access be allowed?\nYes, Using systemctl --user configuration."),(0,ce.kt)("p",null,"Brent showed doc with more info: ",(0,ce.kt)("a",{parentName:"p",href:"https://podman.readthedocs.io/en/latest/_static/api.html"},"https://podman.readthedocs.io/en/latest/_static/api.html")),(0,ce.kt)("h2",{id:"podman-packages-on-kubic"},"Podman Packages on Kubic"),(0,ce.kt)("h3",{id:"lokesh-mandvekar"},"Lokesh Mandvekar"),(0,ce.kt)("h4",{id:"2306-in-the-video"},"(23:06 in the video)"),(0,ce.kt)("p",null,"Applies to debian, ubuntu and raspberry. Posted a link:\n",(0,ce.kt)("a",{parentName:"p",href:"https://podman.io/blogs/2021/03/02/podman-support-for-older-distros.html"},"https://podman.io/blogs/2021/03/02/podman-support-for-older-distros.html")),(0,ce.kt)("p",null,"Podman v3.0 won't be supported on older variants of these distributions."),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"CentOS 8 Kubic repo will be supported only as long as CentOS 8 itself is alive.")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"CentOS Stream Kubic repo will keep going, though I highly recommend you use the packages from the default repos as they are often fairly current and are known to have passed RHEL's gating tests.")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"For Debian 11, I will not enable the Kubic repo as Debian 11 will have podman included in the default repos itself.")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"For Ubuntu, I will enable packages for Ubuntu 21.04 and 21.10 when they release. But, the 22.04 LTS release which is more than a year into the future will have podman in the base repos itself, so the plan for now is to not enable the Kubic repo for 22.04."))),(0,ce.kt)("p",null,"If support is needed for older variants, Lokesh will need volunteers to help with that."),(0,ce.kt)("p",null,"Packaging on official repo's."),(0,ce.kt)("p",null,"Neal suggests turning off Debian Testing and Next/Unstable, he suggests turning them off now for releases that won't be supported."),(0,ce.kt)("p",null,"Neal might be able to help with support with Ubuntu LTS in the Kubic repo in some instances."),(0,ce.kt)("h2",{id:"krunvm-demonstration"},"krunvm demonstration"),(0,ce.kt)("h3",{id:"sergio-lopez"},"Sergio Lopez"),(0,ce.kt)("h4",{id:"2835-in-the-video"},"(28:35 in the video)"),(0,ce.kt)("p",null,"Dynamic library that enables other programs to easily gain virtulization-based isolation capabilities with a minimum foot print."),(0,ce.kt)("p",null,"Sources"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("a",{parentName:"li",href:"https://github.com/containers/libkrun"},"https://github.com/containers/libkrun")),(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("a",{parentName:"li",href:"https://github.com/containers/krunvm"},"https://github.com/containers/krunvm"))),(0,ce.kt)("p",null,"COPR repo for Fedora"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("a",{parentName:"li",href:"https://copr.fedorainfracloud.org/coprs/slp/krunvm/"},"https://copr.fedorainfracloud.org/coprs/slp/krunvm/"))),(0,ce.kt)("p",null,"Included in openSUSE Virtualization project"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("a",{parentName:"li",href:"https://build.opensuse.org/package/show/Virtualization/krunvm"},"https://build.opensuse.org/package/show/Virtualization/krunvm"))),(0,ce.kt)("p",null,"Homebrew Tap for macOS/arm64 (M1-based devices)"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("a",{parentName:"li",href:"https://github.com/slp/homebrew-krun"},"https://github.com/slp/homebrew-krun"))),(0,ce.kt)("p",null,"Demo started (29:43)"),(0,ce.kt)("p",null,"On ARM Mac, used ",(0,ce.kt)("inlineCode",{parentName:"p"},"krunvm create fedora"),".\n",(0,ce.kt)("inlineCode",{parentName:"p"},"krunvm start fedora-podman")),(0,ce.kt)("p",null,"Changed containers.conf on his linux machine and can now run the container on his Linux box."),(0,ce.kt)("p",null,"He then used the podman remote service ",(0,ce.kt)("inlineCode",{parentName:"p"},"krunvm changevm fedora-podman -p 55555:55555 -p 8080:80")),(0,ce.kt)("p",null,"Then from the container\n'podman --log-level info system service -t -o tcp::55555'"),(0,ce.kt)("p",null,"He was then able to run podman commands on the mac in the minivm."),(0,ce.kt)("p",null,"Questions:\nCan you share the host filesystem with the minivm?\nYes, using krunvm."),(0,ce.kt)("p",null,"Does krunvm support Intel Mac?\nIt does not support Intel Mac currently."),(0,ce.kt)("p",null,"Do you plan to put libkrunvm in brew proper?\nHe does, but needs to rework the PR implementing virtio-fs attributes support in Buildah. After that's complete, he's going to try to get it accepted in brew."),(0,ce.kt)("p",null,"Dan discussed that the Podman Mac effort is to do brew install podman and then ask if you want a vm to run it on. Krunvm might be a part of that solution. End goal to just do ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman run ...")),(0,ce.kt)("h2",{id:"tent-demonstration"},"Tent demonstration"),(0,ce.kt)("h3",{id:"farhan-chowdury"},"Farhan Chowdury"),(0,ce.kt)("h4",{id:"4056-in-the-video"},"(40:56 in the video)"),(0,ce.kt)("p",null,"Tent a development only dependency manager"),(0,ce.kt)("p",null,"Solves:\nCumbersome install process\nUnavailability in a certain platform\nConflicts between multiple versions."),(0,ce.kt)("p",null,"Demo (42:10)"),(0,ce.kt)("p",null,"Showed ",(0,ce.kt)("inlineCode",{parentName:"p"},"tent start mysql")),(0,ce.kt)("p",null,"It created a mysql server on the system. He set up a sql server in the container. Now the server can be used as if mysql was installed on the system."),(0,ce.kt)("p",null,"With tent you can stop/start your services."),(0,ce.kt)("p",null,"Future Plans:\nFix Bugs\nAdd More services\nRefactor the code base\nImprove ovall user experience."),(0,ce.kt)("p",null,"Is there a way to run systemd now? No.\nDoes this run as root or rootless? It runs as rootless only at this point."),(0,ce.kt)("p",null,"Link to the slides - ",(0,ce.kt)("a",{parentName:"p",href:"https://docs.google.com/presentation/d/1BRQET4UkPyPBrhSpJuFoYzLYZe1CfLI6bmhzlEcmWcY/edit?usp=sharing"},"https://docs.google.com/presentation/d/1BRQET4UkPyPBrhSpJuFoYzLYZe1CfLI6bmhzlEcmWcY/edit?usp=sharing"),"\nLink to the repo - ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/fhsinchy/tent"},"https://github.com/fhsinchy/tent")),(0,ce.kt)("h2",{id:"containers-plumbing-conference--"},"Containers Plumbing Conference -"),(0,ce.kt)("p",null,"March 9/10, 9:30 a.m. to 2:00 p.m. Eastern (UTC -4) Free to attend, register here: ",(0,ce.kt)("a",{parentName:"p",href:"https://containerplumbing.org/"},"https://containerplumbing.org/")),(0,ce.kt)("h2",{id:"questions"},"Questions?"),(0,ce.kt)("h4",{id:"5120-in-the-video"},"(51:20) in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Go module issue discovered by Farhan. go.mod target for Podman is requiring a full name. Matt Heon noted it is fixed in Podman v3.0.2."),(0,ce.kt)("li",{parentName:"ol"},"How to tell which version of Buildah is in Podman? Yes in ",(0,ce.kt)("inlineCode",{parentName:"li"},"podman info"),", also included in API headers for /version endpoint")),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("h2",{id:"next-meeting-tuesday-april-6-2021-800-pm-eastern-utc-4"},"Next Meeting: Tuesday April 6, 2021, 8:00 p.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"meeting-end-1201-pm-eastern-utc-5"},"Meeting End: 12:01 p.m. Eastern (UTC-5)"),(0,ce.kt)("h2",{id:"fun-fact"},"Fun Fact:"),(0,ce.kt)("p",null,'The initial name for the Ford Mustang, "Mustang" was rejected initially as the tie in for the name was the WWII P-51 Mustang fighter plane. The designer, John Najjar, re-pitched the name "Mustang" later, but this time with a tie in to Horses. The second pitch was accepted.'),(0,ce.kt)("h2",{id:"bluejeans-chat-copypaste"},"BlueJeans Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Me10:53 AM\nPlease sign in and ask questions in hackmd: https://hackmd.io/fc1zraYdS0-klJ2KJcfC7w?both\nNeal Gompa11:00 AM\nhey all! :D\nSergio Lopez Pascual11:05 AM\nI'm here :-)\nNeal Gompa11:06 AM\nyay, multiarch through qemu :D\nJames Cassell11:10 AM\n3.0 also broke rootless overlay mounts...\nMatt Heon11:10 AM\nEh? Is there a bug for that?\nFirst I've heard of this\nJames Cassell11:11 AM\nI didn't see one in podman, but asked in #podman this morning... maybe it exists in buildah, searching now.\nJuanje Ojeda11:13 AM\nWe use this (with Buildah) quite a lot at the project CKI. We build a lot of multi-arch images.\nWe love it :-)\nMatt Heon11:14 AM\n@James - if you can't find one on Buildah please open a new one\njhonce11:17 AM\nhttps://github.com/containers/podman-py\njhonce11:21 AM\n\u2022 https://docker-py.readthedocs.io/en/stable/\n\u2022 https://github.com/containers/podman-py/pull/53\n\u2022 https://github.com/containers/podman-py/pull/55\nBrent Baude11:24 AM\nhttps://podman.readthedocs.io/en/latest/_static/api.html\n^^ i think this sort of illuminates what Jhon is saying\nnote compat buckets\nLokesh Mandvekar11:26 AM\nhttps://podman.io/blogs/2021/03/02/podman-support-for-older-distros.html\nBrent Baude11:26 AM\nalso noteworthy, your milage may vary using docker-py rootless\nJames Cassell11:34 AM\nWSL2 for Mac?\nLudo C.11:38 AM\nis there is a way to share host filesystem with the mini vm ?\nShion Tanaka11:39 AM\nDoes krunvm support Intel Mac?\nLudo C.11:41 AM\nthat's great, thanks\nAshley Cui11:42 AM\nOh I'm here\nMe11:42 AM\nyeah!\nLudo C.11:44 AM\nI find it great for Linux to have a better isolation, I will definitely try it out\nBrent Baude11:46 AM\n@sergio, do you plan to put libkrun in brew proper?\nSergio Lopez Pascual11:50 AM\n@brent I do. I need to rework the PR implementing virtio-fs attributes support in buildah, but afterwards I'll try to get libkrun/krunvm accepted.\nChristian Felder11:50 AM\nis there a way to generate systemd services for your tents?\ndo you use the current user running the containers or how do you distinguish root-/-less?\nChristian Felder11:52 AM\nthanks\njhonce11:53 AM\nCool stuff!\nNeal Gompa11:53 AM\nnice!\nBrent Baude11:55 AM\n@sergio, can you stick behind so you and I can talk a little\nSergio Lopez Pascual11:55 AM\n@brent sure\nNeal Gompa11:56 AM\nanyway folks, thanks for all this\nShion Tanaka11:56 AM\n@sergio Thanks for the answer about Intel Mac!\nNeal Gompa11:56 AM\nI gotta go now!\nbut thanks :D\nLokesh Mandvekar11:56 AM\nthanks Neal\nNeal Gompa11:57 AM\nLokesh, we should talk offline at some point about the Kubic stuff\nLokesh Mandvekar11:57 AM\nsure thing!\nGreg Shomo (NU)11:59 AM\nhttps://containerplumbing.org/schedule\nDan Walsh11:59 AM\nhttps://containerplumbing.org/\nLudo C.11:59 AM\nI'm in :)\nBrent Baude12:00 PM\ndan, please stick around\nMe12:00 PM\nFun Fact: The initial name for the Ford Mustang, \"Mustang\" was rejected initially as the tie in for the name was the WWII P-51 Mustang fighter plane. The designer, John Najjar, re-pitched the name \"Mustang\" later, but this time with a tie in to Horses. The second pitch was accepted.\nChristian Felder12:01 PM\nThanks. Have a nice day. Bye\nEd Santiago12:01 PM\nthank you! nice work!\nLudo C.12:01 PM\nThanks, bye !\nMarcin12:03 PM\nIs switching runc/curn with krunvm to run each container in separate vm wouldn't be better than using single vm and run podman on it?\nGreg Shomo (NU)12:10 PM\nthank you, everyone, for your time && have a good one !\nMe12:14 PM\n@Matt Heon, I opened the buildah bug for broken rootless overlay mounts since podman 3.0 and buildah 1.19 https://github.com/containers/buildah/issues/3051\nSergio Lopez Pascual12:18 PM\nhttps://github.com/containers/libkrun/blob/main/examples/chroot_vm.c\n\n")))}Za.isMDXComponent=!0;const _a={},Xa="Podman Community Meeting",$a=[{value:"August 3, 2021 11:00 a.m. Eastern (UTC-4)",id:"august-3-2021-1100-am-eastern-utc-4",level:2},{value:"Attendees (22 total)",id:"attendees-22-total",level:3},{value:"Meeting Start: 11:03 a.m.",id:"meeting-start-1103-am",level:2},{value:"BlueJeans Recording",id:"bluejeans-recording",level:3},{value:"General Announcements",id:"general-announcements",level:2},{value:"Tom Sweeney",id:"tom-sweeney",level:3},{value:"Demo: podman run --requires",id:"demo-podman-run---requires",level:2},{value:"Matt Heon",id:"matt-heon",level:3},{value:"(2:30 in the video)",id:"230-in-the-video",level:4},{value:"Demo: podman image scp",id:"demo-podman-image-scp",level:2},{value:"Charlie Doern",id:"charlie-doern",level:3},{value:"(6:57 in the video)",id:"657-in-the-video",level:4},{value:"Rootless Docker Compose Status",id:"rootless-docker-compose-status",level:2},{value:"Paul Holzinger",id:"paul-holzinger",level:3},{value:"(17:20 in the video)",id:"1720-in-the-video",level:4},{value:"Demo: podman secrets --env",id:"demo-podman-secrets---env",level:2},{value:"Ashley Cui",id:"ashley-cui",level:3},{value:"(22:34 in the video)",id:"2234-in-the-video",level:4},{value:"Demos:",id:"demos",level:2},{value:"Rootless Podman with rootless overlay",id:"rootless-podman-with-rootless-overlay",level:3},{value:"podman run --group-add",id:"podman-run---group-add",level:3},{value:"podman /etc/hosts, host.containers.internal support",id:"podman-etchosts-hostcontainersinternal-support",level:3},{value:"Dan Walsh",id:"dan-walsh",level:3},{value:"(25:40 in the video)",id:"2540-in-the-video",level:4},{value:"Rootless podman with rootless overlay",id:"rootless-podman-with-rootless-overlay-1",level:5},{value:"podman run group-add",id:"podman-run-group-add",level:5},{value:"podman /etc/hosts, host.containers.internal support",id:"podman-etchosts-hostcontainersinternal-support-1",level:5},{value:"Questions?",id:"questions",level:2},{value:"(35:10) in the video)",id:"3510-in-the-video",level:4},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday September 7, 2021, 11:00 a.m. Eastern (UTC-4)",id:"next-meeting-tuesday-september-7-2021-1100-am-eastern-utc-4",level:2},{value:"Next Cabal Meeting: Thursday August 19, 2021, 10:00 a.m. Eastern (UTC-4)",id:"next-cabal-meeting-thursday-august-19-2021-1000-am-eastern-utc-4",level:2},{value:"Meeting End: 11:43 a.m. Eastern (UTC-4)",id:"meeting-end-1143-am-eastern-utc-4",level:3},{value:"BlueJeans Chat copy/paste:",id:"bluejeans-chat-copypaste",level:2}],eo={toc:$a},to="wrapper";function no(e){let{components:t,...n}=e;return(0,ce.kt)(to,(0,Q.Z)({},eo,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting"},"Podman Community Meeting"),(0,ce.kt)("h2",{id:"august-3-2021-1100-am-eastern-utc-4"},"August 3, 2021 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"attendees-22-total"},"Attendees (22 total)"),(0,ce.kt)("p",null,"Tom Sweeney, Brent Baude, Jhon Honce, Dan Walsh, Chris Evich, Urvashi Mohnani, Nalin Dahyabhai, Eduardo Santiago, Matt Heon, Ashley Cui, Paul Holzinger, Erik Bernoth, Charlie Doern, Chris Evich, Greg Shomo, Scott McCarty, Anders Bj\xf6rklund, Lokesh Mandvekar"),(0,ce.kt)("h2",{id:"meeting-start-1103-am"},"Meeting Start: 11:03 a.m."),(0,ce.kt)("h3",{id:"bluejeans-recording"},"BlueJeans ",(0,ce.kt)("a",{parentName:"h3",href:"https://bluejeans.com/s/KyZqj8gBg1E"},"Recording")),(0,ce.kt)("h2",{id:"general-announcements"},"General Announcements"),(0,ce.kt)("h3",{id:"tom-sweeney"},"Tom Sweeney"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Twitter Handles: ",(0,ce.kt)("a",{parentName:"li",href:"https://twitter.com/Podman_io"},"@Podman_io"),", ",(0,ce.kt)("a",{parentName:"li",href:"https://twitter.com/Buildah_io"},"@Buildah_io"))),(0,ce.kt)("h2",{id:"demo-podman-run---requires"},"Demo: ",(0,ce.kt)("inlineCode",{parentName:"h2"},"podman run --requires")),(0,ce.kt)("h3",{id:"matt-heon"},"Matt Heon"),(0,ce.kt)("h4",{id:"230-in-the-video"},"(2:30 in the video)"),(0,ce.kt)("p",null,"Demo (started at 2:40)"),(0,ce.kt)("p",null,"Containers can now start other related containers. This has been available prior, but now you can specify it yourself starting in Podman v3.3.0"),(0,ce.kt)("p",null,"Add requires flag to ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman run")," command and specify another container (test1) and it started that container when (test2) started."),(0,ce.kt)("p",null,"This only works for starting, it does not apply to stop. You can't rm one container without rm'ing the other."),(0,ce.kt)("p",null,"Asciinema of demo can be found at ",(0,ce.kt)("a",{parentName:"p",href:"https://asciinema.org/a/EBeup6xO8UDeGYYbPEYxxP3xN"},"here"),"."),(0,ce.kt)("h2",{id:"demo-podman-image-scp"},"Demo: ",(0,ce.kt)("inlineCode",{parentName:"h2"},"podman image scp")),(0,ce.kt)("h3",{id:"charlie-doern"},"Charlie Doern"),(0,ce.kt)("h4",{id:"657-in-the-video"},"(6:57 in the video)"),(0,ce.kt)("p",null,"Use scp within the ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman image")," command to copy the image to a remote machine. It can also be used to copy from a remote host to another remote host."),(0,ce.kt)("p",null,"Demo (started at 7:30)"),(0,ce.kt)("p",null,"Showed the scp in action to the machine fed."),(0,ce.kt)("p",null,"He then showed how to pull an image from a remote machine and loading it onto the local machine. It allows copying to or from. This can also work from remote to remote."),(0,ce.kt)("p",null,"Being able to copy from root to local is something that's not working now, but being worked."),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://asciinema.org/a/RuOweVQ7g4elLSyiPVS09uAxk"},"First asciinema demo")),(0,ce.kt)("p",null,"Charlie then showed how to use ssh like targets, and then showed an invalid connection."),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://asciinema.org/a/9pinVx16gUjlrdLN5ZEmoR6SZ"},"Second asciinema demo")),(0,ce.kt)("p",null,"The double colon is needed for parsing, the code knows you're not using a tag. Should help with the readablity too."),(0,ce.kt)("h2",{id:"rootless-docker-compose-status"},"Rootless Docker Compose Status"),(0,ce.kt)("h3",{id:"paul-holzinger"},"Paul Holzinger"),(0,ce.kt)("h4",{id:"1720-in-the-video"},"(17:20 in the video)"),(0,ce.kt)("p",null,"Paul showed a series of Docker Compose commands that created a wordpress window. When connecting to a port, a rootless used can not use port 80, so port 8080 had to be specified."),(0,ce.kt)("p",null,"Start and enable the podman user socket:\n",(0,ce.kt)("inlineCode",{parentName:"p"},"systemctl --user enable --now podman.socket")),(0,ce.kt)("p",null,"Export the ",(0,ce.kt)("inlineCode",{parentName:"p"},"DOCKER_HOST")," environment variable to make sure docker-compose connects to the right socket:\n",(0,ce.kt)("inlineCode",{parentName:"p"},"export DOCKER_HOST=unix://$XDG_RUNTIME_DIR/podman/podman.sock")),(0,ce.kt)("p",null,"Run docker-compose up in a directory with a docker-compose.yaml file.\nThe docker-compose.yaml file used in the video:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"version: '3.7'\nservices:\n db:\n image: mysql:8.0.19\n command: '--default-authentication-plugin=mysql_native_password'\n volumes:\n - db_data:/var/lib/mysql\n restart: always\n environment:\n - MYSQL_ROOT_PASSWORD=somewordpress\n - MYSQL_DATABASE=wordpress\n - MYSQL_USER=wordpress\n - MYSQL_PASSWORD=wordpress\n expose:\n - 3306\n - 33060\n wordpress:\n image: wordpress:latest\n ports:\n - 8080:80\n restart: always\n environment:\n - WORDPRESS_DB_HOST=db\n - WORDPRESS_DB_USER=wordpress\n - WORDPRESS_DB_PASSWORD=wordpress\n - WORDPRESS_DB_NAME=wordpress\nvolumes:\n db_data:\n")),(0,ce.kt)("p",null,"Make sure to use a port of 1024 or higher. Rootless users are not allowed to bind ports below 1024 by default. Now run ",(0,ce.kt)("inlineCode",{parentName:"p"},"docker-compose up -d"),"."),(0,ce.kt)("p",null,"To connect with curl to a running rootles container directly via ip, you need the ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman unshare --rootless-cni")," command and then it will work."),(0,ce.kt)("h2",{id:"demo-podman-secrets---env"},"Demo: ",(0,ce.kt)("inlineCode",{parentName:"h2"},"podman secrets --env")),(0,ce.kt)("h3",{id:"ashley-cui"},"Ashley Cui"),(0,ce.kt)("h4",{id:"2234-in-the-video"},"(22:34 in the video)"),(0,ce.kt)("p",null,"Demo (started at 22:40)"),(0,ce.kt)("p",null,"You can change uid, gid and mode of the secret. She created an envvar and then was able to use it. With the env option, you can get to the variable's value. It's created during creation time of the container. You can use the secret as an environment variable inside of the container. If you update the envar locally, it won't be shared."),(0,ce.kt)("p",null,"The secret won't be saved to the image, it is only in the container. The value of the environment variable is saved within the container when the container is created rather than when it ran."),(0,ce.kt)("h2",{id:"demos"},"Demos:"),(0,ce.kt)("h3",{id:"rootless-podman-with-rootless-overlay"},"Rootless Podman with rootless overlay"),(0,ce.kt)("h3",{id:"podman-run---group-add"},(0,ce.kt)("inlineCode",{parentName:"h3"},"podman run --group-add")),(0,ce.kt)("h3",{id:"podman-etchosts-hostcontainersinternal-support"},"podman /etc/hosts, host.containers.internal support"),(0,ce.kt)("h3",{id:"dan-walsh"},"Dan Walsh"),(0,ce.kt)("h4",{id:"2540-in-the-video"},"(25:40 in the video)"),(0,ce.kt)("p",null,"Demo (started at 25:57)"),(0,ce.kt)("h5",{id:"rootless-podman-with-rootless-overlay-1"},"Rootless podman with rootless overlay"),(0,ce.kt)("p",null,'Showed how to use overlay, which is helpful as fuse-overlayfs has a lot of overhead. This is a big "quiet" feature that people probably won\'t notice.'),(0,ce.kt)("h5",{id:"podman-run-group-add"},"podman run group-add"),(0,ce.kt)("p",null,"Issues arised with suplemental group ids. If you created a container and tried to look at a directory with these gids, you'd get an access error."),(0,ce.kt)("p",null,"How to share the content then? By default, containers drop all groups before you run them as a security precaution. When a rootless container is run, the groups are dropped for security reasons. Now you can add the groups you need with ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman run --group-add=keep-groups")," which copies the groups from the host into the container, but giving access only within the container."),(0,ce.kt)("h5",{id:"podman-etchosts-hostcontainersinternal-support-1"},"podman /etc/hosts, host.containers.internal support"),(0,ce.kt)("p",null,"A new flag, host.containers.internal, allows you to set up an entry in /etc/hosts that gives you the ip address of the host within the containers in the /etc/hosts file in the container."),(0,ce.kt)("h2",{id:"questions"},"Questions?"),(0,ce.kt)("h4",{id:"3510-in-the-video"},"(35:10) in the video)"),(0,ce.kt)("p",null,"No questions or topics. Tom asked Matt to talk about Podman v3.3."),(0,ce.kt)("p",null,"Podman v3.3 rc1 early release no release notes yet. Final realease in mid to late August. Main branch is now at Podman 4.0. Podman 4.0 to be out at in Fedora 35 at the earliest."),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("h2",{id:"next-meeting-tuesday-september-7-2021-1100-am-eastern-utc-4"},"Next Meeting: Tuesday September 7, 2021, 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"next-cabal-meeting-thursday-august-19-2021-1000-am-eastern-utc-4"},"Next Cabal Meeting: Thursday August 19, 2021, 10:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"meeting-end-1143-am-eastern-utc-4"},"Meeting End: 11:43 a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"bluejeans-chat-copypaste"},"BlueJeans Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Tom Sweeney 10:58\nWelcome! Please sign in on HackMD: https://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\n\nbaude 11:10 AM\n@mheon, does that work in pods?\n\nMatt Heon 11:14 AM\nYep. Works on any container, in or out of a pod\n\nGreg Shomo (NU) 11:42 AM\ngood to see everyeon && have a good one !\n\nErik Bernoth 11:58 AM\nI'm out, see you next time!\n\nLokesh Mandvekar 12:04 PM\nI gott bounce, later...\n")))}no.isMDXComponent=!0;const ao={},oo="Podman Community Cabal Notes",io=[{value:"October 21, 2021 11:00 a.m. Eastern",id:"october-21-2021-1100-am-eastern",level:2},{value:"October 21, 2021 Topics",id:"october-21-2021-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"Podman System Monitor for Mac ( 1:30 in video)",id:"podman-system-monitor-for-mac--130-in-video",level:3},{value:"Podman netavark - Brent Baude (18:15 in video)",id:"podman-netavark---brent-baude-1815-in-video",level:3},{value:"quadlet - Alex Larsson(25:41 in video)",id:"quadlet---alex-larsson2541-in-video",level:3},{value:"ARM Testing Thoughts - Urvashi/Preethi (40:31 in video)",id:"arm-testing-thoughts---urvashipreethi-4031-in-video",level:3},{value:"CI testing for Podman Docs if stored in a separate repo - Tom (42:37 in video)",id:"ci-testing-for-podman-docs-if-stored-in-a-separate-repo---tom-4237-in-video",level:3},{value:"Open discussion (49:26 in video)",id:"open-discussion-4926-in-video",level:4},{value:"Next Meeting: Thursday November 18, 2021 11:00 a.m. EDT (UTC-5)",id:"next-meeting-thursday-november-18-2021-1100-am-edt-utc-5",level:3},{value:"Possible Topics:",id:"possible-topics",level:3}],so={toc:io},ro="wrapper";function lo(e){let{components:t,...n}=e;return(0,ce.kt)(ro,(0,Q.Z)({},so,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-notes"},"Podman Community Cabal Notes"),(0,ce.kt)("p",null,"Attendees: Tom Sweeney, Matt Heon, Brent Baude, Ashley Cui, Alex Larsson, Preethi Thomas, Urvashi Mohnani, Marcin Skarbek, Eduardo Santiago, Giuseppe Scrivano, Nalin Dahyabhai, Paul Holzinger, Anders Bj\xf6rklund, Dan Mack, Dan Walsh, Holger Gantikow, Leon N, Marcin Skarbek, Mehul Arora, Max, Paul Holzinger."),(0,ce.kt)("h2",{id:"october-21-2021-1100-am-eastern"},"October 21, 2021 11:00 a.m. Eastern"),(0,ce.kt)("h2",{id:"october-21-2021-topics"},"October 21, 2021 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Netavark - Matt Heon and Brent Baude"),(0,ce.kt)("li",{parentName:"ol"},"Podman System Monitor for MAC - Ashley Cui and Brent Baude"),(0,ce.kt)("li",{parentName:"ol"},"quadlet - Alex Larsson"),(0,ce.kt)("li",{parentName:"ol"},"ARM Testing Thoughts - Preethi Thomas and Urvashi Mohnani"),(0,ce.kt)("li",{parentName:"ol"},"CI testing for Podman Docs if stored on a separate repo - Tom Sweeney")),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://drive.google.com/drive/folders/1pDCsZFj0yDobe4OxPqAzitECGL6O0KMY"},"Recording"),"\nMeeting start: 10:04 a.m. Thursday, October 21, 2021"),(0,ce.kt)("h3",{id:"podman-system-monitor-for-mac--130-in-video"},"Podman System Monitor for Mac ( 1:30 in video)"),(0,ce.kt)("p",null,"Ashley showed mockups of a number of possible screens for Mac GUI. She mocked up an update, and this is not decided upon yet. This will control the VM on the Mac that Podman runs in."),(0,ce.kt)("p",null,"She is thinking about having a link between this and the cockpit. This is just to manage the VM, not containers. The Gui would launch Cockpit in a browser, and then you could do container commands from the cockpit web interface."),(0,ce.kt)("p",null,"It will be built for Mac look/feel. Linux and Windows designs are still up in the air."),(0,ce.kt)("p",null,"Brent asked if anything was missing, no bites."),(0,ce.kt)("p",null,"There is not yet an ssh button, but it could be added."),(0,ce.kt)("p",null,"We've been talking about socket mapping from the VM into the host. She is leaning towards having an option to do so on start. A Boolean to leak a socket, and it would leak the default socket that Podman would define. A message would be sent to output noting the socket use."),(0,ce.kt)("p",null,"An issue currently with password passing is being worked on. Possibly create a link and then pass the password. Something like: ",(0,ce.kt)("a",{parentName:"p",href:"https://getcockpit.com/documentation/api/cockpit"},"https://getcockpit.com/documentation/api/cockpit"),". We are also looking into volume mount PRs."),(0,ce.kt)("h3",{id:"podman-netavark---brent-baude-1815-in-video"},"Podman netavark - Brent Baude (18:15 in video)"),(0,ce.kt)("p",null,"Rust implementation to replace CNI networking. A bunch of work was done, but not yet in Podman's GitHub. Looking at designing from the ground up to capture what was there, add user requests, and make it faster overall. About six weeks into development. In RUST ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/netavark"},"https://github.com/containers/netavark"),"."),(0,ce.kt)("p",null,"Will this handle VPN? No plans at present, a good thought, but currently focusing on basics. Working on firewall at the moment."),(0,ce.kt)("p",null,"passt (plug a simple socket transport) link for information from Marcin: ",(0,ce.kt)("a",{parentName:"p",href:"https://passt.top/passt/about/"},"https://passt.top/passt/about/")),(0,ce.kt)("p",null,"RUST being used for this, thoughts were binary size, speed, availability of libraries."),(0,ce.kt)("h3",{id:"quadlet---alex-larsson2541-in-video"},"quadlet - Alex Larsson(25:41 in video)"),(0,ce.kt)("p",null,"quadlet is a pun on kubelet. It's a systemd generator for things like fstab1. This has a customer systemd unit file. The project lives at: ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/quadlet/"},"https://github.com/containers/quadlet/")),(0,ce.kt)("p",null,"Demo: (26:28 in video)"),(0,ce.kt)("p",null,"Easier for a system administrator to maintain and use. Uses crun and split cgroup. It always has /dev/init, standardized names, integrates with sdnotify, journald, and various security setups."),(0,ce.kt)("p",null,"The code is a C project that is living here:"),(0,ce.kt)("p",null,"Can/should this be part of Podman? Dan thinks it could be a subproject of Podman that comes as part and parcel. There is podman-systemd-generate, which is great for advanced users; quadlet is suitable for users with less systemd experience."),(0,ce.kt)("p",null,"It's a way to specify how a system runs. Dan would like to see auto-updates happen in containers via quadlet."),(0,ce.kt)("p",null,"Blog post with more information: ",(0,ce.kt)("a",{parentName:"p",href:"https://blogs.gnome.org/alexl/2021/10/12/quadlet-an-easier-way-to-run-system-containers/"},"https://blogs.gnome.org/alexl/2021/10/12/quadlet-an-easier-way-to-run-system-containers/")),(0,ce.kt)("p",null,"A question on what could or could not be in the init file. So if you create a foo.container, it would create a foo.service for instance."),(0,ce.kt)("h3",{id:"arm-testing-thoughts---urvashipreethi-4031-in-video"},"ARM Testing Thoughts - Urvashi/Preethi (40:31 in video)"),(0,ce.kt)("p",null,"We're looking into testing for upstream for ARM, and we\u2019d like to do it when a PR is opened. We're looking for suggestions. Does anyone have pointers to this? Any experience in setting up ARM support for the CI? Cirrus which were' using now, only uses GCP, but ARM is not supported there."),(0,ce.kt)("h3",{id:"ci-testing-for-podman-docs-if-stored-in-a-separate-repo---tom-4237-in-video"},"CI testing for Podman Docs if stored in a separate repo - Tom (42:37 in video)"),(0,ce.kt)("p",null,"We are thinking about moving the Podman man pages to a new repo. This way to lessen the barrier of entry for folks who have small man page changes or are more doc focused and not heavy GitHub users. i.e. test requirements, signing requirements, git knowledge, etc."),(0,ce.kt)("p",null,"Dan's concern is if you have a new option, you'd break bot CI's on both projects unless you did the PR's simultaneously."),(0,ce.kt)("p",null,"Web UI might be used for the docs. But still, have a convention."),(0,ce.kt)("p",null,"Dan/Valentin against moving the man pages, as it would create more work for users."),(0,ce.kt)("p",null,"Signing might not be required for docs. Brent thought there was a way to avoid the DCO from the web browser as you were already signed in. I.e., auto-sign in if you were coming in from the web."),(0,ce.kt)("h4",{id:"open-discussion-4926-in-video"},"Open discussion (49:26 in video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},'Is there value in categorizing content in the blogs that have been posted? Would a Yahoo like categorization of "how-tos", networking, macs, container-in-container, etc. It would be nice to have a categorization of topics in links.')),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Would like to add a ZFS driver without having to rebuild Podman. Something that is pluggable. Docker has something like this now."))),(0,ce.kt)("h3",{id:"next-meeting-thursday-november-18-2021-1100-am-edt-utc-5"},"Next Meeting: Thursday November 18, 2021 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h3",{id:"possible-topics"},"Possible Topics:"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Podman.io redesign - Mairin")),(0,ce.kt)("p",null,"Raw BlueJeans:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},'Leon N\n9:53 AM\nHey Hi, Good Morning\nSorry No mic at my end\nYou\n10:00 AM\nPlease sign in at the Attendees section in hackmd, https://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nYou\n10:05 AM\nhackmd: https://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nAnders F Bj\xf6rklund\n10:11 AM\ndid you have a "ssh" button ?\nAnders F Bj\xf6rklund\n10:13 AM\notherwise the only fancy thing I added to the Qt PoC was showing the OS version of the VM\nAshley Cui\n10:14 AM\nAnders: Good idea! I think I can fit that in the currently running info\nLeon N\n10:20 AM\nIs there any API that could generate a one-time link or something?\nfor cockpit I mean\nAnders F Bj\xf6rklund\n10:20 AM\nsure thing, just at the office again\nwill find a room :-)\nLeon N\n10:21 AM\nSomething like https://getcockpit.com/documentation/api/cockpit\nAnders F Bj\xf6rklund\n10:22 AM\ndo you guys miss your shared cubicles\nnoice cancelling just go listen in\nBrent Baude\n10:22 AM\nhttps://github.com/containers/netavark\nMarcin Skarbek\n10:24 AM\nRegarding networking, I have found recently passta - https://passt.top/passt/about/\nMax \n10:24 AM\nany plans to include VPN stacks? Was recently asking about Wireguard on the mailing list\nMarcin Skarbek\n10:25 AM\nInteresting idea that looks promising\nMax \n10:26 AM\ncheers\nMarcin Skarbek\n10:26 AM\nWireguard at least at start\nWould be very appreciated\nAlexander Larsson\n10:27 AM\nAny particular reason for picking rust?\nBrent Baude\n10:27 AM\nbinary size, speed, availability of creates (libraries)\nMatt Heon\n10:27 AM\nAnd we wanted to :-)\nAnders F Bj\xf6rklund\n10:28 AM\nstand out from the container crowd ?\n(which seems to be mostly go)\nAlexander Larsson\n10:38 AM\nhttps://blogs.gnome.org/alexl/2021/10/12/quadlet-an-easier-way-to-run-system-containers/\nAnders F Bj\xf6rklund\n10:46 AM\nI earlier suggested Raspberry Pi (for ARM), bu t only works if you run it "on-prem" (on desk)\nLeon N\n10:50 AM\nI\'m not sure but is the team looking for something like this?\nhttps://developer.arm.com/solutions/infrastructure/developer-resources/ci-cd\n\nSome people do run those arm clusters too but yeah like Anders said its on-prem\nAnders F Bj\xf6rklund\n10:51 AM\nOtherwise we had lots of fun with Equnix Metal and the bare metal arm servers\nUrvashi Mohnani\n10:52 AM\nThanks, will take a look\nAlexander Larsson\n10:54 AM\nFlatpak got donated huge arm servers from cncf. Might want to ask them.\nMax \n10:54 AM\nwould be helpful\nMehul Arora\n10:54 AM\ndefinitely worth\nBrent Baude\n10:55 AM\n@tom ? -> https://github.com/scottrigby/dco-gh-ui\nAlexander Larsson\n10:56 AM\ngotta go\nMehul Arora\n10:56 AM\ndid anyone check the new theme i suggested for the docs?\noh so should i open a PR for that?\nokay yeah ill do that\nAnders F Bj\xf6rklund\n11:00 AM\nWould CSI be an option ?\nMarcin Skarbek\n11:00 AM\nok\nDan Mack\n11:00 AM\nthanks all\nieq-pxhy-jbh\n')))}lo.isMDXComponent=!0;const ho={},uo="Podman Community Cabal Meeting Notes",mo=[{value:"January 20, 2022 11:00 a.m. Eastern",id:"january-20-2022-1100-am-eastern",level:2},{value:"January 20, 2022 Topics",id:"january-20-2022-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"Volume Storage on a Mac (1:15 in video) - Brent/Ashley",id:"volume-storage-on-a-mac-115-in-video---brentashley",level:3},{value:"New Network Rollout (13:01 in video) - Paul/Matt",id:"new-network-rollout-1301-in-video---paulmatt",level:3},{value:"Podman v4.0 Rollout (32:52 in video) - Matt/Brent",id:"podman-v40-rollout-3252-in-video---mattbrent",level:3},{value:"Podman TUI (https://github.com/navidys/podman-tui) (38:11 in video) - Navid",id:"podman-tui-httpsgithubcomnavidyspodman-tui-3811-in-video---navid",level:3},{value:"Open discussion (44:57 in video)",id:"open-discussion-4457-in-video",level:4},{value:"Next Meeting: Thursday February 17, 2022 11:00 a.m. EDT (UTC-5)",id:"next-meeting-thursday-february-17-2022-1100-am-edt-utc-5",level:3},{value:"Possible Topics:",id:"possible-topics",level:3}],co={toc:mo},po="wrapper";function go(e){let{components:t,...n}=e;return(0,ce.kt)(po,(0,Q.Z)({},co,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("p",null,"Attendees: Tom Sweeney, Aditya Rajan, Matt Heon, Brent Baude, Ashley Cui, Chris Evich, Christian Felder, Urvashi Mohnani, Eduardo Santiago, Giuseppe Scrivano, Nalin Dahyabhai, Paul Holzinger, Anders Bj\xf6rklund, Dan Walsh, Valentin Rothberg, Jhon Honce, Chris Evich, Miloslav Trmac, Reinhard Tarter, Eric Van Norman, Castedo Ellerman, Charlie Doern, Urvashi Mohnani, Lokesh Mandvekar, Navid Yaghoobi, Marcin Skarbek"),(0,ce.kt)("h2",{id:"january-20-2022-1100-am-eastern"},"January 20, 2022 11:00 a.m. Eastern"),(0,ce.kt)("h2",{id:"january-20-2022-topics"},"January 20, 2022 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Volume Storage on a Mac - Brent/Ashley"),(0,ce.kt)("li",{parentName:"ol"},"New Network Rollout - Paul/Matt"),(0,ce.kt)("li",{parentName:"ol"},"Podman v4.0 Rollout - Matt/Brent"),(0,ce.kt)("li",{parentName:"ol"},"Podman TUI (",(0,ce.kt)("a",{parentName:"li",href:"https://github.com/navidys/podman-tui"},"https://github.com/navidys/podman-tui"),") - Navid")),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://www.youtube.com/watch?v=bwhDnwYyiJY&t=2729s"},"Recording")),(0,ce.kt)("p",null,"Meeting start 11:02 a.m. Thursday January 20, 2022"),(0,ce.kt)("h3",{id:"volume-storage-on-a-mac-115-in-video---brentashley"},"Volume Storage on a Mac (1:15 in video) - Brent/Ashley"),(0,ce.kt)("p",null,"Just a chat on how to handle storage for the Mac, especially since Anders is present. Docker has an advantage due ot the daemon to be able to handle the volumes. When containers closes, the daemon can umount if necessary."),(0,ce.kt)("p",null,"Asking for opinions on the direction we should take here."),(0,ce.kt)("p",null,"Compared to Docker machine to Podman, VM mounts are totally unrelated to container mounts in Docker machine. VM mounts stays for an entire session, not umounted when the container goes away. Problems trying to mount high level directories such as ",(0,ce.kt)("inlineCode",{parentName:"p"},"/")," or ",(0,ce.kt)("inlineCode",{parentName:"p"},"/tmp"),"."),(0,ce.kt)("p",null,"Note: currently mounts are defined when machine is ",(0,ce.kt)("em",{parentName:"p"},"created")," (not started), so needs to be deleted to change mounts"),(0,ce.kt)("p",null,"In podman machine, we use the user core, so you don't get into trouble unless there's a user \"core\" on the host. We could then just set the root of the container to the homedir of the user on the VM."),(0,ce.kt)("p",null,"Have to make sure the volume provided is not outside of the home dir."),(0,ce.kt)("p",null,"We need to chase this down further, and the thought is to support mounting from homedir only."),(0,ce.kt)("p",null,"Some previous discussions in ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/issues/8016"},"https://github.com/containers/podman/issues/8016")),(0,ce.kt)("p",null,"The virtfs implementation was in ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/pull/11454"},"https://github.com/containers/podman/pull/11454")),(0,ce.kt)("h3",{id:"new-network-rollout-1301-in-video---paulmatt"},"New Network Rollout (13:01 in video) - Paul/Matt"),(0,ce.kt)("p",null,"Lots of chatter on IRC about netavark and aardvark. It\u2019s the new network stack that's being put together for Podman v4.0. It will replace the CNI plugins."),(0,ce.kt)("p",null,"This will allow more complex networks, as has been requested in the past. This new stack will do what CNI currently does, plus the requested functionality. It's called netavark and is written in rust. It works like the current network stack as far as the user sees. It's working well for CNI but is missing DHCP on mac VLAN. IPv6 is better than the prior offering and is faster. Believe we can optimize further. DNS resolution is handled by aardvark and replaces DNS mask and DNS name."),(0,ce.kt)("p",null,"Many of the use cases that could not be done in Podman in the past but in Docker will be enabled. If you're running Podman v3.","*"," and you upgrade to Podman v4.0, your network will be CNI by default. If you're running a Podman v4.0 and no storage is around, then it will default to netavark. An entry in containers.conf will be settable to allow choosing between CNI and netavark."),(0,ce.kt)("p",null,"DNS resolution has not been used by default in CNI but will be turned on for netavark."),(0,ce.kt)("p",null,"Reinhard asked from a packager\u2019s perspective, what considerations do they need to take into account? We tried to set the network stack up such that nothing should be required for packaging. You will have to package netavark and aardvark, but you shouldn't need any configuration manipulation."),(0,ce.kt)("p",null,"There are database changes such that if you create a container in Podman v4.0, it won't be usable in Podman v3.0 space. The database is internal to Podman."),(0,ce.kt)("p",null,"Also there's a subid tag in the Makefile that should be turned on for Podman v3.0. It brings in libsubuid via shadow-utils."),(0,ce.kt)("p",null,"Also, it is suggested to use ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman --remote")," instead of ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman-remote"),"."),(0,ce.kt)("p",null,"For those interested in the network, please test! Reach out and talk to the Podman maintainers. Please used Podman v4.0 RC2 and later."),(0,ce.kt)("h3",{id:"podman-v40-rollout-3252-in-video---mattbrent"},"Podman v4.0 Rollout (32:52 in video) - Matt/Brent"),(0,ce.kt)("p",null,"Database changes and network changes. A number of API changes that will break things."),(0,ce.kt)("p",null,"THe API has been migrated. The more interesting things is doing things on a Mac. Podman v3.0 will not work with Podman v4.0 and vice versa. Podman v4.0 is sloted for Fedora 36, due in May (Dan thinks). We don't have forward/backward compatibility."),(0,ce.kt)("p",null,"RHCOS will have Fedora 35, but with Podman v4.0 not included. We are working with the RHCOS team to smooth this out."),(0,ce.kt)("p",null,"There have been 459 commits into Podman v4.0, about twice as many as Podman v3.4. Lots of changes, we'd love to get people trying it earlier before final release."),(0,ce.kt)("h3",{id:"podman-tui-httpsgithubcomnavidyspodman-tui-3811-in-video---navid"},"Podman TUI (",(0,ce.kt)("a",{parentName:"h3",href:"https://github.com/navidys/podman-tui"},"https://github.com/navidys/podman-tui"),") (38:11 in video) - Navid"),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://github.com/navidys/podman-tui"},"https://github.com/navidys/podman-tui")),(0,ce.kt)("p",null,"Terminal User Interface for Podman."),(0,ce.kt)("p",null,"Demo - (38:40 in video)\nNavid gave a demo showing pods, containers, images. Many of the commands are available to use. Can't exec into a container yet. Uses the Go bindings from Podman. Shows events, disk usage."),(0,ce.kt)("p",null,"It's 100% Go."),(0,ce.kt)("h4",{id:"open-discussion-4457-in-video"},"Open discussion (44:57 in video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Castedo writing a guide on ",(0,ce.kt)("a",{parentName:"li",href:"https://cnest.readthedocs.org"},"cnest.readthedocs.org"),". He's put together scripts and explanation on how to use Podman. Aimed at new to Podman/containers folks. Part of his work was to look at Toolbox, but looked for a simpler solution by using just Buildah and Podman with a little glue. He's packaged this up. Wonders if for his intial work, if it makes sense to have a Toolbox type tool or guides that are aimed at first-time users.")),(0,ce.kt)("p",null,"He wanted to share only a bit of his directory in his containers and worked through things like that."),(0,ce.kt)("p",null,"The rootless offering was very useful in his case, and he did virtual python environments in a rootless container."),(0,ce.kt)("ol",{start:2},(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Anders asked if podman compose is compatible. It's a separate project from Podman run by others, but the Podman maintainers monitor it. Podman compose doesn't use the API but execs Podman under the covers. The podman compose project has revived over the past six months in popularity after looking like it was dead over the summer.")),(0,ce.kt)("li",{parentName:"ol"},(0,ce.kt)("p",{parentName:"li"},"Will Podman v3.0 be removed from distros once Podman v4.0 comes out? That's a distro decision. In Debian Podman, v3 and v4 will not be coinstallable. They could choose to install older versions on their own, but the stable versions of Debian will have their specific version. Branches on Podman with a ",(0,ce.kt)("inlineCode",{parentName:"p"},"-rhel")," ending tag are backports for older versions. Usable for long-term support of older versions. RHEL even releases such as RHEL 8.6 are supported for two years."))),(0,ce.kt)("h3",{id:"next-meeting-thursday-february-17-2022-1100-am-edt-utc-5"},"Next Meeting: Thursday February 17, 2022 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h3",{id:"possible-topics"},"Possible Topics:"),(0,ce.kt)("p",null,"None suggested."),(0,ce.kt)("p",null,"Meeting finished 12:02"),(0,ce.kt)("p",null,"Raw Meeting Chat:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},'You10:59 AM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nReinhard Tartler11:00 AM\nthanks for adding me!\nYou11:01 AM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nYou11:03 AM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nReinhard Tartler11:04 AM\nthanks for thinking of me, nothing from me, I\'m most intereted in the podman 4.0 rollout from a packager\'s perspective\nLokesh Mandvekar11:09 AM\nHello Reinhard, fwiw, I plan to not build 4.0 on the Kubic repos, just in case 4.0 takes a while to land on debian and ubuntu\nChristopher Evich11:10 AM\nremember aardvark and netavark too\nLokesh Mandvekar11:10 AM\nalso, would be nice to look at debian packaging for: https://github.com/containers/netavark and https://github.com/containers/aardvark-dns\nyup\nValentin Rothberg11:10 AM\nWho\'s rejecting the user from entering?\nChristopher Evich11:11 AM\nthose of us trying to chat :(\nLokesh Mandvekar11:11 AM\nreally?\nchatting interferes with letting the user in?\nChristopher Evich11:11 AM\n picks default "deny" choice :(\nLokesh Mandvekar11:11 AM\nthat\'s weird\nValentin Rothberg11:11 AM\nPlease be careful to click on "admit" :)\nYou11:11 AM\nI think keyboard focus timimg\nLokesh Mandvekar11:11 AM\nohh\nChristopher Evich11:11 AM\nbad GUI design\nYou11:12 AM\nMarcin, sorry about the rejects, we\'d some gmeet gui issues.\nChristian F11:14 AM\ncan\'t you mount on the VM in below a well-defined path. /home e.g. ends up with /podman-mounts/home ?\nAnders F Bj\xf6rklund11:20 AM\nit is possible to mount host /home under /mnt/home or something, think docker-machine used like /hosthome.\nbut normally host uses /Users and machine uses /home, so then there is no conflict\nChristian F11:22 AM\nconsidering DHCP on Macvlan: it would be nice if the systemd unit file for the CNI DHCP daemon would be shipped with podman (may disabled by default, but a systemctl enable --now should be enough)\nBrent Baude11:30 AM\n@Christian, this IS something we are considering. And also of note, the CNI packages will not change.\nReinhard Tartler11:31 AM\nit was requested here: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1000521 -- happy to close it :-)\nValentin Rothberg11:31 AM\n`podman --remote`\nJhon Honce11:32 AM\npodman-remote is a smaller binary if that is a concern\nAnders F Bj\xf6rklund11:33 AM\nthe documentation in minikube and lima currently use "podman-remote", but then again it also uses podman2 so is lost anyway\nI guess podman4 will delete the podman3 packages, so same story again\nAnders F Bj\xf6rklund11:39 AM\nmaybe it would be easier to always run podman --remote, also on mac. oh well.\nBrent Baude11:42 AM\ncolor me impressed!\n@anders, it wont build\nAnders F Bj\xf6rklund11:43 AM\nI guess that would actually be "podman-remote --remote" that is run on the Mac\nAditya Rajan11:44 AM\n@Navid So cool !!! Could you share repo link plz\nEd Santiago11:44 AM\nVery impressive indeed\nChristian F11:45 AM\n:+1:\nBrent Baude11:47 AM\ncould adi,paul, and matt stick behind\nE. Castedo Ellerman11:53 AM\ncnest.readthedocs.org\nNavid Yaghoobi11:53 AM\nhttps://github.com/navidys/podman-tui\nValentin Rothberg11:59 AM\n-rhel suffixed branches\nChristian F12:00 PM\nwill there be different module streams in RHEL for podman 3 vs 4?\nMatt Heon12:03 PM\nYes\nWell\nieq-pxhy-jbh\n')))}go.isMDXComponent=!0;const yo={},ko="Podman Community Cabal Meeting Notes",wo=[{value:"April 21, 2022 11:00 a.m. Eastern",id:"april-21-2022-1100-am-eastern",level:2},{value:"April 21, 2022 Topics",id:"april-21-2022-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"Podman Contribution Methods Discussion - (1:00 in video) - Brent Baude",id:"podman-contribution-methods-discussion---100-in-video---brent-baude",level:3},{value:"Open discussion (53:37 in video)",id:"open-discussion-5337-in-video",level:4},{value:"Next Meeting: Thursday May 16, 2022 11:00 a.m. EDT (UTC-5)",id:"next-meeting-thursday-may-16-2022-1100-am-edt-utc-5",level:3},{value:"Next Community Meeting: Tuesday June 7, 2022 11:00 a.m. EDT (UTC-5)",id:"next-community-meeting-tuesday-june-7-2022-1100-am-edt-utc-5",level:3},{value:"Possible Topics:",id:"possible-topics",level:3}],fo={toc:wo},bo="wrapper";function vo(e){let{components:t,...n}=e;return(0,ce.kt)(bo,(0,Q.Z)({},fo,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("p",null,"Attendees: Tom Sweeney, Aditya Rajan, Matt Heon, Brent Baude, Ashley Cui, Chris Evich, Giuseppe Scrivano, Nalin Dahyabhai, Paul Holzinger, Anders Bj\xf6rklund, Dan Walsh, Valentin Rothberg, Jhon Honce, Miloslav Trma\u010d, Charlie Doern, Lokesh Mandvekar, Eduardo Santiago, Mohan Boddu, Chris Evich, Flavian Missi, Niall Crowe, Preethi Thomas, Anders Bjorklund, Lance Lovette, Scott McCarty"),(0,ce.kt)("h2",{id:"april-21-2022-1100-am-eastern"},"April 21, 2022 11:00 a.m. Eastern"),(0,ce.kt)("h2",{id:"april-21-2022-topics"},"April 21, 2022 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Podman Contribution Methods Discussion - Brent Baude - (1:00 in video)")),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://youtu.be/DP3FAGWn48s"},"Recording")),(0,ce.kt)("p",null,"Meeting start 11:02 a.m. Thursday April 21, 2022"),(0,ce.kt)("h3",{id:"podman-contribution-methods-discussion---100-in-video---brent-baude"},"Podman Contribution Methods Discussion - (1:00 in video) - Brent Baude"),(0,ce.kt)("p",null,"Brent talked about the number of hours that the maintainers have been grinding out lately. He's concerned that the maintainers aren't keeping up with the Pull Requests that are coming in from internal to Red Hat and, more so, externally."),(0,ce.kt)("p",null,"For instance, we have not been timely in reviewing Anders code as of late. Brent is asking for input from people for any potential solutions."),(0,ce.kt)("p",null,"Matt doesn't want to completely remove the Code Review process; he wants to ensure maintenance will be as painless as possible. He thinks a core set of maintainers should review code before merging. He thinks that perhaps we could use lint to help. He recognizes there's a problem but wants to limit how easy it is to get stuff in."),(0,ce.kt)("p",null,"We seem to have a cycle where maintainers lose sight of the need to stay on top of it until nudged. The problem has become due to the expansion of the size and complexity of the project, making it harder to know everything easily."),(0,ce.kt)("p",null,"Valentin thinks there are two goals. Make merges easier and also to expand the number of maintainers. In other projects, they leave more work to the contributors by using bots to bounce PRs if they don't have a pass a lint process per instance."),(0,ce.kt)("p",null,"Valentin thinks that we're doing pretty good in comparison to other-sized projects. Time is becoming an issue in some of our projects, such as ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/image"},"containers/image")," where PRs are lagging due to a lack of maintainers/review."),(0,ce.kt)("p",null,"Miloslav has seen other projects assign particular reviewers to a review and doesn't know if that's something Podman could do. Dan thinks we couldn't do that via a bot, but perhaps we could use a process as the Linux kernel does."),(0,ce.kt)("p",null,"Chris pointed out that an advantage of the kernel is it's modular, and Podman is becoming monolithic. Perhaps we can break it out into pieces. That would also be useful in developing unit tests."),(0,ce.kt)("p",null,"Matt has asked others to help with the Triage of issues, and since then, he has found that Valentin and Paul have kept that down quickly."),(0,ce.kt)("p",null,"Valentin wonders if we're not getting to issues promptly or, for that matter, PRs."),(0,ce.kt)("p",null,"Matt thinks we're falling off the radar for issues. If an issue will take a long time to fix, it gets shuffled off. Ditto PRs that are 500 lines or more. People have a hard time getting to it, then it slips off the queue."),(0,ce.kt)("p",null,"Mohan wonders if we can ask contributors to add tags to help with initial triaging."),(0,ce.kt)("p",null,"We have two classes of issues with PR. Some are done by developers, and others are a fix for a quick typo and then get hung up on CI. They tend not to undertake it."),(0,ce.kt)("p",null,"Anders said in another ",(0,ce.kt)("a",{parentName:"p",href:"https://minikube.sigs.k8s.io/community/"},"project")," they have weekly triage meetings where they use a ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/google/triage-party"},"tool")," to classify issues. But there too, after being classified, it doesn't seem to help get it solved faster."),(0,ce.kt)("p",null,"Study - 26\nBrent showed an ",(0,ce.kt)("a",{parentName:"p",href:"https://linearb.io/blog/the-pull-request-paradox-merge-faster-by-promoting-your-pr/"},"article")," on Pull requests. It showed that 50% of PRs were idle for 50% of their lifetime, and 33% were idle for 78% of their lifetime. The issue gets compounded when a rebase is necessary."),(0,ce.kt)("p",null,"Valentin points out that code review is as much of an art as writing code. Perhaps we can get faster reviewing things."),(0,ce.kt)("p",null,"Flavian has asked what the problems are that we face when getting through the backlog."),(0,ce.kt)("p",null,"Brent thinks the team could work on more feature work. Also, to spend more time on PRs for issues, but we're falling behind. When we have a new feature such as podman machine, a few people attend to that, and they stay away from other PRs."),(0,ce.kt)("p",null,"A number of PRs which are perfectly good to go, but they don't get reviewed due to time, and the contributors are less than happy with that."),(0,ce.kt)("p",null,"Brent also thinks we often create PRs that grow larger and larger rather than be done in building blocks."),(0,ce.kt)("p",null,"Dan thinks we've two problems. Handling issues. We address that by having a bug week when we get above 200 in number on GitHub. Even with the whole team on board, we're lucky to get it down into the 180 mark. A bit of a treadmill."),(0,ce.kt)("p",null,"The other side is when someone opens a PR, then people looking at issues often don't break off to look at the PRs that have come in."),(0,ce.kt)("p",null,"Chris noted that 45 minutes is the sweet spot for the CI completion to wrap up in. A recent review by a group of college students noted the heaviness of the CI process for contributors as being a bad mark. FOr instance, if you have a misplaced semi-colon, it can take hours to get notified. Unit tests run faster than integration tests, and system tests are faster than them. It would be good if the CI could focus on unit tests and then continue to integration tests only if the unit tests are happy. Ditto system tests."),(0,ce.kt)("p",null,"Jhon pointed out that once we spin-off to a cloud system for CI, you're really not doing a unit test per se. He also briefly talked about mock tests, and Miloslav noted that they're not always the ",(0,ce.kt)("a",{parentName:"p",href:"https://www.destroyallsoftware.com/screencasts/catalog/functional-core-imperative-shell"},"answer"),"."),(0,ce.kt)("p",null,"Chris thinks the CI we have will take a lot of effort to make faster without a lot of retooling other stuff."),(0,ce.kt)("p",null,"Anders asked if we run on VMs or containers, and we run on VMs, not really eating our own dog food. He thinks it would be more interesting to run at least some unit tests in containers."),(0,ce.kt)("p",null,"Valentin noted that code coverage only handles unit tests. He thinks it would be great to have CI revamped, but we'll need more meetings to do so."),(0,ce.kt)("p",null,'Urvashi thinks we need to come to a consensus on "How to code review.".'),(0,ce.kt)("p",null,"Brent doesn't like to have code design debates within the PR and would like to see more peer-to-peer reviews and/or mentoring reviews."),(0,ce.kt)("p",null,"Brent asked that everyone read the article he put together and would like people to come back and think about potential changes. Essentially, he just wants to have everyone on board in thinking there's a problem."),(0,ce.kt)("p",null,"Articles:\n",(0,ce.kt)("a",{parentName:"p",href:"https://linearb.io/blog/the-pull-request-paradox-merge-faster-by-promoting-your-pr/"},"https://linearb.io/blog/the-pull-request-paradox-merge-faster-by-promoting-your-pr/"),"\n",(0,ce.kt)("a",{parentName:"p",href:"https://www.destroyallsoftware.com/screencasts/catalog/functional-core-imperative-shell"},"https://www.destroyallsoftware.com/screencasts/catalog/functional-core-imperative-shell"),"\n",(0,ce.kt)("a",{parentName:"p",href:"https://www.pullrequest.com/blog/why-your-team-isnt-reviewing-pull-requests/"},"https://www.pullrequest.com/blog/why-your-team-isnt-reviewing-pull-requests/"),"\n",(0,ce.kt)("a",{parentName:"p",href:"https://www.morling.dev/blog/the-code-review-pyramid/"},"https://www.morling.dev/blog/the-code-review-pyramid/")),(0,ce.kt)("h4",{id:"open-discussion-5337-in-video"},"Open discussion (53:37 in video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Brent has created a 4.0.3 FCOS image in hand that he'd like people to try on the mac."),(0,ce.kt)("li",{parentName:"ol"},"Podman 4.1 RC should be released later today.")),(0,ce.kt)("h3",{id:"next-meeting-thursday-may-16-2022-1100-am-edt-utc-5"},"Next Meeting: Thursday May 16, 2022 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h3",{id:"next-community-meeting-tuesday-june-7-2022-1100-am-edt-utc-5"},"Next Community Meeting: Tuesday June 7, 2022 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h3",{id:"possible-topics"},"Possible Topics:"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"None")),(0,ce.kt)("p",null,"Meeting finished 11:58 a.m."),(0,ce.kt)("p",null,"Raw Meeting Chat:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"You11:00 AM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nYou11:01 AM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nYou11:05 AM\nUrvashi, can you send me a link to the doc in email plz?\nPreethi Thomas11:05 AM\nTom its both in the email and in gchat\nUrvashi Mohnani11:06 AM\nyup, sent it to aos-internal and its in our gchat room as well\nYou11:27 AM\nTY! UM\nFlavian Missi11:27 AM\nmaybe https://github.com/google/triage-party ?\nUrvashi Mohnani11:28 AM\nhttps://linearb.io/blog/the-pull-request-paradox-merge-faster-by-promoting-your-pr/\nlink to the article ^^\nAnders F Bj\xf6rklund11:29 AM\nRight, that is the tool\nhttps://minikube.sigs.k8s.io/community/\nYou11:32 AM\nAnders and Flavian, thx for the links, I've added them to the notes.\nMiloslav Trmac11:42 AM\n/me is on the anti-mocking side:\nhttps://www.destroyallsoftware.com/screencasts/catalog/functional-core-imperative-shell\n(CRI-O has mocks of c/storage and Podman and IMHO it\u2019s a _nightmare_, e.g. in some cases not testing the right code at all.)\nMiloslav Trmac11:46 AM\nAre there some easy wins like making the current \u201cmust include tests\u201d bot nudge users towards unit tests and discourage adding another shell script to system tests?\nPreethi Thomas11:47 AM\nhttps://www.pullrequest.com/blog/why-your-team-isnt-reviewing-pull-requests/\nBrent Baude11:48 AM\none thing our development tooling/environment needs is the ability to run the e2e tests locally but isolated ... hint: make locale2e-vagrant ...\nMatt Heon11:48 AM\nI think the no-new-tests-needed check might actually fail a PR if it only had unit tests\nIt checks the tests/ folder AFAIK\nUnit tests don't live in there\nPaul Holzinger11:48 AM\n@Matt no it also checks for _test.go\nValentin Rothberg11:50 AM\nHere's a link to the reviewing pyramid -> https://www.morling.dev/blog/the-code-review-pyramid/\nieq-pxhy-jbh\n")))}vo.isMDXComponent=!0;const Mo={},Io="Podman Community Cabal Meeting Notes",Ao=[{value:"September 15, 2022 11:00 a.m. Eastern",id:"september-15-2022-1100-am-eastern",level:2},{value:"September 15, 2022 Topics",id:"september-15-2022-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"Quadlet/Kubernetes yaml support - (0:50 in video) - Valentin Rothberg",id:"quadletkubernetes-yaml-support---050-in-video---valentin-rothberg",level:3},{value:"ZSTD Support - (18:29 in video) Dan Walsh",id:"zstd-support---1829-in-video-dan-walsh",level:3},{value:"Confidential Computing - (27:05 in video) Dan Walsh",id:"confidential-computing---2705-in-video-dan-walsh",level:3},{value:"Landlock Support - (31:13 in video) Dan Walsh",id:"landlock-support---3113-in-video-dan-walsh",level:3},{value:"Podman desktop packaging - (35:52 in video) Lokesh Mandvekar",id:"podman-desktop-packaging---3552-in-video-lokesh-mandvekar",level:3},{value:"Podman kube apply - (49:42 in video) Urvashi Mohnani",id:"podman-kube-apply---4942-in-video-urvashi-mohnani",level:3},{value:"Open discussion (58:21 in video)",id:"open-discussion-5821-in-video",level:4},{value:"Next Meeting: Thursday October 20, 2022 11:00 a.m. EDT (UTC-4)",id:"next-meeting-thursday-october-20-2022-1100-am-edt-utc-4",level:3},{value:"October 20, 2022 Topics",id:"october-20-2022-topics",level:2},{value:"Next Community Meeting: Tuesday October 4, 2022 11:00 a.m. EDT (UTC-4)",id:"next-community-meeting-tuesday-october-4-2022-1100-am-edt-utc-4",level:3},{value:"Possible Topics:",id:"possible-topics",level:3}],To={toc:Ao},So="wrapper";function Co(e){let{components:t,...n}=e;return(0,ce.kt)(So,(0,Q.Z)({},To,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("p",null,"Attendees: Matt Heon, Nalin Dahyabhai, Paul Holzinger, Charlie Doern, Lokesh Mandvekar, Niall Crowe, Dan Walsh, Valentin Rothberg, Miloslav Trmac, Mohan Bodu, Eduardo Santiago, Giuseppe Scrivano, Chris Evich, Aditya Rajan, Urvashi Mohnani, Preethi Thomas, Ashley Cui, Joseph Gooch, Reinhard Tartler, Sally O'Malley, Stevan Le Meur, Anders Bj\xf6rklund"),(0,ce.kt)("h2",{id:"september-15-2022-1100-am-eastern"},"September 15, 2022 11:00 a.m. Eastern"),(0,ce.kt)("h2",{id:"september-15-2022-topics"},"September 15, 2022 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Quadlet/Kubernetes.YAML support - Valentin Rothberg"),(0,ce.kt)("li",{parentName:"ol"},"ZSTD support update - Dan Walsh"),(0,ce.kt)("li",{parentName:"ol"},"Confidential Computing with Podman/crun/libkrun - Dan Walsh"),(0,ce.kt)("li",{parentName:"ol"},"Landlock support - Dan Walsh"),(0,ce.kt)("li",{parentName:"ol"},"Packaging for podman-desktop - Lokesh Mandvekar"),(0,ce.kt)("li",{parentName:"ol"},"Overview of kube apply - Urvashi Mohnani")),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://youtu.be/mAUUGASnmIk"},"Recording")),(0,ce.kt)("p",null,"Meeting start 11:02 a.m. Thursday October 4, 2022"),(0,ce.kt)("h3",{id:"quadletkubernetes-yaml-support---050-in-video---valentin-rothberg"},"Quadlet/Kubernetes yaml support - (0:50 in video) - Valentin Rothberg"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Boils down to podman systemd integration"),(0,ce.kt)("li",{parentName:"ul"},"Recently married systemd and kubenetes integration we have",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"escaping via systemd-escape and a yaml file"),(0,ce.kt)("li",{parentName:"ul"},"can give simple k8s yaml files to systemd"))),(0,ce.kt)("li",{parentName:"ul"},"quadlet is good for edge use cases, automotive",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"reallign quadlet with podman"),(0,ce.kt)("li",{parentName:"ul"},"future would be to move to a podman generate quadlet workflow instead of generate systemd")))),(0,ce.kt)("h3",{id:"zstd-support---1829-in-video-dan-walsh"},"ZSTD Support - (18:29 in video) Dan Walsh"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"We have support for this, can be specified in oci what compresion standard to use"),(0,ce.kt)("li",{parentName:"ul"},"everyone uses gzip, but zstd gives better compression"),(0,ce.kt)("li",{parentName:"ul"},"when only one file in an image has changed, when you go to pull the update it pulls down the whole image even thoug only one thing has changed"),(0,ce.kt)("li",{parentName:"ul"},"we have added support to podman to determine what has changed and only pull down those changes and not the whole image"),(0,ce.kt)("li",{parentName:"ul"},"have opened PRs to containerd and docker to support zstd format, they have bene merged but there is no official release"),(0,ce.kt)("li",{parentName:"ul"},"older versions of docker will be unhappy with the newer version of compression if we start pushing this everywhere"),(0,ce.kt)("li",{parentName:"ul"},"stuck in a state trying to figure out how we support older version of docker"),(0,ce.kt)("li",{parentName:"ul"},"suggestion is to push both versions, gzip and zstd, to the registry and they can be stored under the same name and manifest. But add an annotation/label to the image to identify which compression is used in the image",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"penalty will be pushing two images instead of just one to support both formats"),(0,ce.kt)("li",{parentName:"ul"},"if you know your environment will work with zstd no need to push both versions"),(0,ce.kt)("li",{parentName:"ul"},"for older container engines, recommendation would be to push with both formats"))),(0,ce.kt)("li",{parentName:"ul"},"proposal that is being worked on and we are making sure it works correctly"),(0,ce.kt)("li",{parentName:"ul"},"What is the endgame",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"when enough people are no longer on the older container engines we can push for zstd only (may take about 2 years to switch the standard to ZSTD)")))),(0,ce.kt)("h3",{id:"confidential-computing---2705-in-video-dan-walsh"},"Confidential Computing - (27:05 in video) Dan Walsh"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Needs to compress and encrypt the application"),(0,ce.kt)("li",{parentName:"ul"},"Encrypt the image and push it, but the image should have the same name"),(0,ce.kt)("li",{parentName:"ul"},"When you want to run the image in confidential mode, need to make sure you pull down the confidential image",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"the image manifest will differentiate which one is confidential and which is not"))),(0,ce.kt)("li",{parentName:"ul"},"Still debating what exactly this should be but will have an article out on this soon")),(0,ce.kt)("h3",{id:"landlock-support---3113-in-video-dan-walsh"},"Landlock Support - (31:13 in video) Dan Walsh"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"New security mechanism in the linux kernel"),(0,ce.kt)("li",{parentName:"ul"},"it allows you to specifiy certain paths to an application in such a way that only those paths are allowed to use the app"),(0,ce.kt)("li",{parentName:"ul"},"for example allows podman to say I am only going to write to /var/lib/containers and if it tries to write to any other location it will be blocked"),(0,ce.kt)("li",{parentName:"ul"},"want to use this to protect podman from itself"),(0,ce.kt)("li",{parentName:"ul"},"currently looking into it and researching what needs to be done"),(0,ce.kt)("li",{parentName:"ul"},"There is a PR open for getting this into the runtime spec",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("a",{parentName:"li",href:"https://github.com/opencontainers/runtime-spec/pull/1111"},"https://github.com/opencontainers/runtime-spec/pull/1111")))),(0,ce.kt)("li",{parentName:"ul"},"Will landlock work well with volumes? How difficult will it be to use landlock for container control?")),(0,ce.kt)("h3",{id:"podman-desktop-packaging---3552-in-video-lokesh-mandvekar"},"Podman desktop packaging - (35:52 in video) Lokesh Mandvekar"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"Background reading: ",(0,ce.kt)("a",{parentName:"li",href:"https://github.com/containers/podman-desktop/issues/112"},"https://github.com/containers/podman-desktop/issues/112")),(0,ce.kt)("li",{parentName:"ul"},"Someone has done the packaging and it is avaiable on OBS"),(0,ce.kt)("li",{parentName:"ul"},"Ask is to support it on official fedora"),(0,ce.kt)("li",{parentName:"ul"},"Require to package electron (RH may not want to support this)"),(0,ce.kt)("li",{parentName:"ul"},'Goal is to be able to do "dnf install podman-desktop"'),(0,ce.kt)("li",{parentName:"ul"},"electron is embedded in podman-desktop and we are providing the package for brew on mac")),(0,ce.kt)("h3",{id:"podman-kube-apply---4942-in-video-urvashi-mohnani"},"Podman kube apply - (49:42 in video) Urvashi Mohnani"),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},"kube apply lets you deploy the generated kube yaml to a k8s cluster directly"),(0,ce.kt)("li",{parentName:"ul"},"need to pass the kubeconfig file so that correct key and certifactes can be gathered for authentication"),(0,ce.kt)("li",{parentName:"ul"},"use the k8s API endpoint to make the request to create the k8s resource"),(0,ce.kt)("li",{parentName:"ul"},"supported types are pods, volumes, and services",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"this can be extended as we add more support to podman generate kube"))),(0,ce.kt)("li",{parentName:"ul"},"Possible features, pass in a container or podname instead of a kube yaml to deploy to the k8s cluster"),(0,ce.kt)("li",{parentName:"ul"},"get the kube yaml for something already running in a k8s cluster")),(0,ce.kt)("h4",{id:"open-discussion-5821-in-video"},"Open discussion (58:21 in video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"None")),(0,ce.kt)("h3",{id:"next-meeting-thursday-october-20-2022-1100-am-edt-utc-4"},"Next Meeting: Thursday October 20, 2022 11:00 a.m. EDT (UTC-4)"),(0,ce.kt)("h2",{id:"october-20-2022-topics"},"October 20, 2022 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"None")),(0,ce.kt)("h3",{id:"next-community-meeting-tuesday-october-4-2022-1100-am-edt-utc-4"},"Next Community Meeting: Tuesday October 4, 2022 11:00 a.m. EDT (UTC-4)"),(0,ce.kt)("h3",{id:"possible-topics"},"Possible Topics:"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"None")),(0,ce.kt)("p",null,"Meeting finished 12:00 p.m."),(0,ce.kt)("p",null,"Raw Meeting Chat:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},'00:00:39.516,00:00:42.516\nUrvashi Mohnani: https://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\n\n00:01:17.367,00:01:20.367\nUrvashi Mohnani: https://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\n\n00:02:59.904,00:03:02.904\nUrvashi Mohnani: https://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\n\n00:04:28.274,00:04:31.274\nEd Santiago Munoz: Very choppy here too\n\n00:08:17.367,00:08:20.367\nValentin Rothberg: https://www.redhat.com/sysadmin/kubernetes-workloads-podman-systemd\n\n00:08:27.068,00:08:30.068\nUrvashi Mohnani: https://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\n\n00:12:28.550,00:12:31.550\nJoseph Gooch: static const char *supported_container_keys[] = {\n "ContainerName",\n "Image",\n "Environment",\n "Exec",\n "NoNewPrivileges",\n "DropCapability",\n "AddCapability",\n "RemapUsers",\n "RemapUidStart",\n "RemapGidStart",\n "RemapUidRanges",\n "RemapGidRanges",\n "Notify",\n "SocketActivated",\n "ExposeHostPort",\n "PublishPort",\n "KeepId",\n "User",\n "Group",\n "HostUser",\n "HostGroup",\n "Volume",\n "PodmanArgs",\n "Label",\n "Annotation",\n "RunInit",\n "VolatileTmp",\n "Timezone",\n NULL\n}\n\n00:12:40.612,00:12:43.612\nJoseph Gooch: Currently in quadlet ^^^\n\n00:14:00.468,00:14:03.468\nJoseph Gooch: https://github.com/containers/quadlet From the readme, the file formats and container setup docs are very readable (and exciting)\n\n00:16:00.536,00:16:03.536\nValentin Rothberg: Here\'s a doc: https://github.com/containers/podman/blob/main/docs/kubernetes_support.md\n\n00:16:52.968,00:16:55.968\nReinhard Tartler: I completely missed that documentation. I\'ll check whether it\'s included in the Debian package!\n\n00:18:20.409,00:18:23.409\nSally O\'Malley: Thanks, Valentin!\n\n00:18:33.328,00:18:36.328\nJoseph Gooch: Another comment on Quadlet - moving it towards golang, and introducing GoLang text templates would be pretty killer\n\n00:19:24.193,00:19:27.193\nValentin Rothberg: Thanks for the questions and feedback! Please reach out if you have any questions.\n\nFor updates, I suggest following this GitHub issue: https://github.com/containers/podman/issues/15686\n\n00:26:17.470,00:26:20.470\nSally O\'Malley: Is there a podman issue for the zstd support?\n\n00:27:16.513,00:27:19.513\nValentin Rothberg: @Sally: Podman already supports ZSTD but there is no issue (yet) for the idea of shipping an image in GZIP and ZSTD in a manifest list (or "image index" in OCI terminology)\n\n00:27:27.585,00:27:30.585\nSally O\'Malley: thanks, got it\n\n00:28:46.082,00:28:49.082\nAditya Rajan: OCI to Confidential Image https://github.com/virtee/oci2cw\n\n00:28:51.876,00:28:54.876\nFlorent Benoit: Is there support planned for SOCI as well https://github.com/awslabs/soci-snapshotter in Podman ?\n\n00:29:10.790,00:29:13.790\nUrvashi Mohnani: https://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\n\n00:33:33.010,00:33:36.010\nAditya Rajan: https://github.com/opencontainers/runtime-spec/pull/1111\n\n00:36:07.090,00:36:10.090\nLokesh Mandvekar: https://github.com/containers/podman-desktop/issues/112\n\n00:38:08.871,00:38:11.871\nChristopher Evich: For RHEL, people could use an EPEL package maybe?\n\n00:44:23.989,00:44:26.989\nFlorent Benoit: we\'re also on flathub https://flathub.org/apps/details/io.podman_desktop.PodmanDesktop\n\n00:53:20.887,00:53:23.887\nUrvashi Mohnani: https://asciinema.org/a/WCZc8x3NFkaH2v4OvlOny08Hn\n\n00:55:57.118,00:56:00.118\nAditya Rajan: Yes\n\n00:56:03.182,00:56:06.182\nAditya Rajan: kubectl edit deployment name\n\n00:57:30.545,00:57:33.545\nAditya Rajan: kubectl get -o yaml\n')))}Co.isMDXComponent=!0;const No={},Do="Podman Community Meeting notes",Po=[{value:"February 7, 2023, 11:00 a.m. Eastern (UTC-5)",id:"february-7-2023-1100-am-eastern-utc-5",level:2},{value:"Attendees (17 total)",id:"attendees-17-total",level:3},{value:"Meeting Start: 11:02 a.m. EST",id:"meeting-start-1102-am-est",level:2},{value:"BlueJeans Recording",id:"bluejeans-recording",level:3},{value:"Pasta in Podman Demo",id:"pasta-in-podman-demo",level:2},{value:"Stefano Brivio",id:"stefano-brivio",level:3},{value:"(1:48 in the video)",id:"148-in-the-video",level:4},{value:"Demo - (2:30 in the video)",id:"demo---230-in-the-video",level:4},{value:"Podman v4.4 Update",id:"podman-v44-update",level:2},{value:"Ashley Cui",id:"ashley-cui",level:3},{value:"(26:40 in the video)",id:"2640-in-the-video",level:4},{value:"Podman Desktop Update",id:"podman-desktop-update",level:2},{value:"Stevan Le Meur",id:"stevan-le-meur",level:3},{value:"(31:55 in the video)",id:"3155-in-the-video",level:4},{value:"Open Forum/Questions?",id:"open-forumquestions",level:2},{value:"(47:45 in the video)",id:"4745-in-the-video",level:4},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday, April 4, 2023, 11:00 a.m. Eastern (UTC-4)",id:"next-meeting-tuesday-april-4-2023-1100-am-eastern-utc-4",level:2},{value:"Next Cabal Meeting: Thursday, February 16, 2023, 11:00 a.m. Eastern (UTC-5)",id:"next-cabal-meeting-thursday-february-16-2023-1100-am-eastern-utc-5",level:2},{value:"Meeting End: 11:52 a.m. Eastern (UTC-5)",id:"meeting-end-1152-am-eastern-utc-5",level:3},{value:"BlueJeans Chat copy/paste:",id:"bluejeans-chat-copypaste",level:2}],xo={toc:Po},Bo="wrapper";function Eo(e){let{components:t,...n}=e;return(0,ce.kt)(Bo,(0,Q.Z)({},xo,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting-notes"},"Podman Community Meeting notes"),(0,ce.kt)("h2",{id:"february-7-2023-1100-am-eastern-utc-5"},"February 7, 2023, 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"attendees-17-total"},"Attendees (17 total)"),(0,ce.kt)("p",null,"Tom Sweeney, Chris Evich, Ashley Cui, Paul Holzinger, Nalin Dahyabhai, Giuseppe Scrivano, Preethi Thomas, Matt Heon, Urvashi Mohnani, Ed Santiago, Brent Baude, Stefano Brivio, Lokesh Mandvekarm, Greg Shomo, Anders Bj\xf6rklund, Mateo Brisi, Tom Lezotte, Stevan Le Meur, Mehdi Haghgoo, Martin Jackson"),(0,ce.kt)("h2",{id:"meeting-start-1102-am-est"},"Meeting Start: 11:02 a.m. EST"),(0,ce.kt)("h3",{id:"bluejeans-recording"},"BlueJeans ",(0,ce.kt)("a",{parentName:"h3",href:"https://youtu.be/qLhf-Ae4jvo"},"Recording")),(0,ce.kt)("h2",{id:"pasta-in-podman-demo"},"Pasta in Podman Demo"),(0,ce.kt)("h3",{id:"stefano-brivio"},"Stefano Brivio"),(0,ce.kt)("h4",{id:"148-in-the-video"},"(1:48 in the video)"),(0,ce.kt)("p",null,"What's Pasta? A tool that connects the network names space of the container to the host."),(0,ce.kt)("h4",{id:"demo---230-in-the-video"},"Demo - (2:30 in the video)"),(0,ce.kt)("p",null,"Creates a tap device that allows a quasi-native network connectivity to virtual machines in user mode without requiring any capabilities or privileges."),(0,ce.kt)("p",null,"Stefano showed two shells, one where he was running Pasta, the other slipr4netns. He then created a device using Pasta."),(0,ce.kt)("p",null,"Side note, Pasta shares a man page with passt (pasta (1))."),(0,ce.kt)("p",null,"He then ran an alpine container with --net=slirp4netns and then one with --net=pasta."),(0,ce.kt)("p",null,"The difference between them is the interface. Instead of tap0 from slipr4netns, it's enpp9s0."),(0,ce.kt)("p",null,"He then showed how you could change the addresses by using the ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman run")," command. The ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman-run (1)")," man page has a number of details. Search for ",(0,ce.kt)("inlineCode",{parentName:"p"},"pasta")," within it."),(0,ce.kt)("p",null,"Pasta gets the ipv6 addresses from the host, while sliprnetns gets a 10.0.2.100 type of address."),(0,ce.kt)("p",null,"Why choose Pasta over slirp4netns? 1. Performance 2. Smaller footprint 3. IPv6 support provided"),(0,ce.kt)("p",null,"He recommends setting the default for networking to Pasta from Slirp4netns."),(0,ce.kt)("p",null,"PR: ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/pull/16141"},"https://github.com/containers/podman/pull/16141"),"\nProject homepage: ",(0,ce.kt)("a",{parentName:"p",href:"https://passt.top/"},"https://passt.top/"),"\nasciinema demo (Podman and stand-alone): ",(0,ce.kt)("a",{parentName:"p",href:"https://passt.top/passt/about/#pasta_2"},"https://passt.top/passt/about/#pasta_2"),"\nMailing list, chat, bug tracker, weekly meetings: ",(0,ce.kt)("a",{parentName:"p",href:"https://passt.top/passt/about/#contribute"},"https://passt.top/passt/about/#contribute")),(0,ce.kt)("p",null,"What's the downside to switching the default to Pasta? Possibly user familiarability since Pasta is a newer project."),(0,ce.kt)("p",null,"Podman rootless network integration is still a WIP at this point. Once that's done, then Paul suggests it changes to the default after that."),(0,ce.kt)("p",null,"Dan would like to switch at the next full Fedora release, and he'd like it to soak for six months in Fedora before going to RHEL. Valentin thinks good timing for RHEL 10."),(0,ce.kt)("h2",{id:"podman-v44-update"},"Podman v4.4 Update"),(0,ce.kt)("h3",{id:"ashley-cui"},"Ashley Cui"),(0,ce.kt)("h4",{id:"2640-in-the-video"},"(26:40 in the video)"),(0,ce.kt)("p",null,"Around 125 user-facing changes, including features and bug fixes. We introduced Quadlet, a new systemd-related generator."),(0,ce.kt)("p",null,"A lot of new ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman kube")," features. CNI will be deprecated soon. Advising that Netavark be used instead, and that will be the default later."),(0,ce.kt)("p",null,"We're doing a Podman v4.4.1, probably tomorrow, to include the Quadlet man page, which was mistakenly left off, and a few bug fixes."),(0,ce.kt)("p",null,"Several performance changes were made in this release."),(0,ce.kt)("p",null,"We'll be doing a demo of Quadlet at an upcoming meeting."),(0,ce.kt)("p",null,"Podman v4.4.0 should be in Fedora by default in the next few days. We also had updates for Buildah, Skopeo, and other tools."),(0,ce.kt)("h2",{id:"podman-desktop-update"},"Podman Desktop Update"),(0,ce.kt)("h3",{id:"stevan-le-meur"},"Stevan Le Meur"),(0,ce.kt)("h4",{id:"3155-in-the-video"},"(31:55 in the video)"),(0,ce.kt)("p",null,'Started with Demo. Showed "Docker Socket Compatibility" message now on the main page.'),(0,ce.kt)("p",null,"There's also a new feedback button on the main page to share feedback directly with the team."),(0,ce.kt)("p",null,"When creating a new machine, you can customize its path."),(0,ce.kt)("p",null,"In the registries section, you can configure the ones that you have defined."),(0,ce.kt)("p",null,"In the proxy, you can toggle on/off the configuration."),(0,ce.kt)("p",null,"UI changes have improved the alignments through out for better readability."),(0,ce.kt)("p",null,"You can press the three dots icon within the pods to get further actions."),(0,ce.kt)("p",null,"You can select the namespace so you can deploy where you want to."),(0,ce.kt)("p",null,"Windows and Mac installations have been added to the GitHub page."),(0,ce.kt)("p",null,"New documentation to help with the transition from Docker to Podman Desktop."),(0,ce.kt)("p",null,"Showed a demo on creating two containers and pushing them into a Pod on OpenShift. He created an OpenShift cluster. He chose two containers and put them into a new pod. He then opened a browser and showed a webpage being run from within the pod. He later deployed it on the OpenShift cluster. Back on Podman Desktop, it showed the status of the pod on OpenShift."),(0,ce.kt)("h2",{id:"open-forumquestions"},"Open Forum/Questions?"),(0,ce.kt)("h4",{id:"4745-in-the-video"},"(47:45 in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Martin ran with the new Podman 4.4 and noticed a speed improvement. Folks were very happy with Quadlet to date. Dan thinks the speed improvement is due to Kubernetes not being part of the equation, about a 30% gain in CPU.")),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Quadlet demo.")),(0,ce.kt)("h2",{id:"next-meeting-tuesday-april-4-2023-1100-am-eastern-utc-4"},"Next Meeting: Tuesday, April 4, 2023, 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"next-cabal-meeting-thursday-february-16-2023-1100-am-eastern-utc-5"},"Next Cabal Meeting: Thursday, February 16, 2023, 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"meeting-end-1152-am-eastern-utc-5"},"Meeting End: 11:52 a.m. Eastern (UTC-5)"),(0,ce.kt)("h2",{id:"bluejeans-chat-copypaste"},"BlueJeans Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Me10:58 AM\nhttps://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nMe10:59 AM\nhttps://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nMe11:01 AM\nhttps://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nMehdi Haghgoo11:17 AM\nsorry I joined late. Is pasta a new container networking type?\nMe11:19 AM\nMehdi, I'll ask your question shortly.\nMehdi Haghgoo11:19 AM\nThanks\nBrent Baude11:21 AM\ni would also agree about switching it to become the default as well\nStefano Brivio11:21 AM\nhttps://github.com/containers/podman/pull/16141\nValentin Rothberg11:27 AM\nGood timing for RHEL 10\nBrent Baude11:28 AM\nimho, switching would be transparent to customers and it is feature complete, unlink the network stack for example\nStefano Brivio11:28 AM\nhttps://passt.top/\nCI-based demo: https://passt.top/passt/about/#pasta_2\nMailing list, chat, bug tracker, weekly meetings: https://passt.top/passt/about/#contribute\nStefano Brivio11:30 AM\nPull request, listing differences with slirp4netns: https://github.com/containers/podman/pull/16141\n(I'll add those to hackmd in a moment)\nMehdi Haghgoo11:31 AM\nIs quadlet a subcommand of podman?\nValentin Rothberg11:32 AM\nQuadlet docs: https://github.com/containers/podman/blob/main/docs/source/markdown/podman-systemd.unit.5.md\nMehdi Haghgoo11:36 AM\nCan one systemd unit file manage several containers? Or is it one to one?\nIn your screen of PD, why podman is not emulating /var/run/docker.sock? It was very handy\nValentin Rothberg11:36 AM\nIt's 1:1 for ordinary container and 1:N when using the Kubernetes integration.\nMehdi Haghgoo11:40 AM\nValentin, so can I migrate a docker-compose project to a systemd unit?\nValentin Rothberg11:43 AM\n@Mehdi: yes, that is a nice use case. Instead of using docker-compose, you can use Podman and systemd.\nMarkus Eisele11:44 AM\nIt might be BlueJeans blocking the port locally.\nStefano Brivio11:46 AM\nValentin, by the way, passt/pasta will be available in RHEL starting from 9.2 -- just for information, not advocating to switch the default \"too early\" :)\nMehdi Haghgoo11:47 AM\nThanks Valentin\nLokesh Mandvekar11:49 AM\ngotta drop, thanks all.. later..\nMehdi Haghgoo11:52 AM\nHow does PD remove the need for DOCKER_SOCK env var?\nGreg Shomo (Northeastern)11:52 AM\nthank you, everyone, for all the updates and glimpses into the future. much appreciated !\n")))}Eo.isMDXComponent=!0;const Wo={},jo="Podman Community Cabal Meeting Notes",Lo=[{value:"May 18, 2023 11:00 a.m. Eastern (UTC-5)",id:"may-18-2023-1100-am-eastern-utc-5",level:2},{value:"Attendees:",id:"attendees",level:3},{value:"May 18, 2023 Topics",id:"may-18-2023-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"containersh (1:25 in the video) - Dan Walsh",id:"containersh-125-in-the-video---dan-walsh",level:3},{value:"Storage - allow layers to be split across multiple files. (13:20 in the video) - Anders Bjorklund",id:"storage---allow-layers-to-be-split-across-multiple-files-1320-in-the-video---anders-bjorklund",level:3},{value:"podman.io demo - (21:58 in the video) - Ashley Cui - 20",id:"podmanio-demo---2158-in-the-video---ashley-cui---20",level:3},{value:"github.com/containers/appstore (29:45 in the video) - Dan Walsh",id:"githubcomcontainersappstore-2945-in-the-video---dan-walsh",level:3},{value:"Open discussion (42:00 in the video)",id:"open-discussion-4200-in-the-video",level:4},{value:"Next Meeting: Thursday, June 15, 2023, 11:00 a.m. EDT (UTC-5)",id:"next-meeting-thursday-june-15-2023-1100-am-edt-utc-5",level:3},{value:"Possible Topics",id:"possible-topics",level:2},{value:"Next Community Meeting: Tuesday, June 6, 2023, 11:00 a.m. EDT (UTC-5)",id:"next-community-meeting-tuesday-june-6-2023-1100-am-edt-utc-5",level:3},{value:"Possible Topics:",id:"possible-topics-1",level:3}],Ho={toc:Lo},Ro="wrapper";function Oo(e){let{components:t,...n}=e;return(0,ce.kt)(Ro,(0,Q.Z)({},Ho,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("h2",{id:"may-18-2023-1100-am-eastern-utc-5"},"May 18, 2023 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"attendees"},"Attendees:"),(0,ce.kt)("p",null,"Anders F Bj\xf6rklund, Ashley Cui, Ashley Cui's Presentation, Brent Baude, Christopher Evich, Daniel Walsh, Ed Santiago Munoz, Lance Lovette, Leon Nunes, Lokesh Mandvekar, Martin Jackson, Matt Heon, Mohan Boddu, Nalin Dahyabhai, Preethi Thomas, Reinhard Tartler, Tom Sweeney, Tom Sweeney's Presentation, Urvashi Mohnani, ykuksenko"),(0,ce.kt)("h2",{id:"may-18-2023-topics"},"May 18, 2023 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"containersh - Lokesh Mandvekar, Dan Walsh"),(0,ce.kt)("li",{parentName:"ol"},"Storage - allow layers to be split across multiple files. - Anders Bjorklund"),(0,ce.kt)("li",{parentName:"ol"},"podman.io - Comments/Discussion"),(0,ce.kt)("li",{parentName:"ol"},"github.com/containers/appstore - Dan Walsh")),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://youtu.be/GYrFHoYtXDA"},"Recording")),(0,ce.kt)("p",null,"Meeting start 11:02 a.m. Thursday, May 18, 2023"),(0,ce.kt)("h3",{id:"containersh-125-in-the-video---dan-walsh"},"containersh (1:25 in the video) - Dan Walsh"),(0,ce.kt)("p",null,"A shell account to allow an interjection into a shell. You'd interject which cgroup, image the user could have, and they would be assigned a container with those values. Useful in a government setting. It lets someone in with the appropriate privileges. Dan thinks it's a fairly small addition to Podman. The hardest part is a timing issue for execing the user environment. A bit of a race condition with the container. By using systemd, it will maintain the containers until the system goes down."),(0,ce.kt)("p",null,"One thing that Lokesh has noticed is the container isn't starting. We may need to see if the container doesn't start after some time. Then systemd will stop the container and possibly retry."),(0,ce.kt)("p",null,"This request came from security-oriented customers. They want the user to get on, but only to see pertinent data to them. They've used Selinux in the past, but an ls command in that environment might show them file names they shouldn't see. With a container, you can limit the scope of files they could see. Better feel than being able to see all, but get blocked from parts of it."),(0,ce.kt)("p",null,"This will be a command under Podman, so it will be under the github.com/containers/podman, not likely to be a separate project."),(0,ce.kt)("h3",{id:"storage---allow-layers-to-be-split-across-multiple-files-1320-in-the-video---anders-bjorklund"},"Storage - allow layers to be split across multiple files. (13:20 in the video) - Anders Bjorklund"),(0,ce.kt)("p",null,"Question from the previous Podman meeting, about support for ",(0,ce.kt)("inlineCode",{parentName:"p"},"ipfs://"),"."),(0,ce.kt)("ul",null,(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("a",{parentName:"li",href:"https://github.com/containerd/nerdctl/blob/main/docs/ipfs.md"},"https://github.com/containerd/nerdctl/blob/main/docs/ipfs.md")),(0,ce.kt)("li",{parentName:"ul"},(0,ce.kt)("a",{parentName:"li",href:"https://github.com/containerd/stargz-snapshotter/blob/v0.10.0/docs/ipfs.md"},"https://github.com/containerd/stargz-snapshotter/blob/v0.10.0/docs/ipfs.md"))),(0,ce.kt)("p",null,"I think there was some Podman version of estargz, maybe it was zstd:chunked ?"),(0,ce.kt)("p",null,"Dan thinks we can handle this, but we need more work on the file system. Dan is for it, but would like Giuseppe Scrivano to take a look at it."),(0,ce.kt)("p",null,"THere was a change to containers/storage by an outside of Red Hat contributor, but it wasn't completed. There were problems with the fuse file system, and the folks working for Red Hat weren't able to prioritize tracking down the issue."),(0,ce.kt)("p",null,"Side note: here was the project mentioned briefly, which works in the kubernetes context for mirroring images from the registry ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/XenitAB/spegel"},"https://github.com/XenitAB/spegel")," (probably more for CRI-O)"),(0,ce.kt)("h3",{id:"podmanio-demo---2158-in-the-video---ashley-cui---20"},"podman.io demo - (21:58 in the video) - Ashley Cui - 20"),(0,ce.kt)("p",null,"Ashley showed the new website. Showing the options. It just went to v1.0 this week, in preparation of Red Hat Summit. The site is a combo of Podman Desktop and Podman, with the feel of Podman Desktop."),(0,ce.kt)("p",null,"You can download either the CLI or the Desktop from the page. It detects the OS you're on and gives you the right choice (Mac, Windows, etc)"),(0,ce.kt)("p",null,"Anders thought it might sense to not call it CLI, but perhaps Podman Engine. The download will have the engine to run, and CLI is part of that, but it could potentially be separate too."),(0,ce.kt)("p",null,"Ashley thinks more documentation here on this download page to clarify things."),(0,ce.kt)("p",null,"Happy to take contributors!"),(0,ce.kt)("h3",{id:"githubcomcontainersappstore-2945-in-the-video---dan-walsh"},"github.com/containers/appstore (29:45 in the video) - Dan Walsh"),(0,ce.kt)("p",null,'Just an idea, an area for examples on how to use different tools. Docker has "awesomecompose" to get compose examples. We\'ve been pinged for a site similar to that one.'),(0,ce.kt)("p",null,"We have created the github.com/containers/appstore and have opened it up to people to add their examples. I.e. how to run mariadb inside of Kubernetes. We'd probably want to eventually set up a CI/CD system to test the scripts that are submitted to make sure they don't break, or age out."),(0,ce.kt)("p",null,"Chris Evich thinks renovate can help with making sure the scripts are still viable."),(0,ce.kt)("p",null,"Mark Russel has a contact, George, who has been wanting to do this and has a collection he would like to drop stuff in."),(0,ce.kt)("p",null,"The problem this team in Red Hat has is were' container tool experts, not necessarily container creators/maintainers."),(0,ce.kt)("p",null,'Dan wants to make sure that the apps that are dropped will actually be useful for real-world environments. Not necessarily just "Hello World".'),(0,ce.kt)("p",null,"The issue is as priorities change, a contributor might not keep the app up to date. We'll need to be able to easily track the maintainer and the last time they updated the app, and also revision control. It would also be nice to be notified when an app that you grabbed gets updated later."),(0,ce.kt)("p",null,"Chris thinks this is possible via renovate."),(0,ce.kt)("p",null,"The project has been created. ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/appstore"},"https://github.com/containers/appstore")),(0,ce.kt)("p",null,"Dan was thinking about creating directories for quadlet and Kubernetes."),(0,ce.kt)("h4",{id:"open-discussion-4200-in-the-video"},"Open discussion (42:00 in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"When should you use pass-through versus journald should be used? Dan thinks pass-through is better aligned with systemd (Tom check). Across the board, Lance has defined journald for all, and wanted to know if Podman was trying to default to something else? Dan thinks it should not.")),(0,ce.kt)("p",null,"Pass-through will send to stdin/stdout via systemd. It was done to integrate better with the journal log driver. If you use pass-through, podman logs gets disabled, so it's like not logging. But you get better integration with the journal."),(0,ce.kt)("p",null,"If Podman goes away while being run with systemd, conmon will write to the logs."),(0,ce.kt)("h3",{id:"next-meeting-thursday-june-15-2023-1100-am-edt-utc-5"},"Next Meeting: Thursday, June 15, 2023, 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h2",{id:"possible-topics"},"Possible Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"ipfs integration into Podman - Anders Bj\xf6rklund to kick off"),(0,ce.kt)("li",{parentName:"ol"},"Mark Russell's contact George for appstore")),(0,ce.kt)("h3",{id:"next-community-meeting-tuesday-june-6-2023-1100-am-edt-utc-5"},"Next Community Meeting: Tuesday, June 6, 2023, 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h3",{id:"possible-topics-1"},"Possible Topics:"),(0,ce.kt)("p",null,"None Discussed"),(0,ce.kt)("p",null,"Meeting finished 11:52 a.m."),(0,ce.kt)("p",null,"Raw Meeting Chat:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Daniel Walsh10:59\u202fAM\nToday is a holiday in a lot of Europe. Ascension Thursday\nYou11:03\u202fAM\nMeeting Notes: https://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nPlease add or correct as we go along.\nDaniel Walsh11:42\u202fAM\nhttps://github.com/containers/appstore\n")),(0,ce.kt)("p",null,"Raw Google Meeting Transcript:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Tom Sweeney: Okay, the recording seems to be working at this point in time. So welcome everybody to the Quad man community the ball meeting. The meeting that we generally talk about future design decisions and topics along those lines. Rather than demos, the demos meetings are generally held during the community meetings, which will be coming up. In June, I think it's June second. We'll talk about that later on today. For today we've four topics lined up. We have talked about container sage being led by Dan and Lokesh, We have another topic about storage allowing lawyers to be split across multiple files and Anders thanks for joining today. I know it's a holiday and all where you're at\n\nTom Sweeney: And I thank you started at this point and then we'll be talking about Podman.io. We've got some very exciting, new changes going on there and there are more Maureen is going to be talking about and then Dan's gonna be talking about the App Store on the containers project so given all that. Oh and you know put a link to the Hack MD, I'll be taking notes during the meeting today in hackham day. If you have any I think that add that I've messed up or you want to add a link or anything like that. Go ahead, please do it. There. And I'm trying to check on. The moment here. Given all that. I'm going to start it off with general location. I'm not sure who's doing the talk. This one for the container sh Yeah, yes.\n\nDaniel Walsh: Yeah, I guess. Who I'm getting feedback.\n\nDaniel Walsh: Are the people getting it? All right, the Echo, one way. So I don't have any presentation on it right now. And Lokesh myself and some people from the SC, Linux team have been working. as a side project on the, an idea, what we calling Pod, Man Shell And what this basically is. Will be an enhancement to podman to allow. you to configure a shell account or login account with a shell of podman shell, which would automatically Inject a user into a. Container, when it lies into the system. So think of it like a hunting pot environment, What we're trying to do is to do it as\n\nDaniel Walsh: Part of, you know, just a link off of Pod man so it won't be a new executable and that we're all gonna be taking advantage of quadlet to define a user container for that user. So imagine you create a container, a quad that podman Sheldon, quad that\n\nDaniel Walsh: Not die container. I mean you define which image you want to use it to be injected into what Cgroups you want them to be controlled fine, with what volumes, you want to make available to the user inside of the environment. Then when the user logs onto the system, he would automatically get he or she would automatically get injected into the container and be locked down With that. The container would have any rights that you wanted to expose the user. The reason we, we've had a couple of government type\n\nDaniel Walsh: Customers that have come in and talked to us about how they would like to be able to use some container technology to actually control uses that allowing into the system. So, you can imagine a, You have a sort of a system with lots and lots of data on it when you, but you want to give a use either a shell account, so he gets onto the system and only able to see certain directories on the system. Another way another idea would be You want to set up sort of more like Toolbox where you would log on to a system and have an entire suite of tools available to you, that will be different than other users logging into the system onto the same system, but have, you know, constant data that you could use to do it?\n\nDaniel Walsh: So, I think it's a fairly small enhancements to pod to Odd, Man, and most functionality, we found the most of functionalities available. Now in the system, just by using system D to start up a service for the user. And then just basically getting a pyramid exact into the into the show into the container that you're going to create. One issue we're having right now is a timing issue in that. I think there's a bit of a race condition because really what we want to have happen is when the user ssh is into the box, this container gets started. For the session. And then I think, We haven't quite figured out how to wait for the shell. For the container to get up and running before you try to exact into it. So if part Man shell\n\n00:05:00\n\nDaniel Walsh: Execs in right away. Then the shell might, the container might not be up and running at the time. So it was a race condition, the beauty of using system need to manage these. The actual containerized service is that System D will keep track of all sessions. So if you logged into the system multiple times, Um then system legal maintain the service running until you log out of all sessions and then we kill off the container. So anyways, we've talked internally about this and this is the first time we're really talking about it externally. Does anybody have any questions?\n\nBrent Baude: Dan on the problem of the container starting, that the racy part could you define a basically a bogus Dependent container and\u2026\n\nDaniel Walsh: Yeah.\n\nBrent Baude: weight on that one.\n\nBrent Baude: so, it would be Essentially,\u2026\n\nDaniel Walsh: I think.\n\nBrent Baude: you'd wait on what you'd wait on one, but you're really just using it as a indicator for the other.\n\nDaniel Walsh: well, I think the problem is apartment Shell is gonna I think this I think when you log into the system, Lokesh you, you've experienced this, right? You talk about it.\n\nLokesh Mandvekar: Uh yeah. So what the one thing of notice was if I rerun the setup, I often end up with no such Container image. Sorry no such container.\n\nDaniel Walsh: Right.\n\nLokesh Mandvekar: So And I also see a bunch of SC Linux messages about non-existent keep yourself. So, I'll figure that.\n\nDaniel Walsh: Yeah, and I think what's happening is when you log into the box as you log in System D realizes you're creating a new session. It starts the session then starts the container, but simultaneously at podman cell is running. so, I think what we need to do is to have Quad man, Shelby smart enough to retry for some period of time. you know, basically do a fallback until the container is actually exists. would be the most saying, but only do it for, you know, 10 seconds or something, I don't as we might be something that we have to configure, but\n\nBrent Baude: We do that basically a back-off as well with other stuff\u2026\n\nDaniel Walsh: Right.\n\nBrent Baude: where you know, you try and 250 milliseconds and then 500 and then one second. Yep.\n\nDaniel Walsh: Good. I think I think we do that and then it's a container doesn't start for a certain amount of time then. You know, kill the shell and drop out. I think that. but,\n\nDaniel Walsh: Any any other comments questions? Thoughts.\n\nBrent Baude: What's the primary? You know, jumping up and down. User.\n\nBrent Baude: Use case, if you will.\n\nDaniel Walsh: so, the users that first brought this up or were basically, real heavy security people who wanted to A traditional use case for um, these type of customers is that they allow a user to get onto a system that has data, that's at multi-level, so top secret data, secret data, and they want to allow the user to get on to the system and then only able to view, say, secret data and\n\nDaniel Walsh: um, traditionally they've done this with Essie Linux, but the problem with SEO Linux is that if the user just does standard commands, like LS of an environment, he's likely just to get at or ABC generation on places that he shouldn't be looking at and so becomes very complex because I like to say is a essay Linux is complex because we give you in a view of everything in the universe and then\n\nDaniel Walsh: We basically say, You know, why you're looking, you know, basically SEO is gonna say why you're looking here, why you're looking it while you're looking here, and with containers, we give you a view of almost nothing of the operating system. And then we just start opening up windows to the up the operating system through volumes. And so becomes a lot easier for people to say, You know, okay, you can get on my system. But the only thing you can see is this directory on my system. And that becomes, That's a lot more human understandable than you get. On my system, you can see everything. And then I start to block you from looking at parts.\n\n00:10:00\n\nAnders F Bj\xf6rklund: I remember we had a FTP server and when we went to Not to the same option of ftps but to Sftp, then we then we ended up running shells where you previously were just sewing files. So so that that was the use case back in the day with a custom shell,\u2026\n\nDaniel Walsh: Right.\n\nAnders F Bj\xf6rklund: that only allowed you to visit certain directories and run certain commands. That sftp. So, that could be.\n\nDaniel Walsh: Yeah, right. I mean, 10 to 15 years ago, I talked about Doing some stuff with Etsy, Linux around guests. And next guest and I just used to talk about how you could You know, imagine like you asked Machine at a at a library where you come in and Basically, will allow you to Web browsing and\n\nDaniel Walsh: You know, going. Use the printers and things like that, we'll be really nice of that. Everything you did while you were in that web, browser was destroyed. When you logged out and that, that could be a use case for someone like this as well. Where you would, you just set up a container that Allows you to do whatever you want but as soon as you log out of the system, you know, the container gets destroyed. So imagine a container that's still in a dash dash RM. So, all the content was was cleaned up after you got out. So, If you did something stupid like do online banking and have secrets stored by the Web browser and at least it would be destroyed.\n\nDaniel Walsh: And I mean, there are decent amount of use cases for something like this. I believe,\n\nTom Sweeney: some more people can look at,\n\nDaniel Walsh: Not yet. Who are not we're not trying to make this as fully separate projects from Podmin. I think it's a I think it's an enhancement department, just another command that probably can use, so my goal would be to To write documentation in pod, Man, how to do it. And Just have the command put on a system so it'll be a pod man. Shell Which is probably in shell, it will just be a symbolic link to Bod man and Maybe it'll be a sub package but I don't want to get into a whole separate project for this. because again, it's just gonna This is just something that Pod man can do.\n\nDaniel Walsh: You just have to create the Quad button.\n\nTom Sweeney: Great. Any other questions or comments?\n\nDaniel Walsh: We sometimes call it Container Shell but I've been calling it podman Shelton more recently. So Hopefully in it when we get together and do demos, we can demo it in a few weeks.\n\nTom Sweeney: That be good a couple weeks away. Um all right, even that I and the time I think I'm going to hand it off to it on Anders for the storage talk.\n\nAnders F Bj\xf6rklund: Yeah. So we had a previous meeting where I'm also asking a question, but we didn't have time for any answer, so I guess I will just ask it again. It was really about two separate. Features one is called lazy pulling where you divide a big layer into I mean, without breaking compatibility. You can divide container layer into Sub. Files, so that you can start the container without pulling all of it until it's needed. And related to that was the other question of peer-to-peer distribution of images without having to always pull it from the central registration.\n\nAnders F Bj\xf6rklund: And I guess it's would be a question for containers image, or I mean, Portman would just use the storage.\n\nAnders F Bj\xf6rklund: Object. So there's some support about anything in container D. That's why I was asking if there's any like OCI work or if it's anything that could come to. Podman on those.\n\nDaniel Walsh: Yes. Um Giuseppe's, not here, not. I believe that this\n\nDaniel Walsh: We see if I can ping Giuseppe on this. Use around early, but I'm\n\nTom Sweeney: Yeah, thank you.\n\nDaniel Walsh: forgot.\n\nTom Sweeney: Son Holiday today.\n\nDaniel Walsh: The, I believe we have some, we can handle this. From what we don't have right now is you need a fuse file system to make this thing work.\n\n00:15:00\n\nAnders F Bj\xf6rklund: Yeah.\n\nDaniel Walsh: Because the basic idea is you go. To run an image and container storage would say the image exists. And then you go, now you read Use a bin foobar and as soon as you execute, you've been full bar. The. underlying fuse file system would reach out to the registry and say Okay I need use of infobar and then User been full power. Would pull down say it needs G loop C. You pull down to your love C. And Continue on through the entire stack. I know that the person who wrote that originally are someone worked with, it opened up, pull request to get features like that into container storage. But I don't think anybody ever finalized it by putting in, you know, somehow getting the\n\nDaniel Walsh: The underlying file system to do it. And my mind it would be best to enhance. Fuse. Overlay to Be able to handle it, but it's not something that anybody at Redhead is has worked on at this point. The reason we haven't really looked at it is because the latency problem, but I I think it is a reasonable issue. We've always referred to constant. So, try to avoid the latency where you'd have an application up and running. For a little bit and then also just go into a pause mode when it's downloading. gigabytes of state and\u2026\n\nAnders F Bj\xf6rklund: Right.\n\nDaniel Walsh: as opposed to downloading everything and then you don't have any latency.\n\nAnders F Bj\xf6rklund: Okay. Yeah. So\n\nDaniel Walsh: So I I would say I'm all for it. I'm all for us getting this into the upstream project. but rather than having I I'm not sure what the fuse file system that implements it, but if we get that fuse file system merged somehow into fuse overlay,\u2026\n\nAnders F Bj\xf6rklund: Yeah. Not.\n\nDaniel Walsh: I get it to be you mode if he was overly and we don't have two foul, two fuse file systems for supporting Someone desperate that things.\n\nAnders F Bj\xf6rklund: yeah, and not exactly sure how it's implemented in the snapshot directly as it's calling continuity, but it has this, you need a, You need a special tar format in order to handle these I mean division of the horrified.\n\nDaniel Walsh: but,\n\nAnders F Bj\xf6rklund: So That was us.\n\nDaniel Walsh: It's it's related. Is. I think it's\n\nAnders F Bj\xf6rklund: And I think we had, we had two different versions, right? We had one based on said standard and that compression and we had one based on the older work with the S tar. That, I'm not sure if it was Google or something. So, It seemed to be multiple implementations of the same idea. Being able to hack one tour streaming to It's seekable portions while keeping compression.\n\nDaniel Walsh: I'm going through Google's, all right. contain a storage to figure out who opened up the pull request, but looking for a star right now,\u2026\n\nAnders F Bj\xf6rklund: Yeah.\n\nDaniel Walsh: but It's all just.\n\nAnders F Bj\xf6rklund: now, I think we took there was some talk about it, like previous container plumbing, but not this one. So maybe like you say there are other concerns that are more important, so it's not the most desired feature\n\nDaniel Walsh: yeah, what yeah, I mean I don't I just don't think that\n\nDaniel Walsh: Yeah, I can't find who wrote it now. And do you remember anything about this?\n\nNalin Dahyabhai: I would have to go digging through it as soon as you.\n\nDaniel Walsh: Yeah. But yeah,\u2026\n\nAnders F Bj\xf6rklund: It was.\n\nDaniel Walsh: as I said,\u2026\n\nAnders F Bj\xf6rklund: It was a hero talking about it. So,\n\nDaniel Walsh: I'm you know, it's just hasn't come up as an interest for You know,\u2026\n\nAnders F Bj\xf6rklund: Okay.\n\nDaniel Walsh: that the developers at Red Hat at this point to, to support this and just mainly because of the fuse vial system problem and\u2026\n\nAnders F Bj\xf6rklund: Yeah. Yeah,\u2026\n\nDaniel Walsh: Now we haven't focused on. Yeah.\n\nAnders F Bj\xf6rklund: I run into some similar issues. What while trying to promote peer-to-peer pulling over images and that is You can easily. You can easily set it to allow the private network only, but most peer-to-peer systems are public by default, which means people are terrified. So when you, when you mention an appear to pair is like mentioning Dr. Hub, you tell that to the private really stupid people and\u2026\n\nDaniel Walsh: Right.\n\nAnders F Bj\xf6rklund: they go into defensive mode and then it's for lockdown and everything. but,\n\n00:20:00\n\nDaniel Walsh: Yeah. Similar. We've been talking about that for about eight eight or ten years now. So,\n\nDaniel Walsh: Nothing. Nothing is happened in that front. And sadly,\u2026\n\nAnders F Bj\xf6rklund: Yeah. So\n\nDaniel Walsh: we don't have the people who work in containers imager here, because they're on holiday\u2026\n\nAnders F Bj\xf6rklund: I, Yeah,\u2026\n\nDaniel Walsh: because yeah. So,\n\nAnders F Bj\xf6rklund: I'm also supposed to be on holidays and relate.\n\nAnders F Bj\xf6rklund: Yeah, that's right.\n\nDaniel Walsh: So we can put that. I mean, if you don't mind, we'll put that one on hold for what.\n\nAnders F Bj\xf6rklund: Yes, you can come back to it.\n\nDaniel Walsh: Let's talk about it.\n\nTom Sweeney: Up. Yeah.\n\nDaniel Walsh: Let's talk about it next month. When\n\nAnders F Bj\xf6rklund: yeah, I think Ipfs is quite experimental anyways, so you could probably do with some more maturing That there were also some like halfway solutions\u2026\n\nDaniel Walsh: Yeah.\n\nAnders F Bj\xf6rklund: where you would not hack up the layers, but you would distribute images from your peers. So you you would talk to your peers and then And then see if anyone close to you has the image before putting it from the registry. So, so,\u2026\n\nDaniel Walsh: Yeah.\n\nAnders F Bj\xf6rklund: there were some work, like\n\nDaniel Walsh: Yeah, that would be cool. I think the the issue and they might have with that is how signing and and could you verify the image and make sure it's the Because yeah,\u2026\n\nAnders F Bj\xf6rklund: That yeah, it can assume so private.\n\nDaniel Walsh: the field comes I asked for, you know, the fedora image and someone so I got a fedora image for you. Yeah, take this one. How do you trust it? No.\n\nAnders F Bj\xf6rklund: Yeah.\n\nTom Sweeney: Right, so we're compost bone, that one. So the next meeting then gets more folks here.\n\nAnders F Bj\xf6rklund: Yeah, fun.\n\nTom Sweeney: And thanks for bringing up Anders and keep me honest, I put it on to the possible topics for the next one. I had thought the next one that we're going to do was with Maureen Duffy's and I thought She's gonna be here. So I will just do a real quick talk about it based on what I've seen Ashley here. Ashley, do you want to talk about this or give a quick little\n\nAshley Cui: so, Sorry.\n\nTom Sweeney: Appointment.\n\nAshley Cui: um, I don't have anything prepared, but I guess. Take.\n\nDaniel Walsh: Just demonstrate the website.\n\nAshley Cui: Okay. Let's see.\n\nTom Sweeney: Nothing like putting you on the spot.\n\nAshley Cui: Let me see if I can share the tab for Partner and IL.\n\nTom Sweeney: And while she's doing that, I'll just say that it's gone to be 1.0 officially, as of this morning, we're getting it ready for the summit, for Brent, for next week. So it'll be announced there more officially. She can have. A sneak preview this week.\n\nAshley Cui: Um, so we have a new website Podmanio. It's been it's nice and shiny and it looks very very good but I guess it is brand new. So we haven't gone through, we're trying to go through and take a look at anything that is broken and so we've been kind of taking a look at it, we have a bunch of Links and Other Things. I don't know what else to say about it. Other than it looks really nice but I think there's still a little bit of work that we're doing but if you have some time, feel free to click through it and see what works, what you guys like and what you don't like. And we'll see what we can do about it, I guess.\n\nTom Sweeney: Yeah, and I'll just go ahead and add a little bit more, just basically, it's on Github, container spot. is the old site was if you had happened to Clone that site Prior Appointment.io, it's now point. Automan.io underscore old. So if you try and make an update there, go to the old site and not to the new site so you'll need to reclone if you've cloned prior and please just standard issues, if you have just use a standard issue process, If you find anything go at Adam there and Maureen's been very responsive there for the ones that we found and do know that we've got a couple more. Online in there right now that you need to chase down and hoping to clear those up with the next few days, but happy to get any kind of feedback there and even if it's, you know, This doesn't work so well or Hey, this looks great. At least have.\n\nDaniel Walsh: Like, click on Get started, actually.\n\nDaniel Walsh: Like I wait. Where's the one that title spell how to download because it's going to show. Is that this one?\n\nAshley Cui: so we don't it's just on the front page, we have a little download drop down, I actually Was working on. Hold on. Let me see.\n\nAshley Cui: Let's see.\n\nDaniel Walsh: Because one of the things we we have done is sort of. There's obviously there's podman desktop and then pod man. Main. And and this website is somewhat of a combination of the two.\n\n00:25:00\n\nAshley Cui: Yep.\n\nDaniel Walsh: Because I think general users are just going to look, how do I get Pod, Man on my Mac or How do I get Bod, Man on my Windows box?\n\nDaniel Walsh: For some like Pod man. I think the Linux, she's community is a little more savvy about how you probably gonna get a package on the addition. So, we wanted to make, you know, obvious places, they go to his apartment.io and Um, make it easy for you to find.\n\nAshley Cui: Actually worked on this this morning which is now there's a CLI option so you can download desktop and you can also get the CLI. And so it's kind of a combination, you know, if it tries to point you into the desktop direction, if you want the desktop stuff and then it also gives you option of looking for CLI stuff. Yeah.\n\nDaniel Walsh: And so if you were on a Mac, you would see one that says Downloaded for a Mac I would hope.\n\nAshley Cui: Yeah, so automatically detects what OS you're on, which is pretty cool.\n\nAnders F Bj\xf6rklund: Do you want to promote the podman engine name instead of Podma CLI, which could also relate to podman remote?\n\nAshley Cui: um, sure. I think it might be confusing for people who don't know the difference between podman engine and podman desktop I think CLI. Kind of makes it obvious that this is a CLI tool, but\n\nAnders F Bj\xf6rklund: But but what so, so the primary option is downloading Padman desktop. And then quadman CLI.\n\nAshley Cui: mm-hmm.\n\nAnders F Bj\xf6rklund: Would that be the podman remote for that desktop? Or would it be the one that includes the actual running up containers? Like the full partner?\n\nAshley Cui: I think. It's just podman itself for I guess for Linux.\n\nAnders F Bj\xf6rklund: So, Yeah.\n\nAshley Cui: It is the engine but for Mac and Windows, it would just be a CLI so I guess technically it is. I think we can like change this saying like installed engine using a package manager or something like that, but If that makes it more clear.\n\nAnders F Bj\xf6rklund: Tabs. I was just wondering if yeah, I was just wondering if the Like now Portman desktop has gotten all the\n\nAnders F Bj\xf6rklund: Advertisements, if you want to call it that or my life. So something similar happened to Docker. So I mean, it's only natural. They, they have some kind of product entry for. So, we have a product entry for the Docker desktop, and you have a product entry for the docker engine, which Dumps. You straight into the Linux distributions and how to install on your server type of thing.\n\nAnders F Bj\xf6rklund: something similar could be done for pod money if you want to separate the ones while having like the podmon desk focus here and then you could have like a separate Section for how you install podman on, on your Linux machine and how you run podman, not remotely. But have ironic locally. I mean like the old site if you want to call it back, how are you?\n\nAshley Cui: Yeah. I think we could put more documentation on this stuff.\n\nAshley Cui: And clarify it. Yeah.\n\nDaniel Walsh: Yeah, it's funny. I'm not crazy about the name engine because I don't think I don't think that's a No,\u2026\n\nAnders F Bj\xf6rklund: No, no.\n\nDaniel Walsh: no. You normal user term so It's Eli.\n\nAnders F Bj\xf6rklund: It's you know, now the whole desktop is just\n\nDaniel Walsh: Is I I would prefer to say probably five minutes for Linux, but we're we're starting to blank shed at this point.\n\nAnders F Bj\xf6rklund: Yeah. Okay.\n\nDaniel Walsh: So, yeah, he's least here Icon makes it a little bit clearer\u2026\n\nAnders F Bj\xf6rklund: So, I No,\u2026\n\nDaniel Walsh: but yeah.\n\nAnders F Bj\xf6rklund: no, those are definitely someone else's words and terms. So they are just,\u2026\n\nDaniel Walsh: Yeah.\n\nAnders F Bj\xf6rklund: they are just there to make the transition easier for people if you would start out. From scratch, we will not call it.\n\nDaniel Walsh: yeah, I use I use engine all the time but I'm not sure that you know,\u2026\n\nAnders F Bj\xf6rklund: I think that even the programs this Indian I\u2026\n\nDaniel Walsh: Joe engine is and yeah,\n\nAnders F Bj\xf6rklund: if you're on Portman version, it will tell you. It's and I think so.\n\nDaniel Walsh: Okay.\n\nDaniel Walsh: That's good.\n\nTom Sweeney: Right. Yeah it does look good. Actually thank you for doing well with that. Given how much time you have to prepare?\n\nDaniel Walsh: And if anybody from community wants to contribute, we'd love to have contributions. You don't have to be. Engineer to contribute to that website.\n\nTom Sweeney: Yes.\n\nDaniel Walsh: So this this is actually Just an idea. We haven't done much work on it yet, but\n\nDaniel Walsh: People have been asking us for examples of how to use. Different tools and darker has this thing called awesome compose. And a lot of people go to awesome compose to get darker composed examples so they can sort of take and then hack on. So, a few people have been paying us about. Could we have some kind of Site like that. And I think the obvious thing for\n\n00:30:00\n\nDaniel Walsh: For us to work on would be to first grade aside and then allow people to start to contribute, say either Kubernetes Yaml files or quadlets that people might want to experiment with. So the idea was to set up, get up containers slash App Store. And then steps to sub directories underneath it, where people could start opening up. Poor request to get their favorite. you know, variant on\n\nDaniel Walsh: You know, how they want to run their WordPress inside of a quadlet, or how they would run, you know? Base Inside of Kubernetes. Now what we want to have, if we start to build out this, we probably need to have some kind of cicd system where we would continuously test. All the quadlets and Yaml files that are available against, you know, a versions of Pod man, to make sure that they continue working and then If stuff becomes stale and old, then we have to get rid of it. I think the fair with something like this is, is one stuff gets old and crusty and I also worry about, if we had image that people are putting versions of images into their examples,\n\nDaniel Walsh: People start to pull down images that the two or three years out of date. And how do we do? So It's I think we've talked about this internally. Chris is pointed out that I think renovate can actually help us out a little bit with that secondary problem and that it could go through a win actually update. Of images or open, a pull request to update version of images. So,\n\nDaniel Walsh: I just opening up to have. Anybody have any ideas or thoughts on this?\n\nBrent Baude: I do. I spoke to someone that Mark Russell. Had. been speaking with, I think they actually know each other from canonical. And the gentleman's name is George.\n\nBrent Baude: I think it's George Castro. And George has been proposing to Mark that this exact concept. Minus quadlet. Needed to get done and was looking for a home. to put all of us, he evidently has oodles of the stuff already done. And I spoke with them about an hour and 15 minutes basically. He just, He wants to do what we've we're meeting and wants a spot. Put it. That somewhat associated with containers.\n\nBrent Baude: He was going to reach out the Tom to actually get on the schedule for today, but He must not have been able to, in the short order.\n\nBrent Baude: But I think the next thing it is just having come talk. About what his ideas and\u2026\n\nDaniel Walsh: See.\n\nBrent Baude: What? He's got already.\n\nBrent Baude: And he he's looking for us just like simple.\n\nBrent Baude: It there's some stuff he hasn't figured out like you know, container wise and there's some stuff that, you know, could go this way, could go that way. He's just looking for Tyree. And advice.\n\nDaniel Walsh: Yeah.\n\nDaniel Walsh: Then we can get chat GPT to just start generating these things for us.\n\nBrent Baude: well, I think the problem that this team has Is we are?\n\nBrent Baude: Container cools. Development. And that's fundamentally different than container service or container. Creation.\n\nDaniel Walsh: Right.\n\nBrent Baude: And We probably all have our little pet projects. I'm guessing none of us are my sequel. Experts or, you know, we can get nginx running but just enough to serve a file. so,\n\nDaniel Walsh: I can get in a patchy Web server up and curl to it, and that's about it.\n\nDaniel Walsh: And basically none of us are real good systems. Yeah, at least that's not I call function.\n\n00:35:00\n\nBrent Baude: Right. So again, at my vote, I'd like to the deeper dive with George and You know, spin them off and get gone.\n\nDaniel Walsh: Yeah.\n\nDaniel Walsh: I think.\n\nBrent Baude: And it sounds like yes,\u2026\n\nBrent Baude: time bit to this.\n\nDaniel Walsh: Yeah. It'd be nice\u2026\n\nDaniel Walsh: if someone went through all of awesome, awesome compose and Wrote equivalent applications and Kubernetes YAML files. And That could run with part men. I'm trying to make sure that they don't become a General Kubernetes Yaml drop site because it might be lots. And lots of stuff that podman can't handle. That's why I like the idea of Verifying that the applications would actually ride with, but man.\n\nBrent Baude: indeed and I I know fair amount of those Apps, if you will, that are in awesome and some of them don't do anything. That just like Hello World type stuff.\n\nDaniel Walsh: Right.\n\nBrent Baude: so I think ideally what you're looking for is Put your gunk in this volume and then make sure it gets mounted.\n\nDaniel Walsh: Right.\n\nChristopher Evich: I'm guessing. That probably. Writing tests for these things. It's going to be equal to if not harder than developing them in the first place. Especially the,\u2026\n\nDaniel Walsh: Yeah.\n\nChristopher Evich: what the, what that stuff. I mean if it's simple things like curling from URL, using my SQL client to connect to A I see how container with that. Kind of stuff can probably do, but I think more complex. Can get challenging.\n\nDaniel Walsh: Yeah. but I I just start a service and then a five minute inspected to make sure that you know, the the stuff that you thought was gonna be creative, got created, then\n\nChristopher Evich: Yeah.\n\nDaniel Walsh: again, when I'm hoping, is that, if we start getting these things and images start disappearing that week and easily clean out, Applications as sort of disappear from the base of the planet, right? People's priorities change and they're not going to necessarily maintain their own. Applications that get donated to the site.\n\nBrent Baude: There's there's also this question of You know, do you tag it? Like let's say you're gonna do You know, my sequel or something? Do you\n\nBrent Baude: You know. But there's a fair amount of variety that could occur whether you depend on. Building the image. My sequel image, Do you start at like the winter level and then all the way up? Or do you grab them and use my sequel? And then how does the the versioning work because if you if you go latest, then your subject to failures in which something inside the image changes, which, which puts ed into orbit,\n\nBrent Baude: Or you say tag it to a particular version and and now you know, you have to go update that at some point.\n\nDaniel Walsh: Yeah, I mean that's what also something we have to worry about with the Cicd system. Again we're all channeling it here because in those there's nothing more unstable than container registries as far as Cicd systems. So, You know, if if 75% of the time that Test suite. Blows up because it couldn't pull down and some random image and You know, we're never gonna get it successful Testro.\n\nBrent Baude: the other little, Treat here would be that also if I was a consumer of that. Stuff. I don't think I'd want something pointing to latest either.\n\nDaniel Walsh: Right.\n\nBrent Baude: but I would like to be notified when You know, a new image comes up. In case it was security.\n\nChristopher Evich: Renovate can run away. Runaway can handle that pretty elegantly. There's You can set up regular expressions. That can extract version numbers. And it'll And then basically give it a source of where those versions come from and it'll open up yours when it finds a new one. There's also a way you can do kind of a more generic thing. That's probably more user friendly. where you set up a regular expression that searches for a comment, a special comment that says You know, get the versions from the source, use this type of versioning and the other options like that. That's probably easier. Then it's just adding this stuff is just you know, somebody putting a comment into their Code. And Renovator pick it up automatically.\n\n00:40:00\n\nDaniel Walsh: So, it seems like I think I've already created the the website. Containers. App Store. Just make sure it's\n\nDaniel Walsh: It's nice and blank right now. Has a license in a one-line. Text.\n\nDaniel Walsh: I do that a week ago and then forgot about it.\n\nTom Sweeney: Can you add a link to the chat?\n\nDaniel Walsh: I will.\n\nDaniel Walsh: My goal was to create two subdirectories underneath. It one called Kubernetes and one called What?\n\nDaniel Walsh: Github will not let you create empty directories and then check them in. You have to put content in the directories and I didn't have any content and then, Some of the sparkly light went off. And I went chasing after. Whatever. That was so.\n\nTom Sweeney: Know, did you just drop a green beans? Each Just a real quick, read me.\n\nDaniel Walsh: Could I drop could I drop one?\n\nChristopher Evich: It put a dot and put a dot MP file in.\n\nTom Sweeney: Yeah. And in the directors you want to create just put a little readme at the top.\n\nDaniel Walsh: Law. Okay, that would have been nice. But now that I have this site up You can open up a pull request to do that.\n\nDaniel Walsh: Want to become Sawyer. I want you to paint my wall. White wash my fence.\n\nDaniel Walsh: I guess we can open up the general discussion at this point.\n\nTom Sweeney: There's any questions topics that anybody has?\n\nLance Lovette: I've got one.\n\nLance Lovette: so, I've been curious that the past through log driver, It's not really clear to me when I should or would want to use that as opposed to Journal D. or if Pod Man selects a default based on where it's running,\n\nLance Lovette: At the moment, I specified Journal. D explicitly and I'm wondering if As I went down this rabbit hole where Kanman takes standard by default, well, it takes standard air and marks it red in the logs and python logs, right? Everything to standard air. So everything that Python writes shows up. In red said, I went down this rabbit hole, figure that out, and then I change this law and I figured out the issue but I was like maybe I should be using pass through instead of journal D. So anybody have any Direction or guidelines on how to decide one or the other.\n\nDaniel Walsh: I take. I take the goal of pass through is that if you're running it underneath this as a systemd service, and pass through will allow you when you do a pod man system d status, you'll be able to see it right in the Be a system D, right? And then if you run journal, you'd have to use Pod, Man command or a journal to, you wouldn't see it as part of the outputs, the unit file. I believe it's what the difference is.\n\nLance Lovette: Well, you, I believe you do. I mean well, Because I'm doing Journal D, now. And that everything, you know, journal controlled at Jeff shows everything, it all gets tagged with the with the proper.\n\nDaniel Walsh: But are you doing it on the unit file or\u2026\n\nLance Lovette: Variables.\n\nDaniel Walsh: you're doing it of the container level?\n\nLance Lovette: Well, I both I run it in the like when I run it standalone, it's I use log driver. And then when you do make system D, it captures that.\n\nDaniel Walsh: But doesn't do it.\n\nLance Lovette: So so my container. Yeah.\n\nDaniel Walsh: Does it switch to pass through at that point?\n\nLance Lovette: No, I mean not. I'm Yeah,\u2026\n\nDaniel Walsh: It's the journal? Yeah. Yeah.\n\nLance Lovette: so across the board I especially specify Log Driver Journal, D, You know, does pod men do something under the covers like Oh hey, I'm a system D service. So let's use pass through. I can't say\n\nDaniel Walsh: No. No, it does it, I don't believe it does. Matt, The original version of Quadlet was attempting to do that. I believe and I think that's all been revoked, but\n\nLance Lovette: Because I don't know what Journal D. Or what system D. Does with outputs, like I have a dove into it enough to live like are they somewhat equivalent? Like if you're if you're using all generally driver, it's still sticking in the journal and if you do it through system D, it just attaches. Standard out to the journal, like I haven't really dug into that. So it may be equivalent. when it's running under system D, then it may be a, you\u2026\n\n00:45:00\n\nDaniel Walsh: Then. But that wouldn't make that would not make sense of that passed through.\n\nLance Lovette: one of the other\n\nDaniel Walsh: That I thought pass through just meant right to stand it out standard error and all inside a unifile. But I might be mistaken. Matt, do you know?\n\nMatt Heon: That is definitely the intention pass through is basically it will have CON monologue directly to standard out standard error and since Systemd is monitoring commodity will print it directly to the journal? The intention Giuseppe is the one who added it. So I don't want to speak for necessarily because I'm not a hundred percent of why it's there, but I believe the attention was better integration into what they call it better integration with podme and inside a System D unit in certain circumstances but I'm not completely aware of what those circumstances are. There's also happened in a much earlier time at the life of the journal log driver At that point we were not well integrated with basically the journal log driver was not logging to the same.\n\nMatt Heon: You get logs, but they wouldn't show up as the associated with the unit in question, I think that has been fixed since. So it might be that some of the reasons we're using it to have gone away, I will say it, certainly simpler than the Journalty log driver and probably a lot more performance.\n\nDaniel Walsh: Yeah, I think that one of the problems would pass through is that if you do a pod, man logs then you don't see it anymore, right?\n\nLance Lovette: All right, well, maybe I'll play around with it and\n\nDaniel Walsh: But the most most likely Lance what I would say is, if you like it, what? Journal D. I would stick with General Day and not just pass through because when that Would my only thing is is if I do a status of the unit file or journal control dash u of the unit file. Do I see the the data that's coming out of the container? You know,\u2026\n\nLance Lovette: Right, right? Because now I'm trying to think.\n\nDaniel Walsh: then I would if that works with journal journal, then that's, that, probably all you really care about. So, I would just\u2026\n\nLance Lovette: Right. Yeah,\u2026\n\nDaniel Walsh: because then part\n\nLance Lovette: because I guess I guess there's some interaction with Kanmon there. Yeah, I'm not sure\u2026\n\nDaniel Walsh: Yeah.\n\nLance Lovette: who exactly is tagging. Entries with all the variables that toddman attaches.\n\nDaniel Walsh: Could you basically when you run Pod, man as a When you run pod man inside of System, D unit file and podman goes away. What system D is watching is konmon\n\nDaniel Walsh: if cotton on outputs any standard out, a standard error, that's sort of what a traditional service would do. Instead of a system to unit, follow if Con Mohan is writing directly to the journal, Then, I'm not sure if you see that, you see the same behavior, as if it was right into, stand it out and standard error. That, that would be my question.\n\nLance Lovette: Right. Yeah, it's interesting. Yeah, I mean yeah, like I said, me at the moment I get I kind of got once I fixed the Python syslog thing. It's working the way I like it to. So All right,\u2026\n\nDaniel Walsh: Yeah. We're all about flexibility here, but\n\nLance Lovette: good. yeah, all those play with it and it probably is like I said journal D's been around a while so probably some of it's been Alleviated in the last couple of years. Thanks.\n\nDaniel Walsh: yeah.\n\nTom Sweeney: Okay, any other questions or discussions? And close to the end of the meeting.\n\nTom Sweeney: I'm not hearing anything, so I'm just going to give a quick reminder for our next meetings. Our next community meeting is on Tuesday, June 6th. So that's just around the corner a couple weeks from now right after holiday in the US and then our cabal meeting will be on June 15th. And both of those meetings will be at 11, a clock. June 15th is Thursday in the Community Institute Tuesday. And so, for puzzle topic, we already have two lined up. One is the IPSS integration that Anders was talking about earlier. And then also, some more talks about the App Store. If anybody has any other topics, please let me know. These are through the hacking, these scripts, we're hacking deep site or by saying me an email, so any other questions or comments before I turn off the recording here?\n\nTom Sweeney: Right, well then, thank you for coming today and turn off the recording.\n\nTom Sweeney: and it is stopped anything you want to say before without being recorded,\n\n00:50:00\n\nTom Sweeney: Silent group about. Let's go to lunch dinner. Enjoy the rest of my holiday. If you're in Europe. Right. All thanks.\n")))}Oo.isMDXComponent=!0;const Jo={},Fo="Podman Community Meeting Notes",Go=[{value:"June 6, 2023 11:00 a.m. Eastern (UTC-5)",id:"june-6-2023-1100-am-eastern-utc-5",level:2},{value:"Attendees ( 40 total)",id:"attendees--40-total",level:3},{value:"Topics",id:"topics",level:3},{value:"Meeting Start: 11:04 a.m. EDT",id:"meeting-start-1104-am-edt",level:2},{value:"Video Recording",id:"video-recording",level:3},{value:"ChRIS project running in Podman via Podman desktop",id:"chris-project-running-in-podman-via-podman-desktop",level:2},{value:"Jennings Zhang and Rudolph Pienaar",id:"jennings-zhang-and-rudolph-pienaar",level:3},{value:"(1:20 in the video)",id:"120-in-the-video",level:4},{value:"Podman Desktop v1.0 Update",id:"podman-desktop-v10-update",level:2},{value:"Stevan LeMeur",id:"stevan-lemeur",level:3},{value:"(30:25 in the video)",id:"3025-in-the-video",level:4},{value:"Podmansh Demo",id:"podmansh-demo",level:2},{value:"Lokesh Mandvekar",id:"lokesh-mandvekar",level:3},{value:"(41:29 in the video)",id:"4129-in-the-video",level:4},{value:"Podman v4.6 Demo",id:"podman-v46-demo",level:2},{value:"Matt Heon",id:"matt-heon",level:3},{value:"(44:47 in the video)",id:"4447-in-the-video",level:4},{value:"Open Forum/Questions?",id:"open-forumquestions",level:2},{value:"(50:06 in the video)",id:"5006-in-the-video",level:4},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday, August 1, 2023, 11:00 a.m. Eastern (UTC-4)",id:"next-meeting-tuesday-august-1-2023-1100-am-eastern-utc-4",level:2},{value:"Next Cabal Meeting: Thursday, June 15, 2023, 11:00 a.m. Eastern (UTC-4)",id:"next-cabal-meeting-thursday-june-15-2023-1100-am-eastern-utc-4",level:2},{value:"Meeting End: 11:59 a.m. Eastern (UTC-4)",id:"meeting-end-1159-am-eastern-utc-4",level:3},{value:"Google Meet Chat copy/paste:",id:"google-meet-chat-copypaste",level:2},{value:"Raw Google Meet Transcription",id:"raw-google-meet-transcription",level:2}],Yo={toc:Go},Uo="wrapper";function qo(e){let{components:t,...n}=e;return(0,ce.kt)(Uo,(0,Q.Z)({},Yo,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting-notes"},"Podman Community Meeting Notes"),(0,ce.kt)("h2",{id:"june-6-2023-1100-am-eastern-utc-5"},"June 6, 2023 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"attendees--40-total"},"Attendees ( 40 total)"),(0,ce.kt)("p",null,"Aditya Rajan, Ashley Cui, Banu Ahtam, Brent Baude, Chetan Giradkar, Christopher Evich, Ed Haynes, Ed Santiago Munoz, Gerry Seidman, gideon pinto, Hyuk Jin Yun, Jake Correnti, Jean-Francois Maury, Jennings, Jennings's Presentation, Lance Lovette, Leon Nunes, listener, Lokesh Mandvekar, Lokesh Mandvekar's Presentation, M\xe1ir\xedn Duffy, Mark Russell, Martin Jackson, Matt Heon, Miloslav Trmac, Mohan Boddu, Nalin Dahyabhai, Navaneeth krishna, Nezih Nieto Gutierrez, Paul Holzinger, Preethi Thomas, Rudolph Pienaar, sandip samal, Shion Tanaka (\u7530\u4e2d \u53f8\u6069), Stevan Le Meur, Stevan Le Meur's Presentation, Sungmin You, tasmiah chowdhury, Tim deBoer, Tim Rudenko, Tom Sweeney, Tom Sweeney's Presentation, Urvashi Mohnani"),(0,ce.kt)("h3",{id:"topics"},"Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"ChRIS project running in Podman via Podman desktop - Jennings Zhang and Rudolph Pienaar"),(0,ce.kt)("li",{parentName:"ol"},"Podman Desktop v1.0 Update - Stevan LeMeur"),(0,ce.kt)("li",{parentName:"ol"},"Podmansh Demo - Lokesh Mandvekar"),(0,ce.kt)("li",{parentName:"ol"},"Podman v4.5 Demo/Talk - Matt Heon")),(0,ce.kt)("h2",{id:"meeting-start-1104-am-edt"},"Meeting Start: 11:04 a.m. EDT"),(0,ce.kt)("h3",{id:"video-recording"},"Video ",(0,ce.kt)("a",{parentName:"h3",href:"https://www.youtube.com/watch?v=65pE8RhCK5w&t=116s"},"Recording")),(0,ce.kt)("h2",{id:"chris-project-running-in-podman-via-podman-desktop"},"ChRIS project running in Podman via Podman desktop"),(0,ce.kt)("h3",{id:"jennings-zhang-and-rudolph-pienaar"},"Jennings Zhang and Rudolph Pienaar"),(0,ce.kt)("h4",{id:"120-in-the-video"},"(1:20 in the video)"),(0,ce.kt)("p",null,"Demo (1:35 in the video)\nShowed a picture of a fetus in a Woman's uterus. Using a lot of niche software to put the project together. It uses a Hybrid Cloud Architecture. Jennings has been using Podman Desktop for working on the project. He's a project that has yaml files that can be used by POdman Desktop. When he uses a Kubernetes manifest, he uses a script to concatenate all of his yaml's into one, and replaces key values within the concatted Yaml, replacing the Podman socket with the value from Podman info. Then the Yaml is fed into Podman Desktop."),(0,ce.kt)("p",null,"It does take a minute or two to start due to init time, mostly database related."),(0,ce.kt)("p",null,"It creates a number of pods, including the ChRIS pod and a ChRIS UI. It also runs ChRISmatic to do a number of setup items. He showed the Pods in the Podman Desktop and then opened up the ChRIS UI."),(0,ce.kt)("p",null,"Within the UI he dispatches containers to Podman, and it goes ahead and runs it for him."),(0,ce.kt)("p",null,"The UI interface allows him to build a string to be sent to the Podman socket."),(0,ce.kt)("p",null,"The entire ChRIS system runs on Podman Desktop."),(0,ce.kt)("p",null,"Brent asked what Podman can do better for ChRIS. So he wants to make sure that containers can be locked down. He'd also like to be able to look into the CLI at the container level from Podman Desktop."),(0,ce.kt)("p",null,"A Yaml file is crafted to use as a file to run the project. That's key to them. The other thing of interest is how to deploy models of AI. There's a gulf between the Data Scientist and the Developer. They are working to shrink that gulf, and Podman is helping with that."),(0,ce.kt)("p",null,"Stevan liked seeing how Desktop is being used by the project."),(0,ce.kt)("p",null,"Jennings rolled back to an earlier version of ChRIS and showed how the Podman interface was used to run it."),(0,ce.kt)("p",null,"The old bash scripts were up to 4 or 5K lines long. The YAML pipelines to do a fetal brain study uses declarative Yaml which is easier to comprehend by both Data Scientist and the Developer."),(0,ce.kt)("p",null,"ChRIS uses OpenShift for its computing, but unfortunately, their server was down for maintenance."),(0,ce.kt)("p",null,"They went from Docker Compose to this setup. Docker Compose was easier due to it being insecure, so great for development. Changing to Podman, they had to deal with the socket rather than the daemon. There were also some initial problems with rootless."),(0,ce.kt)("p",null,"Also, the Kube commands didn't respawn as Kubernetes did, so he has to manually restart."),(0,ce.kt)("h2",{id:"podman-desktop-v10-update"},"Podman Desktop v1.0 Update"),(0,ce.kt)("h3",{id:"stevan-lemeur"},"Stevan LeMeur"),(0,ce.kt)("h4",{id:"3025-in-the-video"},"(30:25 in the video)"),(0,ce.kt)("p",null,"The last demo Stevan thought was a great use of Podman Desktop."),(0,ce.kt)("p",null,"Showed pod view and volume views. Took a container, ran it inside of a pod after creating the pod, then ran it locally with Podman. He was then able to create a new kind cluster, and pushed an image from there into the cluster. He then deployed the pod into the kind cluster."),(0,ce.kt)("p",null,"A new set of extensions have been added to v1.0, adding compatibility with Docker, Lima, Openshift Local, and Kind. You can also make use of Microshift."),(0,ce.kt)("p",null,"Podman Desktop is available and free now. You can get it from ",(0,ce.kt)("a",{parentName:"p",href:"https://podman.io"},"https://podman.io")," and ",(0,ce.kt)("a",{parentName:"p",href:"https://podman-desktop.io."},"https://podman-desktop.io.")," You can create issues and contribute on GitHub."),(0,ce.kt)("p",null,"Lots of positive feedback at Summit on Podman Desktop."),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"https://developers.redhat.com/articles/2023/05/23/podman-desktop-now-generally-available#why_use_podman_desktop"},"https://developers.redhat.com/articles/2023/05/23/podman-desktop-now-generally-available#why_use_podman_desktop"),"_"),(0,ce.kt)("h2",{id:"podmansh-demo"},"Podmansh Demo"),(0,ce.kt)("h3",{id:"lokesh-mandvekar"},"Lokesh Mandvekar"),(0,ce.kt)("h4",{id:"4129-in-the-video"},"(41:29 in the video)"),(0,ce.kt)("p",null,"podmanssh - used in conjunction with quadlet. He showed out to ssh into a demo user on a Fedora machine, and it brought him into RHEL. Open PR: ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/pull/18739"},"https://github.com/containers/podman/pull/18739")),(0,ce.kt)("h2",{id:"podman-v46-demo"},"Podman v4.6 Demo"),(0,ce.kt)("h3",{id:"matt-heon"},"Matt Heon"),(0,ce.kt)("h4",{id:"4447-in-the-video"},"(44:47 in the video)"),(0,ce.kt)("p",null,"4.6 and maybe 4.7 out this summer."),(0,ce.kt)("p",null,"4.6\nbug fixes, podman machine and qudalet updates. Sqlite as backend."),(0,ce.kt)("p",null,"Working on final pieces with Netavark,. For machine two new hypervisors in flight, hyperv in Wiendos, and native mac. Both a WIP at this time, but progress nicely. Needs to get into Fedora CoreOS. A lot of that code will potentially be in v4.6. IOfs working on Apple, relatively speedily."),(0,ce.kt)("p",null,"Working our documenting plans"),(0,ce.kt)("p",null,"Brent will be looking for testers, but it's not quite ready at the moment due to ignition work that's ongoing and also socket mapping which hasn't been completed."),(0,ce.kt)("h2",{id:"open-forumquestions"},"Open Forum/Questions?"),(0,ce.kt)("h4",{id:"5006-in-the-video"},"(50:06 in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Experimental storage getting moved forward how to make it happen. Brent needs to look into this further. Gerry said it's deployed and works, he thinks s some documentation needs to be added.")),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Quadlet Demo - Dan Walsh")),(0,ce.kt)("h2",{id:"next-meeting-tuesday-august-1-2023-1100-am-eastern-utc-4"},"Next Meeting: Tuesday, August 1, 2023, 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"next-cabal-meeting-thursday-june-15-2023-1100-am-eastern-utc-4"},"Next Cabal Meeting: Thursday, June 15, 2023, 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"meeting-end-1159-am-eastern-utc-4"},"Meeting End: 11:59 a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"google-meet-chat-copypaste"},"Google Meet Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"You11:05\u202fAM\nhttps://hackmd.io/fc1zraYdS0-klJ2KJcfC7w\nJean-Francois Maury11:16\u202fAM\nThat is awesome\nTim deBoer11:16\u202fAM\n+1\nStevan Le Meur11:26\u202fAM\nSuper cool!\nMark Russell11:26\u202fAM\ntook the words out of my mouth, Stevan!\nLokesh Mandvekar11:27\u202fAM\nquadlet demo might not happen today\ndan's not on the call\nStevan Le Meur11:28\u202fAM\nHave you tried OpenShift Local extension available with Podman Desktop?\nYou11:30\u202fAM\nYeah, no quadlet, Dan sent me a note just after we started.\nBrent Baude11:32\u202fAM\n@urvhashi, can you comment here?\nUrvashi Mohnani11:34\u202fAM\n@brent I stepped away for a min and missed this\nYou11:42\u202fAM\nLokesh, how long will your demo/talk be about?\nLokesh Mandvekar11:42\u202fAM\nmaybe 5 mins\nStevan Le Meur11:43\u202fAM\nhttps://developers.redhat.com/articles/2023/05/23/podman-desktop-now-generally-available#why_use_podman_desktop_\nMark Russell11:44\u202fAM\nawesome update\nBrent Baude11:48\u202fAM\nwe need to do 2\nStevan Le Meur11:54\u202fAM\nTOON of things happening in Podman community right now!!!\nMark Russell11:54\u202fAM\n+1\nPreethi Thomas11:55\u202fAM\n+1\nM\xe1ir\xedn Duffy11:55\u202fAM\n+999\nPreethi Thomas11:55\u202fAM\nlol\nStevan Le Meur11:55\u202fAM\nGet podman up and adopt a seal !!\nM\xe1ir\xedn Duffy11:58\u202fAM\nthanks Jennings and Rudolph for coming :) great preso!!!\nPreethi Thomas11:58\u202fAM\nGrreat stuff\nShion Tanaka (\u7530\u4e2d \u53f8\u6069)11:59\u202fAM\nthanks\nieq-pxhy-jbh\n")),(0,ce.kt)("h2",{id:"raw-google-meet-transcription"},"Raw Google Meet Transcription"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Tom Sweeney: The spinning cycles and It Looks Like It stopped. So I will welcome everybody. Today to the Podman Community Meeting Today. Thursday June 6th 2023.\nStevan Le Meur: Krishna.\nTom Sweeney: We have a large list of things to go through today. First thing that we're going to be looking at, is the Chris Project learning and podman via podman desktop from Jennings, Zinc, and Rudolph. Can you Allen? I hope I didn't butcher either of your names there for that one. Matt in, we'll be talking about the problem and 4.5, And then Dan Walsh if he's here, I'm not sure, there's kind of some question about whether or not to be able to make it today, we'll be doing a quadlet demo.\nTom Sweeney: And then the plug-in desktop, 1.0 update will be given my stuff on them here and then a portman sh demo will be given by Lokesh at the end. So we've got a pre-fold day, we will have time for questions if you have some and with all that I think I'm going to just all mine folks that we have a hack MD script, which I'll put a link to in the chat. If you I will be taking notes there. If you see that, I done something badly in the notes, please feel free to Ed and presenters. If you have links or such that you want to make sure that we have, the notes that will be posted later on the website. Please go ahead and add those to the hack. Empty. Yes we go on. So I'm going to stop presenting now and head it over to Jennings. It's gonna be talking about the curse projects.\nJennings: All right. Hi everyone.\nJennings: Alright, so my name is Jennings and I'm supervised by my Pi Rudolph Pienaar together. We're working on the Chris project at the Boston Children's Hospital. And our lab does a lot of research on fetal imaging and also newborn imaging where we use MRI to study very young patients. And so what you see on screen here is an example of what a fetus MRI looks like, while it's still in the pregnant mother seers. To do this kind of research. We need a lot of niche open source software because it's a very specialized division of medicine. And so,\nJennings: What we're working on the Chris project is helping to orchestrate the digital cyber infrastructure to actually be able to run these open source pipelines just to give a brief example of what one of these pipelines may be. We have a fetal MRI processing pipeline, which is going to take all of these multiple in Europe, images of varying quality. It's going to try to use some image processing. Algorithms such as masking and quality assessment to, finally be able to reconstruct these multiple in utero images into one high quality. Cropped volume. And what we can do, with these processed data, is we can try to quantify metrics of the brain. While it's developing in utero and this is what a fetal brain looks like. While it's still developing at 25 weeks of gestational age through 32, justational weeks of age,\nJennings: Using these open source tools. We are able to measure the growth of specific parts of the brain as well. And look at the trends as the pregnancy continues. And so the infrastructure that we have at the Boston Children's Hospital is, of course, we have these scanners. We also have open. Sorry. Not we have Some high performance computing centers. And we also have the office space where our researchers sit and what the crisp project does is it connects all of these things together. Uh, researchers can be at their desks looking at the Chris user interface, and they're able to dispatch computational jobs to both our internal high performance computing center. And we're also able to ship jobs out to our public clouds as well with the hybrid cloud architecture.\nJennings: And so that's a quick demo of or sorry. A quick introduction on what the Chris project is, something that I've been working on recently, is being able to run Chris on podman and especially using podman Desktop So, I'll jump it up.\nJennings: We have a github repository called Minicrisk Eights. And inside of here, we have several Kubernetes manifests aka Yamls and I also have a wrapper script called Minicris.sh. And what this wrapper script is going to do is it's going to bring together these animal files into something that can be consumed by podman desktop. Let's open up carbon and desktop.\nJennings: Alright, here it is. I don't have many containers running, I'm just going to delete the sky.\n00:05:00\nJennings: all right, when you want to run a Kubernetes, Manifest using Podman Desktop It Assets, a single Kubernetes file. I have my Kubernetes manifests organized as multiple Yaml files here. So this wrapper script called Mini Christ.sh is going to do two things. It's just going to simply concatenate all of my Yamls together, and it's also going to perform a said command to just replace some of the values. One key value that it needs to replace. We can take a quick look at it.\nJennings: Yeah, so the function that I'm going to run is going to call be called minicrescat All it's doing is it's going to be concatenating. All of my yaml files and then it's going to be performing a set operation on to these variables. And that's just going to replace the hard-coded podman socket address with what's actually going to be running on my system, obtained from the podman Info command. Let's try that.\nJennings: And it's just going to spit the yellow out to my standard out and I'll type it into a file. And now this file called Chris All-in-one by EML can be loaded into Podman Desktop.\nJennings: As it says here with podman desktop. This Play Queue. Command can take a few minutes to complete. And the reason why is because podman behind the scenes is going to be starting the defined services and deployment sequentially. It's also going to try running in its containers which does things like database initialization and that's going to take a little while Another functionality of my monolithic script over here. Is that it can monitor podmin for init containers. So\nJennings: that finished faster than I expected it to. I was going to say that we can look at what the unit containers are doing, but it seems like everything's up already, so let's just keep going. Yeah. So we can see we have a bunch of pods here we have. What's known as the Cube Pod? And that's our Chris backend. We have PF Khan, which is another Chris service that handles the compute that might be dispatched by Chris. We have the Chris UI which we'll take a look at later. That's our user interface. before we can take a look at Chris, I have a script called Prismatic Prismatic, which I can also run using podman, is going to initialize the Crist system with some information and that's going to create some users for testing purposes, and it's also going to\nJennings: Add some programs or what we call, Christopher's plugins to the crisp system. And you can see that this mini Crits.sh chrismatic subcommand is just a podman run alias and it's going to run a new container as part of the cubed pod.\nJennings: It's just going to run the charismatic command within the charismatic container. What that does is it reads a file called Prismatic.yaml to put a bunch of data into our Chris backend. And so what it's done here is it's created a super user called Chris and that's going to be a user that will log in as in a quick moment and it has registered a few simple programs for us to try running. To access the user interface. We can see that it's running over here on podman desktop. These logs say that it's running on port 3000 though. The port 3000 is mapped onto the host Port 8020, I believe yeah.\nJennings: So, let's take a look.\nJennings: This is the Chris user interface and from here, what we're able to do is you can click Login.\nJennings: And yeah. Great new analysis.\nJennings: In Chris, we have computational experiments organized as separate analyzes. And what I'm doing here is I'm going to create a new analysis with some uploaded data.\n00:10:00\nJennings: And now it's happening, is once I've uploaded the data into the Chris system, we can see it running in this Kris UI and I can choose to run more plugins here. When I choose to run a plugin such as this one of Click Add node, it's going to dispatch a container to podman and podman is going to run it. So if I'm lucky if I type Admin PS then it'll show the container running. I have to be kind of fast.\nJennings: I guess I lied about being the fast part.\nJennings: It always breaks during demos. I have no idea why this guy ran but this guy doesn't I'll just try it again.\nTom Sweeney: The demographic, strong.\nJennings: I'll just\nJennings: What was that? Yeah, they are.\nTom Sweeney: The demo gods are strong.\nJennings: I can do another quick explanation of what's happening here. And what's happening here is This user interface is pretty much. Helping me build a command line. string that is eventually going to be forwarded to the podman socket and so,\nJennings: This program that I'm trying to run called Simple DS. App is just a demonstration program. We have other programs as you've seen for imaging analysis and medical research. I'm just going to pass a command line parameter here, called Sleep length. 10 because I wanted to sleep for 10 seconds. Oh no, this guy failed.\nJennings: I feel like this one's also gonna fail, but yeah. Sadly, the demo gods have kicked us this time.\nJennings: Well, that's mostly what we have here. We have the entire care system running in Admin, Desktop any questions?\nBrent Baude: Yeah, I have a few.\nBrent Baude: I'm curious. Is there anything that podman could do? That would make this easier for you.\nJennings: Yeah. So Several things podman has pretty much innovated in the space of rootless containers and that's great because Chris is concerned about security and we need to make sure that these plugins aren't going to do anything malicious and if they do something malicious they can't break out of that. Container jail. a second thing is one of the key innovations of the Chris project itself, is that Chris plugins, unlike some other. Systems for computational research. Aims to be simple for developers. And I should be able to look at a terminal you here.\nJennings: I'm not sure if you guys are familiar with the App Trainer command app. Tanner is a another container runtime similar to Docker apartment. And friends. But this obtainer command could also just be a podman command and podman would be a great candidate for having people be able to run these analyzes on their own systems. Because oddman is rootless and or podman supports rootless mode.\nRudolph Pienaar: If I can just quickly jump in with a meta comma to observation here. So you guys all hear me is my mic coming through. So, one of the things we're trying to do here,\u2026\n00:15:00\nTom Sweeney: Yep, bottom plants.\nRudolph Pienaar: right? Is, you know, you're so in the Chris UI beginning of like this, this connected graph of designers, So that's kind of at the heart of what we're trying to make fun, you know, distribute, right? So you can, you can construct and arbitrary complex tree of computing. where each one of those nodes is, is obviously a container and because\nRudolph Pienaar: That's a Jennings show in the beginning. You can have multiple different computing stages as you're doing, one of the things we're trying to do is to be able to publish and bundle together, the value of that computing tree. Simply and easily, right? So you can, you can describe your entire compute as a simple yaml file. Which literally is just describes the tree of computing, your almost a directed basically graph.\nRudolph Pienaar: Mostly in research. What folks, end up, folks, end up doing right. Is they construct their workflows using bash? Scripts if they get to that level, And you know, as most of us know bash scripts are horrible to try and do anything with. And most of the coding there is is literally just coming, right? You know, it's all to do with data copying from one direction to another and stuff that all goes away in a system like this, you know, leveraging Crisps which sits above, you know, something like podman or Kubernetes, whatever the case may be, all of that goes away. Which we think is can be pretty useful for reproducible, computing and science and stuff like that. And another thing which which is maybe interesting useful to point out of here is and so I was a Red Hat summit last week.\nRudolph Pienaar: There's a whole bunch of stuff, you know, about how in industry we can. You know. Deploy models of computing. Like AI models. How do we deploy them? The first, I can tell the industry model to do that. Is you take a data scientist working in Jupiter notebook. And that's all they ever do. And then an application engineer or development comes in and takes her Python Jupiter notebook and shoves it into a flask python. Framework or fast API and that fast API thing, you then go and throw on the Web and manage with Kubernetes or partner, whatever the case. and that's if you want, most people are doing and that's, there's nothing wrong with that, of course, but it just struck me that What ends up happening there is that you kind of entrenching the separation between you the primary developer like potato scientists.\nRudolph Pienaar: Where it's going to be deployed. There's a huge gulf between them. Right. The data scientists. It doesn't know anything about flasks or fast API, they want to touch that. They don't interested in doing that. But in a system that we put together over here, the The actual thing that is deployed on the Web that is managed by Partman is managed by this whole system, is pretty much the exact code that you as a data scientists. Develop. so it's so it that that Delta between your prototype. Code, and the deploy code.\nRudolph Pienaar: Is much much shallow smaller and shallower than what it, and what is the normal way? It means. So that's another innovation where I super excited about to do you, right? You can develop your stuff, you can be a data scientists. You don't even have in this case here, you don't have to know what man. We doing it all for you without scripts, but you are developing your code and you're able to deploy it locally on your own machine. And pretty much see what it would be like, in production. Skin. Anyway, that's just a quick quick. High-end plug here.\nStevan Le Meur: Well thanks a Rudolph. I think that's exactly what we are trying to to accomplisher. It's helping the developers to be able to produce locally. Things that they would run on production. So having something as close as possible from production is super critical. Who have fast turnarounds, when you are building your application. But also, when you are consuming it, as you use, just the mode in fact so wonderful. The demo is fantastic. I think, and it's really nice to see the technology being used for such cases, as well. That's, that's very nice.\nJennings: So I was able to get what I wanted to show running, which is I just rolled back to an earlier commit. That was working. So what I tried to do was I ran a second, plugin instance here. and you can see what I did was, I was trying to run this program called Simple DS up with a parameter called Sleep Length, 20. And here we can see the output in podman desktop as well. So what the cris system did was once it received the request to run a container. It handles, all of the handles fudging with the podman interface for you, And it created a container with heels and both DS up. And here's the output, I'm not sure if we'll be able to inspect it anymore. Yeah, I can't inspect that any more because Chris decided to delete the container, once it was done running, if it was still running, then you would be able to see the flags here as well.\n00:20:00\nJennings: I also wanted to just quickly show off what Rudolph was talking about. So what I was showing here was just the stages of a biomedical compute pipeline. It often involves multiple steps and multiple programs that are going to be glued together by a bash script. If you've ever done any kind of scientific computing, you would understand what I'm talking about East Bash scripts or even CSH scripts are going to be maybe 4,000 lines long of gibberish. Whereas with Chris how we organize and orchestrate, these workflows is using a yaml schema\nJennings: over to pull up. My browse organ. this is a pipeline that I've been working on, which Extracts surfaces aka just polygonal mesh, representations of the fetal brain cortex. From a reconstructed brain image and so it does some file conversions and it processes the left and right hemisphere separately. And this is specified using a declarative yaml syntax instead of bash.\nJennings: I also wanted to add to what Stevan was talking about. We have Chris deployed and targeting Openshift container platform. Unfortunately this week we were just on Lucky our\nJennings: local cloud that we use. It's called the Massachusetts, Open Cloud and the New England Research Cloud. They are doing their yearly power down maintenance. So I can't show that off though. Typically Chris is deployed on Openshift and also uses Openshift for its public compute and one of the things about podman is it makes it easy where we can have this one set of Kubernetes, DML manifests that work on both Openshift and also just locally on my desktop\nJennings: I don't know if I'm supposed to be calling on people, but hello Matt.\nTom Sweeney: Oh sure. Go ahead.\nM\xe1ir\xedn Duffy: Hi. So my question for you because I know you guys were previously using Docker compose and I just wanted to know how was the transition been kind of coming from Docker compose into this setup?\nJennings: Yeah. Um, perhaps we should I noticed next in the schedule, someone's talking about quadlet which is something that we need to look into. I'll talk about why right now actually using Docker compose is a lot easier. For not necessarily the right reasons. It's because the her compose has a Insecure by default kind of mode of operand, which is great for developers. but, One of the things that I'm curious about is just trying to enforce the principle of least privileges here, and moving into podman was more difficult because of the Damon list thing. We need a Damon to talk which is why I'm running the podman socket and also the rootlessness thing, There were a few bugs there. But in general, the experience was somewhat good.\nJennings: There are some key differences between how podman cube play works and how the actual Kubernetes system works or how Docker compose works. The two biggest discrepancies, are going to be that.\nJennings: Podman cube play. Operates sequentially. What that means is it's going to create one pod or sorry. One container at a time and that's a problem. When you have containers depending on each other, in the world of docker, compose, or Kubernetes. These containers are going to start Asynchronously meaning If the dependencies aren't resolved, they'll just restart in a few seconds. And podman. I need to do the dependency resolution myself and how that works is. I've prefixed these with numbers denoting the order in which they are dependent. So I need my config maps first. And then I need my database and Q. Services which my backend is dependent on and then I have to run my back end near the end because it's dependent on the database and rapid MQ.\n00:25:00\nJennings: Yeah, Brent.\nBrent Baude: Let me check with Tom first on time check, how are you feeling Tom.\nTom Sweeney: And we've got all just a few more minutes. I can go five more minutes but that's gonna be pushing it.\nBrent Baude: Okay, I'm curious then. So when you say that, When you say that before with, I think it was composed and it's done. Sort of asynchronously. Are you handling?\nJennings: in docker compose, it's possible to specify the dependency order of containers. And that's not a perfect solution, but it is.\nJennings: Better than sequential.\nBrent Baude: Okay.\nJennings: I think it's also supported in podmin composed, but we've tried to move off of podman compose and into podman play cube.\nBrent Baude: Okay.\nJennings: So what you can see is when I'm running the Chris container over here, this is a docker compose file. I can increase the font size of it. This Chris service is defined with the auctions depends on, and the pens on is a list of other services, which must be started before the Chris service. This is good because we can make sure that these other services at least exist prior to Chris. This isn't a complete solution, because even though the containers themselves exist, these service might not be ready to accept connections yet, but still docker, composes able to figure out the dependency order and then start these both.\nJennings: Asynchronously. And in the order that would satisfy the dependency tree with podman currently, the dependency resolution must be handled manually. This is also somewhat deviant from the communities spec. I'm not sure if it's part of the Kubernetes spec, but I would assume. So that every resource specified in a yaml file, Or sorry, the order of resources specified in a yaml file, should not matter. So,\nJennings: What I have here is, I have a yaml file of a bunch of Kubernetes resources, they're separated by the Triple Dash syntax and in theory, or ideally the order of these services shouldn't matter. But when you're running it using podman, whether it be through podman desktop or podman cube play, the order does matter. You need to specify the dependencies before the dependence.\nBrent Baude: Okay, thank you.\nTom Sweeney: Any further questions. This has been great presentation. Great discussion.\nBrent Baude: I assume Tom has your contact information if I would want to follow up, you 'D be willing to answer some.\nJennings: Yeah. Oh, I mentioned Someone's later going to present on quadlet. I would be very interested in hearing more about quadlet because to my understanding Quad lit, is where podman uses system D as DC. Orchestrator of some sorts. And so hopefully, system D can sidestep this issue. With plodman cube in my understanding, is podman is starting these services sequentially. But if we were to define domestic D unifiles and system D does start services in parallel. I hopefully this dependency resolution problem goes away.\nTom Sweeney: Know unfortunately the speaker had to back out literally just after the meeting started. So we're not going to be discussing quality today but we can certainly get you in touch with him if you'd like to.\nBrent Baude: Who was the speaker, Tom? oh, Okay, we can. Yeah, we can do, we can arrange something for you.\n00:30:00\nTom Sweeney: Then, okay. And then not as moves, you down to the bottom of this agenda today, just so we can get to the other things too. If we don't get to the four, five update, I think we can get by without that. So next. Okay, next up. Step on me and just stop update.\nStevan Le Meur: Yeah. So I I think the demo that was just done by Jennings was a, just a very clearly illustration of how pen mendes that could be leverage for helping streamlining, container walkthroughs and streams. Most and if you can developer experience so this is great introduction. I will say so on, I'm going to share my skin. So we just announced the version 1.0 of Batman Desktop and We are really two weeks ago.\nStevan Le Meur: In this version, as you might already know, we provide a user friendly interface for managing containers and working with Kubernetes directly from the local developer machine. So that's a bunch of things that we are trying to, to do from a component desktop, like abstracting the setup and the configuration of the entire container tooling. So you can create your appointment machine directly from the UI and you have the ability to to create your machine.\nStevan Le Meur: With or without good privileges as well. And as it has been demoted as well, just capabilities to play Kubernetes yamls directly from from the UI. So you can see your buds you can see The logs, you can interact with. we said with each of the containers, And you can get the Kubernetes manifests for. Somewhere. Oh, you applications. So you can easily test that onto. Onto a unto donuts around. So I can take A container.\nStevan Le Meur: And I can say, Hey I want to run this container inside of a bud so I can create a pod on my container. I need locally with a man. and then, once I have this this environment, which is a, which is running, Once I have my bud running locally with Batman, I can easily deploy that onto Kubernetes environment. So I can test it on two different Kubernetes around and right now. From Batman Desktop, you can create a kind cluster which is a Kubernetes. Christopher running in input, man. So you can create the cluster.\nStevan Le Meur: You will, you will have that NDF there are after a few seconds, a few few minutes depending on the on the network. And when you are in the context of of your bird and your images, you will have the ability to easily insight with the cluster so you will have the ability to push an image that you build locally. With Batman and you will be able to push that image directly onto the gain cluster. To use it into a deployment or into service that you you want to try out locally? So, this is one step. One step further in some sense.\nStevan Le Meur: Once you have your game cluster, it appears as a container in your list of container. So I have it here in you. I can see the logs. And what's pretty interesting is that I can also directly from the here. I can also interact directly with a research there so I can Also, do a computer comment directly from the from here. So if I have my bud that I just create I can say, Hey, I want to deploy. That bird onto my chemical stuff so it's you use a superman coming to generate the Kubernetes manifests.\n00:35:00\nStevan Le Meur: And and then it selects the Kubernetes context and I can do the deployment. Of my bud directly on tour. Onto my calendar. So share, it's probably pulling the image and now engine is running and I can see my part running locally in Batman, but I can also see it running on Kubernetes kind of stuff here as well. So this has a type of workflow that you you can leverage to make make it easier for you to have your turn around and you to test your application. More easier. As well.\nStevan Le Meur: Coming with the version 1.0 we have a set of of extensions as you know, Batman Desktop. He's a, he's a it's open to multiple container online and Kubernetes distributions so that's compatibility with with the care Lima and for Kubernetes, we have integrated kind. But there's also the ability to run Openshift on your local developer environment. So you you can directly install the extension from from the screen. And once you have the application, the extension installed you can trade. An open shift, local environment. So I already have one. So, It's not going to.\nStevan Le Meur: Turn that you have the ability to configure your bunch of local with two different presets. So either you can use an open shift, local an open shift, single cluster single note, cluster on your local environment. Or you can also use a lightweight version of Openshift which is micro shift that you can run you locally. So this is what I am running. Here and you obviously ability to switch your Kubernetes context from gain. To Microshift. So, if I have An image that I want to deploy to Microshift. I can also do that directly from on the list of images. And I can.\nStevan Le Meur: Deploy. I can deploy you. Birds, I can deploy Kubernetes cmls directly onto a main micro shifter environment. We also integrated the capabilities for enabling the Docker compatibility mode. So this enable to map the docker circuit directly to to put men, but also use the command lines, that some developers may already be familiar with. So this is prettier pretty as well. So, it's available.\nStevan Le Meur: Today it's free. You can download it from a ferment desktop dota you open man.io. As well. And we are always looking for feedback and you new new ideas on things that we could be. We could be improving. So feel free to engage on the requisitory as well, so you can create issues. And you can also report feedbacks directly from within the application so you can share your experience. And tell us, what are your suggestions as well.\nStevan Le Meur: And with this, I think. I covered.\nStevan Le Meur: The Intel. On Badman Desktop 1.0. So the lunch was two weeks ago, we have been getting a very positive Feedback from from the community. We had a lot of blog posts and the media coverage but there is also\n00:40:00\nStevan Le Meur: Really announcements that we are. We published on a developers that had that come. So feel free to to give you to give a look, if you are interested, otherwise looking for hearing you your feedback and your thoughts. On the product.\nStevan Le Meur: Any questions?\nTom Sweeney: Another question but would you share the department.io site real quick? It's the fun. Yeah, just for a moment,\u2026\nStevan Le Meur: Sure.\nTom Sweeney: I just did want to mention that we have Mole here and That has been revamped greatly by her and other folks and it's looking phenomenal right now.\nStevan Le Meur: Yeah, it's the new website is looking fantastic. So kudos to to move what's been working on this quite easily and it's it's I think what Batman was deserving so, really cool to see.\nTom Sweeney: Yes, thank you. And thank you once again. Well, it really is great. all right, that we're going to move on to Lokesh talking about Paul man, shakes\nLokesh Mandvekar: All right, let me share my screen. Stevan, could you stop showings\nStevan Le Meur: Sure.\nLokesh Mandvekar: Well.\nLokesh Mandvekar: All right, I guess you can see my screen. Oh, all right, so first off, what's the problem at hand? So as a system administrator, I would like to confine each user to a predefined show environment and in that environment a user would have access to volumes and capabilities specify for that particular user. Now, what is Plug-inch? Odman SH is an executable user been augments h along with a container by the same name. I'm going to search now. This container is managed by a user quadley. With the login shell, set to the plug-in SH executable. When the user logs into the system, they enter the podmanus H container directly. Now, let me do a quick demo. So first, let's check the current user is\nLokesh Mandvekar: So that's the current user with the show set to bin Dash. Now I have created a demo user for this purpose. Now, this demo user has shell set to User bin podmanish. Also, with the user quadlet created for this demo user.\nLokesh Mandvekar: Books.\nLokesh Mandvekar: So this is a basic quadlet that's been created for the user. The image has been sent to Ubi-9 minimal. Now, let me first. See what posts I'm on. I'm on Fedora released 38. Now, I'll ssh into the system as gonna be user.\nLokesh Mandvekar: Okay. so I'm ssh in and as the user demo,\nLokesh Mandvekar: Environment is a real environment. As was specified in the bottled file. So, current status of this work, this is still working progress. There is an open PR, I'll link to it in Hack MD. Now this might get into 4.6, as a tech preview, but it should be ready for the release after 4.6. And that's my demo questions.\nTom Sweeney: Not hearing things.\nLokesh Mandvekar: All right. Yeah, Tom back to you.\nTom Sweeney: Right, Lokesh. Thank you. That's great. And Matt, do you want to give us a quick rundown? What's happening with four or five?\nMatt Heon: I honestly I think I'll just take the opportunity to go on to four six and future release plans because four five is, this point is two months old. so,\n00:45:00\nTom Sweeney: What?\nMatt Heon: Generally speaking, we are planning at least, one more release this summer, but there's still discussion going on in the team as to whether we're going to do two one end of this month and one somewhere in August, or just, just one release, which would be probably mid to late July. So we're not completely sure on this, but you were getting at least a four six and potentially a four seven by end of summer, we're hoping to firm this up and get an actual document out that will describe future release cadence at some point, but that's still being worked on as to what you can expect. And for six generally speaking improvements to podman machine, especially around Mac, and Windows improvements to quadlet and just general bevy of bug fixes that you usually gets also at some point, maybe not for six, but some point the future we are going to be making the new SQLite database back and the\nMatt Heon: Fault, still needs to be discussed if it's mature enough to do that and four, six. This should be only for new installation. So I don't expect any significant changes from user perspective, but that is something to look out for. And I think that's about it. I could go into four or five features again it's two months old and at our current cadence, that is a agent history.\nTom Sweeney: Now, that's fine by me. Brent, did you have anything to say? You look like you had something you wanted to sing?\nBrent Baude: You know, no, but I can add to it. We're currently just sort of looking at\u2026\nTom Sweeney: Okay.\nBrent Baude: what we're working on where Matt hit a lot of it. We're working on some final pieces for Netta Mark. Parody with CNI. And in terms of machine,\nBrent Baude: But I currently have two new hypervisors in flight. And one is Hyper-V. For windows. And the second is the apple hypervisor their native, one rather than c** you. Both are progressing nicely. Because their new platforms. For fedora coros, it does have to go through a rather. lengthy process and get into their release process, to where images would be automatically created.\nBrent Baude: On. But a lot of that code will be in four six and potentially for those chomping at the bit they can Check out if it fixes or solves any problems one. Very good thing. I'm happy to report is we have hurt Ilfs, working on the apple, Hypervisor part and it's quite fast.\nBrent Baude: I think that's it, Matt.\nMatt Heon: Yeah, science about right to me.\nBrent Baude: yes, of course, Stephen\nStevan Le Meur: you yeah, wanted to ask if you if you are looking for people who want to test, the the work on the I Native I advisors If you are seeking for, for more testers from the community here, I'm not yet.\nBrent Baude: I will but not yet on the hyper V side.\nStevan Le Meur: Okay.\nBrent Baude: We need we need ignition upstream to merge, and start creating some images. I could do one offs, but it's not something I like to do. The second piece is the\nBrent Baude: socket mapping. For Hyper-V is not been completed.\nBrent Baude: So, it would make it. More difficult for people to actually use in that regard on the habitable. On the apple side, we're still working out. I'm actually sort of faking out ignition right now, and that's how I'm doing the testing. But we're we're basically saying thing there, no socket mapping yet and we need mission to Merge when it works done.\nBrent Baude: And I'm going fishing next week, so it won't be in the next week.\nTom Sweeney: Don't catch any Celtics, please.\n00:50:00\nTom Sweeney: All right, that's it for our plan topics. We have just a few minutes left for open form. Questions, does anybody have any questions or comments? They want to make\nBrent Baude: We love to hear what we're not doing, right?\nTom Sweeney: yes. And also any topics that you'd like to see for the next meeting. Which I'll just say real quickly. Our next meeting is August 1st 2023. That's a Tuesday. That's first Tuesday of August, that'll be at 11:00 am again in our next ball. Meetings back up on me because you do that on the third floor you stay at the month and that's on the 15th this time around. So that'll be next Thursday. So, if you have any topics for either of those, let me know currently the quality demo will be on that list for the community meeting New August.\nTom Sweeney: I'm not hearing any other questions comments.\nStevan Le Meur: Comments. I think it's super cool. Everything that is happening in the Comet Padman community at the moment. So thanks everyone for your engagement involvement.\nTom Sweeney: All this.\nStevan Le Meur: It's amazing.\nTom Sweeney: this, it's been\nGerry Seidman: actually, if I can at the 11th hour, ask questions, I actually met with Ben\u2026\nTom Sweeney: there.\nGerry Seidman: At Red Hat Summit and he's very aware of this stuff we're doing with a major financial that very much wants ALS if you would be ultimate layer storage. kind of,\nGerry Seidman: Whatever dancing. Just I presented the group on it, I won't be able to, I don't know if I'll put on the 15th, but what's one after the 15th, what the meeting date after the 15th?\nTom Sweeney: um, the one is there's Department of Community meeting on August 1st with this. Another one, another Cabal meeting. And if I can get my calendar up, I tell you, it's the third Thursday, in July. You don't?\nGerry Seidman: Right. Well, I'll reach out to you, then send an email between you and I, I'll follow up on that. Um, really\u2026\nTom Sweeney: Okay.\nGerry Seidman: what I would, what my curiosity is, is right now. The ALF is considered experimental and storage in the container storage. Any suggestions on decide what the things I talked with Dan about about, Moving it forward to. Not being experimental.\nGerry Seidman: Like documentation. Things like that.\nTom Sweeney: Right? Can I throw that one in your life?\nBrent Baude: Yeah, I was just waiting to see if anyone piped up. So Gerry you're the one then.\nGerry Seidman: I'm the one if you've heard about the people thinking about it. Yeah.\nBrent Baude: I heard about him.\nBrent Baude: I guess for content. I'd have to think about that. It's an interesting question. What is I'm not deeply familiar with what's held it back? Other than the fact that it's fairly new, but not a new technology, but a new ad.\nGerry Seidman: Yeah, it's it's it's deployed, it works. In the, you know, it's it's Dan suggested Da edit, you know, submitting some documentation. The only place I could imagine to document that is in the Storage.com. Man Page because nothing, there's no commands associated with it. Maybe you have some other thoughts in that. I've written that up. I just haven't submitted it yet. um, It works.\nBrent Baude: Okay.\nGerry Seidman: Um, it's really just a matter of fear of commitment.\nGerry Seidman: because, Other than myself, a group of NT.\nGerry Seidman: And then some other miscellaneous projects, I don't think anybody, I don't know how many people using it.\nBrent Baude: let me, let me get back to you, but I wondered if there were You said there was documentation and container storage.\nGerry Seidman: Now there's there is not, I I wrote some up that I can submit and\u2026\nBrent Baude: Oh, okay. Okay.\nGerry Seidman: it really just I mean if you the other technology is the, you know, the alternate image store and that literally has two lines of documentation. I wrote A couple of paragraphs, which is probably too much but\nBrent Baude: Well regardless that would be good to have.\nBrent Baude: I think, beginning the blog about it would be smart it and we can provide a blogging resource if you're interested.\nGerry Seidman: Yeah, that's good to that but if you do you have my cut contact information?\nBrent Baude: Yeah, it's in the calendar notice, I would assume.\nGerry Seidman: okay, so I don't have your contact information, so if you could ping me out response, thank you.\nBrent Baude: Absolutely.\n00:55:00\nTom Sweeney: Right. Folks, unless there's any last questions. We're almost a time for this meeting. I'd like to very much thank all the presenters today for coming in and showing off the substance of fascinating. Look for a lot of things today. And again, we'll be meeting next on August 1st and then on July 20th. June 15th and July 20th. But I'm gonna stop the recording.\nTom Sweeney: And anybody wants to say anything and not be recorded. Otherwise, let's go to lunch.\nStevan Le Meur: Boost.\nGerry Seidman: In 30 days.\nTom Sweeney: All right, folks. Have a great day. Thanks so much.\nMeeting ended after 00:56:17 \ud83d\udc4b\n")))}qo.isMDXComponent=!0;const zo={},Vo="Podman Community Cabal Meeting Notes",Ko=[{value:"June 15, 2023 11:00 a.m. Eastern (UTC-5)",id:"june-15-2023-1100-am-eastern-utc-5",level:2},{value:"Attendees:",id:"attendees",level:2},{value:"June 15, 2023 Topics",id:"june-15-2023-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"Additional Layer Storage (ALS) (0:57 in the video) - Gerry Seidman",id:"additional-layer-storage-als-057-in-the-video---gerry-seidman",level:3},{value:"AuriStorFS - The cloud file system for the 21st century",id:"auristorfs---the-cloud-file-system-for-the-21st-century",level:4},{value:"Containers as Software Deployment",id:"containers-as-software-deployment",level:4},{value:"Container Storage",id:"container-storage",level:4},{value:"Additional Image Storage (AIS)",id:"additional-image-storage-ais",level:4},{value:"Additional Layers Storage (ALS)",id:"additional-layers-storage-als",level:4},{value:"AuriStor Container Accelerator (ACA)",id:"auristor-container-accelerator-aca",level:4},{value:"Qustions",id:"qustions",level:4},{value:"ipfs integration into Podman - Anders Bj\xf6rklund",id:"ipfs-integration-into-podman---anders-bj\xf6rklund",level:3},{value:"Open discussion (54:45 in the video)",id:"open-discussion-5445-in-the-video",level:3},{value:"Next Meeting: Thursday, July 20, 2023, 11:00 a.m. EDT (UTC-5)",id:"next-meeting-thursday-july-20-2023-1100-am-edt-utc-5",level:3},{value:"Possible Topics",id:"possible-topics",level:2},{value:"Next Community Meeting: Tuesday, August 1, 2023, 11:00 a.m. EDT (UTC-5)",id:"next-community-meeting-tuesday-august-1-2023-1100-am-edt-utc-5",level:3},{value:"Possible Topics:",id:"possible-topics-1",level:3}],Qo={toc:Ko},Zo="wrapper";function _o(e){let{components:t,...n}=e;return(0,ce.kt)(Zo,(0,Q.Z)({},Qo,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("h2",{id:"june-15-2023-1100-am-eastern-utc-5"},"June 15, 2023 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h2",{id:"attendees"},"Attendees:"),(0,ce.kt)("p",null,"Ashley Cui, Chetan Giradkar, Christopher Evich, Daniel Walsh, Ed Santiago Munoz, Gerry Seidman, Gerry Seidman's Presentation, Giuseppe Scrivano, Jake Correnti, Lokesh Mandvekar, Martin Jackson, Matt Heon, Miloslav Trmac, Mohan Boddu, Nalin Dahyabhai, Paul Holzinger, Preethi Thomas, Tom Sweeney, Tom Sweeney's Presentation, Urvashi Mohnani, Valentin Rothberg"),(0,ce.kt)("h2",{id:"june-15-2023-topics"},"June 15, 2023 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Additional Layer Storage (ALS) - Gerry Seidman"),(0,ce.kt)("li",{parentName:"ol"},"ipfs integration into Podman - Anders Bj\xf6rklund to kick off")),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://youtu.be/GYrFHoYtXDA"},"Recording")),(0,ce.kt)("p",null,"Meeting start 11:02 a.m. Thursday, June 15, 2023"),(0,ce.kt)("h3",{id:"additional-layer-storage-als-057-in-the-video---gerry-seidman"},"Additional Layer Storage (ALS) (0:57 in the video) - Gerry Seidman"),(0,ce.kt)("p",null,(0,ce.kt)("a",{parentName:"p",href:"./AuriStor-ACA-PodmanCabal.pdf"},"Slides")),(0,ce.kt)("p",null,"What is AuriStorFS\nFraming the Problem ACA Solves\nAdditional Image Store AIS\nAlternate Layer Storage ALS\nThe AuriStor Container Accelerator ACA"),(0,ce.kt)("h4",{id:"auristorfs---the-cloud-file-system-for-the-21st-century"},"AuriStorFS - The cloud file system for the 21st century"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Global Namespace\nAccess Transparent\nSecure\nCache Consistency\nPlatform Independent\nAFS Volumes as Policy Containers\nHigh Availability\nWorks Well over WAN as well as LAN\nBoundless Scalability\nHybrid/Multi-Cloud\n")),(0,ce.kt)("p",null,"Works with Fedora 31 and higher"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"ls /afs\ndnf install -y -q kafs-client\nsystemctl start afs.mount\nls /afs/cern.ch\n")),(0,ce.kt)("p",null,"Platform independent"),(0,ce.kt)("p",null,"Volume are rooted directories"),(0,ce.kt)("p",null,"Examples of Volumes\nRead Only - Machine Learning, Application Binaries, Configuration files, Static Web Content\nRead/Write - Business Documents, User Home Directories, Logs"),(0,ce.kt)("p",null,"Volumes are the units of Management and Policy\nAFS Volumes are named\nSpecial volume named root.cell\nVolume Directories can link to other volumes"),(0,ce.kt)("p",null,"Mounting Volumes to Local File System\nDirect Mount\n\u2022 ",(0,ce.kt)("inlineCode",{parentName:"p"},"mount --bind /afs/.@mount //"),"\n\u2022 ",(0,ce.kt)("inlineCode",{parentName:"p"},"ln \u2013s /afs/.@mount//"),'\nDynamic Mounting\nAFS Client side "Dynamic Root"'),(0,ce.kt)("p",null,"Every Volume is really an Object Store\nLocal Cache Consistency"),(0,ce.kt)("h4",{id:"containers-as-software-deployment"},"Containers as Software Deployment"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Container has root file system, and you can push/pull the image.\n")),(0,ce.kt)("p",null,"Costs of pulling a container image\nClock Time\nNetwork bandwidth\nCPU and I/O time spent\nDisk space"),(0,ce.kt)("p",null,"Large Container Images are not uncommon\nPyton is 1GB\nGerry has seen 40GB sized custom made."),(0,ce.kt)("p",null,"Large Containers can add up, and you can have many on a machine."),(0,ce.kt)("h4",{id:"container-storage"},"Container Storage"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Configuration File\n /home/gerry/.config/containers/storage.conf\nWorking directory\n /home/gerry/.local/share/containers\n")),(0,ce.kt)("p",null,"Podman Pull - object from container registry"),(0,ce.kt)("p",null,"Layer files are found under 'overlay'"),(0,ce.kt)("p",null,"Running a container adds the R/W layer"),(0,ce.kt)("h4",{id:"additional-image-storage-ais"},"Additional Image Storage (AIS)"),(0,ce.kt)("p",null,"Allows multiple ./storage instances\nImages are pulled into specified ./storage\nAt runtime, Images are search across AIS sequentially\nCan be share across users and machines"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"You can list images from multiple image stores\n")),(0,ce.kt)("h4",{id:"additional-layers-storage-als"},"Additional Layers Storage (ALS)"),(0,ce.kt)("p",null,"Stargz (Seekable Tar GZ)\nAttempt to solve the slow container start time\nSeekable allows lazy download of required image chunks\nRequires Augmented OCI Image"),(0,ce.kt)("p",null,"Alternate Layer Sstorage (ALS)\nProvides Alternate sources for Layer content (Stargz, IPFS, AuriStorFS)\nIntercepts Layer Pull/Expand"),(0,ce.kt)("p",null,"ALS Fuse Driver Plugin\nFor Layers it support the FUSE plugin will service paths in the form\n",(0,ce.kt)("inlineCode",{parentName:"p"},"//")),(0,ce.kt)("p",null,"Podman pull with ALS\nThe image size was reduced by quite a lot."),(0,ce.kt)("p",null,"This is deployed by Podman, but is experimental. Gerry would like to get it promoted."),(0,ce.kt)("h4",{id:"auristor-container-accelerator-aca"},"AuriStor Container Accelerator (ACA)"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"ACA Root satisified ALS Path 'Services'\nAuristor ACA finds AuriStor Volume\nACA Layer Volume Generator Service\n")),(0,ce.kt)("h4",{id:"qustions"},"Qustions"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Can AFS volumes store extended attributes (i.e Selinux labels)? Not yet, but in a near future version.\n\nAre access controlled on the server or on the client? Yes, in a number of places, being refined and needs improvement.\n\nALS requires a huge file system, is it opensource? Depends on which you choose.\n\nIs there a tool that creates the additional layer stores? Yes.\n\nWhay ALS instead of AIS. The dynamic nature of ALS. He would have to try and figure out AIS mapping.\n\nIn the past others have said latency is a problem with AIS.\n")),(0,ce.kt)("h3",{id:"ipfs-integration-into-podman---anders-bj\xf6rklund"},"ipfs integration into Podman - Anders Bj\xf6rklund"),(0,ce.kt)("p",null,"Not discussed due to time and Anders not being able to attend."),(0,ce.kt)("h3",{id:"open-discussion-5445-in-the-video"},"Open discussion (54:45 in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Podman v4.6 Release Update")),(0,ce.kt)("h3",{id:"next-meeting-thursday-july-20-2023-1100-am-edt-utc-5"},"Next Meeting: Thursday, July 20, 2023, 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h2",{id:"possible-topics"},"Possible Topics"),(0,ce.kt)("p",null,"ipfs integration into Podman - Anders Bj\xf6rklund to kick off\nPodman v4.7 and beyond update"),(0,ce.kt)("h3",{id:"next-community-meeting-tuesday-august-1-2023-1100-am-edt-utc-5"},"Next Community Meeting: Tuesday, August 1, 2023, 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h3",{id:"possible-topics-1"},"Possible Topics:"),(0,ce.kt)("p",null,"None Discussed"),(0,ce.kt)("p",null,"Meeting finished 12:02 p.m."),(0,ce.kt)("p",null,"Raw Meeting Chat:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Gerry Seidman11:02\u202fAM\nhttps://drive.google.com/file/d/1OjaARJayC-9Z3dQ0HdubWiyyzL3XFVcY/view?usp=sharing\nYou11:03\u202fAM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nChetan Giradkar11:03\u202fAM\nit requires access\nYou11:04\u202fAM\nGerry you';re muted.\nYou11:06\u202fAM\nQuestions in the chat please, Gerry can't hear.\nDaniel Walsh11:09\u202fAM\n:^(\nChristopher Evich11:12\u202fAM\nCan AFS volumes store extended-attributes (i.e. SELinux labels)?\nYou11:16\u202fAM\nI'll try to get him for questions at the end\nDaniel Walsh11:20\u202fAM\nAre access controlled on the server or on the client? Enforcement of who is allowed to chown.\nYou11:28\u202fAM\nFor those joining, Gerry can not hear us.\nNalin Dahyabhai11:45\u202fAM\nare your speakers muted?\nieq-pxhy-jbh\n")),(0,ce.kt)("p",null,"Raw Google Meet Transcript"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Tom Sweeney: Wanting everybody today is Thursday June 15th, 2023. This is the Podman Community Cabal meeting. We'll be talking today about additional layer storage and we have Gerry's. I'm going to mess up your name. Jerry, is it Seidman?\nGerry Seidman: But I've been seidman. Yep.\nTom Sweeney: Seidman, And then after that we've got to talk that's kind of a generic talk. For Ipfs integration into Pod, Anders was going to delete at least take that off. I don't see offers. Yeah, so we'll see. And I know Dan had wanted to talk about that as well. And so I have hack MD set up where I'll be taking the notes today. If you have links or anything that you want to add to it or if you find that I've just described something in the notes, feel free to go ahead and change those as you see fit. And with all that, I'm gonna hand it over to Gerry's. Thanks for coming today. I'm not sure.\nGerry Seidman: somebody could just check the fact that works that Could be my presentation's life. if not, \u2026\nDaniel Walsh: He?\nGerry Seidman: because some people like to follow along and as PDF, I could have put them there. That's a good point. Right.\nGerry Seidman: Nobody's going to confirm or deny.\nTom Sweeney: While I was muted, which was very helpful. It's no like not.\nGerry Seidman: Did you get it?\nTom Sweeney: It says I need access. Question.\nGerry Seidman: All right, hold on. Anyone with the link? Not let me do it again.\nDaniel Walsh: and I was now we said, Yep.\nGerry Seidman: Got it. Excellent because you don't make it easier for everybody because I'm going to talk fast. I'm from New York and I have too many flights. so hi. I'm Gerry Seidman. I'm president or a store which is a company that has a security distributed file system. I'm going to talk about our core product and also going to talk about what we're doing the container space or doing for accelerating.\nTom Sweeney: Who's Gerry now?\nEd Santiago Munoz: Very immuted.\nDaniel Walsh: Gerrymuted.\nDaniel Walsh: I see infinity.\nGerry Seidman: All right. Can somebody now say, Yes Gerry. I fear flies and I hear you\nDaniel Walsh: Yes Gerry. I see your slides and\u2026\nTom Sweeney: Yes.\nDaniel Walsh: I hear you.\nGerry Seidman: Nobody. You.\nDaniel Walsh: Yes.\nTom Sweeney: we can hear you.\nGerry Seidman: Can you hear me? So I can't hear you for some reasons, but that's okay. If you have any questions. I'll jump out.\nGerry Seidman: I've got it. All right, so I'm gonna go very quickly through a lot of topics. What I'm going to talk about what is Orest or FS. I'm gonna fake frame, the problem that\nGerry Seidman: The ores will container Accelerator solves. I'm going to very very quickly talk about container storage internals which most of you should know better than me. I'm gonna talk about additional image or which Dan certainly knows better than me. Then I'm gonna talk about additional layer stores, that's a typo,\u2026\nTom Sweeney: Technology.\nGerry Seidman: It should be additional layer Stores, storage, and then finally, I'm going to talk about the order here accelerator Actually, I'm going to be talking about that interest first with a bunch of other stuff and specific to it. So our surprise the cloud process for the 21st century that's actually a joke because the orchestra file system has its roots in the Andrew file system, which predates NFS it was designed.\nGerry Seidman: Very presciently. but the reason or what our stores initial funding came from the Department of Energy and we got an SDAR to create a 21st Century Cloud file system that extends upon the AFS vision. so that's the joke in that. but it was designed to do a lot of things store on extends very much beyond what the open source AFS does and certainly what anybody who's AFS a long time ago, might\n00:05:00\nGerry Seidman: Remember but here's the kind of the high level points and I'm going to drill into some of them, A true global namespace on that actually can span organizations not just clouds access transparent. It's just a processing files again for definition. In this case, I'm talking about the part of the file system, Not block storage. it's highly secure. I'm not going to go into the security model at all, into the catch consistency model. What that means is that, There is a local cash on that, on the machine, on each client. And if something changes in the server, it's the server's responsibility to inform the client, which means to do polling because it's done properly. Little version has the things like that. The cash actually survives a regal.\nGerry Seidman: if platform independent, the clients were on pretty much everything. I'm going to talk more about I'm going to talk about evidence, volume separately, high availability works well over the win as well as the land boundless scalability and like I said, hybrid multicloud by default. I'm just focus for a minute on these because they're just what I mean by a global namespace is if you just take a fresh install of the Dora and anything over for 31, There's a bug answer 38. But if you do a fresh install you LS slash AFS there's nothing there you install the cast client, there's an upstream when it's client that's in the main clean line, as well as in many distributions like we're going to not yet in route but we have a fine version if you're running around.\nGerry Seidman: 9.2 Ask reach out to me and I can give you this client. you just start the afs.mount service. And then if you're running there's a bug integer at 38 where you have to stand in first, permissive you don't into door up 37 and you won't or 39 and hopefully not much longer 38.\nGerry Seidman: And then just believe you're an astrophysicist or a high energy businesses and just look at files concern, LS slash AFS last cern.ch and lo and behold it works. Zero client configuration global management. Access transparent. It just looks like a file. So I'm going to just add a file from Cerns Atlas Project. Let's go from their aspected and it just work and as I said, it's platform, independent, on the one side of windows and the other side of women. I'm going to focus on the parts that are salient for ALS, the cash consistency model and the answer findings of policy containers really more than about the air that's fine in AFS again,\u2026\nTom Sweeney: He?\nGerry Seidman: volume is highly overloaded term in AFS and abiding. It's just a rooted directory of, files And it can have, files and sim links and directories etc. an example of a volume rewrite volumes would be, for example, painting data, machine learning training that a lot models data sets application binaries, configuration files, static Web content for write, your home, directory Scratch, space log but some specific project etc.\nGerry Seidman: Volumes are the unit of management and It's the thing, you put policy upon things like quota replicas. So for example, if that's where I want high availability, I might serve it up on three fosterers in New York in Shanghai One in London. It's still globally accessible, but your client will find a closest one to get you the best performance. maximal access controls, the security thing things that you can do things like this data. Can't be the US. It's got a lot of cool stuff, but an AFS volume and the AF unit of management is called Estelle and cells have volumes in them and volumes have human readable names. so for example I could have a volume called Language Model DOT training DASH data.\nGerry Seidman: so that would be where I would put it. I didn't say that access it yet and there's also a special volume with the name Root that again there's volumes. I don't know why I have a separate. you miss, what I'm showing is that within an FS volume, you can link to another amp as volume as if you triangle are for\n00:10:00\nGerry Seidman: Yeah, the triangles are showing, you can actually have hard links, you've actually have hard links as well as SIM links within a volume. You can't do hard length. but you can do mount points of the volumes. so how are you access it in? actually gave you This is the syntax not for cast but for our proprietary client but anybody can reach out, tell you how to do it or look up online. Mount Slash cell volume name gets you to a volume. That just works. There's also a dynamic route, /, By default. It could be anything else in your system. it doesn't have a lot of our banking customers, have it.\nGerry Seidman: Only locally accessible on and that's how the global names So I'll get back to that with an example. But for example, somewhere on my file system, I might want to have my, chat ABC language training data. I want to mount it there. So I just say I could do L / blah blah\u2026\nTom Sweeney: it's\nGerry Seidman: because slash that out. / myog.com, Bush language, training directly gets me to the root of that volume. So if I link it to be there, I now have it anywhere my file system. again, that's the syntax of here, but one of the cool things is dynamic, zero, configuration Global namespace. So there is that I mentioned in passing, a slash AFS directly off of the route. That's now actually reserve name. You can't. It's\nGerry Seidman: Its official things slash AFS you can't have such anything, and the way it works, if I go AFS slash you michigan.edu or cern.edu, There are DNS service records that say, where the metadata servers are for University of Michigan or certain etc. And what happens is the client, when you say slash afs/stern.com, it goes to DNS and it finds the IP address of the metadata server. And then it dynamically mounts, the route that sell special fruit. I\nGerry Seidman: Last say the penultimate thing I want to say is afs Everything was, really, an object store. It's not really a false, Server. It's an object server where each volume is an object store and each entity in it files, links, directories etc, are objects with their unique guys object IDs. And actually the server doesn't know anything about paths, unlike NFS. the path is all the pathwork, Interpretation is always done, completely on the client.\nGerry Seidman: As I said, also said there's a cash consistency model that survives reboot so when you read from the file server, a fraction of not a copy and sync file system. it just grabs the block that you read, it stores in the cash or the least presentation you use caching on and the cash can be very very large. couple gigabytes would be a couple of terrified. So for example you doing the machine learning Up. You might want to have a very large cache. so \u2026\nTom Sweeney: Traditionals.\nGerry Seidman: point basically networks over All right, that's all we know are all experts in or restore. now I talk a little bit about containers of software,\u2026\nTom Sweeney: Gerry.\nGerry Seidman: deployment, inheriting, all the classic problems of software delivery. very quick slide. Just we all know this that at runtime you're using, you've got an overlay file system the presented to the run container at runtime where the route is the write layer. And then there's a list of We don't get players. On the local machine, if you built. A container with a bunch of layers, you have all the files locally in particular, you also have a manifest that are config file. Whatever, those are well dependent,\nGerry Seidman: it's just helps me about the container image. But when you say top, I've been push. It takes those files on the layers and creates a car.tz compressed version. And that's what goes up to the container registry, and the container regency stores them. And in fact, the container registry is basically an object store where the manifest even a io slash\n00:15:00\nGerry Seidman: Out library slash alpine, you go to the registry and say Hey, what's its unique ID? What's the idea of its manifest? That's the only time you used, It's not object like And then from there on you just bootstrap and say Give you the man give you this object ID which is the manifest. They give me this object Died ID with coming in the manifest, the layer ID to grab the layers. and when you say Pull you do the opposite, you pull the layers and you untar them locally onto your local disk. so what are the associated costs with pulling a container? There's the clock time spent downloading the entire car.g file, which for large files, can be not insignificant that the cost of the network bandwidth.\nGerry Seidman: but if any CPU and IO spent expanding, that's hard on TV onto locales and the disk space required to store them and expand them. So effectively your container start time is the download time plus the expansion time and again these costs are only incurred the first time to container the layers full I say container image but it's per large container. Images are not uncommon. Icon is 1.1 gigabyte. Before you do anything, we have I know of customers that have just taken. Legacy systems and made them into one. Giant could 40 gigabyte Container. and then an example of that would be SAS. If you remember the old statistics programs is? Yes. That's what they did. They're not a customer bars but they have one I think there's 50 or 60 gigabytes. They just\nGerry Seidman: Big one, giant container image big deal. I'm only downloading it once no problems. So if I got a one gigabyte app, I download it to my machine or my server. I got the problem is a scale this adds up. So if I'm deploying a thousand one gigabyte images to a thousand machine a thousand. And they say, if I'm delivering a single gigabyte image to a thousand machine, that means I've got to move a terabyte over my network. which is you don't ever want to start a thing with a terabyte over your network and certainly, if you're in any industry where the network has to be really, Smooth like a bank anything is doing experimentation on it. you don't want that choppiness of the network caused by a lot of pulling of images on. And again, we're running a thousand machines is an uncommon. I mean, we have enterprise customers that are running on\nGerry Seidman: It actually running applications almost 200,000 machines. Tens of thousands of applications not uncommon for a single application, to go to a thousand machines and then we just drifted across the enterprise both locally and globally and cross-cloud. So that's not uncommon and we also have customers that have HPC compute clusters, where they got a thousand nodes and they'll just, blow out the container image To the notes in the classroom so It's not unrealistic. The other thing is that if you're running lots of containers at a single machine either individually with pod man or orchestrated by a Kubernetes, you can have a lot of containers in the machine and that actually causes a bloat in the disc\nGerry Seidman: just by the way. there's the Pie Man Group, an open ship node if you configured it with a bunch of stuff. Turned on can be up to 100 gigabytes of operator interview. So when you're creating a new openshift node, you could be pulling as much as a hundred gigabytes of container images and there are many as factors in the time but it takes about 45 minutes of setup and openshift note. so okay, so now we know, can we take as bad? their respects. so an important observation and this actually goes back, is this software delivery crop, there's over deployment problem goes back to cards, and tapes, and discs, and CDs, and RPM files. and containers, that many of the files in this offer deployment, and the container image are just not used.\nGerry Seidman: They're just not used. unless somebody put a lot of work into calling their deployment. Pretty bloated. In fact, going back to a paper on back in 2016. There's link by harder.\n00:20:00\nGerry Seidman: Pulling packages accounts, for 76% of containers, start time, but only six, four percent of that data is great. That was the result of Studies their analysis over the three years ago but I suspect it's worse, not better. But There you go. So in that prior example, if I'm pushing a thousand copies of a container to, a one gig by tonight near to a thousand machines that one terabyte would go down to 6.4.\nGerry Seidman: And there's a local dishes, reduction of storage actually for more than six for more because the carballs expand again for a single image. It's not important. But I've got a machine with many images, I could have hundreds and they have hundreds of gigabytes of Actively use container images on it on a server or a coin Tom, I'm not going to dwell on this. This is from that 2006 paper, about some example slides, let me go back, What was their research was fast, distribution of lazy doctor containers, and they had this idea that if you could create an index into the target, the file you just cherry pick the\nGerry Seidman: Blocks of the Tar of the blob using HTTP get range instead of just HTTP, get all from the tainer registry. and so, their whole paper is about creating indices and creating these non -standard container images. so this is from there.\nGerry Seidman: There, non-standard implementation, but still they're getting pretty impressive, compressions and pretty significant. Start time improvement. again because it's only pulling down the files that are actually used as runtime. Or so let's not take another digression on container storage. because then this will all come together because My feeling is, never.\nGerry Seidman: Never use a technology. You don't know how to write. So I'm basically going into the internals of you understand how it works in that way? Hopefully everything is clear, container storage. again, This is talking to the choir, he's acquire or I am preaching, that you've got the storage on configuration file storage at Conf file. and then you have a local working directly where the container layers and images information stored on and at those respective paths, this is all implemented in the Storage containers slash image, subsystems,\nGerry Seidman: Just for laughs, I'm just starting with a fresh system I say podman images. And what that does is that actually populates the empty graph of the structure. I can teach drove into everything but that's the kind of the structure of storage in Edwin time with pod man. And if I look at it, when I just created empty, it's about 32k, all right. we're only going to focus on again, in these slides, the things in green are the things remind myself to talk about. There's the overall a storage and that's the storage slash over. that's what the actual files are stored for the layers and images. It's where Information about the images. is stored because again, a layer may be used by multiple image just\nGerry Seidman: All So again doing something simple like a dot pod man poll, it gives us a throws out this number which is the the layer digest of a layer outside the single layer container. this every day I'm saying works on multi-layer containers. It cools down the manifest file and then it copy signature and it goes back the id of the registry, the idea of con that's a digest of the container image and justice. So we'll see these numbers again is 31. is the layer C1, aabv is the looking inside the overlay images file. We see bear again.\n00:25:00\nGerry Seidman: Corresponding to the image ID of C1a. There's a self-direct you c1a with junk under it, but it does include the manifest file and the way you find the Sea 31 e35. that's the actually manifest ID. The digest of the compressed image, not the uncompressed image, which is actually what's used in the manifest file. so the way to find the Actual digest, that layer is doing stuff.\nGerry Seidman: But extracting stuff out of the JSON bucket advo, again, I'm not going to talk it through, but the point of making is that you cannot forget about the 31 e blah blah, because it maps to one to the seven, a 78, 8 blah blah, but we're gonna want. Again let's look at the overlay folder, we see the bear lo and behold is a directly corresponding to that layer. With some files, the saline file being the diff file which contains the files from that layer and I can go directly and see those fun. All right, so we're now and then it run time.\nGerry Seidman: Everyone at runtime. You need a we'll see a second, container layers created. That's the transient regular layer of this container. when the container ends and you remove, podman RM. that layer will go away but I just want to, be clear that I run the container and break some content in it. I can see it actually under over All right. So now We all probably were experts on this before I started talking, but now we're reminded experts. so now we're talking about an additional image store and I'm additional image store, briefly on Alicia Image Store, allows you to have multiple instances of that structure that I just talked about. and\nGerry Seidman: you specify and you have one or more of those. And those are configured in the storage. I can't follow under additional image stores. and what it worked exactly like when you do a poll it looks like any pull, but you pull into a specified copy. So you have actually that directly structure multiple times in multiple plates. All right, depending on how many you have. And so if I pull busy box into that and then I go into that directly the temp slash ais. You'll see lo and behold, I get exactly what I saw before. but the AIS will only be read only. You will never ever be, it's only for the images, the layers from\nGerry Seidman: Downloaded Images. The rewrite layers at runtime, it will always put the rebite layer in your primary route. But notice, I left something out. I just want to be very clear When I ran Alpine 7.5 megabytes just remember that number 7.5, megabytes is the size of alpine, busy boxes smaller, 4.8 megabytes. and when you do a podman images, you have an extra column with them additional restore which will tell you whether it's your store it's coming from whatever you read, only layer stores.\nGerry Seidman: so what's the value, proposition of this, you get to share only layers across multiple users. for example, if the alternate image stores is on a single box, as you know, that in podman root was podman, every user has their own directly structure. Corresponding to storage on digital, allow you to have a single place rather than having every user on a machine. Downloading, the image, they can get from a shared place. another use case is you downloaded into an NSF share. And now, you have files that are being called on your local machine from an NFS share. And so instead of having copies on every machine, you have a copies just share all of this because of the whole into the alternative.\n00:30:00\nGerry Seidman: Image store, it has to be administrative managed. Somebody's got to do something to do that, whether to do the Poland locally of the pull, into the end of the share, on if you haven't read it. There's Daniel Walsh's is article on exploring additional image tours in climate. So the bottom line is part, man, works pretty much to me. Additionally, the creamers standard. It's just allows to have more than one. Let's have extra real now to be contrasted with additional layer store. ALS.\nGerry Seidman: It would, the history of ALS goes back to that harder paper where they tried to create As I said, a way to lazy load containers by having an index into a GC file That's what the essence seekable tar tzus. But that stands for, and that's what they did. I'm not gonna dwell in it. But, the original approves, the concept for ALS was done by a group of NTT engineers, who did the heavy lifting of\nGerry Seidman: Implementing what the harder group did but in actually container slash images just in compares my storage as well as in container d. and it is now shipped. it is in padman today so, ALS provides or additional sources of layer content not about the whole structure of the storage. It's just A layer content on there are actually three examples of uses of ALS the star GC. The NTT one serum I think has one, but I think they may have walked away from it. There's an ipfs implementation, of course,\nGerry Seidman: so, the way you implement ALS is with a fuse driver on because you need some sort of RPC from the container runtime, to say, Hey, I need the thought content of the layer. Can you provide it? It's really what happens at runtime right? But before down do I have the files locally? it says Hey you use file system. Can you provide? And you specify the root of your ALS file system under additional layer stores in the configuration problem.\nGerry Seidman: And so what happens is at runtime, there's an intercept. if it doesn't already have the files, it asks, can you do it? And if you're also says, yes, It's okay, great. Give me your route and I'll get the files from you. we'll see a little bit more details. Don't here. So, in this example I have my Orestore ultimately stored fruit at Chiliary Slash Home slash Store by putting that in your config file. It's telling the container runtime to look\nGerry Seidman: We don't want to query you, it uses the fuses according language, it's kind of an RPC, your future, lash your ALS root slash the basically form of the image Layer Digest. And that's where it's expecting. You to provide. a different directory, as well as some info and info file and the RAW blog if it asks you for it never does. But alright. So again you have to satisfy the ALS RPC by being able to service these paths.\nGerry Seidman: But these paths by your driver. So let's look again. So here's the same thing. I did I have a blank fresh banana storage, the 32k. I do it with my ALS driver running. I saw a problem Paul, everything's the same. And now I look into a dis usage on it, and instead of being 7.5 megabytes, it's 1.4 kilometers. And 104 kilobyte and that's not going to change. The caching is done on AFS. That cash is any different place. so in this case we reduce the container storage size by quite a lot. And the interesting thing is, when I did this Dr. Paul nothing came over the network.\n00:35:00\nGerry Seidman: All that happened was the ALS driver, said I can provide the services. I can provide the file. You didn't answer any file. So I'm not doing anything yet but I'm saying, I can if you false at those directories. So now let's look in the store for that's actually overlay. no this is the ALS route. what my fuse Paul system is providing and my priest is a root with the base 64 encoding of I guess that's io / Alpine. Or something like that, the digest of the layer. And I have to provide.\nGerry Seidman: Basic people of the reference slash died, layer digest, slash Bob /, stiff /, info and doing a little forward. Think notice that, what am I doing in my Orestore? They also implementation. I am I'm just doing a link to a volume on the cell DVD that I mx.com blah blah. Coincidentally with the name, very similar. I'm truncating, the names just for you either use and again just to prove I did an echo of that z blah blah through based 64 decode and yes in fact it is / liver.\nGerry Seidman: going back to container storage. what I'm seeing is that A Digest ID, I see. Under the death rather than the files which I saw before. I just see a symbolic link. again, I did that's what it really is but below I kind of abbreviated so The Overlay slash Layer Digest. Glitch GIF is really a symbolic into that AFS about into that path, which in fact is Going to give you the content of the day ARS or volume.\nGerry Seidman: And I'm just kind of showing you that really works on the slash info just gives you a standard information of the information of that layer. That's a image standard. and if I do a stat - l of the blob file, it says that in fact, if Laos driver can give you the part of the file of that, layer, and it's gonna be three point four, 3.4 mega. and of course, if I run the end and if I just run it, everything runs as normal. So again, the only, I ran this and the storage size, one from seven point five megabytes, a hundred, and four kilobytes.\nGerry Seidman: So that's the trick behind ALS to be many. You can put NFS behind Ali but if the fundamental difference in ALS and AIS, is that, as has a complete replication of that complicated structure, which allows us to reuse a lot of code, it's using the same code as container storage. But,\nGerry Seidman: but with ALS, you're just grabbing the layers on the Web. All right, so this is currently Deployed in pod, You can run it today in five, but if you look in this source code, it says Experimental. And if you look the band page for storage comp, there's no reference. So one of my missions is to get it promoted. and Dan suggested the following route, give a presentation of the pod, man. Cabal, this write a blog article about it.\n00:40:00\nGerry Seidman: Update the man pages to storage account.\nGerry Seidman: Describes additional layer store and makes them create some as a test. I can be run in the continuous integration, I think for the storage fiber. So finally, yes, there are some container accelerator. again, I really want to already All it is a fuse driver at runtime, it's a fuse driver. That maps, those munched names of lake of container image references slash layers to AF volume names in a well-defined manner. How is it configured? Actually look at this actually have in a cell\nGerry Seidman: I have this layer volume that file so actually that path is the same path. That I put in Assuming I'm sorry configuration storage account in the ALS client configuration, give it a path that they bootstrap I don't want Put information on I'm a distributed file system. I might as well have to configuration where it should be. and what that's saying is that The cell name ABC Direct ids.com will service layers.\nGerry Seidman: these are from these repos and you will find it in that cell under the layer name, J-1 Underscore Blah, where the blood and I strip out this shot to pick the same. so that's the mapping to find the air or volume, from from the image and Up. Why does it work where these layers coming from? There's a service called the oyster layer.\nGerry Seidman: Volume generation service that either can be hooked by a webhooks for your container registry or through. A command line tool where you say L V I'll be c Ingest docker.io slash Alpine and all it does does it goes to the container registry, it grabs the manifest? And then, for each of the DIP layers, it says, If I haven't already created an IFS volume corresponding to that in the appropriate cell. I download it and I untar it and then I create an Amazon volume with that. and so that's what the later generation service does, that's it. So now I'm gonna stop sharing and I think I was not too over and I haven't heard anything. So hopefully\nDaniel Walsh: Can you hear us now?\nGerry Seidman: Hopefully people here, it might get presentation. Good can't hear you.\nDaniel Walsh: Yes.\nGerry Seidman: Could somebody say something our speakers muted?\nDaniel Walsh: we're trying to talk, you can't\nGerry Seidman: No, they're not. Okay, so people are speaking. I'm gonna just\nDaniel Walsh: Can you hear us now?\nGerry Seidman: Okay. Tom. You raise his hands.\nGerry Seidman: Are you speaking time? And hold on a second,\u2026\nTom Sweeney: Can you hear anything? At all during\nGerry Seidman: I'm sorry.\nTom Sweeney: Can you check chat?\nTom Sweeney: And here's\nGerry Seidman: My Bluetooth. I'm having technology problems. I apologize.\nEd Santiago Munoz: first past,\nGerry Seidman: and so,\nTom Sweeney: I don't think he's on board yet. you can hear us. Okay.\nGerry Seidman: I can hear you now. Yeah, my Bluetooth. Down.\nGerry Seidman: Who knows all these screen sharing things do weird,\u2026\nTom Sweeney: I'll be.\nGerry Seidman: things that Bluetooth and it turns out the speakers on my laptop don't work. So I had to put an external speaker.\nTom Sweeney: Okay, so We do have a couple questions that were queued up while you were talking,\u2026\nGerry Seidman: I apologize.\nTom Sweeney: and we couldn't get your attention. So Chris had one that was can volume store extended attributes,\u2026\nGerry Seidman: Absolutely.\n00:45:00\nTom Sweeney: ie SE Linux labels\nGerry Seidman: extended attributes're currently not supported, they will be supported in the next release of our store. and I'm guessing you asked that because the overlay file system wants speaks so it turns out pod man is good Kubernet. Openshift is bad because POD Man default to fuse overlay at this. I refuse every AFS I can provide them the dot, the white app files But in the next version of Aura Store, we'll be able to do that. We're actually doing some other stuff. We're also doing verities checking and things like that which will make us the only just distributed file system that can do that. That's already if and when you care on etc.\nDaniel Walsh: Gerry. I asked Access control. Is that done on the server side,\u2026\nGerry Seidman: Yes. there,\u2026\nDaniel Walsh: or the client side?\nGerry Seidman: there's a problem. Ask the control of an interesting thing, because there's actually three different places where your Baptist control. You have the Unix bits that are in the container images. Those are preserved by container of the standard pipeline, there's the permission to download the layers on the container registry. And then there's the permission to access the AFS volume.\nGerry Seidman: All right, three different places We can restrict.\nGerry Seidman: A runtime application to access the files in an AFS volume. We can do that. We can put access control on the volume. We can't do it on the per file because I can't be worth that. Can't be represented, we actually can but it makes no sense in the whole container model. but if you would really want to do that, you would want to have a container registry that would never serve the product PZ.\nDaniel Walsh: yeah, yeah, because we've been in the past if I put stores on And network file store. For instance, NFS. It doesn't understand username space. So if I'm in using a space and I tried to chone a file, the service says, no because it doesn't want, UID the Walsh to Jones. Uid 100,000 Yeah.\nGerry Seidman: Got it. Yeah. Yeah, I don't think yeah, good.\nDaniel Walsh: I think it Would AFS work same way.\nGerry Seidman: And that's the book. No, I guess would work. I don't,\u2026\nDaniel Walsh: What?\nGerry Seidman: I don't know why it's out of my pay grade but if I \u2026\nDaniel Walsh: So, you think Andrew would allow that?\nGerry Seidman: I believe. So I could run a quick check, but I believe it does. But take that as a qualified. Yes.\nDaniel Walsh: All right, so yeah, when you were showing the additional layer store, you have a tool.\nGerry Seidman: And hopefully, I'll play it in this representational image store.\nDaniel Walsh: No, no additional. But I liked a lot of lights and it'd probably be helpful. If we got some of those slides up to basically describe all this stuff all works the ALS Though.\nGerry Seidman: Every.\nDaniel Walsh: You say there's a fuse file system that's required, we is that fuse file system open source at this point.\nGerry Seidman: It's an implementation specific thing, the start the MTT one, the star gz one is the orcer.\nDaniel Walsh: Right. Okay.\nGerry Seidman: One is not but\nGerry Seidman: It's a Long story. As to why or store is not open source? We'd love to be.\nDaniel Walsh: Right.\nGerry Seidman: We just can't eat and build in source.\nDaniel Walsh: That's fine. So, you have a tool that is creating these additional layer stores.\nDaniel Walsh: in a format that we can get some to buy making consume. Hi.\nGerry Seidman: Yep.\nGerry Seidman: Yeah, yeah, I think it's that the image layer digest to layer, the orcer layer volume. Configuration is, this is shared by the server and the service that creates them as well as the client. yeah.\nDaniel Walsh: and lastly, the\nGerry Seidman: Anything and there's a little thing I want it. Also mentioned Big organizations that have a lot of apps over. A lot of time have a lot of problems with Cullen. when when you call something and our customers are always asking what can we do to help and it's not a lot we can do to help because you can only at best in for certain things, but and the container images you have this an even worse problem because you are Ask you be, cashed far away, and have it for a long time. And so we posited that we could get some some users metrics from our ALS drunk from our fuse driver. Of the weather layers are being used, would you?\n00:50:00\nDaniel Walsh: Yeah. So if he had a layer that has been used in three years that you can get rid of it.\nGerry Seidman: Right. Exactly.\nDaniel Walsh: other questions, anybody?\nDaniel Walsh: So, why would you prefer to use ALS rather than just doing? Ais.\nGerry Seidman: This. One is the dynamic nature of it that there's no pull. The other with. Areas is, I would have to figure out how to do it. Because I'm mapping, I'd have to do something in image store, to do From. The appropriate path where ALS jumps off. where was storage? as it's just the standard storage, overlay slash blah. I don't know how I would even look into that without doing some. Plumbing. In story. Right.\nDaniel Walsh: I guess, lastly, the reason've people have said they won't use Ais in the past has been laden. so that you're running a container, it's running fine for a long period of time and\u2026\nGerry Seidman: Okay.\nDaniel Walsh: then all of a sudden decides to access some piece of data that is in cash. And It goes into a pause.\nGerry Seidman: Yeah, I mean but yes the answer is one of the events of a alsover. Over AIS in that regard is the cash. If you hit something, you haven't hit the long time. it may still be in the cash for the NFS. You're always doing it whether you voted it recently or not. Could be cashing is much.\nGerry Seidman: And not as good. which,\nGerry Seidman: and one of the things they did in East RG, the Star Gz project which we have talked about doing as well to That problem is to create a manifest of files to pull the pold to populate to feed the cash. When I was at Redhead Summit, I spoke extensively with somebody who works as a cruise line and a ship is one giant. Open ship cluster. And they have a lot of pain bouncing that off of a satellite network. That's extensive and slow and loss and unreliable.\nGerry Seidman: So to meet their needs, we talked about adding functionality of, like I said, a seat a seed, set of these are files, you should preload and those can be obtained by observing fire runs of the application on. That's already implemented again in Star Gz, You look at there's a way to somehow I forget how but somehow specify however how to pre-pull Anyway this is funny because it sounds the fast start but by default it then lazy loads the whole image. So you're going to fast start, but eventually you have all the fossils.\nTom Sweeney: Okay, I'm gonna have to hold questions here because we are way over time and\u2026\nGerry Seidman: So sorry.\nTom Sweeney: yeah, no problem. but thank you Gerry's, very interesting. And if we'd love to have you back in the future,\nGerry Seidman: Okay, I'm gonna post that I post. Only I possibly, you guys have. Yeah. Hopefully that wasn't too fast.\nTom Sweeney: Yeah, we have the link.\nTom Sweeney: That briefly.\nMatt Heon: That's delay until Monday. Four minutes is a little late to talk about this and I don't want pushes. or without we'll delay this,\u2026\nTom Sweeney: Okay.\nMatt Heon: until next time we can\nTom Sweeney: Okay, yeah, it's gonna be a couple.\nDaniel Walsh: I get.\nTom Sweeney: Yeah. This.\nDaniel Walsh: Yeah, just for those I guess we're not gonna start for another week for that sex is what bottom line, right?\nMatt Heon: Yeah, at this point I would like to get things rolling but we can probably get the ball rolling during the planning on Tuesday and then see things roll from there. I would hope to have an RC out in two weeks maximum.\n00:55:00\nTom Sweeney: Yeah, and our end goal for four sixes to have something out by mid to late August.\nMatt Heon: No, that's four seven and go for four,\u2026\nMatt Heon: six is to have something out very early July. Hopefully\nTom Sweeney: But much more expedient that I had Given that I think I'm going to wrap up this meeting and just I do.\nGerry Seidman: I'm going to question\u2026\nTom Sweeney: No, I do the Sure.\nGerry Seidman: if I make is really advanced when we met you, we talked about there should be a man page other than storage on Conf Where would man information go? I can't think of any place because there's no just storage.com Good.\nDaniel Walsh: Right. You're going to Storage.com. Yeah.\nGerry Seidman: Okay, I just wanted to confirm that. Thank you.\nTom Sweeney: Okay, so our next cabal meeting will be on July 20th. Same time, 11 o'clock in the morning eastern time and then our next community meeting will be happening on Tuesday, August 1st. I'd like to thank Gerry very much for coming here. Presenting today is great information and for everybody participating and with that, I'm going to turn off the recording.\nTom Sweeney: And so many buttons to click to turn off the recording, Anybody want to say anything or comment anything? Without recording going on.\nTom Sweeney: Because a big fat no and say let's go get some lunch dinner and get out of here. Right.\nDaniel Walsh: Nope. Gerry I'm glad I could attend but I was supposed to be on a flight out to Europe and never made\u2026\nGerry Seidman: I'm glad you got made it\u2026\nDaniel Walsh: So, I'm stuck in DC right now. So,\nGerry Seidman: hopefully, it clarified a little bit more what we're doing.\nDaniel Walsh: Yeah, know I found an interesting. It's\nGerry Seidman: Yeah. This scary thing is how incredibly simple it is. and\u2026\nDaniel Walsh: yeah.\nGerry Seidman: it works because we have a million lines of code of a really good secure distribution policy system underneath but the ALS part and\u2026\nDaniel Walsh: Right.\nGerry Seidman: they container part it's trivial.\nDaniel Walsh: What was AFS first introduced,\nGerry Seidman: It isn't a history of the brief history. once upon a time, There were no computer science departments, there were math, departments at ED Departments, and back in 1982, CMU was forming a computer science department and IBM. And if you want to start a department, you need researchers to pull it in. So, I'd be able to length and seven of the researchers, when IBM did real research and gave them 35 million dollars and said, Focus on distributed computing. And that was the start of the CMU Department and the start of the Andrew project.\nGerry Seidman: And many things came out of the Andrew Project. IBM's distributed transaction processing system came out of that and they made a billion dollars on that. So they got their money back in spades and the end system came out of it, too. the intention was to spin off companies FS on into plans are IBM, which was a product. No idea in real life, AFS doesn't sell hardware and they decided sunset, it and ended up and open source. and it struggled in open source and forest formed by them primary open source, people to Make it good. And he mentioned,\u2026\nDaniel Walsh: It's cool.\nGerry Seidman: who's using it, by the Department of Defense is used by Horn of Energy. She's my major banks, many different use cases.\nTom Sweeney: The PCE back in the day. Also, Do you know was a part of DCE distributed computing environment.\nGerry Seidman: it was,\u2026\nTom Sweeney: That was a\nGerry Seidman: There was a fork of it. That went into that, I think. Again, that's way before my time. You\u2026\nDaniel Walsh: Thank you.\nGerry Seidman: I'm relatively new to this world. In historical.\nDaniel Walsh: Dte DC came a few years later. So,\nGerry Seidman: Yeah.\nTom Sweeney: There are some early 90s.\nDaniel Walsh: but,\nGerry Seidman: Yeah. What happened was got Guam density, Athena project. If you remember the Athena project MIT, which you did okay.\nDaniel Walsh: I worked on it being a project, so\nGerry Seidman: Which led to some licensing issues and it issues and questions that Dot, It was a different world. But how software was?\nGerry Seidman: Used by different people.\nTom Sweeney: Banner,\u2026\nDaniel Walsh: Yeah.\nTom Sweeney: you're making it to check. Are you coming back to me?\nDaniel Walsh: I am making it to check and flying out at 5:30 tonight. And Mandela,\u2026\nTom Sweeney: Choices.\nDaniel Walsh: I'm right outside of Dulles airport right now. Waiting to Have any extended stay at a hotel room.\nDaniel Walsh: Late. Check out.\nTom Sweeney: Yikes.\nDaniel Walsh: alright. Good Gerry, good step, one done. I need step two, three four. And we'll\nGerry Seidman: Okay, I've written the documentation, but the problem is that, I think I wrote too much For the Man page but I'll run that by you.\n01:00:00\nDaniel Walsh: Yeah, you're probably confused the all right.\nGerry Seidman: Excuse me.\nDaniel Walsh: You'll probably confuse everybody by putting a huge section. Yeah.\nGerry Seidman: The Man page for AIS is one line. Put stuff here.\nGerry Seidman: I could do that too.\nDaniel Walsh: Alright.\nGerry Seidman: Thank you guys. Have a great afternoon.\n")))}_o.isMDXComponent=!0;const Xo={},$o="Podman Community Cabal Meeting Notes",ei=[{value:"July 20, 2023 11:00 a.m. Eastern (UTC-5)",id:"july-20-2023-1100-am-eastern-utc-5",level:2},{value:"Attendees:",id:"attendees",level:2},{value:"July 20, 2023 Topics",id:"july-20-2023-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"Passwd and group entry handling with --user, etc. issue (0:354 in the video) - Justin Jereza",id:"passwd-and-group-entry-handling-with---user-etc-issue-0354-in-the-video---justin-jereza",level:3},{value:"ipfs integration into Podman - Anders Bjorklund",id:"ipfs-integration-into-podman---anders-bjorklund",level:3},{value:"Podman Release (32:33 in the video) - Matt Heon",id:"podman-release-3233-in-the-video---matt-heon",level:3},{value:"Open discussion (: in the video)",id:"open-discussion--in-the-video",level:4},{value:"Next Meeting: Thursday, August 16, 2023, 11:00 a.m. EDT (UTC-5)",id:"next-meeting-thursday-august-16-2023-1100-am-edt-utc-5",level:3},{value:"Possible Topics",id:"possible-topics",level:2},{value:"Next Community Meeting: Tuesday, August 1, 2023, 11:00 a.m. EDT (UTC-5)",id:"next-community-meeting-tuesday-august-1-2023-1100-am-edt-utc-5",level:3},{value:"Possible Topics:",id:"possible-topics-1",level:3},{value:"Raw Meeting Chat:",id:"raw-meeting-chat",level:3},{value:"Raw Google Meet Transcript",id:"raw-google-meet-transcript",level:3}],ti={toc:ei},ni="wrapper";function ai(e){let{components:t,...n}=e;return(0,ce.kt)(ni,(0,Q.Z)({},ti,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("h2",{id:"july-20-2023-1100-am-eastern-utc-5"},"July 20, 2023 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h2",{id:"attendees"},"Attendees:"),(0,ce.kt)("p",null,"Aditya Rajan, Anders F Bj\xf6rklund, Ashley Cui, Ed Santiago Munoz, Jake Correnti, Justin Jereza, Lokesh Mandvekar, Martin Jackson, Matt Heon, Miloslav Trmac, Mohan Boddu, Nalin Dahyabhai, Paul Holzinger, Tom Sweeney, Valentin Rothberg"),(0,ce.kt)("h2",{id:"july-20-2023-topics"},"July 20, 2023 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"passwd and group entry handling with ",(0,ce.kt)("inlineCode",{parentName:"li"},"--user"),", etc. ",(0,ce.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/18903"},"issue")," - Justin Jereza"),(0,ce.kt)("li",{parentName:"ol"},"ipfs integration into Podman - Anders Bj\xf6rklund to kick off",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"See ",(0,ce.kt)("a",{parentName:"li",href:"https://github.com/containerd/nerdctl/blob/main/docs/ipfs.md"},"https://github.com/containerd/nerdctl/blob/main/docs/ipfs.md"),"\nit is about peer-to-peer image distribution, using OCI ",(0,ce.kt)("a",{parentName:"li",href:"https://github.com/containerd/stargz-snapshotter/blob/main/docs/INSTALL.md#install-stargz-store-for-cri-opodman-with-systemd"},"estargz")," format"),(0,ce.kt)("li",{parentName:"ul"},"Question for containers/image, fallback is ",(0,ce.kt)("inlineCode",{parentName:"li"},"localhost:5050/ipfs/"),"\n(proxy server from IPFS, started with ",(0,ce.kt)("inlineCode",{parentName:"li"},"nerdctl ipfs registry serve"),")")))),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://youtu.be/O-6RWIcIvqk"},"Recording")),(0,ce.kt)("p",null,"Meeting start 11:05 a.m. Thursday, July 20, 2023"),(0,ce.kt)("h3",{id:"passwd-and-group-entry-handling-with---user-etc-issue-0354-in-the-video---justin-jereza"},"Passwd and group entry handling with ",(0,ce.kt)("inlineCode",{parentName:"h3"},"--user"),", etc. ",(0,ce.kt)("a",{parentName:"h3",href:"https://github.com/containers/podman/issues/18903"},"issue")," (0:354 in the video) - Justin Jereza"),(0,ce.kt)("p",null,"Docker wasn't able to create the uid/gid correctly, but Podman was. Justin showed a script that showed the steps used to test Docker and Podman to show the issue. Docker doesn't create the entries in user/passwd files, while Podman does."),(0,ce.kt)("p",null,"He ran through a number of man pages for Podman, showing where this was going on."),(0,ce.kt)("p",null,"Just is suggesting adding/modifying these options:"),(0,ce.kt)("h1",{id:"do-these-options-continue-to-add-a-passwdgroup-entry-or-is-it-a-bug-because-it-doesnt-follow-the-docker-behavior-exactly"},"Do these options continue to add a passwd/group entry or is it a bug because it doesn't follow the Docker behavior exactly?"),(0,ce.kt)("h1",{id:"docker-behavior-doesnt-add-passwdgroup-entry"},"Docker behavior doesn't add passwd/group entry"),(0,ce.kt)("p",null,"--user\n--group"),(0,ce.kt)("h1",{id:"retain-these-and-add-passwdgroup-entry-to-the-container-from-the-host"},"Retain these and add passwd/group entry to the container from the host"),(0,ce.kt)("p",null,"--userhost\n--usergroup"),(0,ce.kt)("h1",{id:"these-continue-to-function-as-they-currently-do"},"These continue to function as they currently do."),(0,ce.kt)("p",null,"--passwd-entry $(getent passwd $UID)\n--group-entry $(getent group $GID)"),(0,ce.kt)("p",null,"Using these options he's proposing adding to the pertinent files on the host for each of these options."),(0,ce.kt)("p",null,"The discussion started in the issue noted in the title. Please review and add comments there."),(0,ce.kt)("p",null,"Matt in concerned that there may be resistance about moving some of this functionality away from the system."),(0,ce.kt)("p",null,"Split the problem into to fixes. Make --user/--group work as Docker does."),(0,ce.kt)("p",null,"Paul asked if the difference in user/group between Docker/Podman is a problem? Justin doesn't see a bad effect to that. He's OK with it as is. Paul's worried that changing that now for user/group might cause a change in behavior that others would not be happy with. Justin is brining this difference up only due to it being different, not necessarily that it's wrong. "),(0,ce.kt)("p",null,"Matt believes the current functionality was added as a convenience sometime in the past. He also think we could firm up the documentation here as to the whys of the behavior."),(0,ce.kt)("p",null,"Justin is OK with retaining the current user/group behavior."),(0,ce.kt)("p",null,"Just says we're using a groupID in a groupName field, and Miloslav said that's a bug if that's happening. We should be creating a name if one is not getting there."),(0,ce.kt)("p",null,"This is a food for thought, and he'd like people to consider it going forward."),(0,ce.kt)("p",null,"Issue of note: ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/issues/18903#issuecomment-1595048047"},"https://github.com/containers/podman/issues/18903#issuecomment-1595048047")),(0,ce.kt)("p",null,"Matt is going to tag Dan Walsh on the GitHub issue to see if he can comment on this."),(0,ce.kt)("p",null,"Jason is Teminus in Matrix/IRC."),(0,ce.kt)("h3",{id:"ipfs-integration-into-podman---anders-bjorklund"},"ipfs integration into Podman - Anders Bjorklund"),(0,ce.kt)("p",null,"Postponed"),(0,ce.kt)("h3",{id:"podman-release-3233-in-the-video---matt-heon"},"Podman Release (32:33 in the video) - Matt Heon"),(0,ce.kt)("p",null,"Podman v4.6 RC2 now, final today. Podman v4.6.0 today. Planning to do Podman v4.7 in early fall. Then a Podman v4.8 in a February 2024 time frame."),(0,ce.kt)("p",null,"Podman v4.6 is a relatively large release. A number of podman machine fixes/stabilizations. Podman v4.6.1 should be out in a couple of weeks, in early/mid-August. V4.7 should have some Hyper-V improvements for the podman machine. Also, podman compose improvements."),(0,ce.kt)("p",null,"Usually, a 4 to 6-week process to get into CoreOS via the stabilization soak process for any Podman release."),(0,ce.kt)("h4",{id:"open-discussion--in-the-video"},"Open discussion (: in the video)"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"None")),(0,ce.kt)("h3",{id:"next-meeting-thursday-august-16-2023-1100-am-edt-utc-5"},"Next Meeting: Thursday, August 16, 2023, 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h2",{id:"possible-topics"},"Possible Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"None Discussed")),(0,ce.kt)("h3",{id:"next-community-meeting-tuesday-august-1-2023-1100-am-edt-utc-5"},"Next Community Meeting: Tuesday, August 1, 2023, 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h3",{id:"possible-topics-1"},"Possible Topics:"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"None Discussed")),(0,ce.kt)("p",null,"Meeting finished 11:43 a.m."),(0,ce.kt)("h3",{id:"raw-meeting-chat"},"Raw Meeting Chat:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Justin Jereza10:56\u202fAM\ncan you here me ok?\nYou10:56\u202fAM\nI can not hear you at all\nJustin Jereza10:56\u202fAM\ngonna see if i can fix it.\nYou10:56\u202fAM\nI can see you just fine.\nJustin Jereza10:58\u202fAM\ni'll just use a phone for audio. mic doesn't seem to be working well on fedora.\noh wait, that only works in the US. heh\nJustin Jereza10:59\u202fAM\ni'll reconnect and see if it works.\nJustin Jereza11:01\u202fAM\nis my audio working now?\nEd Santiago Munoz11:01\u202fAM\n@Justin I see your lips moving, and you're unmuted, but do not hear you.\nEd Santiago Munoz11:06\u202fAM\nAudio is very very bad\nYou11:16\u202fAM\nhttps://github.com/containers/podman/issues/18903\nValentin Rothberg11:28\u202fAM\ntime check\nPaul Holzinger11:28\u202fAM\nI have to drop\nYou11:31\u202fAM\nI'm going to go to 40 past the hour on this, then on to Matt, we have no other topics.\nJustin Jereza11:34\u202fAM\nhttps://github.com/containers/podman/issues/18903#issuecomment-1595048047\nJustin Jereza11:35\u202fAM\nTerminus in #podman IRC/matrix channel.\nYou11:43\u202fAM\nhttps://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both\nAditya Rajan11:44\u202fAM\nthanks justin !\nMohan Boddu11:44\u202fAM\nThanks Justin\nxrq-uemd-bzy\n")),(0,ce.kt)("h3",{id:"raw-google-meet-transcript"},"Raw Google Meet Transcript"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Transcript\nThis editable transcript was computer generated and might contain errors. People can also change the text after it was created.\nTom Sweeney: Okay, everybody. Welcome to the Batman Community. Cabal meeting today is Thursday. July 20th, 2023. We have two topics for today. The first one is about password and group country handling with desktop user and etc. That on Justin's gonna be leaving us on. We also had a discussion about Ipfs integration department lined up over, Dan and Brent are both not here and Anders, who would kind of kicking that off for us, was kind of saying that. Maybe we ought to wait off for that. Once I think we're not going to discuss that much. We have Somebody with strong opinions to do so today. And then Matt you wanted to talk a little bit about pot Versions coming out to\nMatt Heon: Sure I can give us another video that's\nTom Sweeney: Okay, go and talk about that after Justin finishes. So with all that, just welcome to the meetings. Nice to have you here. And please leave it off.\nJustin Jereza: just, Going forward.\nJustin Jereza: Okay, so I said, put my plug in the issue that she could make up to the hospital and said. It's scary. And\nValentin Rothberg: No.\nTom Sweeney: Yes, it looks good.\nJustin Jereza: Happens. Is that\nJustin Jereza: but,\nJustin Jereza: Okay, so what happens?\nJustin Jereza: create password and the bottoman base. So that's\nJustin Jereza: so he followed by the office, why\nJustin Jereza: The problems. Where he?\nJustin Jereza: So, you can see here.\nJustin Jereza: That's the problem. so,\nJustin Jereza: so this thing that we'll find it. And it's a series of Department of events that you.\nJustin Jereza: That's the senior, and File. And finally,\nJustin Jereza: So that's even presentation. There. Yes.\nJustin Jereza: And I think Chris also got the supposed and that this Are almost.\nJustin Jereza: presentation. and finally,\n00:05:00\nJustin Jereza: that's US Open. before, like, He?\nJustin Jereza: post and with just\nJustin Jereza: And that's what he\nJustin Jereza: so we know for acceptable commandments.\nJustin Jereza: In this case, 25 with the possibility of adding something either. Which were I don't do the same thing. This user host was just take the bathroom people that are so moving experiment. I think we can actually useful person in certainly. And just did and just innovation somewhere that you can do the classroom and password you.\nJustin Jereza: And that would eliminate those three. And so far, I hope the industry much\nJustin Jereza: So that's the community. What? It boils down to we have These six options and how do we move forward from there? And the presentation give him what's mentioned in the issue and what\nJustin Jereza: the status.\nJustin Jereza: So I don't I think that's it. You guys have any comments on this?\nTom Sweeney: I have a hard time following a little bit as well just know, because the audio was kind of Creaky or monthly I guess. I don't know. Any Valentin or Matt. Do you have any thoughts based on this or the discussion that's been going on? And issues.\nValentin Rothberg: no, I did not follow the issue, so I guess it will be hard To, I guess find consensus now in the meeting. on how to move forward, but thanks a lot for the problem. how would you prefer to move forward? Justin?\nTom Sweeney: Ation.\nJustin Jereza: He mentioned in.\nTom Sweeney: Ation.\nTom Sweeney: Ation.\nJustin Jereza: Okay.\n00:10:00\nJustin Jereza: There are.\nJustin Jereza: Of what he? About where as the corresponding. Password entries into the container energy that Doctor doesn't have.\nJustin Jereza: The second part.\nJustin Jereza: You Want to show you often a different example.\nJustin Jereza: What he\nJustin Jereza: and create a course on YouTube option, that would be the same for groups. Even. We place the objects or remove the entirely and need able to presentation. that you\nJustin Jereza: I said,\nJustin Jereza: The time.\nMatt Heon: Comments after everything.\nJustin Jereza: sorry, I\nTom Sweeney: I've just added it.\nJustin Jereza: saw the Side. And\nTom Sweeney: It's in the.\nTom Sweeney: Yeah, it is in the agenda, not just added it into the Google meet chat as well\u2026\nJustin Jereza: yeah.\nTom Sweeney: if that's easier.\nMatt Heon: I will say that there's going to be resistance to the idea of moving any functionality away from existing, I can use this. That is The reason we added a lot of this was for convenience and we recognize that it's not necessarily completely compatible Maybe it's not been cases The ability to just do and use your smile user and gets a fairly musical session is important. So I think that we don't necessarily want to take\nJustin Jereza: so, I'm thinking basically how about just organizations down here. So,\nJustin Jereza: okay, reduce to lose you.\nJustin Jereza: and Then for user Presentation says, but he\nJustin Jereza: And that's\nJustin Jereza: then finally, He?\nMatt Heon: I don't know if we want to stream sleep system behavior. You can definitely additional offense that are going to guarantee creation of guarantee modification. The password, I'm not at all close to that, thought it always that. If we were to modify the behavior of existing usually group options, we are going to break people. It is hardly\n00:15:00\nJustin Jereza: The user options. Anything like you just and us and that's what.\nJustin Jereza: lead to, I just\nJustin Jereza: Completely others are how? And yeah.\nJustin Jereza: You thought so then?\nPaul Holzinger: So, maybe the question is What does the problem with? Adding the Entry, it is then actual problem, like something preventing you from getting us to work. Or it's just a different in, if you look at the fire because I don't, See. Why your container image would care that much,\nJustin Jereza: yes, I don't think. That he needs it from how God, it deserves as an impact. Okay. Yes if\nJustin Jereza: I don't really see any. So, If you guys inside that, Hector, and it's okay. But I think that, okay.\nPaul Holzinger: Yeah, because if we would remove adding the entry, then stuff could change behavior, right? If you ask what's your username in the container? If there's no entry Then You cannot know. So, for Portman uses that, it's a potential recreation and we try to avoid making this change. And if there's no reason for this change, just other than toca compat, but there is no one who breaks. I don't see why Be sure to change it at all,\nJustin Jereza: It's yes, a difference in behavior, not that I really believe that. it's 25 anything wrong with And differently. The problem that's handled.\nMatt Heon: If I remember correctly, this was originally added as convenience functionality, or ruthless pot man. I don't remember the exact context of that that there is a reason why we put it in the first place. if I had an opinion here would be that it's That it's not consistent because I'm 90 I don't have the code in front of me, but I kind of remember what it looks like. And I'm pretty sure the 90% of circumstances were not going to change password and group, but in the 10% circumstances that we do, it could be confusing. So we definitely have a documentation problem It's not going to be clear to users. Why these changes? Have. But what do you call it? I don't necessarily know.\n00:20:00\nPaul Holzinger: Seen the big use case, I think is the user anders keep which sets your user ID and then in the container you want, the classic Toolbox use case basically so, You want your user copied in and\u2026\nJustin Jereza: He?\nPaul Holzinger: and behave it, The same. I think it was probably edit because of something like that.\nJustin Jereza: I think that basically just thoughts, and in the editor that I can see, And I think that's the three box situation where you would want it. That's inviting so, I did where it's a reason. Why this in You should increase. so,\nJustin Jereza: I think that's a good.\nJustin Jereza: Within the big nation. Yeah.\nJustin Jereza: The next thing happened. we're getting the functionality of the group. the other thing is,\nJustin Jereza: I like this. Okay.\nJustin Jereza: The name of the user. And so it's the line that shows you. And in this case instead of coffee, which I believe in this case, yes, that's the name of the house. He?\nJustin Jereza: Said.\nJustin Jereza: I did, he just\nJustin Jereza: I mean problems and\nJustin Jereza: Keep. I just\nMiloslav Trmac: Okay, I think using group ID in the Group Name. Field is just not going to work. So if we are doing that, I don't know whether it's about that we can always fix. I'm not familiar with the code but there's definitely something\nJustin Jereza: So let's\n00:25:00\nJustin Jereza: Know.\nMiloslav Trmac: Bottle bubbly. I mean we kind of invent an entirely new random name. Just the principle of the thing is that there has to be a name India.\nMiloslav Trmac: Or. Maybe actually not. I'm sorry\u2026\nJustin Jereza: So I guess one way to think about this,\u2026\nMiloslav Trmac: if you are Edina and entry.\nJustin Jereza: this will you mind space on whether they're actually?\nJustin Jereza: So in the case of, I think that options they should follow you in this case, The. Saves me. But he accepts and happening on both. when it comes into the containment and not presentation,\nJustin Jereza: and then,\nJustin Jereza: that's,\nJustin Jereza: But if we did have that, then both of these will also look at the host.\nJustin Jereza: Coffee here. It's probably really the last two. Which should allow me to. I\nJustin Jereza: And so password, and something that has books\nJustin Jereza: You and the same, it's good for you to hold and Just talking.\nJustin Jereza: the wheels are the people who really\nJustin Jereza: Wow, happy and the post.\nJustin Jereza: Silently as well.\nJustin Jereza: But I think if\nJustin Jereza: and the issue I\nJustin Jereza: Specifically. And whether they should be probably from the host or not,\nJustin Jereza: It's here.\nTom Sweeney: So I'm hearing a bit of silence here and I think people need some time to digest and take a look at the issue on Github and we probably ought to wrap this up in a few more minutes just in. Is there anything else you'd like to ask her say\n00:30:00\nJustin Jereza: It just something that has to solved immediately, it's just\nJustin Jereza: it's right education.\nJustin Jereza: and there are matrix. so,\nMatt Heon: I'm going to tag Dan Walsh on this issue. That is like, he's not in the meeting right now, but I think it was the original instigator behind Ad.\nJustin Jereza: Yeah. So if you have any more and protectively, we're done.\nJustin Jereza: if you guys think I've been right, yeah.\nJustin Jereza: that's,\nTom Sweeney: Sorry, I'm talking away on mute which isn't very helpful at all. Justin, thank you so much for coming today and getting this discussion going and I'm sure it will continue on inside Github and I RC and Matrix going forward. Matt's, you have plot, Coming up pretty soon. You want talked about that a little bit.\nMatt Heon: Let's see. So we are getting ready for for six. We are in Rc2 right now and Ashley correct me if I'm wrong but I expect a final release and\u2026\nJustin Jereza: E.\nMatt Heon: sometime early next week. Is that what we were planning or am I wrong?\nAshley Cui: I thought we were putting the release today.\nMatt Heon: Okay, that's early that I was expecting but that gives everyone something to look forward to after this so pod, 4 6, final probably. Today, we are still expecting to do a four seven. We were expected to do with this summer, but honestly, at this point, it's probably gonna slip into September, but I would expect a four seven in early fall, I would call it and then a four eight somewhere in the February ish timeframe. four six it's a moderately large release, it's a fairly substantial feature release. It's been a while since I looked at the, What do you call the voice notes? But it's gonna have some interesting things. I think this is not\nMatt Heon: Is this one of the bigger releases for what? I call it Admin Machine? I'm thinking we added something big there at the point is slipping my mind.\nAshley Cui: Not a big feature, but a big fix. I think for stabilization.\nMatt Heon: That's worse. Yeah, we have a lot of bug fixes in system service. We have a spattering of each releases everywhere and generally speaking, I am expecting a 461 and a week or so that'll have a bunch of public fixes it based on any issues, the release happens. And then of course seven maybe six weeks thereafter and four seven is going to include a couple other interesting features. I'm hopeful that we can get some additional windows support in the pot and machine, especially man on hyper-b. We're putting a lot of work in there and I don't want to speak for Brett because he's not here. Maybe we will also have some things. osx native virtualization. let's see. and that's probably the odd, man, composed work that Valentin has been working on the other that just landed. So, feel free to look at that comments.\n00:35:00\nMatt Heon: Yeah, that's about it Wise any questions?\nTom Sweeney: I'm hearing silence.\nAnders F Bj\xf6rklund: When would this come to the apartment machine or core OS?\nMatt Heon: Usually, we expect that poor to six week. Basically, we have to get into fedora. Then we have to work our way through the fedora core os, unstable, streams until it's in stable. So, we usually expect to lag by about a month six weeks. It could easily be faster on that, but it usually takes this year or a couple weeks beyond that, so you get at Paul's compose. Exactly. So there is a substantial time.\nTom Sweeney: Must not this particular Pac-Man release but any partner released in general, right?\nMatt Heon: Yeah. If it is a particularly important noise, if we had some absolutely critical bug fixed in, there are ways we can expedite, but we prefer not to do that because it puts more workload on us, it with your work, run the F cost team. And generally speaking, no one likes doing this. So, if we do not have something extremely urgent, we're going to go through the soap process which\nTom Sweeney: It sounds good. Right, I'm not sure if I mentioned this after I started the recording but we're going to pass on the ipfs integration into Pod man topic that we had on the agenda today we're going to push that out later or perhaps even postpone it further discussions to go offline on that and then given that I am going to open up to any topics or questions at this point in the open discussion session. If I have anything they want to talk about or ask questions about\nTom Sweeney: It's two centigrate equipment. you're considering I'll just note when our next For the Cabal again will be Thursday. August 16th 2023 at 11am in our community meeting is coming up very soon. It's actually just a little under two weeks now, I guess. And that's going to be on Tuesday, August 1st. Also at 11:00 am. I would love to have topics for other? I have one topic for the community meeting at what it is right now but I don't have any flickable at this point. So if you have suggestions for topics that you'd like to see or presentation better yet present on Friday, those meetings, I'd love to hear one last call. Any further questions, comments. Why is I'll stop the recording?\nJustin Jereza: And sorry guys. I\nMeeting ended after 00:38:36 \ud83d\udc4b\n")))}ai.isMDXComponent=!0;const oi={},ii="Podman Community Cabal Meeting Notes",si=[{value:"September 21, 2023 11:00 a.m. Eastern (UTC-5)",id:"september-21-2023-1100-am-eastern-utc-5",level:2},{value:"Attendees:",id:"attendees",level:2},{value:"September 21, 2023 Topics",id:"september-21-2023-topics",level:2},{value:"Meeting Notes",id:"meeting-notes",level:3},{value:"Default settings for Podman 4.7",id:"default-settings-for-podman-47",level:4},{value:"Open discussion",id:"open-discussion",level:4},{value:"Next Meeting: Thursday, October 19, 2023, 11:00 a.m. EDT (UTC-5)",id:"next-meeting-thursday-october-19-2023-1100-am-edt-utc-5",level:3},{value:"Possible Topics",id:"possible-topics",level:4},{value:"Next Community Meeting: Tuesday, October 4, 2023, 11:00 a.m. EDT (UTC-5)",id:"next-community-meeting-tuesday-october-4-2023-1100-am-edt-utc-5",level:3},{value:"Possible Topics:",id:"possible-topics-1",level:4},{value:"Raw Google Meet Transcript",id:"raw-google-meet-transcript",level:3}],ri={toc:si},li="wrapper";function hi(e){let{components:t,...n}=e;return(0,ce.kt)(li,(0,Q.Z)({},ri,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-cabal-meeting-notes"},"Podman Community Cabal Meeting Notes"),(0,ce.kt)("h2",{id:"september-21-2023-1100-am-eastern-utc-5"},"September 21, 2023 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h2",{id:"attendees"},"Attendees:"),(0,ce.kt)("p",null,"Aditya Rajan, Anders F Bj\xf6rklund, Ashley Cui, Ed Santiago Munoz, Jake Correnti, Justin Jereza, Lokesh Mandvekar, Martin Jackson, Matt Heon, Miloslav Trmac, Mohan Boddu, Nalin Dahyabhai, Paul Holzinger, Tom Sweeney, Valentin Rothberg"),(0,ce.kt)("h2",{id:"september-21-2023-topics"},"September 21, 2023 Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"Default settings for Podman 4.7",(0,ce.kt)("ul",{parentName:"li"},(0,ce.kt)("li",{parentName:"ul"},"zstd:chunked + gzip by default"),(0,ce.kt)("li",{parentName:"ul"},'default_rootless_network_cmd = "pasta" by default'),(0,ce.kt)("li",{parentName:"ul"},"Deprecate podman generate systemd"),(0,ce.kt)("li",{parentName:"ul"},"Deprecate CNI"),(0,ce.kt)("li",{parentName:"ul"},"Others")))),(0,ce.kt)("h3",{id:"meeting-notes"},"Meeting Notes"),(0,ce.kt)("p",null,"Video ",(0,ce.kt)("a",{parentName:"p",href:"https://youtu.be/By7wb1tOvLc"},"Recording")),(0,ce.kt)("p",null,"Meeting start 11:02 a.m. Thursday, September 21, 2023"),(0,ce.kt)("h4",{id:"default-settings-for-podman-47"},"Default settings for Podman 4.7"),(0,ce.kt)("p",null,"RC1 is out now, possibly RC2 this week, and Podman v4.7 final next week.",(0,ce.kt)("br",{parentName:"p"}),"\n","Configuration changes discussion. SQLite DB is not default but is available. Matt would like to swap the default DB to SQLite for the v4.7 code. Not currently in the main branch, but can be done easily."),(0,ce.kt)("p",null,"Tom asked if it could be done for RC2. Might be too soon to release. Could we do Podman v4.8 in late Fall, then v4.9 in January 2024?"),(0,ce.kt)("p",null,"OK for 4.8, maybe to do for late November/Early December and then target RHEL 4.9 for RHEL."),(0,ce.kt)("p",null,"For 4.8 we will do SQLite, and then plan around what else will fit in there."),(0,ce.kt)("p",null,'Valentin brought up that there is work to be done before just flipping it. He also thinks we should not merge "features" into any RC. Can be toggled by containers.conf setting.'),(0,ce.kt)("p",null,"Podman v4.7 has branched, and changes to main can be done now with SQLite being the default."),(0,ce.kt)("p",null,"zstd:chunked not ready for primetime. Giuseppe says to push out for now and not deliver. Hopefully to be completed in the next few weeks. Maybe in time for RHEL 4.8. However, Valentin is concerned this might break existing images and it should be pushed to Podman v5.0. Risk management needs to be completed before we add it in."),(0,ce.kt)("p",null,"zstd:chunked needs a lot of soak before we deliver for RHEL. It won't be ready by Podman v4.8. A meeting to be held later to discuss delivery in more detail."),(0,ce.kt)("p",null,'Default network to "pasta". Paul doesn\'t think this is stable enough now. He wants to wait for networking stuff to get working. Mostly work to do in Podman, a little from the pasta project folks. We will need to get a prioritized card for pasta development. '),(0,ce.kt)("p",null,"About a week of coding for Paul, then dealing with port forwarding and adjusting from there. That's harder to estimate the time necessary. The team needs to prioritize this. Matt would like to see this in Podman v5.0. Users are using it now, and are fixing bugs and stabilizing."),(0,ce.kt)("p",null,"Podman v5.0 delivery sometime in early summer is current thinking, but not a commitment."),(0,ce.kt)("p",null,"A lot of the breaking changes anticipated for Podman v5.0 are 'podman machine' related, and less likely to be in the Podman commands."),(0,ce.kt)("p",null,"Podman v5.0 list of features doc to be put together by Matt in the next week or two."),(0,ce.kt)("p",null,"Deprecate podman generate systemd is deprecated, but not dropped. A warning is issued now, no new features only. It could be kept as deprecated for Podman v5.0."),(0,ce.kt)("p",null,"Matt talked about dropping CNI in Podman v4.8, Tom questioned if it should be Podman v5.0. Matt will put a deprecated notice in soon. Then Brent is fine with dropping on Podman v5.0, Brent to put it together."),(0,ce.kt)("p",null,"Ideally, Brent thinks Podman v5.0 in the early Spring 2024, then v5.1 before Summit in May 2024. Paul is concerned about showing too many warnings during runtime for CNI but is good with documenting."),(0,ce.kt)("p",null,"Tom to run down the deprecation notice of CNI in RHEL 9.3."),(0,ce.kt)("p",null,"Anything else to be changed in Podman v4.8? Brent would like a containers.conf version 2. Brent would like JSON.config to be the same for all providers in podman machine. Also, a transition from v4 to v5 of podman machine would not be a thing, to be debated."),(0,ce.kt)("p",null,"Brent is looking to not overtax the team on machine migration issues."),(0,ce.kt)("p",null,'Specgen work is also being considered for remote capabilities. We may also need code refactoring between "local" and "remote" within the code.'),(0,ce.kt)("p",null,"A discussion to be put into GitHub after the initial changes are identified by Brent, Mark, and Matt for what changes should be in Podman v5.0. So the community can add their own thoughts and requests there."),(0,ce.kt)("h4",{id:"open-discussion"},"Open discussion"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"None")),(0,ce.kt)("h3",{id:"next-meeting-thursday-october-19-2023-1100-am-edt-utc-5"},"Next Meeting: Thursday, October 19, 2023, 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h4",{id:"possible-topics"},"Possible Topics"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"None discussed")),(0,ce.kt)("h3",{id:"next-community-meeting-tuesday-october-4-2023-1100-am-edt-utc-5"},"Next Community Meeting: Tuesday, October 4, 2023, 11:00 a.m. EDT (UTC-5)"),(0,ce.kt)("h4",{id:"possible-topics-1"},"Possible Topics:"),(0,ce.kt)("ol",null,(0,ce.kt)("li",{parentName:"ol"},"None discussed")),(0,ce.kt)("p",null,"Meeting finished 11:54 a.m."),(0,ce.kt)("p",null,"Raw Meeting Chat:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Brent Baude11:04\u202fAM\nis it the default in main branch ?\nYou11:06\u202fAM\nAnders, sorry about dropping you the first time, hit the wrong button\nMartin Jackson11:08\u202fAM\nThis was something we talked about previously doing for the 4.7 release\nMatt Heon11:09\u202fAM\nAnd then, unfortunately, completely forgot about... Other priorities intervened\nBrent Baude11:32\u202fAM\nno\nJake Correnti11:42\u202fAM\nget rid of migrateVM in machine. already tagged on gh\nBrent Baude11:54\u202fAM\ni have a question for the team ... but can go last, should be quick\n\n")),(0,ce.kt)("h3",{id:"raw-google-meet-transcript"},"Raw Google Meet Transcript"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"xrq-uemd-bzy (2023-09-21 11:02 GMT-4) - Transcript\nAttendees\n\nAnders F Bj\xf6rklund, Ashley Cui, Brent Baude, Chetan Giradkar, Christopher Evich, Ed Santiago Munoz, Giuseppe Scrivano, Jake Correnti, Leon N, Lokesh Mandvekar, Martin Jackson, Matt Heon, Mohan Boddu, Nalin Dahyabhai, Paul Holzinger, Shion Tanaka (\u7530\u4e2d \u53f8\u6069), Tom Sweeney, Tom Sweeney's Presentation, Urvashi Mohnani, Valentin Rothberg\nTranscript\n\nThis editable transcript was computer generated and might contain errors. People can also change the text after it was created.\n\nTom Sweeney: Good morning This is Thursday, September 21st, 2023 already just a few days away from fall. This is the Podman Community, Cabal meeting. We have just one discussion point today. So I hope people brought good questions for. So we can fill up some of the time that I'm sure we'll have. And with that said, I'm just going to turn it over to our one topic and Matt had decided to eat that and I'm sure Brent can also jump in. Also And let's talk about default settings for appointment 4.7 which just came up Matt.\n\nMatt Heon: Okay, so we have podman 4.7 rc1 out. Now we're looking for in RC\n\nMatt Heon: We might do an rc2 this week, I'll put it that way. And then we are definitely doing a 47 final next week just to get schedule out the way. And we're at a very late point in this release but it's still not too late for us to discuss certain configuration changes that we'd like to make because we'd like them to soak in Victor or for a while before we put them in Frankly but also because we'd like to get these out as soon as possible. So actually start using them. the more important ones here is switching default database. We had the SQLite driver added in odd, man for six, but we haven't made it default yet. We've been letting it sit and I think at this point, we're pretty happy with how stable it is. We've been running it through I extensively. We haven't had issues. So we would like to swap the default database from both DB to seek light for new installations only in 4.7\n\nMatt Heon: Going to be supporting the BOLD database and if you have a existing volt database you'll keep using it. But SQLite will be the default for new installs and four seven or at least we'd like it to be.\n\nMatt Heon: And I believe there were some other things called out in the default features.\n\nTom Sweeney: Before we go there, Brent had a question in the chat, Matt.\n\nMatt Heon: Sure, it is not the default in the main branch bread. So we would have to get this developed in over the next week. But at this point, this is an hours worth of code. So this is not a difficult thing to get.\n\nBrent Baude: I'm the only reason I asked is it would seem? I mean I want to make the change to so I'm supportive of whatever decision, the team makes, but it was seen reasonable That. For one development cycle, it would be the default in the main branch.\n\nBrent Baude: while we work on for eight or whatever ends up to be, Just so that. We have a little bit of silk time on our own hands.\n\nTom Sweeney: No, would it be possible to do that before our C2?\n\nMatt Heon: We were not initially planning on an rc2. If I worked on it this afternoon I think there's a decent chance we could get it all done. But it would be cutting it very close. Paul and Valentin. You and your answer.\n\nPaul Holzinger: And in my opinion doing this no is not in the purpose of doing an rc1 and it's not expectation and we say we are feature of frozen and we decide to change a critical default which the database is critical. So I,\n\nMatt Heon: Honestly, I don't know when this agenda item was added. I feel like it was intended to be discussed a lot sooner. So I think you're right about that. A lot of these are going to end up being 4.8. Regardless, we are too late in the cycles. Do major things. I don't necessarily view the sequel database as a major thing, just because how much we've tested it. But I agree with you that we are very late.\n\nBrent Baude: Can we not just we branched, right? So do the work and\u2026\n\nMatt Heon: Yeah, we're branch. We can easily throw all this stuff in main right now.\n\nBrent Baude: flick it now and make it a 4-8 target. That would mean, I'm kind of agreeing with Paul here in the sense that Maybelline features is sort of naughty on a release candidates. So, what's the downside of waiting other than it doesn't get out there?\n\nMatt Heon: I think that is the big downside. It's first release will be,\u2026\n\nBrent Baude: Okay.\n\nMatt Heon: it'll go out everywhere. Basically it'll go out to send stream rel etc.\n\nBrent Baude: But it would seem reasonable to me that if we want to soak it at the door, we should have soaked it in Maine. At least that's my Justin. I'll check out after that.\n\nMatt Heon: I'm not going to push too hard for making changes this late in the game. I mean, it's small enough that I would say it's doable but that doable and sensible are different things.\n\n00:05:00\n\nMatt Heon: Given that are we? Okay with saying, No big changes for seven? Let's just change this agenda item to say four, eight, because four eight is looking like our next big release.\n\nTom Sweeney: I have slight concerns of doing that, kind of change for real without it soaking Infidor first. Then we target a 48. Yeah, in between Here in Rome in February.\n\nMatt Heon: Let's see. We're gonna have four eight or four seven out late, September. If we want to do a 4/8 or late November early December, We could do that. It wasn't on the plan, but As long as it's just an upstream release. It doesn't add that much burden. To what we're doing. Does everyone agree with that?\n\nBrent Baude: This is I guess the downside of the forced March schedule. That we've In the past,\u2026\n\nTom Sweeney: Yeah.\n\nBrent Baude: we've Released when we're ready.\n\nBrent Baude: At this point. I could make a strong argument because Hypervy just missed. For seven. I can make a strong argument that I would want to if I was Making decisions and releases were easy. I'd want to 48 in a month.\n\nBrent Baude: but, that's a quicker cadence than we've done as quick and so we've done in a while, but it makes sense. So, that maybe what we need to do is say, before we will Do sequel light. And we need to go back now and talk about a release schedule for eight.\n\nMatt Heon: Valentin.\n\nValentin Rothberg: I think we need to start doing notes because we had this conversation multiple times and in this year, What we said for fedora or discussed was to just make it a conf setting and default it there. So we don't necessarily need to do that in the main garage but one thing we didn't test yet is I don't think we tested it. Is. We need to make sure that even more existing deployments even if we default to make sure that the existing policy database continues to be used. This is something that have not been done yet to my knowledge so we are not ready. To just flip it now. There's still some work to be done. on this front. With respect to.\n\nValentin Rothberg: Merging things into RC and I would block every feature into our RC's. it has a number of times and we came up with the document to never Merge features during RC base, and I think we should continue to stick to it. Otherwise, we just keep on Budding us in the mail. There's a specialty for things that haven't been properly tested or bigger things. They will always introduce regressions. And that is what makes the release process and in the past to make it hard. just a reminder on this front.\n\nTom Sweeney: So Europe, are you okay with doing the changes in a 4-8 for this going?\n\nValentin Rothberg: And sure as long as we're ready and as long as upgrade scenarios work. So what needs to work is that unless being specified in containers, where a user explicitly says I want to use SQLite or explicitly things set on the CLI, if the internal default from memory SQLite, there's an existing wall TP database we need to use this multi beat database, otherwise, On update users will not see any of their objects, containers, volumes networks, etc anymore.\n\nMatt Heon: contested, in my view, I\n\nValentin Rothberg: Our absolutely but it's an item that hasn't been done for many months now and it's something we need to do before, flipping the default and before refreshing it. It'm not saying it's hard, I'm just saying it needs to be done.\n\n00:10:00\n\nTom Sweeney: Yeah, where does 47 live? It's still up in Maine. Is the branch. Okay.\n\nMatt Heon: That's branched already. We branched before RCS.\n\nTom Sweeney: So we could make the changes of main at any point in time.\n\nMatt Heon: at this point after thinking about 4/8, the sooner the better otherwise we will forget about\n\nTom Sweeney: Yeah. That's my thinking as well.\n\nMatt Heon: Are I think we've come to a general decision here? That we're going to do The only question is how we're going to do for it, whether it's going to be in earlier release. We have a guaranteed release coming out in February, are going to do it release for that and have February before nine. So I think we can move on the assumption that the release schedule will be decided. Later is everyone comfortable?\n\nMatt Heon: All right, the next default we wanted to talk about was Z standard chunked. Plus Gzip split compression. We do not have any in the room. Discuss Anyone else here? Sufficiently comfortable with Formatting to talk about this because frankly, I'm not as up to speed on this as I should be.\n\nTom Sweeney: Giuseppe would be our other person, perhaps.\n\nValentin Rothberg: Yeah would also point to Giuseppe which Giuseppe you mentioned at least chunked isn't yet? Ready for prime time, right?\n\nGiuseppe Scrivano: Yeah, it's not really. There is still an open issue in continuous image, that needs to be merged. So I think we should postpone it for now.\n\nPaul Holzinger: I think what then was throwing around was always like that. You push this multi manifest thing with Statistity and Jesus. By default, I think that was what then wanted so that, new clients can benefit from the faster. So that's really pulls.\n\nGiuseppe Scrivano: Yeah, but still then first of all the feature it needs to be manually enabled and second it's not ready without The changes that the containers image, it's kind of broken.\n\nGiuseppe Scrivano: So, I mean it's fine for our performance, but Without that changes, it's not really usable, right?\n\nTom Sweeney: This is something that you think will be ready by a late November or February timeframe Giuseppe or beyond that.\n\nGiuseppe Scrivano: I'm working on that. I mean, I hope this will be done in the next. Few weeks.\n\nTom Sweeney: Okay.\n\nValentin Rothberg: I think this is something very critical. because,\n\nValentin Rothberg: Whatman is being used. So if the goal is to compress images by default with C standards with C standard compression, this can break a lot of deployments.\n\nValentin Rothberg: So I think in my opinion this is something important. Because imagine\u2026\n\nTom Sweeney: August.\n\nValentin Rothberg: if you have a build plan, you use the apartment, let's say department knowledge or you updated or on your server people pipeline, you build the image, you push it. And suddenly Your clients or your deployments outside in a while. Start to break because they do not support these standard yet, maybe all the versions of docker, maybe very, very old versions of Scorpio appointment or build up this. This can break.\n\nPaul Holzinger: but the ideas to push both compression formats now 12 a period where you push set the city in Jesus which of course is Ben Roeth more expensive and time but I think that was what then was always suggesting\n\nValentin Rothberg: This could in theory break as well, if the deployments expect a single image manifest and not an OCI index on the registry. So, I guess we're pointing at this.\n\nValentin Rothberg: Before deciding this default. I think we need to do some I don't find a better word. Sorry risk management of which things may put everything on the desk and then look at all potential risks and then check whether you're comfortable doing. But this changes. One, or how images look like in the nature of images? And this is something we're\n\n00:15:00\n\nValentin Rothberg: feeling uncomfortable.\n\nTom Sweeney: I think it's valid concerns, but are you comfortable with delivering automaton 5.0? in real next year, just worth waiting, not long for the zsd chunk, and we can push back, if it's not in before then.\n\nValentin Rothberg: I would even challenge whether it's reasonable for apartment image, push to push a manifest, if there is a portman manifest push. So I think we're at the risk of conflating or breaking things. So, I would even question whether we should do it or not. So, I can't really answer that. That's all.\n\nTom Sweeney: Okay, that's fair.\n\nMatt Heon: What I am hearing here is that we are extremely uncomfortable with this going into Rel first. So, this absolutely. I mean, even if we do a four, eight four hand, it sounds like it's probably not going to be ready. This does sound like It's a lot of additional testing. So this is if we're doing something between the February release and the next little release that this is potentially good time frame for that sound I mean, assuming that we can make it work.\n\nValentin Rothberg: I think we should follow up on this soon. So that we make sure that, The thinking continues about the issues or about this particular issues, how do we want it to behave? What are we trying to achieve in? What are we at risk of breaking?\n\nValentin Rothberg: At the moment it's just me throwing my foot in the door\u2026\n\nMatt Heon: Okay.\n\nValentin Rothberg: but I would be curious. I don't see. Minnows left in the meeting but nalin has to build specialist. what are you feeling about this?\n\nNalin Dahyabhai: Again.\n\nValentin Rothberg: How do you feel about the idea of just pushing these multicompressed image manifests that are a single image on apartment push?\n\nNalin Dahyabhai: No. I don't think I have any thoughts that haven't already been waste about additional bandwidth and I mean I'm not really worried about compatibility with registries at this point.\n\nNalin Dahyabhai: the bandwidth is the compute for compression because when you're building a cluster it's Compression actually is one of the more expensive parts.\n\nChristopher Evich: This should work with the new.\n\nNalin Dahyabhai: but,\n\nChristopher Evich: I mean zooming gets into pod It should work with the new Farm builds, right?\n\nChristopher Evich: Listen Theory.\n\nNalin Dahyabhai: I thought we did this push time, so we didn't actually modify the images when they were on disc because they're not compressed on disk when you build them.\n\nValentin Rothberg: Form build is something awful about this Creating Multi-arch Manifest Lists easier. But it doesn't address. The issue of compression, algorithms. US trying to push for C standard as the new standard.\n\nMatt Heon: I definitely. Are we comfortable leaving this here? And doing a follow-up later with more? I think we're really suffering. We're missing. less. Love and Audi, and Dan. Would be okay with having a meeting later. We'll have more people who actually know a lot about this in the\n\nTom Sweeney: Yeah, I think that's a good idea.\n\nMatt Heon: All right, in that case, I propose that we move on to the next one, which is setting default network command to pasta by default.\n\nMatt Heon: Paul. This one is mostly Feelings on it. Are we stable enough to do this?\n\nPaul Holzinger: No. I mean, it depends. The biggest problem is that the outstanding work that we need to deliver the ruthlessness logic if you use named networks, And that's still hard coded to Slurp. So as long as that isn't the rest that I don't see a pointed defaulting to Pastor for the normal problem. Because then, that means that every distribution. Definitely needs to require both SD product for example. it's\n\n00:20:00\n\nPaul Holzinger: yeah, I don't particularly you see the benefits of switching it before. The networking stuff works really.\n\nMatt Heon: Okay, and this is mostly the pasta. Maintainers not us.\n\nPaul Holzinger: Know that would be me and also a bit on pasta but The thing how it works is that we have these intermediate namespace and inside of namespace, we just use But never work with pitch networking, but to connect this intermediate namespace, with those namespace, you need and the ruthless networking tool. So, I love or pasta and since this was written, two and a half years ago, that it just uses slow. And now I need to convert this code and that's not particularly\n\nPaul Holzinger: evie, I would say that there are Their corner case of everywhere, basically. And then assumptions And, when I touched the code, I try to make it better. So A bit of a longer process. To get this done.\n\nPaul Holzinger: Thought of I always have it in my queue, but it's always something comes on top of it usually. So, I didn't progress in the last week.\n\nBrent Baude: Why are we coughing with my name?\n\nTom Sweeney: How much time?\n\nMatt Heon: Really, it sounds like this switching to pasta by default is enough work that we're going to need. It's not going to get done unless it's prioritize is what I'm hearing from Paul. Does that sound Acc?\n\nPaul Holzinger: It would make it much faster. If we say that the priority, but,\n\nBrent Baude: But you guys get the prioritize as much as I do.\n\nTom Sweeney: sometimes you think Paul,\u2026\n\nMatt Heon: All right.\n\nTom Sweeney: if you were just single way devoted to wrap it up, You talking?\n\nPaul Holzinger: the problem is coding, not like I know what needs to be done and writing a code. That's maybe a week of work. But then making sure that all comes together. and Everything works. one outstanding problem. Why? I haven't devoted more time on it. If port forwarding problem. So right now, what really happens. Is that with forwarding? We use the routers port process. So that's a process that respond to a container.\n\nPaul Holzinger: And the problem is that this process is it's a dumb. Proxy basically and it makes it source IP. So that's the biggest complaint with ruthless networking and the port forwarding, We have My Source IP and in your website a lot. That's Not very good for auditing stuff. but someone's compromised and you don't have to iPS and I don't have a good answer to the port forwarding problem with possibly can do port forwarding. But it's missing the option to do this dynamically. So as we As respawn. we would only have one part of the process in this rootless, networking scenario. and that means we need to Forwarding capabilities\n\nPaul Holzinger: And that's not impossible. I talk to the person maintenance day. we are on an agreement that can be done and They accept pensions, but it's like, somebody needs to prioritize and make the work and So it's kind of stuff.\n\nMatt Heon: Fair enough. Personally, I would love to see this in Fibo, so That gives us a fair bit of time, but it would be very nice to have fivo with the improved networking.\n\nPaul Holzinger: Yeah, definitely. And I mean, Right now, we have a lot of Users trying it out just a regular pasta with Putman, Run Dash network pasta. and there we are able to, Fix the many bugs already. So I think it's getting in it to a point where it's definitely stated enough to say we do this before. So,\n\n00:25:00\n\nMatt Heon: Anything else on this? I think we know what needs to be done. We know it is a lot of work and it's probably going to need to be bubbled up in priorities at some point. But anything else\n\nTom Sweeney: I don't know. I don't need a hard answer to this, but what are you thinking for? Five, vogue delivery timeframe. Are you thinking next summer?\n\nMatt Heon: Yeah. Sometime early summer issue.\n\nTom Sweeney: Okay.\n\nMatt Heon: think we were thinking about this was potentially the next release after the February drop. Although we have options here again if we've really feel like we need some soak before five. we can give it less time and have an intermediate.\n\nValentin Rothberg: I think if we really want to push 50 through and it should be for or before relative Because I guess in 9. I think we can't ship five.\n\nTom Sweeney: So you're thinking a 501 say early spring and then five one for real 10, possibly.\n\nValentin Rothberg: I don't know. But it would make what makes sense to have? some sort of time or five hour and fedora before throwing into\n\nTom Sweeney: Yeah.\n\nMatt Heon: And for reference here, a lot of the breaking changes. We're thinking about in five though, we're going to be machine stuff so not directly relevant to the rail schedule. This is mostly getting podman machine in a more sane position than it is right now.\n\nValentin Rothberg: A couple of comments in our code and upstream issues that would impact Rel as well.\n\nMatt Heon: Yeah, of course, we have a lot of accumulated, 50.\n\nPaul Holzinger: Yeah, I find that. More useful to make a list of what we want to do for five and maybe we're talking the speaker about containers comfort, for example. and I've find out how to set a deadline without seeing what we want to do first,\n\nMatt Heon: But I'm really hearing is that we probably need a 50 doc at some point like this or next week that we can just start accumulating. What needs to be done and from there, we can figure out exactly what's out and\u2026\n\nTom Sweeney: Yeah. This next one, but\n\nMatt Heon: what the schedule is.\n\nMatt Heon: I'll take responsibility for making that. I can do it after lunch. anyways, if we are okay with saying that 50 planning can wait, I think we have a couple things that are slam dunks before eight. Those being cni and deprecating on man Generate system D. Of Valentin. Did we already deprecate generate system D or was that just being discussed?\n\nValentin Rothberg: It is already deprecated, but not dropped. So, deprecation Since there are multiple interpretations of what In this case, we said deprecation to just encourage users. That will be a warning now being emitted and using it pointing users to qualit. known your features will be added only, important bug fixes will be edit, we could consider dropping it entirely with Botman 5 adult, but it's used generate system. D is used in many pipelines.\n\nValentin Rothberg: And personally, I don't think it hurts to keep it around if we can spare some Edmonds, some very hard time for sure. I would love people to jump on quadland but the duplication will at least or hopefully be sufficiently annoying at some point that people will jump to it and we also didn't, because Internet System has been out for a long long while. So even experienced popmen users,\n\nMatt Heon: So I think that deprecate what you said emitting warnings and putting in the man pages that it's going to be dropped, at some point is sufficient. at this point, the only question is whether we do that to CNI as well and now that we have the plugin system and net of arc, I think the answer is yes.\n\n00:30:00\n\nTom Sweeney: For 5.0.\n\nMatt Heon: I for eight. Potentially drop an entirely in 50.\n\nTom Sweeney: Yeah.\n\nMatt Heon: Brent's.\n\nTom Sweeney: Doesn't mean to Matt.\n\nBrent Baude: No. Both of you to No, I don't think we should drop. Until? The net filter stuff is done. Or was it Nettables or whatever? It is the one that we haven't done needs to be done?\n\nMatt Heon: We are no worse than them in that respect. They do not have.\n\nBrent Baude: At the same matter.\n\nMatt Heon: I'm thinking about this in terms of, Can we get it out before Rel 10?\n\nBrent Baude: All what's the real question?\n\nPaul Holzinger: Yesterday.\n\nMatt Heon: I think.\n\nBrent Baude: What are you really asking to do?\n\nMatt Heon: one prop, C, and put a deprecated notice in Maine right now, do it today,\u2026\n\nBrent Baude: Yes, that's fine.\n\nMatt Heon: Two. Figure out what the first release going into rallies and drop CNI before that, or at least conditional compile. and don't compile it into 10. Because if we put it in 10, we are guarantee. We have to support that for the next 10 years.\n\nBrent Baude: No, there's no doubt about that. So 50 to me would be the drop time. I had to excuse me myself but I was able to hear the conversation. I had an interruption here.\n\nBrent Baude: So that's fine On the podman 5 other thing. I'm gonna start a document here shortly. The problem that I'm having is that we have yet undefined requirements from the desktop team, On what this needs to be done, on And as far as five timing, In the most ideal world. Five, all gone out in early spring.\n\nBrent Baude: Five one will be. Something. That's real or 505. Pending on. How we do coming out the door, but something like the second release. Coming just before. Red Hat Summit. So, If I had mine, most ideal schedule, that would be it. And there should Not spend a lot of time thinking about why I would want it that way. The desktop team is going to do some splashes probably there. and it may very likely require some Change in our behalf to be able to support them to do that.\n\nBrent Baude: But that's all undefined right now, so that makes it a little fuzzy. But we should start final adopt that starts, talking about things. We're going to We already know that that's unrelated to machine. And anything else? Also, talked about containers Comp. Evolution. So there's plenty of things we could, put in there right now and start talking about. It probably warrants. A series of short conversations about things and then we can dont in a document. the folks are okay with that, and I'm happy to leave that effort.\n\nTom Sweeney: It matters talked about doing similar thing, but sounds like it's a combination.\n\nBrent Baude: Yeah, I heard that I probably should own it since the decisions are probably in the end to Mark and I'm on some of the stuff,\u2026\n\nTom Sweeney: Yep.\n\nBrent Baude: yeah. That. But otherwise, I think everything else is online. Matt, I mean, we're right on top of it. And at this point, late in the 48 game. Let's get the deprecation notices on things and we'll contemplate the actual drop or compile out. Type approach. For five.\n\nPaul Holzinger: What are you talking about? When you talk about deprecation, notice In the code.\n\nBrent Baude: I think we needed to display some sort of cnis going away.\n\nPaul Holzinger: Yeah, and that's where I'm like. That means a warning on every command, if Everywhere really touches the United.\n\nBrent Baude: we can do a suppress thing too to and we know\n\nMatt Heon: Just network create maybe. I mean.\n\nBrent Baude: Yeah.\n\nMatt Heon: Ultimately I would definitely want to see in the man pages and I want to see it on any Korean that creates a new network that is using the old tech.\n\n00:35:00\n\nBrent Baude: That's fair. And then we can get the usual docs and social.\n\nBrent Baude: Social media stuff out there, getting that idea ever out and I wonder too does RPM even maybe have a deprecation approach? when it gets installed to say, Hey, this is Not a thing. Anyways.\n\nLokesh Mandvekar: We can admit warnings maybe when something is installed or updated.\n\nBrent Baude: Paul. I don't know exactly what it means, but it's something along those lines. We don't want to spam people which I think is your concern.\n\nPaul Holzinger: Yeah. Yeah, it's just like putting it in dots is totally fine, but it will miss a lot of people just running in some deployment. So That makes.\n\nBrent Baude: Understood.\n\nPaul Holzinger: It's difficult line to navigate too much spam and not reaching the users. So\n\nBrent Baude: Indeed.\n\nMatt Heon: Going to be gone is critical.\n\nBrent Baude: we can also,\u2026\n\nPaul Holzinger: Will be.\n\nBrent Baude: Probably could do,\u2026\n\nPaul Holzinger: We needed.\n\nBrent Baude: we could do the message on everyone and in the message touch a file here to suppress this warning, so give them an out. There's lots of options.\n\nTom Sweeney: I wonder if.\n\nPaul Holzinger: do we need to change proposal for Fedora or something like that?\n\nBrent Baude: I don't believe so we may need to talk to F cost. But as far as I'm concerned, This doesn't affect them toolbox at me, impact.\n\nPaul Holzinger: No, it doesn't affect two books. They use,\u2026\n\nBrent Baude: Okay.\n\nPaul Holzinger: they use host networking exclusively. So\n\nBrent Baude: Okay, that's even better.\n\nMatt Heon: Realistically speaking, I think that we're going to need a change request for Pod Man, 5, obviously, but I don't think we need to be more specific than that, I I think we can just do one broad. We're upgrading Department 5, It'll have the following changes.\n\nTom Sweeney: I just wanted to, if we should put in early Deprecation, notice into the eight, nine, nine three, docs before it goes out.\n\nMatt Heon: It's not going to be deprecated in eight. Nine CNI.\n\nTom Sweeney: Like Christopher Warn.\n\nMatt Heon: CNI is going to be the standard on eight for the lifetime. I wonder if we already did it in nine I almost feel like we were discussing that at some point but\n\nTom Sweeney: All right, let me run down nine.\n\nMatt Heon: That's another part of why we can actually get away with this. if we're looking at the last major code, drop into related, the next in the very near future. And once that's done, we can actually think about getting rid of a lot of stuff. We were keeping around for eight.\n\nBrent Baude: So, can we Podman into rust. But 50.\n\nMatt Heon: Sure, We're just gonna have to drop machine and compose and I don't know, we'll choose 50% of the code base where we write that that's what you\n\nBrent Baude: Okay, so I guess, I took the ball on the 50 stuff and We'll just do some Meetings to carve out some basic time and some meetings to get Everyone's thoughts for at least written down and then we can begin to evaluate document.\n\nTom Sweeney: Should we move on to the generate system D?\n\nMatt Heon: Sounds good to.\n\nTom Sweeney: Or did we kind of discuss that? Yeah. Yeah.\n\nMatt Heon: That's already.\n\nBrent Baude: in terms of deprecating, it\n\nMatt Heon: It's already deprecated. wonderful thing.\n\nBrent Baude: it's been marked.\n\nTom Sweeney: We just went out of order and I'm just looking at the order here of the agenda. So we're all set there.\n\nBrent Baude: In terms of moving on, I'd be happy to move on to the next thing to talk about.\n\nMatt Heon: The next thing is others, so I guess Does anyone else have anything? They would want deprecated for a potential removal or adjustment in 50. We're not even deprecated. Does anyone have anything they want changed in the future to prepare for?\n\nBrent Baude: I would like a containers comp V2. Do we have that? Written down.\n\nMatt Heon: I don't think it's captured. Yeah.\n\nBrent Baude: Okay.\n\nBrent Baude: I think that there's a submitted one thing for a machine is I'm probably not going to sell this team very hard, but I think that we need to probably make every JSON. Config that keeps track of the machines resources and where everything sits the same across all providers. It is not today.\n\n00:40:00\n\nMatt Heon: I think we really just need to write down major machine refactor and then figure out what stems off of that.\n\nBrent Baude: I think a lot of that will be done in the four versions so specifically, because this may be a breaking change is one of them.\n\nMatt Heon: Yeah yeah we're discussing for eight as well as 50 so I'm like four eight four nine whatever we do before five I think we have to do a lot of refactoring to get ready five.\n\nBrent Baude: Particular one.\n\nBrent Baude: yeah, and I'm also seriously contemplating a proposal that would Make transition from four to five in the machine world. Not a thing. In other words, it's breaking machine release. Over action by users, will have to be taken.\n\nBrent Baude: So that's something that we need to debate the ups and downs of that. But I have good reasons which I know really want to go into right now, but That's a thing. Go ahead Paul.\n\nPaul Holzinger: and just not explicitly related to machine but General, I think we shouldn't Change things just because we've all benefit, We have a chance to break something that's fine, but that doesn't mean we need to break everything, right? So it's\n\nBrent Baude: Correct.\n\nBrent Baude: And I'm probably trying to dig out a little more space than we need. So that we're not pulling ourselves into migration scenarios that may over tax us. For the simple. Recovery of cloud, man, machine remote padman machine, and your backup. And, running, you just don't have your content. So,\n\nPaul Holzinger: Yeah I mean I think that's a fine assumption for a lot of things but it would be good to know document such as solutions. And anyway if there's a lot of you that later and the machine that's just gone, And I think some users might not really understand the concept If you're a butt reports,\u2026\n\nBrent Baude: Yep.\n\nPaul Holzinger: if you ask the judge recreate the machine and oops.\n\nBrent Baude: And the other bit is, we may be able to do some pinky around. Just\n\nBrent Baude: without some ideas on how we can potentially get around us. I think a Matt there was some stuff which I can't remember around Spec Gen. That we also had contemplated that we're breaking, so it needs somebody that crawl through the spectrum and take a look.\n\nPaul Holzinger: So, the important part is to have a way to define defaults on the server side, with that, comes together with containers.com somehow. because we want defaults on the server side,\u2026\n\nBrent Baude: Yes.\n\nPaul Holzinger: for the most part,\n\nMatt Heon: I think the ideal way to do this would be to refactor. the defaults are set in a common way across local and remote the spectrum gets pretty populated in a sensible way and\u2026\n\nBrent Baude: Yep.\n\nMatt Heon: it's those defaults that get displayed via the command line but that's a lot of work.\n\nBrent Baude: I mean That's kind of what we did when we went from whatever prior to specina. I forget what it was called but To Spec Jen. As we did we did some of that rearranging twisting. So it seems like that. We have to do that again. To deal with remote.\n\nMatt Heon: That is not. Echoical.\n\nPaul Holzinger: And what I would really love. Is some research during around, And what's local? In the code, the separation of concern in these packages, It's a mess. and to be honest, there's a pretty big buck in a lot of things that this rootless checks, we have plenty of them on the client where it makes no sense at all.\n\nBrent Baude: Fair enough. Matt, There's one other big one which is system connection.\n\nMatt Heon: Is this?\n\nBrent Baude: Is going to need to be rehammered out because it was not when John designed that. It was designed for remote and local. Basically, Yeah, I want to add a remote connection, I don't want to type it every time. And then we started using that for machine. so now we've got system connection. That is remote in every sense but it also could be different depending on the provider of the vert machine.\n\n00:45:00\n\nBrent Baude: And so the name of the connection is something like Podman Machine. Default when you don't name your VM, And it's theoretically possible to have Padman machine default with multiple providers. And then we get system connection collisions.\n\nBrent Baude: So we'll probably need to build some robustness into system connection, that allows a provider to be specified.\n\nPaul Holzinger: I would label this and containers.com free, right? And we don't want this in containers that All as you talked about, we don't run to write a containers of confile because that rewrites a personal config file of and you lose all comments. And so on what we mentioned,\n\nBrent Baude: Yep. Agreed.\n\nBrent Baude: Yeah, and maybe more of that needs to go into that world, so that's something and that theoretically could be breaking if we can't figure. To me, that's gonna probably be a breaking change, or we're gonna figure out. If machines are breaking changes, then there's no reason to try to compensate for system connections in my opinion. So,\n\nPaul Holzinger: I had a fun one today. Another interesting thing that's in our flagparticle, there's a thing called strength, light and string array. And I bet only a few people know what that means. what the difference is because if your past a gray flex, you have to chance to at the slice, you can call my separate values and there's an array. You just like I mean that's multiple times. And as it turns out, comma separated values are passed the field three and That is not heavy. If you pass in quotes and other stuff here. Yeah, if you have a regular t35, basically there are rules. And just today usually like this, incredible stupid syntax that you need to use.\n\nPaul Holzinger: If you have this dislike things and we have defined everywhere, for options that accept the five path, that means you cannot have a comma on the fire path and stuff like that.\n\nMatt Heon: We really should just have a litter to detect that. There are very few cases where you actually want string SL.\n\nPaul Holzinger: But the problem is ever noted on the issue, we cannot change. That's what operating somebody because the fees if you figure out the piece and text then you escape it with quotes and so on. but then that means the value, as soon as I change it to array, it's no longer the same That you get when you stream flies.\n\nMatt Heon: Five of stuff. we can break the small portion people who actually do these things. If I know this is the kind of thing where I would say I would argue. It's about Not even a breaking change but we can do it in five hours so we can do it anyway.\n\nPaul Holzinger: Yeah. That's\u2026\n\nTom Sweeney: Yep. Just looking at the clock and\u2026\n\nPaul Holzinger: where I'm getting it.\n\nTom Sweeney: we're seeming to grind on this just a little bit. do we have anything else? Major that needs to get in Can we create a discussion? Perhaps on the Github site for things you'd like to see in 5.0 or has one been created already?\n\nMatt Heon: I don't think we ever get up discussion. That's a good point. I think that we should probably have our internal discussions first, so we can populate. But once that's done, we can get something up and see what people think.\n\nMatt Heon: Completed also probably should have a blog about this, but yeah.\n\nTom Sweeney: Even myself have a place where people can just go ahead and put their ideas and go from there.\n\nPaul Holzinger: Yeah. What one thing if you say we have a deadline next summer, Then I think it's important to focus on stuff that require us some dragging changes because if they talk about features, we can add features at any point, if there are true features like a new command or something, that I think it would be important to allocate resources correctly so that we can get stuff that needs to happen forward and that cannot wait for\n\nPaul Holzinger: if I've got one more whatever.\n\nMatt Heon: Fair enough. We really need to get the docs start before we can start clarifying this. But yeah, I will see how soon I can carve us into the schedule because I think this is an important one start talking about,\n\nTom Sweeney: Like a girl. I think I'm gonna wrap up this particular discussion, Matt, unless you need to talk about anything else and just open up for any questions. Before we wrap up for the day that anybody else said related to this or anything else for that matter.\n\n00:50:00\n\nTom Sweeney: Very quiet. Last chance. Otherwise, I'll start.\n\nBrent Baude: Whether they come on,\u2026\n\nBrent Baude: you waited this long.\n\nTom Sweeney: Yeah. I'll just put in.\n\nTom Sweeney: Just a note for one. Our next meeting Got one coming up pretty quickly for the community meeting that's happening on Tuesday October 4th. I'm not sure that if any topics at this point for that one. So if you'd like to demo something there would love to have people do so. and then, The next cabal meeting will be on Thursday October 19th and both of those meetings will be on at 11 AM Eastern time and both will be daylight savings time. Still, I don't think we flip over until November for Daylight savings time. In this country anyway. And one last chance for questions comments.\n\nTom Sweeney: but otherwise, I'm gonna turn off the recording and we'll wrap that up.\n\nTom Sweeney: Right folks.\n\nTom Sweeney: That is the end of the recording.\n\nMeeting ended after 00:51:17 \ud83d\udc4b\n")))}hi.isMDXComponent=!0;const di={},ui="Podman Community Meeting Notes",mi=[{value:"October 3, 2023, 11:00 a.m. Eastern (UTC-4)",id:"october-3-2023-1100-am-eastern-utc-4",level:2},{value:"Attendees (28 total)",id:"attendees-28-total",level:3},{value:"Topics",id:"topics",level:3},{value:"Meeting Start: 11:02 a.m. EDT",id:"meeting-start-1102-am-edt",level:2},{value:"Video Recording",id:"video-recording",level:3},{value:"Modules Demo/Intro",id:"modules-demointro",level:2},{value:"Valentin Rothberg",id:"valentin-rothberg",level:3},{value:"(2:02 in the video)",id:"202-in-the-video",level:4},{value:"Demo - 3:25 in the video",id:"demo---325-in-the-video",level:4},{value:"Allow specifying a guest OS in podman machine init",id:"allow-specifying-a-guest-os-in-podman-machine-init",level:2},{value:"Brent Baude",id:"brent-baude",level:3},{value:"(16:59 in the video)",id:"1659-in-the-video",level:4},{value:"Demo - 20:22 in the video",id:"demo---2022-in-the-video",level:4},{value:"Quadlet Demo",id:"quadlet-demo",level:2},{value:"Dan Walsh",id:"dan-walsh",level:3},{value:"(40:34 in the video)",id:"4034-in-the-video",level:4},{value:"Open Forum/Questions?",id:"open-forumquestions",level:2},{value:"(55:10 in the video)",id:"5510-in-the-video",level:4},{value:"Topics for Next Meeting",id:"topics-for-next-meeting",level:2},{value:"Next Meeting: Tuesday, December 5, 2023, 11:00 a.m. Eastern (UTC-4)",id:"next-meeting-tuesday-december-5-2023-1100-am-eastern-utc-4",level:2},{value:"Next Cabal Meeting: Thursday, October 19, 2023, 11:00 a.m. Eastern (UTC-5)",id:"next-cabal-meeting-thursday-october-19-2023-1100-am-eastern-utc-5",level:2},{value:"Meeting End: 12:08 p.m. Eastern (UTC-4)",id:"meeting-end-1208-pm-eastern-utc-4",level:3},{value:"Google Meet Chat copy/paste:",id:"google-meet-chat-copypaste",level:2},{value:"Raw Google Meet Transcription",id:"raw-google-meet-transcription",level:2}],ci={toc:mi},pi="wrapper";function gi(e){let{components:t,...n}=e;return(0,ce.kt)(pi,(0,Q.Z)({},ci,n,{components:t,mdxType:"MDXLayout"}),(0,ce.kt)("h1",{id:"podman-community-meeting-notes"},"Podman Community Meeting Notes"),(0,ce.kt)("h2",{id:"october-3-2023-1100-am-eastern-utc-4"},"October 3, 2023, 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h3",{id:"attendees-28-total"},"Attendees (28 total)"),(0,ce.kt)("p",null,"Aditya Rajan, Adrian De Jesus Perez Dominguez, Ashley Cui, Blaise Pabon, Brent Baude, Chetan Giradkar, Christopher Evich, Daniel Walsh, David Chisnall, Doug Rabson, Ed Maste, Ed Santiago Munoz, Gerry Seidman, Giuseppe Scrivano, Jad Bsaibes, Jake Correnti, Jennings, Johns Gresham, Kiran, Lokesh Mandvekar, Martin Jackson, Matt Heon, Miloslav Trmac, Mohan Boddu, Nalin Dahyabhai, Preethi Thomas, Tom Sweeney, Urvashi Mohnani, Valentin Rothberg, Ygal Blum"),(0,ce.kt)("h3",{id:"topics"},"Topics"),(0,ce.kt)("p",null,"1) Modules Demo/Intro - Valentin Rothberg\n2) Allow specifying a guest OS in podman machine init - Brent Baude\n3) Quadlet Demo - Dan Walsh"),(0,ce.kt)("h2",{id:"meeting-start-1102-am-edt"},"Meeting Start: 11:02 a.m. EDT"),(0,ce.kt)("h3",{id:"video-recording"},"Video ",(0,ce.kt)("a",{parentName:"h3",href:"https://youtu.be/kjsQVJRQlJU"},"Recording")),(0,ce.kt)("h2",{id:"modules-demointro"},"Modules Demo/Intro"),(0,ce.kt)("h3",{id:"valentin-rothberg"},"Valentin Rothberg"),(0,ce.kt)("h4",{id:"202-in-the-video"},"(2:02 in the video)"),(0,ce.kt)("p",null,"Feature with the v4.7.0 release on Fedora and others. Many new options. This allows you to specify a number of options that you use across multiple Podman commands to be included in a config file. This helps lessen the complexity of the command line."),(0,ce.kt)("h4",{id:"demo---325-in-the-video"},"Demo - 3:25 in the video"),(0,ce.kt)("p",null,"Showed a Podman command with a lot of options defined with it. He showed a containers.conf file with several environment variables and capabilities set."),(0,ce.kt)("p",null,"The ",(0,ce.kt)("inlineCode",{parentName:"p"},"--module")," option can be used to specify the location of the file. He then showed a much shorter Podman command by specifying the module configuration file. You could ship the containers.conf to multiple users if you wanted them to start up in a certain way."),(0,ce.kt)("p",null,"The file can be named anything, but needs to be a ",(0,ce.kt)("inlineCode",{parentName:"p"},".conf")," file."),(0,ce.kt)("p",null,"If you specify multiple files, the later ones override anything that had been specified prior. Work on going to allow flexibility to specify order significance."),(0,ce.kt)("p",null,"Will --module be supported in quadlets? Not supported at the moment there? Valentin asked for an RFE issue for quadlet support."),(0,ce.kt)("p",null,"The --module option needs to be specified before the command. i.e.\n",(0,ce.kt)("inlineCode",{parentName:"p"},"podman --module=123.conf run")," and not ",(0,ce.kt)("inlineCode",{parentName:"p"},"podman run --module=123.conf"),'. It\'s a "root" type of command that works for any command in Podman.'),(0,ce.kt)("p",null,"The modules demo can be found here: ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/vrothberg/tutorials/blob/main/modules/01-containers-conf-modules.sh"},"https://github.com/vrothberg/tutorials/blob/main/modules/01-containers-conf-modules.sh")),(0,ce.kt)("h2",{id:"allow-specifying-a-guest-os-in-podman-machine-init"},"Allow specifying a guest OS in podman machine init"),(0,ce.kt)("h3",{id:"brent-baude"},"Brent Baude"),(0,ce.kt)("h4",{id:"1659-in-the-video"},"(16:59 in the video)"),(0,ce.kt)("p",null,"David Chisnall showed a PR (",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/pull/19939"},"https://github.com/containers/podman/pull/19939"),") which allows for FreeBSD to be run by a machine, and then further, any other Operating System."),(0,ce.kt)("h4",{id:"demo---2022-in-the-video"},"Demo - 20:22 in the video"),(0,ce.kt)("p",null,"He has been working on getting Podman to work on FreeBSD. He showed a terminal into a Mac Book, and he's added a ",(0,ce.kt)("inlineCode",{parentName:"p"},"--machine-os")," option to specify the OS. In about 20 seconds it was up, and in FreeBSD. He then went on to show a number of commands."),(0,ce.kt)("p",null,"He was surprised a bit by the push back on the PR that he has received to getting it in. "),(0,ce.kt)("p",null,"Brent noted the demo was good. He asked if the image had been customized. He's hoping the FreeBSD team can create the images necessary for Podman over time. David noted that the changes to Podman are a few hundred lines. The changes to FreeBSD are much more significant."),(0,ce.kt)("p",null,"He wants to have an images that will use ignition that's fully configured. They have that now and it has the ignition pieces built in."),(0,ce.kt)("p",null,"Dan said if FreeBSD folks are willing to support this, then it's something we should consider."),(0,ce.kt)("p",null,"Doug Rabson added that he doesn't expect Podman to support all of the FreeBSD."),(0,ce.kt)("p",null,'Dan is not worried about the FreeBSD support, but later drive by commits for "My OS", that wouldn\'t have the backing from the new OS that Podman has from FreeBSD.'),(0,ce.kt)("p",null,"Brent is concerned about QEMU, and David and he exchanged comments on it. FreeBSD would also like to get working with a Mac hypervisor too."),(0,ce.kt)("p",null,"Another hurdle is trying to get tests working with CI. Brent asked if they could run their code against the CI machine test. We don't have a FreeBSD CI, they have that, but would need a Mac CI. Chris talked about a number of options."),(0,ce.kt)("p",null,"They have a small FreeBSD in the CI now."),(0,ce.kt)("h2",{id:"quadlet-demo"},"Quadlet Demo"),(0,ce.kt)("h3",{id:"dan-walsh"},"Dan Walsh"),(0,ce.kt)("h4",{id:"4034-in-the-video"},"(40:34 in the video)"),(0,ce.kt)("p",null,"Hoped right into the demo. Quadlet is an integration between systemd and Podman. He wrote a blog ",(0,ce.kt)("a",{parentName:"p",href:"https://www.redhat.com/sysadmin/quadlet-podman"},"https://www.redhat.com/sysadmin/quadlet-podman")),(0,ce.kt)("p",null,"systemd has a unit file, and quadlet created a ","[Container]"," section which is allowed now by quadlet. Dan talked his way through there."),(0,ce.kt)("p",null,'Ygal Blum created "Deploying a multi-cotainer application using Podman and Quadle" (',(0,ce.kt)("a",{parentName:"p",href:"https://www.redhat.com/sysadmin/multi-container-application-podman-quadlet"},"https://www.redhat.com/sysadmin/multi-container-application-podman-quadlet"),") with more advanced features."),(0,ce.kt)("p",null,"Dan then showed quadlet allowed for android to run under a container on his desktop. It does take a bit to get going."),(0,ce.kt)("p",null,"Quadlet is a way to let you use files to declare container setups."),(0,ce.kt)("p",null,"Can specify if systemd should auto restart the service or not. "),(0,ce.kt)("p",null,"You can also set pidslimit to -1."),(0,ce.kt)("p",null,"Is Quadlet k8s for humans? (poor man k8s). You still need to write the config files."),(0,ce.kt)("p",null,'You can define the application with a k8s yaml, so you can use your old deployments, you don\'t need to have two "sources of truth". In Podman v4.8, ',(0,ce.kt)("inlineCode",{parentName:"p"},"podman volume create")," will allow you to pull an image if necessary."),(0,ce.kt)("p",null,"Quadlet is biased to systemd use cases, but can run Kubernetes workloads too."),(0,ce.kt)("h2",{id:"open-forumquestions"},"Open Forum/Questions?"),(0,ce.kt)("h4",{id:"5510-in-the-video"},"(55:10 in the video)"),(0,ce.kt)("p",null,"1) Running a rootless container, how to block from other users getting in, especially root. Dan pointed out that confidential computing is the way to handle that, but that's six to nine months out. It will encrypt the content. He's mostly concerned about his source code in hte container, can he use secret? No, it can't hide the code. You could use secret to encrypt the code, but it could still be seen now by root."),(0,ce.kt)("p",null,"2) Jennings asked about ",(0,ce.kt)("inlineCode",{parentName:"p"},"pasta"),", he raised an issue ",(0,ce.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/issues/19577"},"https://github.com/containers/podman/issues/19577"),". He's having problems with a self hosted Google drive. He's found it works OK with Quadlet using a systemd start. The problem is the application wants to talk to Docker API, but it fails. The issue is a rather generic error message and he's not sure if it's a real issue or just something a little off. This is an internal database issue, that will require refactoring. This is work that is ongoing. Would be nice to get info from the NextCloud folks. He believes it's broken, but it is an edge case. It's currently the last bug keeping NextCloud from working with Quadlet at the moment."),(0,ce.kt)("h2",{id:"topics-for-next-meeting"},"Topics for Next Meeting"),(0,ce.kt)("p",null,"1) None"),(0,ce.kt)("h2",{id:"next-meeting-tuesday-december-5-2023-1100-am-eastern-utc-4"},"Next Meeting: Tuesday, December 5, 2023, 11:00 a.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"next-cabal-meeting-thursday-october-19-2023-1100-am-eastern-utc-5"},"Next Cabal Meeting: Thursday, October 19, 2023, 11:00 a.m. Eastern (UTC-5)"),(0,ce.kt)("h3",{id:"meeting-end-1208-pm-eastern-utc-4"},"Meeting End: 12:08 p.m. Eastern (UTC-4)"),(0,ce.kt)("h2",{id:"google-meet-chat-copypaste"},"Google Meet Chat copy/paste:"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"Lokesh Mandvekar11:00\u202fAM\nnot recording yet\nDaniel Walsh11:14\u202fAM\npapabear.conf\nBlaise Pabon11:16\u202fAM\ncould you press `up arrow` so that we can see that command again?\nthx\noooooh,ok\nI get it\nit's like the modules are plugins\nBrent Baude11:17\u202fAM\nthis is what Valentin meant about it being a root flag i believe\nDaniel Walsh11:18\u202fAM\n--modules will work with all Podman commands as well including podman build.\nBlaise Pabon11:18\u202fAM\nthanks (sorry, I was the least clever of my group in college)\nBrent Baude11:18\u202fAM\nif you run podman --help, you can see alot of them\nMartin Jackson11:20\u202fAM\nhttps://github.com/containers/podman/issues/20246\nValentin Rothberg11:21\u202fAM\nThe modules demo can be found here: https://github.com/vrothberg/tutorials/blob/main/modules/01-containers-conf-modules.sh\nBrent Baude11:21\u202fAM\nthe PR in question is https://github.com/containers/podman/pull/19939\nBlaise Pabon11:25\u202fAM\nFWIW, I've been having issues with `--rootful` on OS X. I think that it is a known issue\nBlaise Pabon11:26\u202fAM\n...is that arch ARM because you're on Apple Silicon?\nThx!\nBlaise Pabon11:27\u202fAM\nI have a lot of spare x86 compute available , if you like\nEd Maste11:29\u202fAM\nI'm on the call but don't have a working mic.\nEd Maste11:30\u202fAM\nBut the Foundation is quite interested in this topic and is willing to dedicate resources to supporting what might be needed from the FreeBSD image / build side, and I am looking at some production uses for FreeBSD containerization in genreal\nChristopher Evich11:32\u202fAM\nI think this is a really cool idea. I can imagine it being useful with (as one example) a Windows VM to run windows \"containers\".\nEd Santiago Munoz11:34\u202fAM\nDid audio just go all wonky, with metallic buzz?\nDavid11:34\u202fAM\nNot for me...\nLokesh Mandvekar11:34\u202fAM\naudio is fine for me too\nEd Santiago Munoz11:34\u202fAM\nkthx\nDaniel Walsh11:41\u202fAM\ntime check...\nFamous last words.\nEd Maste11:42\u202fAM\nSorry I had to step aside for a moment, if there are any open questions for me from the FreeBSD Foundation perspective happy to have people get in touch emaste@freebsd.org or emaste on GitHub\nBrent Baude11:43\u202fAM\n@David -> https://github.com/containers/podman/blob/main/pkg/machine/e2e/README.md\nBlaise Pabon11:43\u202fAM\nYay! I'm here for the quadlet demo\nDavid11:44\u202fAM\nI think Doug wants to get podman machine to support bhyve so it can use run Linux containers on a FreeBSD host. For testing podman machine with a FreeBSD VM on Mac, we don't need the CI system to provide a FreeBSD host environment.\nEd Maste11:45\u202fAM\nYeah I'd be very excited if podman machine could drive bhyve\nDoug Rabson11:46\u202fAM\nIts failrly low on my 'want' list but it could be useful\nYou11:46\u202fAM\nBlog Dan is referencing: https://www.redhat.com/sysadmin/quadlet-podman\nBlaise Pabon11:46\u202fAM\nI've been playing with dagger.io and I wonder if that might help in this scenario (by not requiring a virtual host to run the container) ?\nYou11:47\u202fAM\nYgal's blog: https://www.redhat.com/sysadmin/multi-container-application-podman-quadlet\nChristopher Evich11:48\u202fAM\n@Dave/Doug/Ed: We have a bare-metal setup today for running podman-machine tests on a Linux host. That would be relatively easy to extend for testing other VM types in a matrix.\nBlaise Pabon11:48\u202fAM\nIs quadlet k8s for humans?\n(poor mans k8s)\nWow\nJennings11:50\u202fAM\nquadlet, podman-compose, docker-compose, and podman kube play are all ways you can use files to declaratively manage containers\nquadlet is biased to prefer systemd syntax, so i guess the question is: is systemd for humans as well?\nBlaise Pabon11:51\u202fAM\nROFL, `systemd for humans` would make great click bait\nEd Maste11:51\u202fAM\n@Christopher do you have a link handy for more info on that?\nBlaise Pabon11:53\u202fAM\n@Dan, can we get `buildah systemd-generate` to handle tje boilerpllate?\nBlaise Pabon11:56\u202fAM\n^ never mind\nChristopher Evich11:57\u202fAM\n@Ed I wouldn't expect you guys to implement it, but in my mind it could be a matrix on this task: https://github.com/containers/podman/blob/13456be1e72f4a8eb6aaac6dedc95cf4f621de88/.cirrus.yml#L705-L734 \n (Note: That doesn't yet run the \"new\" podman-machine e2e tests - that's on my list too).\nDavid11:58\u202fAM\n@brent: Even before I try the FreeBSD bits, I hit this error from make .install.ginkgo:\ngo build -o build/ginkgo ./vendor/github.com/onsi/ginkgo/v2/ginkgo\nrosetta error: overlapping Mach-O segments:\nBlaise Pabon12:00\u202fPM\n@Kiran, you may also want to loot into the Wolfi distro-less images from Chainguard.\nEd Maste12:02\u202fPM\n@Christopher, thanks -- I'm a fan of Cirrus CI as they're the hosted provider that supports FreeBSD, I will take a look\nJennings12:02\u202fPM\nhttps://github.com/containers/podman/issues/19577\nYou12:05\u202fPM\n@Luap77 == Paul on GitHub fwiw\nGerry Seidman12:09\u202fPM\nThanks all... gotta jump\nxrq-uemd-bzy\n")),(0,ce.kt)("h2",{id:"raw-google-meet-transcription"},"Raw Google Meet Transcription"),(0,ce.kt)("pre",null,(0,ce.kt)("code",{parentName:"pre"},"om Sweeney: Good morning, This is Tuesday, October 3rd, 2023. This is the podman community meeting in this meeting, we generally discuss demos and the upcoming new items that are inside the project that we want to show up. For people want to show off or other projects that are dealing with pub man that want to show off their work as well. So if you have topics love to have them anytime in the future. For today, we're going to be talking about no, that's not that This is a meeting that goes on every First Tuesday of the month. We also have a couple meeting which has been going on on the third Tuesday of the month. It will go on the third Tuesday in this month. But going forward, we're moving that to the third Tuesday. Of the month as well. So on first Tuesday, will be the community meeting. The third Tuesday will be the call meeting. That will be starting for that one. and then topics are driven by car meetings or if you send requests to me,\nTom Sweeney: love to have topics at any point in time and we are willing to accept discussions on man build us copio or any related container projects, if using any of those part of your project, we'd love to have that as well. I have the meeting notes today that I've got a link there, audit and Google chat in a moment here. If you want to go ahead and correct anything I put in or add anything. And the presenters if you have links in particularly like that, love to have those edit there. And then for today's meeting, we are having a demo on modules and an intro from Valentin. And we'll have a discussion about you specifying, Guest, OS and poverty machine in it for Brent, and Daniel will be following up with the quadlet demo. And then for the last 10, 15 minutes, we'll have open topics for anybody. That has a topic that they want to talk about. Before we get too far, we have to have a note from our sponsor. If you haven't seen it yet, I've been in Action book by Daniel, Walsh's, excellent resource and Dennis caring this. But if you have a Red Hat subscription, you can get it for free online.\nTom Sweeney: And with that, I'm going to help over this bidding to Valentin the start of\nValentin Rothberg: All Sorry to click through the sharing before I apologies in advance. I gotta run in our own 20 minutes, so I won't be able to make it throughout the entire call. So thanks Tom for moving me first. So I want to talk about something that we call Containers Khan from modules. This is a feature that made it in the just recently released Portland for seven. and I think it's best explained with a motivating example. Use cases can be quite complex and there are loads of command line options and flex that you may need to use to run your certain workload. In this case here, I have an example where the workload, it's just an exemplary. One needs a lot of capabilities. There certainly more elegant solutions to do that. I'm going to show them in a minute.\nValentin Rothberg: But it boils down to some use cases need a lot of massaging. One motivating example or use case is for instance running or accessing graphics cards inside containers, which is very common in HPC use cases where the user is even need to mount certain launch amount certain and video libraries from the host into their containers because they don't want to ship All these huge libraries to keep the images as small as possible.\nValentin Rothberg: So it boils down to the command line, interface can be very complex. So if you want to run your containers on a number of nodes, either you're going to find a way to inject Generate these commands use config files or users need to be incredibly smart. typing a lot and make sure that there's no typo. So in this case here, we've just a Simple Container Using a Lot of Capabilities. One thing that we have an apartment space is a configuration file, which is called containers column. So if you go into the man pages of containers.com, you see a lot of options that you can find there and most of these options replay, certain command line flex. So in this case,\nValentin Rothberg: I'm using containers Conf to replace all the capabilities that we have before. And here we see one environment variable here, I'm using printf just to print all the environment variables inside the container. You see that it has been injected here from the host. How did I do that? And then it like that. So the environment variable has been injected here via the environment.\nValentin Rothberg: String array and all the capabilities have been injected via the array on top. So this works just fine. So you can use a containerscon file already today to set certain defaults if you want for the workloads that you want. You can do that per user. You can do that system wide. I then use a share if you want to ship it via for instance, rpm package or on Etsy. If your assistant men and want to configure it for you user base, but It's always a default setting. It sets the baseline. There has until 4.7 not been away to opt in certain.\n00:05:00\nValentin Rothberg: Configuration files enable them selectively other than specifying them environment variable as I just did on the command line flag. Use cases can be more complex than that. Maybe you need more than one configuration file. Maybe you want to separate them config options. You want to put in security Conf all in video related options. You want to put into Nvidia.com and at some point you may be want to compose them and use them all at once. selectively. So this is the use case that mod Solve. So, instead of specifying these environment or these config files over the environment.\nValentin Rothberg: there is a new root flag important - module where you can specify either an absolute path. If you specify an absolute path, then the file behind this absolute path will be loaded. And if you specify a relative path, then This relative path will be resolved to certain directories On the host. So,\nValentin Rothberg: To elaborate more on that here. If I move from my the module into my home, directory, can do this rootless if I want to in that containers conf dot modules. If I place it there and then use it after, I can totally do that. So, in this case, if I run here, we can see that the module is being resolved. Because first, we don't get an error and second, we get exactly the environment flag that we've seen before. So, I do not have an Nvidia card so I unfortunately cannot show a cool HPC for instance, workload using the new modules flag on national workstation here. But I hope I got the message and the idea across. So it's This new containers kind of modules, allow for enabling certain configurations.\nValentin Rothberg: And I believe it's a huge improvement over in terms of user experience because you do not need to use and recall. All these hundreds or dozens of depending on the command line flags. You can. Ship these containerscon files if you want to for all users. So if for instance, the capabilities con would not be in my home directory. But for instance, use a share or Etsy tain containers Conf modules, then it would be found there as well. So it's a Pretty simple Powerful means to ship. These settings, these defaults for your certain use cases, load them on demand. And I think that's it. So, I'm open to questions.\nTom Sweeney: Restriction. So the naming of the files.\nValentin Rothberg: They need to end With.com. this is pretty much The convention that we had before for containerscon files. One thing I should elaborate on. Probably as well, is that these confiles will be loaded in the specified order. So if you have module three, first one will be loaded, three will be loaded. So one thing that is probably worth mentioning as well, is that? during this loading sequence, if a configuration file, let's say configuration two would set the environment. Array, then previous settings will be overridden. so at the moment we're looking into and we have a proof of concept open at the moment against the containers common\n00:10:00\nValentin Rothberg: Get a project upstream where all the code for containers kind of lives. That allows for appending to these things. This is not something that Tamil natively supports, so we use tomal behind, it's a markup language. Behind containers gone. So we're working on improving the usability for these things and I should probably Call out the people who raise their hand.\nTom Sweeney: We'll go to Chris.\nValentin Rothberg: I see Chris\nChristopher Evich: Yeah, just quickly. This seems like this could get really complicated quickly with lots of modules and the orders significant and why not. This is a reasonably easy way to see What is loaded from where in the debug output for example,\nValentin Rothberg: yeah, that you will see in the debug output, which CONFIGS are our loaded from where But I agree for people probably shouldn't take this to an extreme and ship. dozens of conflicts with Fubar. but,\nValentin Rothberg: Looking at the state of the art today. If you have these very complex you want to use in videographic cards in your containers, what you got to do is either use and ship huge images and use a lot of command line flex, or normally sized images and still use a lot of command line flex. So in the future, there could be a future where you wouldn't install an RPM package, for instance pot man dash and video module or something like that. And it would just install a container's conf module in user share. And then if, you type Module Nvidia.com and everything's done, you don't have to care. No worry about this anymore or\nValentin Rothberg: if you have some security sensitive systems, you may use very strong defaults, but certain containers may still need to add certain capabilities or play a little bit with SEO Linux then it's probably where I would consider best practice to Ship Containers, Conf module which sets the base minimum of capabilities needed to run a certain works workloads rather than forcing or pushing users into using the privileged flag for instance. Yes, then as Dan says the Papa bear. Can't\nValentin Rothberg: Martin has another question.\nMartin Jackson: Yeah, this looks pretty cool. it looks like on current main. The module option is not yet supported in quadlets. do we have to pass that through with hot men arts? I like going forward?\nValentin Rothberg: That's a very good question. Yes, you're right at the moment, quality doesn't support. there's no quadlet native containers confield. So if you want to use it you got to use the department arcs cheat someone but it's actually a great request. Would you what you might opening an issue on Github so we want forget about it.\nMartin Jackson: I will happily do that.\nValentin Rothberg: Cheers.\nMartin Jackson: Thank you.\nValentin Rothberg: Another question from Eagle.\nYgal Blum: command line that you ran there, the argument was passed before the ran command does it matter where that can like that parameter is, or can it I'm just preparing myself to the club that PR\nValentin Rothberg: He has a quad limit. That's a very, very good question. the module flag needs to be specified before a command. So when you look in the terminal it\nValentin Rothberg: It needs to look like this. and\u2026\nYgal Blum: Yeah, and it can't look the other way around. Yeah.\nValentin Rothberg: not like this. So, I can give it 20 seconds. X or explanation of that.\nValentin Rothberg: To initialize, right?\nBrent Baude: And women request, if you could just Protocol your history so they can see the original command. To have your history still.\nValentin Rothberg: No. I run a shell script for the demo.\nBrent Baude: Okay.\nValentin Rothberg: But I can quickly jump through it. So what you saw here is the module flag. spec needs to be specified before any apartment command or subcommand. It has a technical reason. Which boils down to how the goal library that we use for CLI parsing works. And the fact that these containers confile are being used to set the defaults for these flags. So, we got a the module flag, very early on initialization of the potman very early on or right after the go run time. Has been initialized. To inject all these values. So,\n00:15:00\nValentin Rothberg: yeah, looking forward to see this and in Kuala.\nYgal Blum: Yeah, thanks.\nValentin Rothberg: Yeah, Great comment also, from Dan for those listening in, probably not reading or being able to read the chat, these modules work for any command. So this is not limited to Running containers is just a very compelling example but containers kind of allows for changing all kinds of fields and knobs important. So even when pulling an image, there are flex and fields in containers, confident influence that or when creating that works volumes, all kinds of things.\nTom Sweeney: I'm hearing the questions, slow down here and I know that Valentin's got to Make his way out of here, pretty soon. So, last chance, for the questions?\nValentin Rothberg: Thanks for the great questions and thanks everybody for joining. Back to you, Tom.\nTom Sweeney: Right thanks for coming in today and talking about that. So now next we have brent's up leading a discussion on specifying, a guest OS and podman machine admits\nBrent Baude: Why don't We'll start with David's demo, but to Set the stage, Perhaps a little bit. The David I believe You were the author of the PR or you're not Yeah.\nDavid Chisnall: Yeah.\nBrent Baude: And David has created a PR that opens up. Padman machine and knit to do.\nBrent Baude: Be able to load alternate os's. I think as we've debated this for weeks now. Internally I believe it kind of boils down to two things. One he's opens up the ability to be able to do FreeBSD. As a machine. And the other is that it opens up to be Able to do whatever you want as a machine. So with that, I think it's good that we look at what is PR does and then we can Talk about what? Am I mean?\nBrent Baude: We're getting a blank screen.\nTom Sweeney: And no sound from David. Who was on prior, I'm wondering if he's got chewed up by Google meet which sometimes takes people away.\nTom Sweeney: It's back. And David are you back now?\nBrent Baude: You're unmute David?\nDavid: Every time I try and share window, the\nDaniel Walsh: You're very low volume.\nBrent Baude: I provided the PR that we're talking about in the chat. for folks, If anyone wants to familiarize themselves with it, I think. Our team has debated it quite a bit, so we're quite familiar with it.\nTom Sweeney: David's, third time, the child.\nBrent Baude: Yes, it looks like it.\n00:20:00\nDaniel Walsh: David, if you're talking, we can't hear you.\nDavid: Sorry restarting the Web browser remuted me. So can people see a terminal window now?\nDaniel Walsh: Yes.\nDavid: So yeah, to Google meet thing kept crashing so I'm not sure. Quite what was said in the intro but my starting point here has been building on top of Doug Rabson's work to get podman working on FreeBSD. Most of what I've done has actually been on the FreeBSD side. I just had some very small patches to pop down to make all of this work. but what you can see, hopefully, here is a terminal on M2 macbook.\nDavid: And the thing that I've added is the ability to specify what the machine OS is, so that you can then key different behaviors of that. And there are a few places where currently Pubman hardcode some assumptions about specific target machines. so if we start this saying here is a FreeBSD disk image Let's boot up. PubMed machine for managing containers. This takes about 20 seconds. Last time, I ran it maybe a bit more with Google meet eating all the CPU.\nDavid: This does more or less. the same things that it does today with the next version, it mounts volumes from the host, provisions, ssh keys. And everything I did specify minus root full, but it doesn't actually propagate that setting and that's on my list of things to investigate. So I need to explicitly say past, this is as the root thing. but now, from the Mac, all the podman remote stuff works. So I can grab a FreeBSD container image. I can. And something in that that tells me what the version is.\nDavid: the kernel version is, BSD 15 current that container is from an older version. And mind mounts from the host of working. So, That's mounting the current directory in slash MNT and that shows the same things we see on the host.\nDavid: And for a little bit of extra fun, the previous image also has the Linux compact layer working. So I can also run the Linux command to look inside a Linux image.\nDavid: And if you run your name, you see that this is not actually a Linux can kernel. It's a FreeBSD kernel pretending to be a Linux kernel. So, this is kind of where I wanted to be able to Build use previously containers on the Mac. And that I can then deploy to servers that are running a freebs DOS on the host. That seemed like it was a hundred percent in scope for what podman machine was supposed to do. it's for supporting running containers of one OS, when the host is something different, that's why I was kind of surprised by how much negativity, there was in the PR but a couple of people suggested discussing it in this forum, so,\nDavid: Yeah. Yes, this is arm because I'm on a apple, silica Mac. Most of this stuff should work on x86, but my x86 Mac is too old for me to be able to build pod, man on it. The go compiler, crashes. So I haven't been able to test it on x86.\nBrent Baude: Okay.\nDaniel Walsh: So Paul is not here, So Paul is the one that push back the hottest.\nBrent Baude: No. I think we can speak for Paul. The team was pretty unified.\n00:25:00\nDaniel Walsh: Yeah.\nBrent Baude: And in their thinking. So I'll try to represent the team the best David. And what I would like to do is just have a friendly conversation and please don't take anything as a negative.\nBrent Baude: So you're demo was very nice. it just Established a couple of facts. Podman machine and knit is not an automatic thing with tribute SD yet. Is it?\nDavid: You currently have to provide the image. It doesn't go infected automatically,\u2026\nBrent Baude: And is that image been customized?\nDavid: There's some build scripts that make that look as much. what you expect from a Linux guest, as possible. As I said, what I was trying to do with most of this work is minimize the disruption in Odd, Man, it's taking the ignition file. It's extracting the bits from that it needs. It's not adding, anything custom, my goal is to have the FreeBSD release engineering, team able to produce VM images that are the shape of man expects to be able to consume And I think EDM Matt from the previous D Foundation is on the call so he can maybe speak more to that. But the\nDavid: to go for most of this work. And this is why, the Pod man changes are a couple of hundred lines. The FreeBSD changes are significantly larger than that. As always been to make sure that we're not making undue requests from podman, we're not saying, Please change how you do sharing, how you provision? Ssh keys. We're just saying, Please don't make or provide a hook that lets us not use Linux specific mount commands, but export those with the free BSD ones and I think that the total changes I have\nDavid: Are really, about a hundred lines of code. And a big chunk of that is moving stuff from one function to another.\nBrent Baude: okay, so when you weren't to clarify, when you were talking about dealing with a free BSD, disk Images, Your intent I have an image that is not configured and would use ignition. Okay. How far away do you think you are from something like that?\nDavid: Yeah.\nDavid: So that's what we have. that image I build with poudreau\u2026\nBrent Baude: You do.\nDavid: which is the thing that the previous D project uses for building packages and can build this images. That's preconfigured to look for the ignition. And file in the qmu firmware, config exported space extract, SSH keys from that AD users based on that. It has the 9pfs stuff built in so it can grab the host shares from that. It installs podman from the packages,\u2026\nBrent Baude: Okay.\nDavid: it has all the services that's up to run all of those bits.\nDavid: And that's now scripted as a thing that just spits out a disk image that can be consumed by Bob Man. that's not where I want to end up. I'd like that to be something that the FreeBSD Release Engineering team is producing For every security advisory for every Iraq to notice.\nDavid: As they do with other customized disk images, for cloud providers and so on.\nTom Sweeney: Note for David and Brent is, did you see the note from Ed must. I'm hoping, I'm pronouncing his name correctly, It's last name. Anyway, he doesn't have a working. Mechan want to make a note that the foundation is quite interested in this topic and is willing to dedicate resources to support what we needed from the FreeBSD image. I can't speak English today either built side and I'm looking at some perfection uses of FreeBSD containerization in general. Ed works with you David? Is that true or previous?\nDavid: Yeah. So Ed is on the board of the FreeBSD Foundation and manages their technical activities.\n00:30:00\nDaniel Walsh: yeah, so I think it would be First ad for BSD support, I think the biggest pushback has been or against making prime machine end up being, some way of Downloading, any random, Unix Pat box and running it? and the main problem we have with that, is that we end up being the support people for I pulled down my machine for Ubuntu and it's not working properly and we don't have anything to do that. So if previous people are willing to support this I think it's something that we should definitely consider, again, we can't support it. So we need Doug and we need you David and anybody else from free, PSD to be able to support us. Doug.\nDoug Rabson: Hey, I'm absolutely there to support this feature and it's kind of interesting. The word support means different things in different contexts. And when I read the two, the four seven release notes includes a line for, adding support for DASH device on previously that absolutely doesn't mean that I expect Red Hat to support commercial customers using that feature. But it's nice that the Pod Binary supports it so I think we can have a sliding scale sort of context, depends. Support model in this case. David. And I really care about Having pod man work as well as it can on previous D and being able to use that on a Mac. Just opens up people to experiment with it. I have a Mac on my desk at home that I'm working. So, we'll be useful for me, but it doesn't mean that I expect you to,\u2026\nDaniel Walsh: I just want to.\nDoug Rabson: to feel support calls for that future.\nDaniel Walsh: Yeah, I don't want to first of all, Red Hat support and just because a few bunch of us were for redhead Red Hat supports a totally different thing. We're always talking about here is upstream support. And in that case everything you just said actually is true as well. Our fear is that Doug you've been a great partner for us so you're not as category but we get a lot of drive by commits that has my favorite Linux distribution. I need a machine for it. So here's how to do an alpine machine and then that person disappears and all of a sudden we're getting, github issues on it and we're closing it and people like I man sucks it doesn't support Alpine right or, things like that. So that's probably the biggest pushback or,\u2026\nBrent Baude: Okay, wait,\u2026\nDaniel Walsh: at least my biggest push back.\nBrent Baude: we really designed Purposely an appliance such that we could have this conversation of you don't get to just put whatever you want in there and\u2026\nDaniel Walsh: \nBrent Baude: have us figure it out. So, that was a defensive maneuver at least, when I wrote the original code. IQ IQ. And I think the team as well with some mattresses. Feels pretty good about the freebies steam machine part. So, the hangup is on the BSD machine, if you I think our wish would be that if you follow the code pass, there's something called a provider. In our code. We'd like to see free. BSD be a provider even though it's using If that's something we can maybe figure out and I need to go back and look at the code to see if that's possible or we just sort of talk it, under there as a OS. everything under square\nDavid: Yeah, so I mean the Current.\nBrent Baude: UNIX, or whatever.\nDavid: Delta between Linux and 3bsd in qmu is two things. One of which I'd like to not need for some reason on a arch.\nBrent Baude: Okay.\nDavid: 64 FreeBSD is not correctly. Handling, the ACPI Shut down event. There's a bug filed about that ream. Maybe Ed can help. Devote some resources to fixing that, but that means we just ssh in and do a shut down dash p now, as well as sending that event. that's three lines of code on two of those are the open brace and closed brace If it's Free BSD, have this hacky work around\n00:35:00\nDavid: the other one is when we mount the host file systems, The FreeBSD, and the Linux Mount commands takes slightly different arguments. I factored that out into a separate function for the Linux and\u2026\nBrent Baude: We?\nDavid: the Freebs D1. And everything else is shared across the qme1.\nBrent Baude: Perfect.\nDavid: I haven't tried the Apple HP code paths yet. I'm not sure how mature they are if they're in a working state but I'd love to work on that. I know some customers that would be very happy to have. No requirement to run GPL codes to be able to run containers on a Mac. I don't have quite that hang up so I'm happy to work with the qmu version.\nBrent Baude: I wrote the Apple HP stuff, so it's perfect obviously. It does work, the biggest hang up with Apple HP. Right now is just simply that we don't have photo or cos image being generated by a fedora correlas. So otherwise it's been pretty bulletproof. It does use vfkit. have you seen that? Okay, and\u2026\nDavid: Yeah. In a past life,\u2026\nBrent Baude: it uses GT proxy.\nDavid: I actually wrote the book about the Zen internal, so I have more than a passing familiarity with how hypervisor work.\nBrent Baude: so that would be the only You think of a free bsd problem of via Kit? I would imagine that would boot just fine. They're red Hatters so we can get cooperation. There.\nBrent Baude: And I think they even let me merge Prs. so, the second small hurdle will have to figure out is somehow one of our biggest efforts right now as a team, As Chris can tell, you is, We're trying to get machines, we have a whole slew of machine tests. Now, And we're trying to get that working in CI. so, the first thing that might be good is to Have you run your current code against the machine tests? There's a readme in there. I think you'll be able to figure it out.\nBrent Baude: If not hit me on IRC here wherever else? But we don't really have a freebsdci solution. Is that something you guys have?\nDavid: Yeah I mean Sarah Ci does open source Freebsdci but the bit that we actually need here is Mac CI. And we can provide FreeBSD.\nChristopher Evich: He?\nDavid: This images that can integrate with that.\nChristopher Evich: I can speak a little bit to that. So, serous, the serious FreeBSD, I believe, that's using their compute services and I'm pretty sure that's going to be running on a VM of some sort. So, that seems like that would cause issues with trying to run nested for and\nDavid: Yeah.\nDavid: I thought she supported nested virtualization, but I've not actually tried it.\nChristopher Evich: Sue and So I'm not exactly sure what is behind the serous compute stuff? It's kind of a black box. but you're right there are I think in both GCE and in AWS, I think they've got\nChristopher Evich: Images that are available. The ez2 side is a bit more attractive because we could in theory, run bare metal there. It's kind of expensive, but\nChristopher Evich: Maybe that's a possibility.\nBrent Baude: So let's get it.\nDavid: But yeah.\nBrent Baude: Can we get an issue upstream about implementing? this and Chris Knight, This is the last of your\nChristopher Evich: yeah, You can stick me on it.\nTom Sweeney: Okay.\nBrent Baude: But it would be the last of your platforms to work on it. At least at this\u2026\nChristopher Evich: Yeah.\nBrent Baude: but David, if we can get a thumbs up, that it passes the tests if you run it, local, That would be,\u2026\nDavid: Yeah.\nBrent Baude: that would be very helpful to us. In terms of confidence.\nDavid: Yeah, if you can drop me a link in the chat to the Readme that has the instructions. I can definitely spend some time on it this weekend.\nTom Sweeney: Okay, that's good. I wanted to just touch base with Doug real quick and then we're gonna have to move on if we want to come back to this at the end we can't, did you have something further to talk about here?\nDoug Rabson: Yeah. I was just going to note that in a very small way. We have a FreeBSD workload running in the CI does the native through the SD build as opposed to a cross build obviously it's not doing nested virtual anything like complicated Long-term, I kind of want to be able to run system tests, but I think we're quite our way away from that.\n00:40:00\nTom Sweeney: I'm just gonna end this conversation right now just because of time rather than of interest.\nBrent Baude: Yeah.\nTom Sweeney: And I'm going to ask Dan to step up now and give us a quiet demo and then we can come back to the Select Demo style if we still want to. 10.\nDaniel Walsh: Okay, so I was talking in time before it's a quad that's been around for a little while. I'm surprised we haven't done this at community meeting. So let me I'm just going to talk through quickly. What quadlet is and Show you a couple of examples of it. Those who haven't played with it yet.\nDaniel Walsh: So, a little history lesson, I wrote a blog on Quad, led Pod that back February of this year. So quadlet was a effort of integration of podman and system D. So for those of you out there that played with partners, always have this command, Baude man system. System degenerate, which would take a running containers on your system or running pods in your system and then would generate a system to unit file. That was sort of the best practices of the time to define how to run this pod man under a system to unifile. And\nDaniel Walsh: That a lot of people use that matter fact, that somebody who we've sort of tried to deprecate it and now there's some people pushing back as they use it heavily inside of production. So we're have to look at it. But a engineer from Red Hat, Alex, Larson saw this and actually realize that he understood the system. He had this concept of what's called the generator and what a generated allows you to do is actually sort of do that on the fly, all Actually generate a unit file and then customize the way that the unit file actually looked on a system. So if you played with system D at all, he probably seen a unit file that looks something like this.\nDaniel Walsh: And usually a unit file defines the actual application and find some stuff under services. And then usually Elijah to set up relationships between different unifiles. So you can do things like install and say, the services are going to start till after the civil service starts, but there's a special section inside of this. That doesn't exist in most system to Unifiles. And this section can be defined, and then you run a generator to convert this section into something that looks like in a system D could actually support. So what quadlet does is allows us to specify these special sections inside of what looks like a traditional system. The unit file in this case is just a couple of lines What image the container is going to run. And then just the command to execute inside the container.\nDaniel Walsh: When you run a system daemon reload that will actually cause system D to run a generator, which is going to run quadlet to translate that thing that looks like a system. To, file, we call them quadlets into a real system to unit file and I think down the bottom here. this is the real system to unifologist generated here and you'll see\nDaniel Walsh: Basically, that gent takes generates it into a podman command that will run and your services. But this builds in all the intelligence that we've added to make sure that Pod man runs correctly on the system to unit files. So the original one was just to do, simple, quadlets containers underneath unit files, There's a second blog that was written by Ygal on this call. Also that looks at advanced features of quadlet, so we don't only support container. But we actually support Dot Coop, which allows you to specify Kubernetes, Yaml file to run inside of a quad. that's going to use Pod, man, who play underneath the covers and then there's additional tools Dot network and Dot volume. Let's that allow you to specify, to create a pod man that work or create a Pie Man volume. And then you can into mix all these together and this\nDaniel Walsh: The blog Goes heavily into How to set up a real complex, Kubernetes Yml file with its own networking, in its own volumes, but all created, by these multiple different files underneath the Kubernetes Yaml files. So now, I'm gonna go out and show you another example. So, in my home directory, this is big enough. Everybody to see I created a quadlet for running Android. So, this is a\n00:45:00\nDaniel Walsh: A quick quadlet that someone has Android VM to be able to run inside of a container underneath the pod, man, and this gives you an idea of right up here on doing some leaking the environment variable to tell it which look for Wayland to my desktop. Then I'm adding a couple of it needs KVM and renderer and a few other commands to be able to run container. It's kind of interesting that you can actually do things like Advanced concepts. I think percent takes the current xdg runtime directory and mouse it into the container. So this advanced up but basically this is all this stuff is going to get converted into a real complex pod man. and to run but again it's fairly simple to look at and then I can just do A start.\nDaniel Walsh: Android and basically standard system, the commands to actually process a quadlet. And there you have Android running underneath Pod Man, inside of a container on my desktop, it takes a couple of seconds to refresh.\nDaniel Walsh: Here it comes.\nDaniel Walsh: And say it was giving me this severely real fast, but There are some stuff that we can do to improve the speed of this, but Now, you have an This is Android Auto,\u2026\nTom Sweeney: But yeah.\nDaniel Walsh: so a lot of this was done for the Auto SD code. So this eventually shows you, Yes, that running. So now I'm gonna go into quickly through some slides of some of the power that you can do with quadlets because quad lights, allows you to integrate system setting up parts of the system as well as setting up containers. And now you can interact between the two of them. So this is actually part of the ribose effort, red and vehicle operating system and we're looking for\nDaniel Walsh: Up a section of the disk to isolate processes inside of this section, from the rest of the system. And so I'm just going to go through one of the things we can do is we can name sort of the C group that we're gonna associate with the entire service. We can actually take through all system D tools that you can use to convey a quadlet. We can actually pin all the processes inside of this broad led to specific CPUs and the system you can actually set up C groups measurements on the group. So you can set up CPU weight. Now you can set this up in five man as well but it's kind of interesting that System has some advanced features that we can take advantage of i08 similar\nDaniel Walsh: On and we're gonna go down here. We can actually set things like boom killer. So if I want to make sure that my process gets killed inside of a container, I can set up outside of this service is priority wise. They can do that a couple of those things.\nDaniel Walsh: We can actually take set stuff like recent whether or not system should restart the service automatically. And this is interesting too system. D has advanced features for stopping fork bombs. So Taskmax here is actually setting, basically says the service to say that it can never have more than 50% of the maximum amount of kids on the system. And then we're going to jump down.\nDaniel Walsh: And now we're in the container section. So these are commands to setting up pod man, but when I set up the pid's limits there, what's interesting? I think I stopped here as I can soon section. These are all flags, you can set But I was trying to get to and I guess my presentation. So right here, Pid's limit If I wanted a container to have more than,\nDaniel Walsh: Yeah. The Pid's limit, if I wanted to control his limits from my system point of view, and not from podman's, hide coded to go to 2048 by default that runs containers. But if I wanted to have 50% of all CPUs and I go into my Pod, Man section and tell it to set the limits to minus one. Now, most of these fields inside of the container section, all match up some what to match up to similar Pod, Man. Command line options and there is a Get Out of Jail free card. If we did an implement one. So there is a podman arc so you can actually specify individual pod, Commands bottom line is, you can do really advanced stuff with running podman of the system d. So if you're moving to services running on nodes edge devices, things like that is incredible power on this. So I'm gonna end it.\n00:50:00\nDaniel Walsh: End at this point and open myself up to questions I guess.\nTom Sweeney: Any questions for dinner. I saw a couple go by, for Blaise in the comments talking about Now, I've lost it.\nTom Sweeney: Always quiet, Kubernetes for humans. In other words, a poor man's Kubernetes\nDaniel Walsh: Here. you still have to write the Kubernetes Yaml files. Although Pod, Man has ability to generate Kubernetes Yaml files so you can do podman Coop generate from existing pods of containers and that'll generate a yaml file that you can then use in a pod man and inside of a quadlet and Egal is much more of an expert on this. So I'm sure he's jumping up to answer the question so go, yeah.\nYgal Blum: But I'm I think might I have a problem with my camera, Sorry for that. So the idea is that you can define your application either directly on a containers as a dot container or it is a dot cube and then use it as a kubernetesmo and then point to it with a dot cube file, the ideas that then you can reuse your already existing Kubernetes deployment or even said or whatnot and use it directly and you don't need to maintain two sources of truth.\nYgal Blum: An image pool operation that will be separated from the apartment run. the initial reason I added It was that I needed a weight. I wanted to create a volume based on an image and unlike Podman Run which knows All the Image Podium volume. Create does not do So I needed an automated way to pull the image separately from the creation of the volume. So this allowed me to do that and not sure if Dan mentioned it. So there's an if you can see it in my blog post, Once the Dot volume. And next DOT image file are not only used to define these entities, but they can also be used in the Dot cube or DOT container or next in the DOT volume using DOT image file. So that\nYgal Blum: Quartet will know to create the link between them and also to create a dependency between the service file. So let's say I have a network created by a DOT network file and I point to it from a DOT container file, then while that will know to link to that network and also to create a dependency between the service created for the DOT container file and the one created for the DOT network.\nDaniel Walsh: Excellent. They got somebody's pointing out that there's multiple ways of running containers.\nTom Sweeney: Yes.\nDaniel Walsh: There's Kubernetes There's Darker compose, there's pod, man system degenerate and now I think quadlet is biased towards system. D, use cases for running containers and we've always had a goal with pod man to make it as integrated with System. B is as humanly possible, the real neat thing is that you can start to run, could you Kubernetes workloads? I mean, define your application in terms of Kubernetes, then we can run at locally under a system, as well as running inside of a Kubernetes cluster. So we can actually run the gamut of those tools. Obviously we continue to support compose and kubernels for running. container as well, but\n00:55:00\nDaniel Walsh: So that's it. Any other questions I missed anything?\nTom Sweeney: I'm hearing silence and we're getting close to the end of the hour. So I'm gonna think that and you go for talking through this and the questions that we got on it and I will just ask if there are any questions that somebody else had Kiran\nKiran: Hi, Tom. so my question is regarding I deployed my container. but, I was thinking to add authentication for it. If any user is using Portman exec command we can directly get inside the container. So is there a way to add any type of authentication for that?\nDaniel Walsh: Do you want to You running a ruler container or focus data.\nKiran: it is a rootless container.\nDaniel Walsh: So you're worried about other people logged into that user getting in or is your container listening on the network?\nKiran: I'm worried about the other user, specially the root user. To access my container.\nDaniel Walsh: Yeah, so that if you were worried about the root user, the future of that type of worry Pod, man has no way of control and I'm back. No process on a Linux system. Right now has a way of controlling that if you following along with the thing called confidential computing, which is just starting to show up right now and Computing is the way to solve that problem, but it takes specific types of hardware that are not available on laptops or low-end devices yet, but I think over the next six to nine months so this would be So the processes inside of your container as well as all the content would be encrypted in such a way that the root process would not be able to interfere with it. the only you could do is kill it but you wouldn't be able to examine the content or manipulate it so\nKiran: Okay, so I'm mostly concerned about my source code, which is inside using the Portman secret.\nDaniel Walsh: yeah.\nKiran: Can I hide all of my source code?\nDaniel Walsh: No Secret is only to leak a secret into the containers in a way that it would not be saved. So It's really a secret from the image that could be created. So secret secrets is not what you think it is. Now you could encrypt your container and pass in a secret to decrypt, your content. But that would not make it safe from the reviews around the system.\nKiran: Thank you, Daniel.\nDaniel Walsh: Yeah. Yeah.\nTom Sweeney: Thanks.\nDaniel Walsh: Jennings is a hand raised. Go Jennings.\nTom Sweeney: hope to do, just\nTom Sweeney: We can go a few more minutes.\nJennings: Okay. Yeah.\nDaniel Walsh: If your questions between me and lunch, so yeah. but,\nJennings: So I have a really long question. That's really multiple questions. First, I can share that I've been using Quad lit, just on my personal home server and I've been able to deploy next cloud, using quad lit and so far. It's been running smoothly, but I do have a couple of bugs that I need to work around. One of them has to do with podman network create and When I created the issue on, the podman Github, they close that as won't fix. So I'm just trying to explore other options. I've seen this word pasta appear like on the issue boards but I've never found any documentation for it. Can anyone tell me what pasta is and is it something that I could possibly look into\nDaniel Walsh: but,\nBrent Baude: Pasta is a replacement for the current slurp. Implementation. It's claim to fame is that it's more performant.\nBrent Baude: Maybe you could paste the issue so that we can familiarize ourself with the issue.\nJennings: Yeah. I'm looking for,\nJennings: There we go. So that's the issue with podman that I have. How the On quadlet thing for me works is that this is a special repository called Next Cloud. All-in-one A little context on what Next Cloud is a self-hosted, Google Drive and this next cloud, all in one project works by speaking to the Docker Damon and creating some containers of its own. I found this pretty easy to do with quadlet and also rather elegant to do because as a System D service, the dot container file can actually specify a dependency on the podman socket. And so I'm able to just bring everything up with a system restart or as a system CTL start. But then, we get to this problem where? The application called Nextcloud Aio wants to speak to the Docker.\n01:00:00\nJennings: API and podman understands most of the things. But in counters, A Internal error with this specific issue. I wanted to create a workaround in next Cloud Aio, but they just shot down my PR as well.\nChristopher Evich: I was exploring that the other day and I saw that there's a little blurb on their website. That basically says that they don't want to support Pod man because of differences with the docker API. They don't enumerate what those differences are which is not helpful.\nBrent Baude: What is the difference?\nChristopher Evich: We don't know, It just says Next Cloud. Aio does not currently support podman due to differences with the Docker API. it's very generic like that.\nBrent Baude: Is that what you're seeing Jennings?\nJennings: The API is the same but the behavior is different. So you can make the proper API call but it's not going to work because of this. Issue with Slurp and I'm not sure if it's truly something like that I can't figure out or whether or not, it's been closed by won't fix erroneously.\nBrent Baude: Paul's not here to speak for himself so I'm not going to speculate He's one.\nMatt Heon: I can.\nBrent Baude: Smart cookie.\nMatt Heon: I can say it on the sprint. This is mostly internal database stuff there are,\u2026\nBrent Baude: Yep.\nMatt Heon: it's an accounting thing, where the sloper knit in this net mode doesn't allow for a list of networks.\nMatt Heon: I think it's definitely fixable but this is refactor stuff that will probably go along with the rewrite for pasta. So I don't think it's fixed by pasta, but I do think that we're actively working on this bit of code as part of the posture transition.\nBrent Baude: And all is working on that presently. So, we could take a note to follow up with Paul.\nBrent Baude: To see if that's something. He can consider. Is that what your sort of suggesting Matt?\nBrent Baude: And he's in Germany. So he's on PTO today. There's a holiday.\nChristopher Evich: It seems like it would be useful for us to get details from the next Cloud people. What exactly in the API is not matching because there's my understanding as we want to try to have problem and be close.\nChristopher Evich: So, if it's\nJennings: To try to save you from that conversation. I'm pretty sure what they just mean. Is they are Skeptical and it's more work for them to maintain something that is somewhat niche in their community right now.\nChristopher Evich: Yeah. Yeah.\nJennings: Everyone's happy just running docker, as the root user and they make rootless locker, a special case as well. And then podman is a special case of a special case. And they just don't have the manpower to tease out these tiny little bugs that are different between docker and podman. So this issue that I created on the podman repository it does seem like a difference or broken feature parity to me because it's very easy to reproduce but I can see that this is also just a very rare edge case since trying to join in existing container to a existing network. Isn't something that most people will do very often\nDaniel Walsh: Then.\nJennings: if we do have a solution for this bug, down the road, after a pasta rework and then after some more effort on this issue, then, I would say This bug is the last thing that's kind of blocking specifically mixed cloud aio from working with Quad lit in a very elegant way. so, If this issue is at a result, then I would probably be able to contribute to the next Repository just the set of quality files that I used to bring everything up and it'll be a seamless experience for other people to try.\n01:05:00\nChristopher Evich: Or a blog article would be good.\nJennings: Yeah. the next cloud Aio Maintainer invited me to write a wiki page. I haven't, really once again, things work out of the box. So, long as you work around this one bug by just changing, two lines of source code.\nTom Sweeney: All right, I think I'm going to wrap up here just due to time. Jennings is there anything else that we can do at the moment or for you or help you with this? Or just continue on the bus.\nBrent Baude: Let's try to circle back, Jennings. Are you on discord or IRC or something? Where we can circle back to you later in the week?\nJennings: I am on the Matrix channel.\nBrent Baude: Okay, great.\nTom Sweeney: As Jennings.\nTom Sweeney: Sounds good. Any other last questions before we wrap up for today?\nTom Sweeney: Okay, I'll just throw up the reminders for upcoming meetings. We are December 5th for the community meeting here. Our next cabal meetings coming up in just a few weeks. That will be on Thursday October 19th. And that too. Is that 11 am? And as a reminder, that will be our last Cavali meeting will be moving those As of November the third Tuesday of the month there, And with that, I am going to thank everybody and our presenters, especially, and the folks that ask questions and we're going to stop recording here. Yes.\nBrent Baude: I'm just if I can before you hang her up, could the FreeBSD folks and at least Matt stick around.\nMatt Heon: Sure.\nMeeting ended after 01:06:41 \ud83d\udc4b\n")))}gi.isMDXComponent=!0;const yi=function(e){let{cards:t}=e,n=[],a=[];const[o,i]=(0,Z.useState)(!1),[s,r]=(0,Z.useState)(void 0),[l,h]=(0,Z.useState)(void 0),d=[(0,Z.useRef)(),(0,Z.useRef)()],u=(0,Z.useRef)();var m,c;m=u,c=()=>i(!1),(0,Z.useEffect)((()=>{const e=e=>{m?.current?.contains(e.target)||c(e)};return document.addEventListener("mousedown",e),document.addEventListener("touchstart",e),()=>{document.removeEventListener("mousedown",e),document.removeEventListener("touchstart",e)}}),[m,c]);const p=function(){for(var e=arguments.length,t=new Array(e),n=0;ni(!1)},Z.createElement(me,null)))),i(!0)};function g(e){const{meeting_minutes:t,meeting_recording:n,date:a}=e;return Z.createElement("div",{className:"inline-flex justify-around bg-white px-8 py-1 dark:bg-gray-700 dark:shadow-none"},Z.createElement("h3",{className:"flex-1 pl-1 text-base text-gray-700 dark:text-gray-50"},a),Z.createElement("a",{className:"flex-1 no-underline hover:no-underline",href:n?.link},n?.text),Z.createElement("a",{onClick:()=>{p(t,a)},className:"cursor-pointer"},t?.text))}Object.values(K)?.forEach((e=>{let t=e?.default((0,Z.useRef)());t?.props?.children?.forEach((o=>{let i=o?.props?.children[0],s=o?.props?.children[1];"string"==typeof i&&(i.includes("BlueJeans")||i.includes("Video"))&&(e?.contentTitle?.includes("Cabal")?n.unshift({date:(e?.toc?.[0]?.value).split(/[0-9]{2}:[0-9]{2}/)[0],meeting_minutes:{markDown:t,modalHeaderData:e.contentTitle,text:"Meeting Minutes"},meeting_recording:{link:s?.props?.href,text:"Watch Recording"}}):a.unshift({date:(e?.toc?.[0]?.value).split(/[0-9]{2}:[0-9]{2}/)[0],meeting_minutes:{markDown:t,modalHeaderData:e.contentTitle,text:"Meeting Minutes"},meeting_recording:{link:s?.props?.href,text:"Watch Recording"}}))}))}));let y=[],k=[];for(let w=0;w<2;w++){let e=a.shift();y.push({date:e?.date,icon:"film-icon",buttons:[{path:e?.meeting_recording?.link,text:e?.meeting_recording?.text},{...e?.meeting_minutes}]}),e=n.shift(),k.push({date:e?.date,icon:"film-icon",buttons:[{path:e?.meeting_recording?.link,text:e?.meeting_recording?.text},{...e?.meeting_minutes}]})}return Z.createElement("div",{className:"justify-content-center align-items-center custom-card-grid-root flex"},t.map(((e,t)=>{let i=1==t?k:y;return Z.createElement("div",{key:`card-container-${t}`,className:"align-items-center card-container mb-4 flex flex-1 flex-col flex-wrap justify-center transition duration-150 ease-linear lg:mb-6"},Z.createElement(he,{key:`custom-card-${t}`,title:e?.title,subtitle:e?.date,details:e?.timeZone,text:e?.subtitle,data:e?.buttons,primary:!0}),Z.createElement(te.Z,{title:"",description:"Most Recent meetings",textGradientStops:"from-purple-500 to-purple-700 dark:text-purple-500",textGradient:!1}),Z.createElement(de,{key:`subcard-grid-${t}`,cards:i,toggleIsModalOpen:p}),Z.createElement(ue,{options:(r=1==t?[...n]:[...a],r.map((e=>Z.createElement(g,e)))),dropdownRef:d[t],text:"Older meeting details"}),Z.createElement("dialog",{className:"bg-stone-200 w-90-screen h-80-screen fixed top-20 z-50 max-h-screen w-fit border-4 border-purple-100",open:o,ref:u},Z.createElement("div",{className:"modal-content flex flex-col"},s,Z.createElement("div",{className:"md-wrapper overflow-y-auto scrollbar-thin scrollbar-track-gray-100 scrollbar-thumb-gray-300 dark:bg-gray-700 dark:text-gray-50 dark:shadow-none"},l))));var r})))};const ki=function(e){const{title:t,subtitle:n,button:a}=e;return Z.createElement("article",{className:" my-4 flex max-w-xs flex-col justify-between"},Z.createElement("h4",{className:"text-gray-700"},t),Z.createElement($.Z,{text:n,styles:"mb-4 mt-2 w-[198px] md:w-64"}),Z.createElement(oe.Z,(0,Q.Z)({outline:!0,as:"link"},a)))};const wi=function(){const e=new Date,t=[e.toLocaleString("en-US",{timeZone:"Europe/Paris",hour:"numeric",minute:"numeric",hour12:!1}),Intl.DateTimeFormat("en-US",{timeZone:"Europe/Paris",timeZoneName:"long"}).format().split(",")[1]],n=[e.toLocaleString("en-US",{timeZone:"America/New_York",hour:"numeric",minute:"numeric",hour12:!1}),Intl.DateTimeFormat("en-US",{timeZone:"America/New_York",timeZoneName:"long"}).format().split(",")[1]];return Z.createElement("article",{className:"mb-10 max-w-lg rounded-lg bg-aqua shadow-md dark:bg-purple-900"},Z.createElement("div",{className:"m-4 grid grid-cols-2 gap-x-4 lg:m-8"},Z.createElement("div",{className:"col-span-full mb-5 text-center"},Z.createElement("h3",{className:"font-bold text-gray-300 dark:text-gray-100"},"Current Time")),Z.createElement("div",{className:"text-center"},Z.createElement("h4",{className:"mb-2 text-3xl font-extrabold text-purple-500 dark:text-gray-100"},t[0]),Z.createElement("p",{className:"w-40 font-bold text-blue-900"},t[1])),Z.createElement("div",{className:"text-center"},Z.createElement("h4",{className:"mb-2 text-3xl font-extrabold text-purple-500 dark:text-gray-100"},n[0]),Z.createElement("p",{className:"w-40 font-bold text-blue-900"},n[1]))))};const fi=function(e){let{title:t,text:n,darkBg:a="dark:bg-purple-900"}=e;return Z.createElement("aside",{className:`rounded-lg bg-aqua ${a} max-w-lg px-6 py-8 text-gray-700 shadow-xl dark:shadow-md dark:shadow-gray-900`},Z.createElement("h4",{className:"mx-auto mb-2 max-w-md font-bold dark:text-gray-50"},t),Z.createElement("p",{className:"mx-auto max-w-md dark:text-gray-100"},n))};var bi=n(37528);const vi=function(e){let{text:t,path:n,icon:a,image:o,textLogo:i}=e;return Z.createElement("a",{href:n,className:"mx-auto flex flex-col items-center text-center"},Z.createElement("div",{className:"max-w-fit rounded-full bg-white p-8 shadow-sm dark:bg-gray-900"},a?Z.createElement(X.JO,{icon:a,className:"text-5xl"}):i?Z.createElement("span",{className:"block py-2 font-display text-4xl font-extrabold"},i):Z.createElement("img",{src:o.path,alt:o.alt,className:"w-16"})),Z.createElement("span",{className:"underline-offset-6 duration-149 mt-4 block text-blue-700 underline transition ease-linear hover:text-blue-900"},t))};var Mi=n(4544),Ii=n(92074),Ai=n(86547);const Ti="Community",Si="We want your feedback, issues, patches, and involvement in the development of Podman. **Chat** with us on Slack, IRC, or on our **mailing list**. Submit **issues & pull requests** (see our [CONTRIBUTING guide](https://github.com/containers/podman/blob/main/CONTRIBUTING.md) on how.) Participate in one of our twice-monthly community meetings. You are welcome in our community!",Ci={text:"To help ensure all feel welcome in the Podman community, we expect all who participate to adhere to our [Code of Conduct](https://github.com/containers/common/blob/main/CODE-OF-CONDUCT.md)",icon:"fa6-regular:handshake"},Ni={title:"Chat with the Podman community",subtitle:"The Podman developers are generally around during CEST and Eastern Time business hours, so please be patient if you\u2019re in another time zone!",links:[{text:"#podman:matrix.org",path:"https://matrix.to/#/#podman:fedoraproject.org",image:{path:"logos/raw/element-56w-59h.png",alt:"Element Matrix Logo"}},{text:"#podman on libera.chat",path:"https://web.libera.chat/#podman-desktop",textLogo:"IRC"},{text:"Podman GitHub Discussions",path:"https://github.com/containers/podman/discussions",image:{path:"vectors/raw/github.svg",alt:"GitHub Logo"}},{text:"Podman Discord",path:"https://discord.gg/vwpj7K6gW5",icon:"logos:discord-icon"},{text:"Slack",path:"https://slack.k8s.io/",icon:"logos:slack-icon"}]},Di={title:"Podman Community Meetings",subtitle:"Many of the maintainers for the Podman project attend both of these meetings, so it's a great chance for community members like you to ask them questions or address concerns directly. If you have a topic that you\u2019d like to propose for either meeting, please send a note to the [Mailing List]().",image:{path:"images/optimized/community-call-554w-219h.webp",alt:"An image of podman team members in a virtual meeting"},cards:[{title:"Podman Community Meeting",subtitle:"This meeting is used to show demos for or to have general discussions about Podman or other related container technologies. It is also used to make announcements about Podman and the other projects in the [Containers repository on GitHub](https://github.com/containers).",date:"**1st Tuesday** of even numbered months",timeZone:"11 AM US ET /5 PM CET",buttons:[{text:"Join Meeting",path:Ai.wz},{text:"Meeting Agenda",path:"https://hackmd.io/fc1zraYdS0-klJ2KJcfC7w"}]},{title:"Podman Community Cabal",subtitle:"The focus of the cabal meeting is the planning and discussion of possible future changes to Podman or the [related Containers projects](https://github.com/containers) and discussing any outstanding issues that might need solving.",date:"**3rd Thursday** every month",timeZone:"11 AM US ET /5 PM CET",buttons:[{text:"Join Meeting",path:Ai.wz},{text:"Meeting Agenda",path:"https://hackmd.io/gQCfskDuRLm7iOsWgH2yrg?both"}]}]},Pi={title:"Mailing List",subtitle:"The Podman Mailing list is available for your questions, concerns or comments about Podman.",browseInfo:{title:"Browse the mailing list",subtitle:"Simply visit [the Podman mailing list website](https://lists.podman.io/) to browse or search previous postings to the Podman mailing list."},subscribeInfo:{title:"Subscribe or post to the mailing list",subtitle:"Simply visit [the Podman mailing list website](https://lists.podman.io/) to browse or search previous postings to the Podman mailing list.",description:"Regardless of which method you use, a confirmation email will be sent to you. After you reply back to that confirmation email, you'll then be able to send mail directly to podman@lists.podman.io Send an email to [podman-join@lists.podman.io](mailto:podman-join@lists.podman.io). You can then also go to [the web page](https://lists.podman.io) and manage your subscription.",options:[{title:"Option 1",subtitle:'Send an email to [podman-join@lists.podman.io](mailto:podman-join@lists.podman.io) with the word "Subscribe" in the subject.',button:{text:"Send email",path:"mailto:podman-join@lists.podman.io"}},{title:"Option 2",subtitle:'Enter your email at the bottom of [the mailing list sign up page](https://lists.podman.io/admin/lists/podman.lists.podman.io/), and hit the "Subscribe" button.',button:{text:"Sign up page",path:"https://lists.podman.io/admin/lists/podman.lists.podman.io/"}}]},extraInfo:{image:{path:"images/optimized/mailing-list-screenshot-580w-376h.webp",alt:"A screenshot of the Podman mailing list home screen."},note:{title:"Please note:",text:"If you have a bug that you\u2019d like to report, it\u2019s best to report it here by creating a \u201cNew issue\u201d rather than sending an email to the list."}}},xi=[{title:"Submitting Issues & Pull Requests",subtitle:"The following is a quick cheat-sheet of sorts on how to submit issues and pull requests to the Podman project. For the most up-to-date and more comprehensive information, please take a look at [CONTRIBUTING.md](https://github.com/containers/common/blob/main/CONTRIBUTING.md) in the Podman repo."},{title:"Submitting Issues",subtitle:"Don't include private / sensitive info in issues!",sections:[{text:"**Before reporting an issue**, [check our backlog of open issues](https://github.com/containers/podman/issues) to see if someone else has already reported it. If so:",checkList:["Feel free to add your scenario, or additional information, to the discussion.","Subscribe to the issue to be notified when it is updated."],button:{text:"Check Open Issues",links:[{text:"Check open Podman issues",path:"https://github.com/containers/podman/issues"},{text:"Check open Podman Desktop issues",path:"https://github.com/containers/podman-desktop/issues"},{text:"Check open Buildah issues",path:"https://github.com/containers/buildah/issues"},{text:"Check open Skopeo issues",path:"https://github.com/containers/skopeo/issues"},{text:"Check open Cri-o issues",path:"https://github.com/cri-o/cri-o/issues"}]}},{text:"**If you find a new issue**, we'd love to hear about it! The most important aspect of a bug report is that it includes enough information for us to reproduce it. So, please:",checkList:["Include as much detail as possible","Try to remove any extra stuff that doesn't really relate to the issue itself"],button:{text:"File a New Issue",links:[{text:"File a new Podman issue",path:"https://github.com/containers/podman/issues/new/choose"},{text:"File a new Podman Desktop issue",path:"https://github.com/containers/podman-desktop/issues/new/choose"},{text:"File a new Buildah issue",path:"https://github.com/containers/buildah/issues/new/choose"},{text:"File a new Skopeo issue",path:"https://github.com/containers/skopeo/issues/new/choose"},{text:"File a new Cri-o issue",path:"https://github.com/cri-o/cri-o/issues"}]}}]},{title:"Submitting Pull Requets",subtitle:"No Pull Request (PR) is too small! Typos, additional comments in the code, new test cases, bug fixes, new features, more documentation, **...it's all welcome!** ",description:['While bug fixes can first be identified via an "issue", that is not required. It\'s ok to just open up a PR with the fix, but make sure you include the same information you would have included in an issue - like how to reproduce it.',"PRs for new features should include some background on what use cases the new code is trying to address. When possible and when it makes sense, try to break-up larger PRs into smaller ones - it's easier to review smaller code changes. But only if those smaller ones make sense as stand-alone PRs. Regardless of the type of PR, all PRs should include:"],checkList:["Well-documented code changes.","Additional testcases. Ideally m they should fail w/o your code change applied.","Documentation changes."],button:{text:"More PR Submission Details",path:"https://github.com/containers/podman/blob/main/CONTRIBUTING.md#submitting-pull-requests"}}],Bi=()=>{const e=Ni.links.map((e=>e));return Z.createElement("ul",{className:"mb-12 flex flex-wrap items-end justify-around gap-8 lg:gap-16"},e.map(((e,t)=>Z.createElement("li",{key:t},Z.createElement(vi,e)))))},Ei=()=>Z.createElement("section",{className:"bg-gray-50 dark:bg-gradient-to-t dark:from-gray-700 dark:via-gray-900 dark:to-gray-900 "},Z.createElement(te.Z,{textGradient:!0,title:Ni.title}),Z.createElement("div",{className:"mx-4 mt-8 flex flex-wrap justify-around gap-4 sm:mx-8 lg:mx-auto lg:mt-16 lg:max-w-6xl"},Z.createElement("div",{className:""},Z.createElement("p",{className:"max-w-sm text-center text-gray-700 md:max-w-md md:text-start lg:max-w-xl"},Ni.subtitle)),Z.createElement(wi,null)),Z.createElement("div",{className:"container pt-12 lg:pt-20"},Z.createElement(Bi,null)),Z.createElement(Ii.Z,null)),Wi=()=>Z.createElement("section",{className:"bg-gradient-to-b from-white via-gray-50 to-gray-100 pb-8 dark:from-gray-900 dark:to-gray-900"},Z.createElement("div",{className:"container flex flex-col"},Z.createElement(te.Z,{title:Di.title,description:Di.subtitle,textGradientStops:"from-purple-500 to-purple-700 dark:text-purple-500",textGradient:!0}),Z.createElement("img",{src:Di.image.path,alt:Di.image.alt,className:"order-first mx-auto object-cover lg:max-w-lg"}),Z.createElement(yi,{cards:Di.cards}))),ji=()=>Z.createElement("section",null,Z.createElement("div",{className:"container grid gap-4 lg:grid-cols-2"},Z.createElement(te.Z,{title:Pi.title,description:Pi.subtitle,layout:"col-span-full",textColor:"dark:text-blue-700"}),Z.createElement("section",{className:"container mb-8"},Z.createElement("h3",{className:"mb-2 font-medium text-purple-700 dark:text-purple-500"},Pi.browseInfo.title),Z.createElement("p",{className:"max-w-prose text-gray-500"},Pi.browseInfo.subtitle)),Z.createElement("section",{className:"container mb-8"},Z.createElement("h3",{className:"mb-2 font-medium text-purple-700 dark:text-purple-500"},Pi.subscribeInfo.title),Z.createElement($.Z,{text:Pi.subscribeInfo.subtitle,styles:"max-w-prose "}),Z.createElement("div",{className:"flex flex-wrap gap-6"},Pi.subscribeInfo.options.map(((e,t)=>Z.createElement(ki,(0,Q.Z)({},e,{key:t}))))),Z.createElement("div",{className:"my-4 max-w-prose"},Z.createElement($.Z,{text:Pi.subscribeInfo.description}))),Z.createElement("section",{className:"mb-8 lg:col-start-2 lg:row-span-2 lg:row-start-2"},Z.createElement("div",null,Z.createElement("img",{src:Pi.extraInfo.image.path,alt:Pi.extraInfo.image.alt,className:"w-full object-cover"})),Z.createElement("div",{className:"ml-8 xl:ml-10"},Z.createElement(fi,{title:Pi.extraInfo.note.title,text:Pi.extraInfo.note.text}))))),Li=()=>Z.createElement("section",{className:"max-w-lg rounded-md bg-white px-10 pt-10 shadow-lg dark:bg-gray-900"},Z.createElement("header",{className:"mb-10"},Z.createElement("h3",{className:"mb-4 text-center text-blue-700 dark:text-blue-500"},xi[1].title),Z.createElement("div",{className:"bg-blue-100/25 px-3 py-2"},Z.createElement("p",{className:"flex items-center gap-2 rounded-md"},Z.createElement(X.JO,{icon:"fa-solid:exclamation-circle",className:"text-purple-700"}),Z.createElement("span",null,xi[1].subtitle)))),Z.createElement("div",null,xi[1].sections.map(((e,t)=>{return Z.createElement("div",{key:t,className:"mb-12"},Z.createElement($.Z,{text:e.text}),Z.createElement("ul",{className:"mb-8 ml-5 mt-4 list-disc"},e.checkList.map(((e,t)=>Z.createElement("li",{key:t},e)))),Z.createElement(Mi.Z,{text:e.button.text,option:(n=e.button.links,Z.createElement("div",{className:"rounded-md p-4 shadow-md"},Z.createElement("ul",null,n.map(((e,t)=>Z.createElement("li",{className:"my-2 rounded-md px-2 transition duration-150 ease-linear hover:bg-purple-700 hover:text-white"},Z.createElement("a",{href:e.path,className:" w-full hover:text-white hover:no-underline"},e.text)))))))}));var n})))),Hi=()=>Z.createElement("section",{className:"max-w-lg rounded-md bg-white p-10 shadow-lg dark:bg-gray-900"},Z.createElement("header",{className:"mx-auto mb-10"},Z.createElement("h3",{className:"mb-3 text-center text-blue-700 dark:text-blue-500"},xi[2].title),Z.createElement($.Z,{text:xi[2].subtitle})),Z.createElement("div",null,xi[2].description.map(((e,t)=>Z.createElement("p",{key:t,className:"my-3"},e))),Z.createElement("ul",{className:"my-4 ml-5 list-disc"},xi[2].checkList.map(((e,t)=>Z.createElement("li",{key:t},e)))),Z.createElement(oe.Z,{as:"link",outline:!0,text:xi[2].button.text}))),Ri=()=>Z.createElement("section",{className:"bg-gradient-to-b from-gray-50 to-gray-100 dark:from-gray-900 dark:via-blue-900 dark:to-purple-900"},Z.createElement(te.Z,{title:xi[0].title,description:xi[0].subtitle,textGradientStops:"from-purple-500 to-purple-700 dark:text-blue-700",textGradient:!0}),Z.createElement("div",{className:"mx-auto mb-20 mt-16 flex flex-wrap justify-center gap-20 px-8 lg:container"},Z.createElement(Li,null),Z.createElement(Hi,null)));const Oi=function(){return Z.createElement(_.Z,null,Z.createElement(ee.Z,{title:Ti,description:Si}),Z.createElement(bi.Z,{description:Ci.text,icon:Ci.icon,styles:"bg-purple-500 dark:bg-purple-700 text-white"}),Z.createElement(Ei,null),Z.createElement(Wi,null),Z.createElement(ji,null),Z.createElement(Ri,null),Z.createElement(ae,null))}},86547:(e,t,n)=>{n.d(t,{_o:()=>o,kq:()=>a,wz:()=>s,yw:()=>i});const a="4.7.1",o="1.4.0",i="https://podman-desktop.io/blog/podman-desktop-release-1.4",s="https://meet.google.com/xrq-uemd-bzy"},31976:(e,t,n)=>{n.d(t,{Z:()=>a});const a=n.p+"assets/files/Podman_and_MinIO_RH_Webniar-c67aa1a014e2cc8f0cafbed016d26a56.pdf"},18064:(e,t,n)=>{n.d(t,{Z:()=>a});const a=n.p+"assets/files/Podman_in_the_Edge-15a870660e3632b751765efbc3f5ff3b.pdf"},87903:(e,t,n)=>{n.d(t,{Z:()=>a});const a=n.p+"assets/files/Time_To_Merge_Tool-9a9d827b0b8a73df826d96926f35b850.pdf"},1382:(e,t,n)=>{n.d(t,{Z:()=>a});const a=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/5b09d46c.cc2429d6.js b/assets/js/5b09d46c.09dcdde4.js similarity index 90% rename from assets/js/5b09d46c.cc2429d6.js rename to assets/js/5b09d46c.09dcdde4.js index 73b68eeb4..47cbf957d 100644 --- a/assets/js/5b09d46c.cc2429d6.js +++ b/assets/js/5b09d46c.09dcdde4.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[11697],{77131:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/blogs/tags/podman","allTagsPath":"/blogs/tags","count":190}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[11697],{77131:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/blogs/tags/podman","allTagsPath":"/blogs/tags","count":181}')}}]); \ No newline at end of file diff --git a/assets/js/5b418dd2.1a33af0c.js b/assets/js/5b418dd2.1a33af0c.js new file mode 100644 index 000000000..58e36c49f --- /dev/null +++ b/assets/js/5b418dd2.1a33af0c.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[50598],{3905:(e,t,n)=>{n.d(t,{Zo:()=>m,kt:()=>h});var a=n(67294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var l=a.createContext({}),p=function(e){var t=a.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},m=function(e){var t=p(e.components);return a.createElement(l.Provider,{value:t},e.children)},c="mdxType",d={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},u=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,o=e.originalType,l=e.parentName,m=s(e,["components","mdxType","originalType","parentName"]),c=p(n),u=r,h=c["".concat(l,".").concat(u)]||c[u]||d[u]||o;return n?a.createElement(h,i(i({ref:t},m),{},{components:n})):a.createElement(h,i({ref:t},m))}));function h(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var o=n.length,i=new Array(o);i[0]=u;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s[c]="string"==typeof e?e:r,i[1]=s;for(var p=2;p{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>d,frontMatter:()=>o,metadata:()=>s,toc:()=>p});var a=n(87462),r=(n(67294),n(3905));const o={title:"Podman v3.3.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman","hpc","kubernetes"]},i="Podman Release v3.3.0",s={permalink:"/release/2021/08/31/podman-release-v3.3.0",source:"@site/release/2021-08-31-podman-release-v3.3.0.md",title:"Podman v3.3.0 Released",description:"podman logo",date:"2021-08-31T00:00:00.000Z",formattedDate:"August 31, 2021",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"},{label:"hpc",permalink:"/release/tags/hpc"},{label:"kubernetes",permalink:"/release/tags/kubernetes"}],readingTime:1.695,hasTruncateMarker:!1,authors:[{name:"mheon"}],frontMatter:{title:"Podman v3.3.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman","hpc","kubernetes"]},prevItem:{title:"Podman v4.0.0 Released",permalink:"/release/2022/02/22/podman-release-v4.0.0"},nextItem:{title:"Podman v3.1.0 Released",permalink:"/release/2021/04/02/podman-release-v3.1.0"}},l={authorsImageUrls:[void 0]},p=[{value:"Podman 3.3 has been released!",id:"podman-33-has-been-released",level:2}],m={toc:p},c="wrapper";function d(e){let{components:t,...o}=e;return(0,r.kt)(c,(0,a.Z)({},m,o,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("p",null,(0,r.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,r.kt)("h2",{id:"podman-33-has-been-released"},"Podman 3.3 has been released!"),(0,r.kt)("p",null,"A new Podman release is available, featuring a number of exciting new features, including improved support for running Podman on OS X, support for restarting containers after a system restart, improved support for checkpointing and restoring containers, and 60 bug fixes and stability improvements. Read on for more details!"),(0,r.kt)("p",null,"Podman\u2019s support for running on non-Linux operating systems via the ",(0,r.kt)("inlineCode",{parentName:"p"},"podman machine")," command continues to improve in v3.3.0. When containers are run inside a virtual machine created by ",(0,r.kt)("inlineCode",{parentName:"p"},"podman machine"),", port forwarding from the host to the container is now supported - that is, a container that forwards port 8080 on the host to port 80 in the container will now be accessible not just from port 8080 in the Podman-managed virtual machine, but also from port 8080 on the host system. Stability also continues to improve, with many fixes being made to both ",(0,r.kt)("inlineCode",{parentName:"p"},"podman machine")," itself and the remote Podman client."),(0,r.kt)("p",null,"Podman now supports restarting containers created with the ",(0,r.kt)("inlineCode",{parentName:"p"},"--restart")," option after the system is rebooted. Containers created with ",(0,r.kt)("inlineCode",{parentName:"p"},"--restart=always")," can be automatically started when the system boots if the ",(0,r.kt)("inlineCode",{parentName:"p"},"podman-restart.service")," systemd unit is enabled. Our main focus continues to be on managing containers directly with systemd via ",(0,r.kt)("inlineCode",{parentName:"p"},"podman generate systemd"),", which has always allowed containers to be automatically started after boot and provides greater flexibility than the ",(0,r.kt)("inlineCode",{parentName:"p"},"--restart")," option, but the addition of ",(0,r.kt)("inlineCode",{parentName:"p"},"podman-restart.service")," will be useful for those seeking improved compatibility with Docker. The ",(0,r.kt)("inlineCode",{parentName:"p"},"podman generate systemd")," command also saw several improvements, and will not default to using SDNotify instead of PID files, producing smaller and easier-to-understand unit files."),(0,r.kt)("p",null,"Support for checkpoint and restoring containers has seen several new additions, most notably the ability to checkpoint and restore containers that are part of pods. Additionally, when restoring containers, you can now alter what ports the container publishes via the ",(0,r.kt)("inlineCode",{parentName:"p"},"--publish")," option. Together, these greatly increase the flexibility of checkpoint and restore."),(0,r.kt)("p",null,"This release also includes numerous other changes, features, and fixes. Find out more in the ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/releases/tag/v3.3.0"},"release notes"),"."))}d.isMDXComponent=!0},1382:(e,t,n)=>{n.d(t,{Z:()=>a});const a=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/5f058c77.afe19ca7.js b/assets/js/5f058c77.b7ec0bb3.js similarity index 59% rename from assets/js/5f058c77.afe19ca7.js rename to assets/js/5f058c77.b7ec0bb3.js index f0c08e4bf..0dc283b96 100644 --- a/assets/js/5f058c77.afe19ca7.js +++ b/assets/js/5f058c77.b7ec0bb3.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[62024],{37845:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/21","page":21,"postsPerPage":10,"totalPages":26,"totalCount":255,"previousPage":"/blogs/page/20","nextPage":"/blogs/page/22","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[62024],{37845:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/21","page":21,"postsPerPage":10,"totalPages":25,"totalCount":246,"previousPage":"/blogs/page/20","nextPage":"/blogs/page/22","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/5f2498b2.2f8aefea.js b/assets/js/5f2498b2.348aab8f.js similarity index 90% rename from assets/js/5f2498b2.2f8aefea.js rename to assets/js/5f2498b2.348aab8f.js index 89e570ee2..426b966bf 100644 --- a/assets/js/5f2498b2.2f8aefea.js +++ b/assets/js/5f2498b2.348aab8f.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[80009],{80681:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/blogs/tags/podman","allTagsPath":"/blogs/tags","count":190}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[80009],{80681:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/blogs/tags/podman","allTagsPath":"/blogs/tags","count":181}')}}]); \ No newline at end of file diff --git a/assets/js/62314bb1.d0d1a670.js b/assets/js/62314bb1.d0d1a670.js new file mode 100644 index 000000000..2dad01e15 --- /dev/null +++ b/assets/js/62314bb1.d0d1a670.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[10623],{3905:(e,t,n)=>{n.d(t,{Zo:()=>i,kt:()=>f});var r=n(67294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},i=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},u="mdxType",m={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,s=e.parentName,i=p(e,["components","mdxType","originalType","parentName"]),u=c(n),d=a,f=u["".concat(s,".").concat(d)]||u[d]||m[d]||o;return n?r.createElement(f,l(l({ref:t},i),{},{components:n})):r.createElement(f,l({ref:t},i))}));function f(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,l=new Array(o);l[0]=d;var p={};for(var s in t)hasOwnProperty.call(t,s)&&(p[s]=t[s]);p.originalType=e,p[u]="string"==typeof e?e:a,l[1]=p;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>l,default:()=>m,frontMatter:()=>o,metadata:()=>p,toc:()=>c});var r=n(87462),a=(n(67294),n(3905));const o={title:"Podman Alpha version 0.8.1 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},l=void 0,p={permalink:"/release/2018/08/08/podman-alpha-v0.8.1",source:"@site/release/2018-08-08-podman-alpha-v0.8.1.md",title:"Podman Alpha version 0.8.1 Release Announcement",description:"podman logo",date:"2018-08-08T00:00:00.000Z",formattedDate:"August 8, 2018",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"}],readingTime:.725,hasTruncateMarker:!0,authors:[{name:"bbaude"}],frontMatter:{title:"Podman Alpha version 0.8.1 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman Alpha version 0.8.3 Release Announcement",permalink:"/release/2018/08/20/podman-alpha-v0.8.3"},nextItem:{title:"Podman Alpha version 0.7.2 Release Announcement",permalink:"/release/2018/07/16/podman-alpha-v0.7.2"}},s={authorsImageUrls:[void 0]},c=[],i={toc:c},u="wrapper";function m(e){let{components:t,...o}=e;return(0,a.kt)(u,(0,r.Z)({},i,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,a.kt)("h1",{id:"podman-release-081"},"Podman release 0.8.1"),(0,a.kt)("p",null,"Our latest podman release turned out to be a lot of internal plumbing. We had more than 50 commits but most were tweaks that most users would not notice. So I don\u2019t have a singular, hot feature to point you at."))}m.isMDXComponent=!0},1382:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/649093c4.5676800a.js b/assets/js/649093c4.54cbb85a.js similarity index 79% rename from assets/js/649093c4.5676800a.js rename to assets/js/649093c4.54cbb85a.js index b09e34318..472a6fdc8 100644 --- a/assets/js/649093c4.5676800a.js +++ b/assets/js/649093c4.54cbb85a.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[45007],{67787:a=>{a.exports=JSON.parse('{"permalink":"/blogs/tags/podman/page/19","page":19,"postsPerPage":10,"totalPages":19,"totalCount":190,"previousPage":"/blogs/tags/podman/page/18","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[45007],{67787:a=>{a.exports=JSON.parse('{"permalink":"/blogs/tags/podman/page/19","page":19,"postsPerPage":10,"totalPages":19,"totalCount":181,"previousPage":"/blogs/tags/podman/page/18","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/659dff9c.6ed347a2.js b/assets/js/659dff9c.6ed347a2.js new file mode 100644 index 000000000..b35a45050 --- /dev/null +++ b/assets/js/659dff9c.6ed347a2.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[99397],{3905:(e,n,t)=>{t.d(n,{Zo:()=>m,kt:()=>h});var a=t(67294);function r(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function o(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);n&&(a=a.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,a)}return t}function s(e){for(var n=1;n=0||(r[t]=e[t]);return r}(e,n);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(r[t]=e[t])}return r}var l=a.createContext({}),p=function(e){var n=a.useContext(l),t=n;return e&&(t="function"==typeof e?e(n):s(s({},n),e)),t},m=function(e){var n=p(e.components);return a.createElement(l.Provider,{value:n},e.children)},c="mdxType",d={inlineCode:"code",wrapper:function(e){var n=e.children;return a.createElement(a.Fragment,{},n)}},u=a.forwardRef((function(e,n){var t=e.components,r=e.mdxType,o=e.originalType,l=e.parentName,m=i(e,["components","mdxType","originalType","parentName"]),c=p(t),u=r,h=c["".concat(l,".").concat(u)]||c[u]||d[u]||o;return t?a.createElement(h,s(s({ref:n},m),{},{components:t})):a.createElement(h,s({ref:n},m))}));function h(e,n){var t=arguments,r=n&&n.mdxType;if("string"==typeof e||r){var o=t.length,s=new Array(o);s[0]=u;var i={};for(var l in n)hasOwnProperty.call(n,l)&&(i[l]=n[l]);i.originalType=e,i[c]="string"==typeof e?e:r,s[1]=i;for(var p=2;p{t.r(n),t.d(n,{assets:()=>l,contentTitle:()=>s,default:()=>d,frontMatter:()=>o,metadata:()=>i,toc:()=>p});var a=t(87462),r=(t(67294),t(3905));const o={title:"Podman v3.1.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman","hpc","kubernetes"]},s="Podman Release v3.1.0",i={permalink:"/release/2021/04/02/podman-release-v3.1.0",source:"@site/release/2021-04-02-podman-release-v3.1.0.md",title:"Podman v3.1.0 Released",description:"podman logo",date:"2021-04-02T00:00:00.000Z",formattedDate:"April 2, 2021",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"},{label:"hpc",permalink:"/release/tags/hpc"},{label:"kubernetes",permalink:"/release/tags/kubernetes"}],readingTime:1.57,hasTruncateMarker:!1,authors:[{name:"mheon"}],frontMatter:{title:"Podman v3.1.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman","hpc","kubernetes"]},prevItem:{title:"Podman v3.3.0 Released",permalink:"/release/2021/08/31/podman-release-v3.3.0"},nextItem:{title:"Podman v3.0.0 Released",permalink:"/release/2021/02/11/podman-release-v3.0.0"}},l={authorsImageUrls:[void 0]},p=[{value:"Podman 3.1 has been released!",id:"podman-31-has-been-released",level:2}],m={toc:p},c="wrapper";function d(e){let{components:n,...o}=e;return(0,r.kt)(c,(0,a.Z)({},m,o,{components:n,mdxType:"MDXLayout"}),(0,r.kt)("p",null,(0,r.kt)("img",{alt:"podman logo",src:t(1382).Z,width:"228",height:"61"})),(0,r.kt)("h2",{id:"podman-31-has-been-released"},"Podman 3.1 has been released!"),(0,r.kt)("p",null,"The new Podman release includes a number of exciting new features, including the ",(0,r.kt)("inlineCode",{parentName:"p"},"podman secret")," command for managing secrets, support for a volume chown option to fix permissions automatically, improved support for volumes in ",(0,r.kt)("inlineCode",{parentName:"p"},"podman generate kube"),", and over 60 bug fixes, many to the HTTP API. Read on for more details!"),(0,r.kt)("p",null,"Secrets support has been a frequent request for Podman, and 3.1.0 features the first step toward fulfilling it. Secrets add a way to easily add confidential data into containers, by having Podman-managed secret files, which can easily be added to containers. We have added a suite of new commands - ",(0,r.kt)("inlineCode",{parentName:"p"},"podman secret create"),", ",(0,r.kt)("inlineCode",{parentName:"p"},"podman secret ls"),", ",(0,r.kt)("inlineCode",{parentName:"p"},"podman secret inspect"),", and ",(0,r.kt)("inlineCode",{parentName:"p"},"podman secret rm")," - to manage these secrets, and a ",(0,r.kt)("inlineCode",{parentName:"p"},"--secret")," flag to ",(0,r.kt)("inlineCode",{parentName:"p"},"podman create")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"podman run")," to mount secrets into containers. Please note that the initial implementation of secrets does not encrypt secrets at rest - look for this in an upcoming release."),(0,r.kt)("p",null,"Podman can now automatically change volume ownership to match the user a container is running as. The new ",(0,r.kt)("inlineCode",{parentName:"p"},":U")," mount option for volumes made with the ",(0,r.kt)("inlineCode",{parentName:"p"},"-v")," flag to ",(0,r.kt)("inlineCode",{parentName:"p"},"podman create")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"podman run")," will chown paths mounted into containers to ensure that the user in the container can access the volume. This is very useful with rootless containers, where the rootless user namespace can make it difficult to tell what user on the container will access a directory."),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"podman generate kube")," command can now generate ",(0,r.kt)("inlineCode",{parentName:"p"},"PersistentVolumeClaim")," volumes for Podman named volumes attached to containers. These have been supported in ",(0,r.kt)("inlineCode",{parentName:"p"},"podman play kube")," since v2.2.0, but until now, Podman has not been able to create YAML with these volumes. This important addition restores symmetry between ",(0,r.kt)("inlineCode",{parentName:"p"},"generate kube")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"play kube"),"."),(0,r.kt)("p",null,"This release also includes numerous other changes, features, and fixes. Find out more in the ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/releases/tag/v3.1.0"},"release notes"),"."))}d.isMDXComponent=!0},1382:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/6ed3fb3b.dc78444d.js b/assets/js/6ed3fb3b.f14eaf01.js similarity index 90% rename from assets/js/6ed3fb3b.dc78444d.js rename to assets/js/6ed3fb3b.f14eaf01.js index 02266b852..e43b97135 100644 --- a/assets/js/6ed3fb3b.dc78444d.js +++ b/assets/js/6ed3fb3b.f14eaf01.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[17104],{87267:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/blogs/tags/podman","allTagsPath":"/blogs/tags","count":190}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[17104],{87267:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/blogs/tags/podman","allTagsPath":"/blogs/tags","count":181}')}}]); \ No newline at end of file diff --git a/assets/js/708daa68.b6077f1b.js b/assets/js/708daa68.b6077f1b.js deleted file mode 100644 index 997dba032..000000000 --- a/assets/js/708daa68.b6077f1b.js +++ /dev/null @@ -1 +0,0 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[46779],{79132:l=>{l.exports=JSON.parse('[{"label":"containers","permalink":"/blogs/tags/containers","count":178},{"label":"podman","permalink":"/blogs/tags/podman","count":190},{"label":"networking","permalink":"/blogs/tags/networking","count":92},{"label":"pod","permalink":"/blogs/tags/pod","count":82},{"label":"api","permalink":"/blogs/tags/api","count":83},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes","count":62},{"label":"kube","permalink":"/blogs/tags/kube","count":61},{"label":"v2","permalink":"/blogs/tags/v-2","count":96},{"label":"hpc","permalink":"/blogs/tags/hpc","count":93},{"label":"windows","permalink":"/blogs/tags/windows","count":65},{"label":"mac","permalink":"/blogs/tags/mac","count":56},{"label":"community","permalink":"/blogs/tags/community","count":10},{"label":"buildah","permalink":"/blogs/tags/buildah","count":47},{"label":"skopeo","permalink":"/blogs/tags/skopeo","count":3},{"label":"ubuntu","permalink":"/blogs/tags/ubuntu","count":2},{"label":"kubic","permalink":"/blogs/tags/kubic","count":1},{"label":"macOS","permalink":"/blogs/tags/mac-os","count":1},{"label":"rootless","permalink":"/blogs/tags/rootless","count":10},{"label":"sudo","permalink":"/blogs/tags/sudo","count":8},{"label":"network","permalink":"/blogs/tags/network","count":3},{"label":"netavark","permalink":"/blogs/tags/netavark","count":2},{"label":"aardvark","permalink":"/blogs/tags/aardvark","count":2},{"label":"aardvark-dns","permalink":"/blogs/tags/aardvark-dns","count":2},{"label":"images","permalink":"/blogs/tags/images","count":47},{"label":"multiarch","permalink":"/blogs/tags/multiarch","count":2},{"label":"systemd","permalink":"/blogs/tags/systemd","count":7},{"label":"video","permalink":"/blogs/tags/video","count":5},{"label":"docker","permalink":"/blogs/tags/docker","count":47},{"label":"distro","permalink":"/blogs/tags/distro","count":1},{"label":"linux","permalink":"/blogs/tags/linux","count":4},{"label":"centos","permalink":"/blogs/tags/centos","count":1},{"label":"debian","permalink":"/blogs/tags/debian","count":1},{"label":"tent","permalink":"/blogs/tags/tent","count":2},{"label":"dependency-management","permalink":"/blogs/tags/dependency-management","count":2},{"label":"oci","permalink":"/blogs/tags/oci","count":49},{"label":"docker compose","permalink":"/blogs/tags/docker-compose","count":16},{"label":"compose","permalink":"/blogs/tags/compose","count":6},{"label":"rest","permalink":"/blogs/tags/rest","count":22},{"label":"rest-api","permalink":"/blogs/tags/rest-api","count":22},{"label":"varlink","permalink":"/blogs/tags/varlink","count":6},{"label":"github","permalink":"/blogs/tags/github","count":13},{"label":"GitLab","permalink":"/blogs/tags/git-lab","count":2},{"label":"Runner","permalink":"/blogs/tags/runner","count":2},{"label":"restful","permalink":"/blogs/tags/restful","count":2},{"label":"bindings","permalink":"/blogs/tags/bindings","count":2},{"label":"go","permalink":"/blogs/tags/go","count":5},{"label":"security","permalink":"/blogs/tags/security","count":5},{"label":"rename","permalink":"/blogs/tags/rename","count":9},{"label":"runtime","permalink":"/blogs/tags/runtime","count":13},{"label":"microsoft","permalink":"/blogs/tags/microsoft","count":6},{"label":"signing","permalink":"/blogs/tags/signing","count":1},{"label":"cri-o","permalink":"/blogs/tags/cri-o","count":1},{"label":"gpg","permalink":"/blogs/tags/gpg","count":1},{"label":"open source","permalink":"/blogs/tags/open-source","count":9},{"label":"bioinformatics","permalink":"/blogs/tags/bioinformatics","count":1},{"label":"nfs","permalink":"/blogs/tags/nfs","count":2},{"label":"crun","permalink":"/blogs/tags/crun","count":1},{"label":"seccomp","permalink":"/blogs/tags/seccomp","count":1},{"label":"bpf","permalink":"/blogs/tags/bpf","count":1},{"label":"ebpf","permalink":"/blogs/tags/ebpf","count":1},{"label":"tracing","permalink":"/blogs/tags/tracing","count":1},{"label":"syscall","permalink":"/blogs/tags/syscall","count":1},{"label":"ruby","permalink":"/blogs/tags/ruby","count":1},{"label":"rails","permalink":"/blogs/tags/rails","count":1},{"label":"ci","permalink":"/blogs/tags/ci","count":1},{"label":"automation","permalink":"/blogs/tags/automation","count":1},{"label":"test","permalink":"/blogs/tags/test","count":1},{"label":"cloud","permalink":"/blogs/tags/cloud","count":1},{"label":"rust","permalink":"/blogs/tags/rust","count":1},{"label":"python","permalink":"/blogs/tags/python","count":1},{"label":"golang","permalink":"/blogs/tags/golang","count":1},{"label":"boot2podman","permalink":"/blogs/tags/boot-2-podman","count":1},{"label":"podman+machine","permalink":"/blogs/tags/podman-machine","count":1},{"label":"openstack","permalink":"/blogs/tags/openstack","count":3}]')}}]); \ No newline at end of file diff --git a/assets/js/708daa68.c3ecb161.js b/assets/js/708daa68.c3ecb161.js new file mode 100644 index 000000000..4e26e542b --- /dev/null +++ b/assets/js/708daa68.c3ecb161.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[46779],{79132:l=>{l.exports=JSON.parse('[{"label":"containers","permalink":"/blogs/tags/containers","count":178},{"label":"podman","permalink":"/blogs/tags/podman","count":181},{"label":"networking","permalink":"/blogs/tags/networking","count":92},{"label":"pod","permalink":"/blogs/tags/pod","count":82},{"label":"api","permalink":"/blogs/tags/api","count":83},{"label":"kubernetes","permalink":"/blogs/tags/kubernetes","count":62},{"label":"kube","permalink":"/blogs/tags/kube","count":61},{"label":"v2","permalink":"/blogs/tags/v-2","count":96},{"label":"hpc","permalink":"/blogs/tags/hpc","count":93},{"label":"windows","permalink":"/blogs/tags/windows","count":65},{"label":"mac","permalink":"/blogs/tags/mac","count":56},{"label":"buildah","permalink":"/blogs/tags/buildah","count":47},{"label":"skopeo","permalink":"/blogs/tags/skopeo","count":3},{"label":"ubuntu","permalink":"/blogs/tags/ubuntu","count":2},{"label":"kubic","permalink":"/blogs/tags/kubic","count":1},{"label":"macOS","permalink":"/blogs/tags/mac-os","count":1},{"label":"rootless","permalink":"/blogs/tags/rootless","count":10},{"label":"sudo","permalink":"/blogs/tags/sudo","count":8},{"label":"network","permalink":"/blogs/tags/network","count":3},{"label":"netavark","permalink":"/blogs/tags/netavark","count":2},{"label":"aardvark","permalink":"/blogs/tags/aardvark","count":2},{"label":"aardvark-dns","permalink":"/blogs/tags/aardvark-dns","count":2},{"label":"images","permalink":"/blogs/tags/images","count":47},{"label":"multiarch","permalink":"/blogs/tags/multiarch","count":2},{"label":"systemd","permalink":"/blogs/tags/systemd","count":7},{"label":"video","permalink":"/blogs/tags/video","count":5},{"label":"docker","permalink":"/blogs/tags/docker","count":47},{"label":"distro","permalink":"/blogs/tags/distro","count":1},{"label":"linux","permalink":"/blogs/tags/linux","count":4},{"label":"centos","permalink":"/blogs/tags/centos","count":1},{"label":"debian","permalink":"/blogs/tags/debian","count":1},{"label":"tent","permalink":"/blogs/tags/tent","count":2},{"label":"dependency-management","permalink":"/blogs/tags/dependency-management","count":2},{"label":"oci","permalink":"/blogs/tags/oci","count":49},{"label":"docker compose","permalink":"/blogs/tags/docker-compose","count":16},{"label":"compose","permalink":"/blogs/tags/compose","count":6},{"label":"rest","permalink":"/blogs/tags/rest","count":22},{"label":"rest-api","permalink":"/blogs/tags/rest-api","count":22},{"label":"varlink","permalink":"/blogs/tags/varlink","count":6},{"label":"github","permalink":"/blogs/tags/github","count":13},{"label":"GitLab","permalink":"/blogs/tags/git-lab","count":2},{"label":"Runner","permalink":"/blogs/tags/runner","count":2},{"label":"restful","permalink":"/blogs/tags/restful","count":2},{"label":"bindings","permalink":"/blogs/tags/bindings","count":2},{"label":"go","permalink":"/blogs/tags/go","count":5},{"label":"security","permalink":"/blogs/tags/security","count":5},{"label":"rename","permalink":"/blogs/tags/rename","count":9},{"label":"runtime","permalink":"/blogs/tags/runtime","count":13},{"label":"microsoft","permalink":"/blogs/tags/microsoft","count":6},{"label":"signing","permalink":"/blogs/tags/signing","count":1},{"label":"cri-o","permalink":"/blogs/tags/cri-o","count":1},{"label":"gpg","permalink":"/blogs/tags/gpg","count":1},{"label":"community","permalink":"/blogs/tags/community","count":1},{"label":"open source","permalink":"/blogs/tags/open-source","count":1},{"label":"bioinformatics","permalink":"/blogs/tags/bioinformatics","count":1},{"label":"nfs","permalink":"/blogs/tags/nfs","count":2},{"label":"crun","permalink":"/blogs/tags/crun","count":1},{"label":"seccomp","permalink":"/blogs/tags/seccomp","count":1},{"label":"bpf","permalink":"/blogs/tags/bpf","count":1},{"label":"ebpf","permalink":"/blogs/tags/ebpf","count":1},{"label":"tracing","permalink":"/blogs/tags/tracing","count":1},{"label":"syscall","permalink":"/blogs/tags/syscall","count":1},{"label":"ruby","permalink":"/blogs/tags/ruby","count":1},{"label":"rails","permalink":"/blogs/tags/rails","count":1},{"label":"ci","permalink":"/blogs/tags/ci","count":1},{"label":"automation","permalink":"/blogs/tags/automation","count":1},{"label":"test","permalink":"/blogs/tags/test","count":1},{"label":"cloud","permalink":"/blogs/tags/cloud","count":1},{"label":"rust","permalink":"/blogs/tags/rust","count":1},{"label":"python","permalink":"/blogs/tags/python","count":1},{"label":"golang","permalink":"/blogs/tags/golang","count":1},{"label":"boot2podman","permalink":"/blogs/tags/boot-2-podman","count":1},{"label":"podman+machine","permalink":"/blogs/tags/podman-machine","count":1},{"label":"openstack","permalink":"/blogs/tags/openstack","count":3}]')}}]); \ No newline at end of file diff --git a/assets/js/70de5b5f.d77f07b0.js b/assets/js/70de5b5f.40ea2d58.js similarity index 90% rename from assets/js/70de5b5f.d77f07b0.js rename to assets/js/70de5b5f.40ea2d58.js index fc5ee14a2..05d8cd1b4 100644 --- a/assets/js/70de5b5f.d77f07b0.js +++ b/assets/js/70de5b5f.40ea2d58.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[32942],{58654:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/blogs/tags/podman","allTagsPath":"/blogs/tags","count":190}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[32942],{58654:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/blogs/tags/podman","allTagsPath":"/blogs/tags","count":181}')}}]); \ No newline at end of file diff --git a/assets/js/72457b75.8264ccc2.js b/assets/js/72457b75.8264ccc2.js new file mode 100644 index 000000000..551592c72 --- /dev/null +++ b/assets/js/72457b75.8264ccc2.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[64854],{84711:e=>{e.exports=JSON.parse('{"permalink":"/release/tags/open-source/page/2","page":2,"postsPerPage":10,"totalPages":3,"totalCount":25,"previousPage":"/release/tags/open-source","nextPage":"/release/tags/open-source/page/3","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/7283e440.bee4e50a.js b/assets/js/7283e440.bee4e50a.js deleted file mode 100644 index 9f624cdee..000000000 --- a/assets/js/7283e440.bee4e50a.js +++ /dev/null @@ -1 +0,0 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[60017],{3905:(e,r,t)=>{t.d(r,{Zo:()=>c,kt:()=>v});var a=t(67294);function n(e,r,t){return r in e?Object.defineProperty(e,r,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[r]=t,e}function o(e,r){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);r&&(a=a.filter((function(r){return Object.getOwnPropertyDescriptor(e,r).enumerable}))),t.push.apply(t,a)}return t}function l(e){for(var r=1;r=0||(n[t]=e[t]);return n}(e,r);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(n[t]=e[t])}return n}var i=a.createContext({}),d=function(e){var r=a.useContext(i),t=r;return e&&(t="function"==typeof e?e(r):l(l({},r),e)),t},c=function(e){var r=d(e.components);return a.createElement(i.Provider,{value:r},e.children)},p="mdxType",u={inlineCode:"code",wrapper:function(e){var r=e.children;return a.createElement(a.Fragment,{},r)}},m=a.forwardRef((function(e,r){var t=e.components,n=e.mdxType,o=e.originalType,i=e.parentName,c=s(e,["components","mdxType","originalType","parentName"]),p=d(t),m=n,v=p["".concat(i,".").concat(m)]||p[m]||u[m]||o;return t?a.createElement(v,l(l({ref:r},c),{},{components:t})):a.createElement(v,l({ref:r},c))}));function v(e,r){var t=arguments,n=r&&r.mdxType;if("string"==typeof e||n){var o=t.length,l=new Array(o);l[0]=m;var s={};for(var i in r)hasOwnProperty.call(r,i)&&(s[i]=r[i]);s.originalType=e,s[p]="string"==typeof e?e:n,l[1]=s;for(var d=2;d{t.r(r),t.d(r,{assets:()=>i,contentTitle:()=>l,default:()=>u,frontMatter:()=>o,metadata:()=>s,toc:()=>d});var a=t(87462),n=(t(67294),t(3905));const o={title:"Netavark and Aardvark-dns 1.2.0 released",layout:"default",author:"baude",categories:["releases"],tags:["community","podman"]},l="Netavark and Aardvark-dns v1.2.0 released",s={permalink:"/blogs/2022/09/28/updated-1.2.0",source:"@site/blog/2022-09-28-updated-1.2.0.md",title:"Netavark and Aardvark-dns 1.2.0 released",description:"Netavark and Aardvark-dns v1.2.0 has been released!",date:"2022-09-28T00:00:00.000Z",formattedDate:"September 28, 2022",tags:[{label:"community",permalink:"/blogs/tags/community"},{label:"podman",permalink:"/blogs/tags/podman"}],readingTime:.34,hasTruncateMarker:!0,authors:[{name:"baude"}],frontMatter:{title:"Netavark and Aardvark-dns 1.2.0 released",layout:"default",author:"baude",categories:["releases"],tags:["community","podman"]},prevItem:{title:"How Podman packaging works on Linux",permalink:"/blogs/2022/10/03/new"},nextItem:{title:"Podman v4.2.0 Released",permalink:"/blogs/2022/08/17/new"}},i={authorsImageUrls:[void 0]},d=[{value:"Netavark and Aardvark-dns v1.2.0 has been released!",id:"netavark-and-aardvark-dns-v120-has-been-released",level:2}],c={toc:d},p="wrapper";function u(e){let{components:r,...t}=e;return(0,n.kt)(p,(0,a.Z)({},c,t,{components:r,mdxType:"MDXLayout"}),(0,n.kt)("h2",{id:"netavark-and-aardvark-dns-v120-has-been-released"},"Netavark and Aardvark-dns v1.2.0 has been released!"),(0,n.kt)("p",null,"The underlying network components for Podman have been updated. This consists of two projects:"),(0,n.kt)("ul",null,(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("a",{parentName:"li",href:"https://github.com/containers/netavark/releases"},"Netavark")," - network configuration tool for Podman"),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("a",{parentName:"li",href:"https://github.com/containers/aardvark-dns/releases"},"Aardvark-dns")," - container domain name resolution server for\nPodman containers")))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/7379db51.8010c029.js b/assets/js/7379db51.07872635.js similarity index 81% rename from assets/js/7379db51.8010c029.js rename to assets/js/7379db51.07872635.js index c92a382d0..9e0517487 100644 --- a/assets/js/7379db51.8010c029.js +++ b/assets/js/7379db51.07872635.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[39781],{87574:a=>{a.exports=JSON.parse('{"permalink":"/blogs/tags/podman/page/10","page":10,"postsPerPage":10,"totalPages":19,"totalCount":190,"previousPage":"/blogs/tags/podman/page/9","nextPage":"/blogs/tags/podman/page/11","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[39781],{87574:a=>{a.exports=JSON.parse('{"permalink":"/blogs/tags/podman/page/10","page":10,"postsPerPage":10,"totalPages":19,"totalCount":181,"previousPage":"/blogs/tags/podman/page/9","nextPage":"/blogs/tags/podman/page/11","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/77a3d39e.9685b36c.js b/assets/js/77a3d39e.1ea3b510.js similarity index 90% rename from assets/js/77a3d39e.9685b36c.js rename to assets/js/77a3d39e.1ea3b510.js index 4cc8cd84f..66d60d9c4 100644 --- a/assets/js/77a3d39e.9685b36c.js +++ b/assets/js/77a3d39e.1ea3b510.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[5481],{28585:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/blogs/tags/podman","allTagsPath":"/blogs/tags","count":190}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[5481],{28585:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/blogs/tags/podman","allTagsPath":"/blogs/tags","count":181}')}}]); \ No newline at end of file diff --git a/assets/js/77d972d9.542a5298.js b/assets/js/77d972d9.542a5298.js new file mode 100644 index 000000000..7dd74b645 --- /dev/null +++ b/assets/js/77d972d9.542a5298.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[93116],{3905:(e,n,t)=>{t.d(n,{Zo:()=>p,kt:()=>f});var a=t(67294);function r(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function o(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);n&&(a=a.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,a)}return t}function s(e){for(var n=1;n=0||(r[t]=e[t]);return r}(e,n);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(r[t]=e[t])}return r}var l=a.createContext({}),m=function(e){var n=a.useContext(l),t=n;return e&&(t="function"==typeof e?e(n):s(s({},n),e)),t},p=function(e){var n=m(e.components);return a.createElement(l.Provider,{value:n},e.children)},c="mdxType",d={inlineCode:"code",wrapper:function(e){var n=e.children;return a.createElement(a.Fragment,{},n)}},u=a.forwardRef((function(e,n){var t=e.components,r=e.mdxType,o=e.originalType,l=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),c=m(t),u=r,f=c["".concat(l,".").concat(u)]||c[u]||d[u]||o;return t?a.createElement(f,s(s({ref:n},p),{},{components:t})):a.createElement(f,s({ref:n},p))}));function f(e,n){var t=arguments,r=n&&n.mdxType;if("string"==typeof e||r){var o=t.length,s=new Array(o);s[0]=u;var i={};for(var l in n)hasOwnProperty.call(n,l)&&(i[l]=n[l]);i.originalType=e,i[c]="string"==typeof e?e:r,s[1]=i;for(var m=2;m{t.r(n),t.d(n,{assets:()=>l,contentTitle:()=>s,default:()=>d,frontMatter:()=>o,metadata:()=>i,toc:()=>m});var a=t(87462),r=(t(67294),t(3905));const o={title:"Podman v1.7.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},s="Podman Release 1.7.0",i={permalink:"/release/2020/01/08/podman-release-v1.7.0",source:"@site/release/2020-01-08-podman-release-v1.7.0.md",title:"Podman v1.7.0 Released",description:"podman logo",date:"2020-01-08T00:00:00.000Z",formattedDate:"January 8, 2020",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"}],readingTime:1.05,hasTruncateMarker:!1,authors:[{name:"mheon"}],frontMatter:{title:"Podman v1.7.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman v1.9.0 Released",permalink:"/release/2020/04/17/podman-release-v1.9.0"},nextItem:{title:"Podman v1.5.0 Released",permalink:"/release/2019/08/14/podman-release-v1.5.0"}},l={authorsImageUrls:[void 0]},m=[{value:"Podman 1.7 has been released!",id:"podman-17-has-been-released",level:2}],p={toc:m},c="wrapper";function d(e){let{components:n,...o}=e;return(0,r.kt)(c,(0,a.Z)({},p,o,{components:n,mdxType:"MDXLayout"}),(0,r.kt)("p",null,(0,r.kt)("img",{alt:"podman logo",src:t(1382).Z,width:"228",height:"61"})),(0,r.kt)("h2",{id:"podman-17-has-been-released"},"Podman 1.7 has been released!"),(0,r.kt)("p",null,"Podman v1.7.0 has been released, including many new features and numerous bugfixes. It features improvements to networking, ",(0,r.kt)("inlineCode",{parentName:"p"},"podman play kube"),", and systemd unit file integration. We\u2019ve also added the ",(0,r.kt)("inlineCode",{parentName:"p"},"podman system reset")," command, to remove all existing containers, pods, images, and volumes and reset the system to its initial state. Stability has not been neglected, and this release features almost 60 bugfixes, including major fixes for ",(0,r.kt)("inlineCode",{parentName:"p"},"podman rm"),", ",(0,r.kt)("inlineCode",{parentName:"p"},"podman exec"),", and volumes."),(0,r.kt)("p",null,"This new release features improved support for host networking via the CNI ",(0,r.kt)("inlineCode",{parentName:"p"},"macvlan")," plugin which allows containers to connect directly to networks the host is connected to. The ",(0,r.kt)("inlineCode",{parentName:"p"},"podman network create")," command can now create ",(0,r.kt)("inlineCode",{parentName:"p"},"macvlan")," configs via the ",(0,r.kt)("inlineCode",{parentName:"p"},"--macvlan")," flag. Containers can also set static MAC addresses. The ",(0,r.kt)("inlineCode",{parentName:"p"},"podman play kube")," command has also been updated to respect security settings, including user/group, SELinux configuration, and Seccomp profiles. Podman now creates a cgroup namespace by default on systems using cgroups v2, improving container isolation. We\u2019ve made major improvements for running Podman in a systemd service. These changes (and how to use them) are detailed elsewhere in a ",(0,r.kt)("a",{parentName:"p",href:"https://www.redhat.com/sysadmin/podman-shareable-systemd-services"},"blog"),"."),(0,r.kt)("p",null,"As always, please visit our page on ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/RELEASE_NOTES.md"},"GitHub")," to see the full changelog."),(0,r.kt)("p",null,"You can find instructions for installing Podman ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/install.md"},"here"),"."))}d.isMDXComponent=!0},1382:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/7863a04f.e41a7b2f.js b/assets/js/7863a04f.e41a7b2f.js new file mode 100644 index 000000000..0aa37fa02 --- /dev/null +++ b/assets/js/7863a04f.e41a7b2f.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[21307],{40005:e=>{e.exports=JSON.parse('{"permalink":"/release/tags/community/page/3","page":3,"postsPerPage":10,"totalPages":3,"totalCount":26,"previousPage":"/release/tags/community/page/2","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/795f3bdb.bcdbc8c5.js b/assets/js/795f3bdb.7d540acc.js similarity index 81% rename from assets/js/795f3bdb.bcdbc8c5.js rename to assets/js/795f3bdb.7d540acc.js index 051d01c61..3e8c7c1e1 100644 --- a/assets/js/795f3bdb.bcdbc8c5.js +++ b/assets/js/795f3bdb.7d540acc.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[109],{12280:a=>{a.exports=JSON.parse('{"permalink":"/blogs/tags/podman/page/13","page":13,"postsPerPage":10,"totalPages":19,"totalCount":190,"previousPage":"/blogs/tags/podman/page/12","nextPage":"/blogs/tags/podman/page/14","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[109],{12280:a=>{a.exports=JSON.parse('{"permalink":"/blogs/tags/podman/page/13","page":13,"postsPerPage":10,"totalPages":19,"totalCount":181,"previousPage":"/blogs/tags/podman/page/12","nextPage":"/blogs/tags/podman/page/14","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/7aa5df64.da0aa821.js b/assets/js/7aa5df64.644a771f.js similarity index 81% rename from assets/js/7aa5df64.da0aa821.js rename to assets/js/7aa5df64.644a771f.js index c48baa1da..a899ad1f0 100644 --- a/assets/js/7aa5df64.da0aa821.js +++ b/assets/js/7aa5df64.644a771f.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[11180],{15295:a=>{a.exports=JSON.parse('{"permalink":"/blogs/tags/podman/page/14","page":14,"postsPerPage":10,"totalPages":19,"totalCount":190,"previousPage":"/blogs/tags/podman/page/13","nextPage":"/blogs/tags/podman/page/15","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[11180],{15295:a=>{a.exports=JSON.parse('{"permalink":"/blogs/tags/podman/page/14","page":14,"postsPerPage":10,"totalPages":19,"totalCount":181,"previousPage":"/blogs/tags/podman/page/13","nextPage":"/blogs/tags/podman/page/15","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/7ae58247.6e4b9fcb.js b/assets/js/7ae58247.6e4b9fcb.js deleted file mode 100644 index 9f3c249b9..000000000 --- a/assets/js/7ae58247.6e4b9fcb.js +++ /dev/null @@ -1 +0,0 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[81747],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>h});var a=n(67294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function l(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var s=a.createContext({}),m=function(e){var t=a.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},p=function(e){var t=m(e.components);return a.createElement(s.Provider,{value:t},e.children)},c="mdxType",u={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},d=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,o=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),c=m(n),d=r,h=c["".concat(s,".").concat(d)]||c[d]||u[d]||o;return n?a.createElement(h,l(l({ref:t},p),{},{components:n})):a.createElement(h,l({ref:t},p))}));function h(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var o=n.length,l=new Array(o);l[0]=d;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i[c]="string"==typeof e?e:r,l[1]=i;for(var m=2;m{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>l,default:()=>u,frontMatter:()=>o,metadata:()=>i,toc:()=>m});var a=n(87462),r=(n(67294),n(3905));const o={title:"Podman v0.12.1.1 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},l=void 0,i={permalink:"/blogs/2018/12/12/podman-alpha-v0.12.1.1",source:"@site/blog/2018-12-12-podman-alpha-v0.12.1.1.md",title:"Podman v0.12.1.1 Released",description:"podman logo",date:"2018-12-12T00:00:00.000Z",formattedDate:"December 12, 2018",tags:[{label:"community",permalink:"/blogs/tags/community"},{label:"open source",permalink:"/blogs/tags/open-source"},{label:"podman",permalink:"/blogs/tags/podman"}],readingTime:1.2,hasTruncateMarker:!0,authors:[{name:"mheon"}],frontMatter:{title:"Podman v0.12.1.1 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"New Blog from Emilien Macchi, Part 4!",permalink:"/blogs/2018/12/14/openstack-podman-healthchecks"},nextItem:{title:"Simplifying Podman commands with labels",permalink:"/blogs/2018/12/03/podman-runlabel"}},s={authorsImageUrls:[void 0]},m=[{value:"Changes",id:"changes",level:2}],p={toc:m},c="wrapper";function u(e){let{components:t,...o}=e;return(0,r.kt)(c,(0,a.Z)({},p,o,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("p",null,(0,r.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,r.kt)("h1",{id:"podman-release-01211"},"Podman Release 0.12.1.1"),(0,r.kt)("p",null,"We're happy to announce the availability of Podman 0.12.1.1, our latest version. We've been very busy over the last month, and it shows! We've merged over 150 new commits since our 0.11 releases, including major new functionality and several critical bugfixes. Pods, Kubernetes compatibility, and container volumes all saw major improvements."),(0,r.kt)("p",null,"We hope everyone enjoys the release, and stays with us in the future as Podman gets closer to 1.0. As always, many thanks to everyone who contributed to this release!"),(0,r.kt)("h2",{id:"changes"},"Changes"),(0,r.kt)("p",null,"This release comes with many exciting new features. To highlight a few of our biggest changes:"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},"The ",(0,r.kt)("inlineCode",{parentName:"li"},"podman generate kube")," command was added by Brent Baude, which generates Kubernetes pod and service YAML from Podman containers and pods."),(0,r.kt)("li",{parentName:"ul"},"Initial support for named volumes using the ",(0,r.kt)("inlineCode",{parentName:"li"},"podman volume")," set of commands was landed by Urvashi Mohnani"),(0,r.kt)("li",{parentName:"ul"},"The ",(0,r.kt)("inlineCode",{parentName:"li"},"podman rm")," and ",(0,r.kt)("inlineCode",{parentName:"li"},"podman rmi")," commands can now prune unused containers and images with the ",(0,r.kt)("inlineCode",{parentName:"li"},"--prune")," flag"),(0,r.kt)("li",{parentName:"ul"},"Ports can now be published to the host from pods")),(0,r.kt)("p",null,"Numerous bugs were fixed as well, including a breaking change in rootless Podman found in 0.11.x releases."),(0,r.kt)("p",null,"To see the full changelog, please visit our release notes on ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/RELEASE_NOTES.md"},"GitHub")),(0,r.kt)("p",null,"Some of this work, like the ",(0,r.kt)("inlineCode",{parentName:"p"},"podman volume")," command, is still very early. We'd greatly appreciate feedback! If you have an enhancement request or a bug report, please file them on our ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/issues"},"issue page"),"."))}u.isMDXComponent=!0},1382:(e,t,n)=>{n.d(t,{Z:()=>a});const a=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/7bde4295.08306def.js b/assets/js/7bde4295.08306def.js new file mode 100644 index 000000000..db7cda73b --- /dev/null +++ b/assets/js/7bde4295.08306def.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[13460],{45896:e=>{e.exports=JSON.parse('{"permalink":"/release/page/3","page":3,"postsPerPage":10,"totalPages":3,"totalCount":26,"previousPage":"/release/page/2","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/7bff08c9.9785ad6c.js b/assets/js/7bff08c9.544ccc39.js similarity index 90% rename from assets/js/7bff08c9.9785ad6c.js rename to assets/js/7bff08c9.544ccc39.js index de6144f2c..a1e75fe55 100644 --- a/assets/js/7bff08c9.9785ad6c.js +++ b/assets/js/7bff08c9.544ccc39.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[99734],{76822:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/blogs/tags/podman","allTagsPath":"/blogs/tags","count":190}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[99734],{76822:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/blogs/tags/podman","allTagsPath":"/blogs/tags","count":181}')}}]); \ No newline at end of file diff --git a/assets/js/7c224e35.9c3e852c.js b/assets/js/7c224e35.df931557.js similarity index 59% rename from assets/js/7c224e35.9c3e852c.js rename to assets/js/7c224e35.df931557.js index 59980c9d2..31aba3a72 100644 --- a/assets/js/7c224e35.9c3e852c.js +++ b/assets/js/7c224e35.df931557.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[43567],{48602:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/23","page":23,"postsPerPage":10,"totalPages":26,"totalCount":255,"previousPage":"/blogs/page/22","nextPage":"/blogs/page/24","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[43567],{48602:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/23","page":23,"postsPerPage":10,"totalPages":25,"totalCount":246,"previousPage":"/blogs/page/22","nextPage":"/blogs/page/24","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/7d20fe42.e5410b04.js b/assets/js/7d20fe42.e5410b04.js new file mode 100644 index 000000000..cc4b48242 --- /dev/null +++ b/assets/js/7d20fe42.e5410b04.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[41862],{3905:(e,t,n)=>{n.d(t,{Zo:()=>c,kt:()=>h});var r=n(67294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function s(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var i=r.createContext({}),p=function(e){var t=r.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):s(s({},t),e)),n},c=function(e){var t=p(e.components);return r.createElement(i.Provider,{value:t},e.children)},m="mdxType",u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,i=e.parentName,c=l(e,["components","mdxType","originalType","parentName"]),m=p(n),d=a,h=m["".concat(i,".").concat(d)]||m[d]||u[d]||o;return n?r.createElement(h,s(s({ref:t},c),{},{components:n})):r.createElement(h,s({ref:t},c))}));function h(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,s=new Array(o);s[0]=d;var l={};for(var i in t)hasOwnProperty.call(t,i)&&(l[i]=t[i]);l.originalType=e,l[m]="string"==typeof e?e:a,s[1]=l;for(var p=2;p{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>s,default:()=>u,frontMatter:()=>o,metadata:()=>l,toc:()=>p});var r=n(87462),a=(n(67294),n(3905));const o={title:"Podman Alpha version 0.8.3 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},s=void 0,l={permalink:"/release/2018/08/20/podman-alpha-v0.8.3",source:"@site/release/2018-08-20-podman-alpha-v0.8.3.md",title:"Podman Alpha version 0.8.3 Release Announcement",description:"podman logo",date:"2018-08-20T00:00:00.000Z",formattedDate:"August 20, 2018",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"}],readingTime:1.135,hasTruncateMarker:!0,authors:[{name:"bbaude"}],frontMatter:{title:"Podman Alpha version 0.8.3 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman v0.12.1.1 Released",permalink:"/release/2018/12/12/podman-alpha-v0.12.1.1"},nextItem:{title:"Podman Alpha version 0.8.1 Release Announcement",permalink:"/release/2018/08/08/podman-alpha-v0.8.1"}},i={authorsImageUrls:[void 0]},p=[],c={toc:p},m="wrapper";function u(e){let{components:t,...o}=e;return(0,a.kt)(m,(0,r.Z)({},c,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,a.kt)("h1",{id:"podman-release-083"},"Podman release 0.8.3"),(0,a.kt)("p",null,"Our release this week was very smooth. It seems like between CI infrastructure stability, last minute pull requests, and sometimes just plain bad luck, something always gives us trouble on Friday\u2019s. The Fedora packages are created and I see that they are getting their karma and working through the process already."),(0,a.kt)("p",null,"By the way, we moved! Our new upstream location is ",(0,a.kt)("a",{parentName:"p",href:"https://github.com/containers/podman"},"https://github.com/containers/podman"),". It seems to be a more natural fit for our project and more closely associates us with some of our sister projects."),(0,a.kt)("p",null,"Some of the more obvious changes in this release are:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"* Updated documentation to mention that systemd is now the default cgroup manager.\n* The create|run switch of\u200a\u2014\u200auts-host now works correctly.\n* Add pod stats as a sub-command. Similar to podman stats, it allows you to see statistics about running pods and their containers.\n* Varlink API endpoints for many of the pod subcommands were added.\n* Support format for the varlink API endpoint Commit (OCI or docker)\n* Fix handling of the container\u2019s hostname when using\u200a\u2014\u200ahost=net\n* When searching multiple registries, do not make an error from one registry be fatal.\n* Create and Pull commands were added to the python client.\n")),(0,a.kt)("p",null,"Our IRC channel has not moved. Much of the development team can be found on Freenode in #podman. Come by and introduce yourself!"))}u.isMDXComponent=!0},1382:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/7f7d57e5.d687cb42.js b/assets/js/7f7d57e5.2299303e.js similarity index 81% rename from assets/js/7f7d57e5.d687cb42.js rename to assets/js/7f7d57e5.2299303e.js index b7c2b2a5a..46bea9f9b 100644 --- a/assets/js/7f7d57e5.d687cb42.js +++ b/assets/js/7f7d57e5.2299303e.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[91075],{63396:a=>{a.exports=JSON.parse('{"permalink":"/blogs/tags/podman/page/11","page":11,"postsPerPage":10,"totalPages":19,"totalCount":190,"previousPage":"/blogs/tags/podman/page/10","nextPage":"/blogs/tags/podman/page/12","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[91075],{63396:a=>{a.exports=JSON.parse('{"permalink":"/blogs/tags/podman/page/11","page":11,"postsPerPage":10,"totalPages":19,"totalCount":181,"previousPage":"/blogs/tags/podman/page/10","nextPage":"/blogs/tags/podman/page/12","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/7fdede95.e8e8c17e.js b/assets/js/7fdede95.e8e8c17e.js new file mode 100644 index 000000000..afc108ec9 --- /dev/null +++ b/assets/js/7fdede95.e8e8c17e.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[52685],{3905:(e,t,n)=>{n.d(t,{Zo:()=>d,kt:()=>h});var a=n(67294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var l=a.createContext({}),p=function(e){var t=a.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},d=function(e){var t=p(e.components);return a.createElement(l.Provider,{value:t},e.children)},m="mdxType",u={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},c=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,o=e.originalType,l=e.parentName,d=s(e,["components","mdxType","originalType","parentName"]),m=p(n),c=r,h=m["".concat(l,".").concat(c)]||m[c]||u[c]||o;return n?a.createElement(h,i(i({ref:t},d),{},{components:n})):a.createElement(h,i({ref:t},d))}));function h(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var o=n.length,i=new Array(o);i[0]=c;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s[m]="string"==typeof e?e:r,i[1]=s;for(var p=2;p{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>u,frontMatter:()=>o,metadata:()=>s,toc:()=>p});var a=n(87462),r=(n(67294),n(3905));const o={title:"Podman v4.2.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman","hpc","kubernetes"]},i="Podman Release v4.2.0",s={permalink:"/release/2022/08/17/podman-release-v4.2.0",source:"@site/release/2022-08-17-podman-release-v4.2.0.md",title:"Podman v4.2.0 Released",description:"podman logo",date:"2022-08-17T00:00:00.000Z",formattedDate:"August 17, 2022",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"},{label:"hpc",permalink:"/release/tags/hpc"},{label:"kubernetes",permalink:"/release/tags/kubernetes"}],readingTime:2.565,hasTruncateMarker:!1,authors:[{name:"mheon"}],frontMatter:{title:"Podman v4.2.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman","hpc","kubernetes"]},prevItem:{title:"Netavark and Aardvark-dns 1.2.0 released",permalink:"/release/2022/09/28/updated-1.2.0"},nextItem:{title:"Podman v4.1.0 Released",permalink:"/release/2022/05/09/podman-release-v4.1.0"}},l={authorsImageUrls:[void 0]},p=[{value:"Podman v4.2.0 has been released!",id:"podman-v420-has-been-released",level:2}],d={toc:p},m="wrapper";function u(e){let{components:t,...o}=e;return(0,r.kt)(m,(0,a.Z)({},d,o,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("p",null,(0,r.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,r.kt)("h2",{id:"podman-v420-has-been-released"},"Podman v4.2.0 has been released!"),(0,r.kt)("p",null,"Podman 4.2.0, our latest release, is now available. Featuring dozens of new features, including support for the GitLab Runner, significant improvements to ",(0,r.kt)("inlineCode",{parentName:"p"},"podman play kube"),", and pods in general. We\u2019ve also been working on running Podman on Mac and Windows, with a number of major bug fixes and several new features for ",(0,r.kt)("inlineCode",{parentName:"p"},"podman machine")," landing. We are also happy to announce an early release of Podman Desktop, a GUI tool for Podman. Read on for more details!"),(0,r.kt)("p",null,"Our new release now supports being used with the GitLab Runner as part of GitLab CI platforms, using the Docker executor. This has been the culmination of months of effort, and required squashing a number of bugs in our REST API. GitLab Runner has been a much-requested feature, and we\u2019re eager to see what users do with it!"),(0,r.kt)("p",null,"As part of the 4.2.0 release, we have made many changes to both Podman pods and the ",(0,r.kt)("inlineCode",{parentName:"p"},"podman play kube")," command. Pods now have early support for resource limits, allowing CPU and memory use for a pod to be limited. All containers in the pod will share this limit but can still set their own limits. Pods can also be cloned now via the new ",(0,r.kt)("inlineCode",{parentName:"p"},"podman pod clone")," command. Support for YAML in ",(0,r.kt)("inlineCode",{parentName:"p"},"play kube")," has also been improved, with additional support for security context settings and the ability to use ",(0,r.kt)("inlineCode",{parentName:"p"},"BlockDevice")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"CharDevice")," volumes."),(0,r.kt)("p",null,"systemd integration with ",(0,r.kt)("inlineCode",{parentName:"p"},"podman play kube")," has been introduced. Pods launched by ",(0,r.kt)("inlineCode",{parentName:"p"},"podman play kube")," can be managed by systemd, using the new ",(0,r.kt)("inlineCode",{parentName:"p"},"podman-kube@.service")," service - e.g. ",(0,r.kt)("inlineCode",{parentName:"p"},"systemctl --user start podman-play-kube@$(systemd-escape my.yaml).service")," will run the ",(0,r.kt)("inlineCode",{parentName:"p"},"my.yaml")," file managed by systemd."),(0,r.kt)("p",null,"Several other features and changes also landed in Podman v4.2.0. Early support for Sigstore signatures is now available in ",(0,r.kt)("inlineCode",{parentName:"p"},"podman push")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"podman manifest push")," - expect more in this area in the future as we further integrate Sigstore and Podman. Podman networks can now be isolated (preventing traffic from being sent to other Podman-managed networks) with the ",(0,r.kt)("inlineCode",{parentName:"p"},"--opt isolate=")," option to ",(0,r.kt)("inlineCode",{parentName:"p"},"podman network create"),"."),(0,r.kt)("p",null,"These are just a few of the 40 new features and 50 bug fixes included in Podman 4.2.0. Be sure to check out the ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/releases/tag/v4.2.0"},"release notes")," for more details!"),(0,r.kt)("p",null,"Along with the release of Podman 4.2.0, a new version of Podman Desktop is available. If you are not yet aware of ",(0,r.kt)("a",{parentName:"p",href:"https://podman-desktop.io/"},"Podman Desktop"),", it\u2019s a new project under the container organization to help developers work with containers in their local environment with a desktop UI. Podman Desktop is still in its early days. Still, it already provides capabilities to list your images, interact with containers (access logs, get a terminal), connect to registries (pull private images, push your images) and configure podman settings (proxies).\nAn early adopter program has also been set up. Feel free to ",(0,r.kt)("a",{parentName:"p",href:"https://forms.gle/ow73dV7Ce3YLzoXH7"},"sign up")," if you are interested in testing Podman Desktop, providing feedback, and speaking about your ideas, experiences, and pain points! If you are interested in contributing to the tool, your help would also be appreciated. Feel free to investigate the project\u2019s ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman-desktop"},"Github"),"."))}u.isMDXComponent=!0},1382:(e,t,n)=>{n.d(t,{Z:()=>a});const a=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/803e3a4a.3a2619af.js b/assets/js/803e3a4a.3a2619af.js deleted file mode 100644 index 8c1a1f19e..000000000 --- a/assets/js/803e3a4a.3a2619af.js +++ /dev/null @@ -1 +0,0 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[64891],{3905:(e,n,t)=>{t.d(n,{Zo:()=>u,kt:()=>h});var o=t(67294);function a(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function r(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);n&&(o=o.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,o)}return t}function i(e){for(var n=1;n=0||(a[t]=e[t]);return a}(e,n);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(o=0;o=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(a[t]=e[t])}return a}var s=o.createContext({}),c=function(e){var n=o.useContext(s),t=n;return e&&(t="function"==typeof e?e(n):i(i({},n),e)),t},u=function(e){var n=c(e.components);return o.createElement(s.Provider,{value:n},e.children)},p="mdxType",d={inlineCode:"code",wrapper:function(e){var n=e.children;return o.createElement(o.Fragment,{},n)}},m=o.forwardRef((function(e,n){var t=e.components,a=e.mdxType,r=e.originalType,s=e.parentName,u=l(e,["components","mdxType","originalType","parentName"]),p=c(t),m=a,h=p["".concat(s,".").concat(m)]||p[m]||d[m]||r;return t?o.createElement(h,i(i({ref:n},u),{},{components:t})):o.createElement(h,i({ref:n},u))}));function h(e,n){var t=arguments,a=n&&n.mdxType;if("string"==typeof e||a){var r=t.length,i=new Array(r);i[0]=m;var l={};for(var s in n)hasOwnProperty.call(n,s)&&(l[s]=n[s]);l.originalType=e,l[p]="string"==typeof e?e:a,i[1]=l;for(var c=2;c{t.r(n),t.d(n,{assets:()=>s,contentTitle:()=>i,default:()=>d,frontMatter:()=>r,metadata:()=>l,toc:()=>c});var o=t(87462),a=(t(67294),t(3905));const r={title:"Podman Alpha version 0.6.4 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},i=void 0,l={permalink:"/blogs/2018/07/02/podman-alpha-v0.6.4",source:"@site/blog/2018-07-02-podman-alpha-v0.6.4.md",title:"Podman Alpha version 0.6.4 Release Announcement",description:"podman logo",date:"2018-07-02T00:00:00.000Z",formattedDate:"July 2, 2018",tags:[{label:"community",permalink:"/blogs/tags/community"},{label:"open source",permalink:"/blogs/tags/open-source"},{label:"podman",permalink:"/blogs/tags/podman"}],readingTime:2.265,hasTruncateMarker:!0,authors:[{name:"bbaude"}],frontMatter:{title:"Podman Alpha version 0.6.4 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman Alpha version 0.7.1 Release Announcement",permalink:"/blogs/2018/07/09/podman-alpha-v0.7.1"},nextItem:{title:"Podman Alpha version 0.6.1 Release Announcement",permalink:"/blogs/2018/06/04/podman-alpha-v0.6.1"}},s={authorsImageUrls:[void 0]},c=[{value:"Notable features include:",id:"notable-features-include",level:2}],u={toc:c},p="wrapper";function d(e){let{components:n,...r}=e;return(0,a.kt)(p,(0,o.Z)({},u,r,{components:n,mdxType:"MDXLayout"}),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"podman logo",src:t(1382).Z,width:"228",height:"61"})),(0,a.kt)("h1",{id:"podman-release-064"},"Podman release 0.6.4"),(0,a.kt)("p",null,"This afternoon we were able to overcome some last minute bugs and release a new Podman. The packages are building in Fedora and will work their way through Fedora\u2019s bodhi system. For giggles, I looked at the number of individual contributors this week and was glad to see the number at 10."),(0,a.kt)("p",null,"Mainly bugfixes this week, one big one was that we do a better job cleaning up containers that run in the back ground."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"podman container cleanup")," was added to cleanup mountpoint, cgroups and network configuration when containers exit. When a container is run in background mode (-d), the podman command exits, but ",(0,a.kt)("strong",{parentName:"p"},"conmon")," continues to run and monitor the container, when the container exits, conmon executes podman container cleanup to cleanup the container."),(0,a.kt)("p",null,"There were a number of bug fixes and a lot of vendoring new code\u200a\u2014\u200aGolang speak for updating the code we depend on from other projects. Interesting things are in store for podman in the upcoming weeks. Stay tuned!"),(0,a.kt)("p",null,"I missed writing this blog the last couple of weeks, and wanted to point out a huge new feature from the ",(0,a.kt)("strong",{parentName:"p"},"buildah project"),". ",(0,a.kt)("strong",{parentName:"p"},"podman build")," now supports layering. As you may know podman build by default only adds one layer when processing a Dockerfile. This is different the ",(0,a.kt)("strong",{parentName:"p"},"docker build"),". Docker defaults to layering each line in the Dockerfile, which makes the creation of an application easier, since docker build jumps to the first line changed in the Dockerfile since the previous build. Podman build on the other hand starts at the beginning, which works better in using a Dockerfile in a build system. With the introducion of the\u200a\u2014\u200alayers flag, you can now get the same behaviour in podman build that you have in docker build, incremental changes to the Dockerfile will start the build at the change point rather then in the beginning. There is even a environment variable BUILDAH_LAYERS which can be set to default to the layers method."),(0,a.kt)("h2",{id:"notable-features-include"},"Notable features include:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"* Continued work on podman remote client. A mock up of a podman remote client went into the contrib/ section of our repository. This is not ready for anyone but Jhon Honce as the primary contributor to the python library code.\n* Continued work on running podman without requiring you to be root. Giuseppe Scrivano made a bunch of commits related to rootless containers.\n* added podman-image and podman-container man page links\n* fixed a fatal error where when a container disappeared during podman ps.\n* added an authfile option to podman search to deal with private registries.\n* fixed a bug related to container startup and attached mode.\n* building podman with varlink support is now optionional.\n")))}d.isMDXComponent=!0},1382:(e,n,t)=>{t.d(n,{Z:()=>o});const o=t.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/836ce71c.02f32587.js b/assets/js/836ce71c.a9d58a94.js similarity index 81% rename from assets/js/836ce71c.02f32587.js rename to assets/js/836ce71c.a9d58a94.js index 15653c9f5..7d5847268 100644 --- a/assets/js/836ce71c.02f32587.js +++ b/assets/js/836ce71c.a9d58a94.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[34093],{22969:a=>{a.exports=JSON.parse('{"permalink":"/blogs/tags/podman/page/7","page":7,"postsPerPage":10,"totalPages":19,"totalCount":190,"previousPage":"/blogs/tags/podman/page/6","nextPage":"/blogs/tags/podman/page/8","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[34093],{22969:a=>{a.exports=JSON.parse('{"permalink":"/blogs/tags/podman/page/7","page":7,"postsPerPage":10,"totalPages":19,"totalCount":181,"previousPage":"/blogs/tags/podman/page/6","nextPage":"/blogs/tags/podman/page/8","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/84261676.e6cc9bf8.js b/assets/js/84261676.3d6d8437.js similarity index 81% rename from assets/js/84261676.e6cc9bf8.js rename to assets/js/84261676.3d6d8437.js index bfb720cd6..e2a7f5a2c 100644 --- a/assets/js/84261676.e6cc9bf8.js +++ b/assets/js/84261676.3d6d8437.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[9784],{94202:a=>{a.exports=JSON.parse('{"permalink":"/blogs/tags/podman/page/18","page":18,"postsPerPage":10,"totalPages":19,"totalCount":190,"previousPage":"/blogs/tags/podman/page/17","nextPage":"/blogs/tags/podman/page/19","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[9784],{94202:a=>{a.exports=JSON.parse('{"permalink":"/blogs/tags/podman/page/18","page":18,"postsPerPage":10,"totalPages":19,"totalCount":181,"previousPage":"/blogs/tags/podman/page/17","nextPage":"/blogs/tags/podman/page/19","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/843d5c9d.c083f7a6.js b/assets/js/843d5c9d.0753903d.js similarity index 90% rename from assets/js/843d5c9d.c083f7a6.js rename to assets/js/843d5c9d.0753903d.js index d8affff3b..ace9957fd 100644 --- a/assets/js/843d5c9d.c083f7a6.js +++ b/assets/js/843d5c9d.0753903d.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[86983],{41979:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/blogs/tags/podman","allTagsPath":"/blogs/tags","count":190}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[86983],{41979:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/blogs/tags/podman","allTagsPath":"/blogs/tags","count":181}')}}]); \ No newline at end of file diff --git a/assets/js/853e4057.6b8d3907.js b/assets/js/853e4057.6b8d3907.js new file mode 100644 index 000000000..447fd04f0 --- /dev/null +++ b/assets/js/853e4057.6b8d3907.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[82651],{3905:(e,a,t)=>{t.d(a,{Zo:()=>d,kt:()=>h});var n=t(67294);function r(e,a,t){return a in e?Object.defineProperty(e,a,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[a]=t,e}function o(e,a){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);a&&(n=n.filter((function(a){return Object.getOwnPropertyDescriptor(e,a).enumerable}))),t.push.apply(t,n)}return t}function i(e){for(var a=1;a=0||(r[t]=e[t]);return r}(e,a);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(r[t]=e[t])}return r}var s=n.createContext({}),m=function(e){var a=n.useContext(s),t=a;return e&&(t="function"==typeof e?e(a):i(i({},a),e)),t},d=function(e){var a=m(e.components);return n.createElement(s.Provider,{value:a},e.children)},p="mdxType",u={inlineCode:"code",wrapper:function(e){var a=e.children;return n.createElement(n.Fragment,{},a)}},c=n.forwardRef((function(e,a){var t=e.components,r=e.mdxType,o=e.originalType,s=e.parentName,d=l(e,["components","mdxType","originalType","parentName"]),p=m(t),c=r,h=p["".concat(s,".").concat(c)]||p[c]||u[c]||o;return t?n.createElement(h,i(i({ref:a},d),{},{components:t})):n.createElement(h,i({ref:a},d))}));function h(e,a){var t=arguments,r=a&&a.mdxType;if("string"==typeof e||r){var o=t.length,i=new Array(o);i[0]=c;var l={};for(var s in a)hasOwnProperty.call(a,s)&&(l[s]=a[s]);l.originalType=e,l[p]="string"==typeof e?e:r,i[1]=l;for(var m=2;m{t.r(a),t.d(a,{assets:()=>s,contentTitle:()=>i,default:()=>u,frontMatter:()=>o,metadata:()=>l,toc:()=>m});var n=t(87462),r=(t(67294),t(3905));const o={title:"Podman v1.1.1 Released",layout:"default",author:"tsweeney",categories:["releases"],tags:["community","open source","podman"]},i="Podman Release 1.1.1",l={permalink:"/release/2019/03/01/podman-release-v1.1.1",source:"@site/release/2019-03-01-podman-release-v1.1.1.md",title:"Podman v1.1.1 Released",description:"podman logo",date:"2019-03-01T00:00:00.000Z",formattedDate:"March 1, 2019",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"}],readingTime:2.495,hasTruncateMarker:!1,authors:[{name:"tsweeney"}],frontMatter:{title:"Podman v1.1.1 Released",layout:"default",author:"tsweeney",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman v1.1.2 Released",permalink:"/release/2019/03/05/podman-release-v1.1.2"},nextItem:{title:"Podman v1.1.0 Released",permalink:"/release/2019/02/26/podman-release-v1.1.0"}},s={authorsImageUrls:[void 0]},m=[{value:"Podman has gone 1.1.1!",id:"podman-has-gone-111",level:2},{value:"Changes",id:"changes",level:2},{value:"Bugfixes",id:"bugfixes",level:3},{value:"Misc",id:"misc",level:3}],d={toc:m},p="wrapper";function u(e){let{components:a,...o}=e;return(0,r.kt)(p,(0,n.Z)({},d,o,{components:a,mdxType:"MDXLayout"}),(0,r.kt)("p",null,(0,r.kt)("img",{alt:"podman logo",src:t(1382).Z,width:"228",height:"61"})),(0,r.kt)("h2",{id:"podman-has-gone-111"},"Podman has gone 1.1.1!"),(0,r.kt)("p",null,"After releasing Podman v1.1.0 a number of miscellaneous changes and several bug fixes\nfocusing on command line options and parsing were added.",(0,r.kt)("br",{parentName:"p"}),"\n","All the details follow!"),(0,r.kt)("h2",{id:"changes"},"Changes"),(0,r.kt)("h3",{id:"bugfixes"},"Bugfixes"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where podman container restore was erroneously available as podman restore ",(0,r.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2191"},"#2191")),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where the volume_path option in libpod.conf was not being respected"),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where Podman failed to build when the varlink tag was not present ",(0,r.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2459"},"#2459")),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where the podman image load command was listed twice in help text"),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where the podman image sign command was also listed as podman sign"),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where the podman image list command incorrectly had an image alias"),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where the podman images command incorrectly had ls and list aliases"),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where the podman image rm command was being displayed as podman image rmi"),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where the podman create command would attempt to parse arguments meant for the container"),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where the combination of FIPS mode and user namespaces resulted in permissions errors"),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where the --time alias for --timeout for the podman restart and podman stop commands did not function"),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where the default stop timeout for newly-created containers was being set to 0 seconds (resulting in an immediate SIGKILL on running podman stop)"),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where the output format of podman port was incorrect, printing full container ID instead of truncated ID"),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where the podman container list command did not exist"),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where podman build could not build a container from images tagged locally that did not exist in a registry ",(0,r.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2469"},"#2469")),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where some Podman commands that accept no arguments would not error when provided arguments"),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where podman play kube could not handle cases where a pod and a container shared a name")),(0,r.kt)("h3",{id:"misc"},"Misc"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},"Usage text for many commands was greatly improved"),(0,r.kt)("li",{parentName:"ul"},"Major cleanups were made to Podman manpages, ensuring that command lists are accurate"),(0,r.kt)("li",{parentName:"ul"},"Greatly improved debugging output when the newuidmap and newgidmap binaries fail when using rootless Podman"),(0,r.kt)("li",{parentName:"ul"},"The -s alias for the global --storage-driver option has been removed"),(0,r.kt)("li",{parentName:"ul"},"The podman container refresh command has been deprecated, as its intended use case is no longer relevant. The command has been hidden and manpages deleted. It will be removed in a future release"),(0,r.kt)("li",{parentName:"ul"},"The podman container runlabel command will now pull images not available locally even without the --pull option. The --pull option has been deprecated"),(0,r.kt)("li",{parentName:"ul"},"The podman container checkpoint and podman container restore commands are now only available on OCI runtimes where they are supported (e.g. runc)")),(0,r.kt)("p",null,"As always, please visit our release notes on ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/RELEASE_NOTES.md"},"GitHub")," to see the full changelog."),(0,r.kt)("p",null,"You can find instructions for installing Podman ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/install.md"},"here")))}u.isMDXComponent=!0},1382:(e,a,t)=>{t.d(a,{Z:()=>n});const n=t.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/861f751b.67f7f532.js b/assets/js/861f751b.67f7f532.js new file mode 100644 index 000000000..ec5dacf56 --- /dev/null +++ b/assets/js/861f751b.67f7f532.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[14007],{3905:(e,r,a)=>{a.d(r,{Zo:()=>c,kt:()=>v});var t=a(67294);function n(e,r,a){return r in e?Object.defineProperty(e,r,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[r]=a,e}function o(e,r){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var t=Object.getOwnPropertySymbols(e);r&&(t=t.filter((function(r){return Object.getOwnPropertyDescriptor(e,r).enumerable}))),a.push.apply(a,t)}return a}function l(e){for(var r=1;r=0||(n[a]=e[a]);return n}(e,r);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(t=0;t=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(n[a]=e[a])}return n}var d=t.createContext({}),i=function(e){var r=t.useContext(d),a=r;return e&&(a="function"==typeof e?e(r):l(l({},r),e)),a},c=function(e){var r=i(e.components);return t.createElement(d.Provider,{value:r},e.children)},p="mdxType",u={inlineCode:"code",wrapper:function(e){var r=e.children;return t.createElement(t.Fragment,{},r)}},m=t.forwardRef((function(e,r){var a=e.components,n=e.mdxType,o=e.originalType,d=e.parentName,c=s(e,["components","mdxType","originalType","parentName"]),p=i(a),m=n,v=p["".concat(d,".").concat(m)]||p[m]||u[m]||o;return a?t.createElement(v,l(l({ref:r},c),{},{components:a})):t.createElement(v,l({ref:r},c))}));function v(e,r){var a=arguments,n=r&&r.mdxType;if("string"==typeof e||n){var o=a.length,l=new Array(o);l[0]=m;var s={};for(var d in r)hasOwnProperty.call(r,d)&&(s[d]=r[d]);s.originalType=e,s[p]="string"==typeof e?e:n,l[1]=s;for(var i=2;i{a.r(r),a.d(r,{assets:()=>d,contentTitle:()=>l,default:()=>u,frontMatter:()=>o,metadata:()=>s,toc:()=>i});var t=a(87462),n=(a(67294),a(3905));const o={title:"Netavark and Aardvark-dns 1.2.0 released",layout:"default",author:"baude",categories:["releases"],tags:["community","podman"]},l="Netavark and Aardvark-dns v1.2.0 released",s={permalink:"/release/2022/09/28/updated-1.2.0",source:"@site/release/2022-09-28-updated-1.2.0.md",title:"Netavark and Aardvark-dns 1.2.0 released",description:"Netavark and Aardvark-dns v1.2.0 has been released!",date:"2022-09-28T00:00:00.000Z",formattedDate:"September 28, 2022",tags:[{label:"community",permalink:"/release/tags/community"},{label:"podman",permalink:"/release/tags/podman"}],readingTime:.34,hasTruncateMarker:!0,authors:[{name:"baude"}],frontMatter:{title:"Netavark and Aardvark-dns 1.2.0 released",layout:"default",author:"baude",categories:["releases"],tags:["community","podman"]},prevItem:{title:"Podman v4.3.0 Released",permalink:"/release/2022/10/22/podman-release-v4.3.0"},nextItem:{title:"Podman v4.2.0 Released",permalink:"/release/2022/08/17/podman-release-v4.2.0"}},d={authorsImageUrls:[void 0]},i=[{value:"Netavark and Aardvark-dns v1.2.0 has been released!",id:"netavark-and-aardvark-dns-v120-has-been-released",level:2}],c={toc:i},p="wrapper";function u(e){let{components:r,...a}=e;return(0,n.kt)(p,(0,t.Z)({},c,a,{components:r,mdxType:"MDXLayout"}),(0,n.kt)("h2",{id:"netavark-and-aardvark-dns-v120-has-been-released"},"Netavark and Aardvark-dns v1.2.0 has been released!"),(0,n.kt)("p",null,"The underlying network components for Podman have been updated. This consists of two projects:"),(0,n.kt)("ul",null,(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("a",{parentName:"li",href:"https://github.com/containers/netavark/releases"},"Netavark")," - network configuration tool for Podman"),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("a",{parentName:"li",href:"https://github.com/containers/aardvark-dns/releases"},"Aardvark-dns")," - container domain name resolution server for\nPodman containers")))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/8731dd32.7553b6f3.js b/assets/js/8731dd32.7553b6f3.js new file mode 100644 index 000000000..ee4a6b83d --- /dev/null +++ b/assets/js/8731dd32.7553b6f3.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[65301],{3905:(e,n,t)=>{t.d(n,{Zo:()=>m,kt:()=>h});var a=t(67294);function o(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function r(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);n&&(a=a.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,a)}return t}function s(e){for(var n=1;n=0||(o[t]=e[t]);return o}(e,n);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(o[t]=e[t])}return o}var l=a.createContext({}),p=function(e){var n=a.useContext(l),t=n;return e&&(t="function"==typeof e?e(n):s(s({},n),e)),t},m=function(e){var n=p(e.components);return a.createElement(l.Provider,{value:n},e.children)},d="mdxType",c={inlineCode:"code",wrapper:function(e){var n=e.children;return a.createElement(a.Fragment,{},n)}},u=a.forwardRef((function(e,n){var t=e.components,o=e.mdxType,r=e.originalType,l=e.parentName,m=i(e,["components","mdxType","originalType","parentName"]),d=p(t),u=o,h=d["".concat(l,".").concat(u)]||d[u]||c[u]||r;return t?a.createElement(h,s(s({ref:n},m),{},{components:t})):a.createElement(h,s({ref:n},m))}));function h(e,n){var t=arguments,o=n&&n.mdxType;if("string"==typeof e||o){var r=t.length,s=new Array(r);s[0]=u;var i={};for(var l in n)hasOwnProperty.call(n,l)&&(i[l]=n[l]);i.originalType=e,i[d]="string"==typeof e?e:o,s[1]=i;for(var p=2;p{t.r(n),t.d(n,{assets:()=>l,contentTitle:()=>s,default:()=>c,frontMatter:()=>r,metadata:()=>i,toc:()=>p});var a=t(87462),o=(t(67294),t(3905));const r={title:"Podman v4.0.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman","hpc","kubernetes"]},s="Podman Release v4.0.0",i={permalink:"/release/2022/02/22/podman-release-v4.0.0",source:"@site/release/2022-02-22-podman-release-v4.0.0.md",title:"Podman v4.0.0 Released",description:"podman logo",date:"2022-02-22T00:00:00.000Z",formattedDate:"February 22, 2022",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"},{label:"hpc",permalink:"/release/tags/hpc"},{label:"kubernetes",permalink:"/release/tags/kubernetes"}],readingTime:1.975,hasTruncateMarker:!1,authors:[{name:"mheon"}],frontMatter:{title:"Podman v4.0.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman","hpc","kubernetes"]},prevItem:{title:"Podman v4.1.0 Released",permalink:"/release/2022/05/09/podman-release-v4.1.0"},nextItem:{title:"Podman v3.3.0 Released",permalink:"/release/2021/08/31/podman-release-v3.3.0"}},l={authorsImageUrls:[void 0]},p=[{value:"Podman v4.0 has been released!",id:"podman-v40-has-been-released",level:2}],m={toc:p},d="wrapper";function c(e){let{components:n,...r}=e;return(0,o.kt)(d,(0,a.Z)({},m,r,{components:n,mdxType:"MDXLayout"}),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"podman logo",src:t(1382).Z,width:"228",height:"61"})),(0,o.kt)("h2",{id:"podman-v40-has-been-released"},"Podman v4.0 has been released!"),(0,o.kt)("p",null,"Podman v4.0.0, a brand-new major release, is now available. Podman 4.0 is one of our most significant releases ever, featuring over 60 new features. Headlining this release is a complete rewrite of the network stack for improved functionality and performance, but there are numerous other changes, including improvements to Podman\u2019s Mac and Windows support, improvements to pods, over 50 bug fixes, and much, much more!"),(0,o.kt)("p",null,"Podman now features support for a new network stack based on ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/containers/netavark"},"Netavark")," and ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/containers/aardvark-dns"},"Aardvark"),", in addition to the existing CNI stack. The new stack features improved support for containers in multiple networks, improved IPv6 support, and improved performance. To ensure that we don\u2019t break existing users, the old CNI stack will remain the default on existing installations, while new installs will use Netavark. We\u2019re planning an in-depth dive into the networking changes in a future blog, so look forward to more details there!"),(0,o.kt)("p",null,"Support for Podman on Windows and OS X has also been a top priority, and we have made several major improvements for Podman 4.0. Chief among them is support for mounting the Podman API socket on the host system, allowing tools like Docker Compose to be used on the host system instead of inside the ",(0,o.kt)("inlineCode",{parentName:"p"},"podman machine")," VM. Also, ",(0,o.kt)("inlineCode",{parentName:"p"},"podman machine")," can now use WSL2 as a backend on Windows, greatly improving Podman\u2019s support for Windows. More features, including support for volume mounts from the host, are planned for Podman v4.1, so stay tuned for more updates."),(0,o.kt)("p",null,"Podman Pods have seen numerous new features added to allow sharing resources between containers in the pod. The ",(0,o.kt)("inlineCode",{parentName:"p"},"--volume")," and ",(0,o.kt)("inlineCode",{parentName:"p"},"--device")," options to the ",(0,o.kt)("inlineCode",{parentName:"p"},"podman pod create")," command allows volumes and devices to be mounted to every container in the pod, and the ",(0,o.kt)("inlineCode",{parentName:"p"},"--security-opt")," and ",(0,o.kt)("inlineCode",{parentName:"p"},"--sysctl")," options allow these configurations to be set for every container in the pod. Again, these changes are just the beginning of what we have planned - eventually, we aim to have almost every option from ",(0,o.kt)("inlineCode",{parentName:"p"},"podman run")," available to pods to allow easy sharing of configuration options among containers within them."),(0,o.kt)("p",null,"These changes are just the tip of the iceberg - there\u2019s far more packed into this release, including major updates to checkpoint and restore, improvements to ",(0,o.kt)("inlineCode",{parentName:"p"},"podman generate systemd")," and ",(0,o.kt)("inlineCode",{parentName:"p"},"podman play kube"),", and so much more. Find out more in the ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/releases/tag/v4.0.0"},"release notes"),"."))}c.isMDXComponent=!0},1382:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/8834a8f4.ddf79e89.js b/assets/js/8834a8f4.ddf79e89.js deleted file mode 100644 index eaf923b0c..000000000 --- a/assets/js/8834a8f4.ddf79e89.js +++ /dev/null @@ -1 +0,0 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[28492],{3905:(e,r,t)=>{t.d(r,{Zo:()=>c,kt:()=>f});var a=t(67294);function n(e,r,t){return r in e?Object.defineProperty(e,r,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[r]=t,e}function o(e,r){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);r&&(a=a.filter((function(r){return Object.getOwnPropertyDescriptor(e,r).enumerable}))),t.push.apply(t,a)}return t}function l(e){for(var r=1;r=0||(n[t]=e[t]);return n}(e,r);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(n[t]=e[t])}return n}var d=a.createContext({}),i=function(e){var r=a.useContext(d),t=r;return e&&(t="function"==typeof e?e(r):l(l({},r),e)),t},c=function(e){var r=i(e.components);return a.createElement(d.Provider,{value:r},e.children)},u="mdxType",p={inlineCode:"code",wrapper:function(e){var r=e.children;return a.createElement(a.Fragment,{},r)}},m=a.forwardRef((function(e,r){var t=e.components,n=e.mdxType,o=e.originalType,d=e.parentName,c=s(e,["components","mdxType","originalType","parentName"]),u=i(t),m=n,f=u["".concat(d,".").concat(m)]||u[m]||p[m]||o;return t?a.createElement(f,l(l({ref:r},c),{},{components:t})):a.createElement(f,l({ref:r},c))}));function f(e,r){var t=arguments,n=r&&r.mdxType;if("string"==typeof e||n){var o=t.length,l=new Array(o);l[0]=m;var s={};for(var d in r)hasOwnProperty.call(r,d)&&(s[d]=r[d]);s.originalType=e,s[u]="string"==typeof e?e:n,l[1]=s;for(var i=2;i{t.r(r),t.d(r,{assets:()=>d,contentTitle:()=>l,default:()=>p,frontMatter:()=>o,metadata:()=>s,toc:()=>i});var a=t(87462),n=(t(67294),t(3905));const o={title:"Netavark and Aardvark-dns 1.2.0 released",layout:"default",author:"baude",categories:["releases"],tags:["community","podman"]},l="Netavark and Aardvark-dns v1.2.0 released",s={permalink:"/blogs/2022/09/28/updated-1.2.0",source:"@site/blog/2022-09-28-updated-1.2.0.md",title:"Netavark and Aardvark-dns 1.2.0 released",description:"Netavark and Aardvark-dns v1.2.0 has been released!",date:"2022-09-28T00:00:00.000Z",formattedDate:"September 28, 2022",tags:[{label:"community",permalink:"/blogs/tags/community"},{label:"podman",permalink:"/blogs/tags/podman"}],readingTime:.34,hasTruncateMarker:!0,authors:[{name:"baude"}],frontMatter:{title:"Netavark and Aardvark-dns 1.2.0 released",layout:"default",author:"baude",categories:["releases"],tags:["community","podman"]},prevItem:{title:"How Podman packaging works on Linux",permalink:"/blogs/2022/10/03/new"},nextItem:{title:"Podman v4.2.0 Released",permalink:"/blogs/2022/08/17/new"}},d={authorsImageUrls:[void 0]},i=[{value:"Netavark and Aardvark-dns v1.2.0 has been released!",id:"netavark-and-aardvark-dns-v120-has-been-released",level:2}],c={toc:i},u="wrapper";function p(e){let{components:r,...t}=e;return(0,n.kt)(u,(0,a.Z)({},c,t,{components:r,mdxType:"MDXLayout"}),(0,n.kt)("h2",{id:"netavark-and-aardvark-dns-v120-has-been-released"},"Netavark and Aardvark-dns v1.2.0 has been released!"),(0,n.kt)("p",null,"The underlying network components for Podman have been updated. This consists of two projects:"),(0,n.kt)("ul",null,(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("a",{parentName:"li",href:"https://github.com/containers/netavark/releases"},"Netavark")," - network configuration tool for Podman"),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("a",{parentName:"li",href:"https://github.com/containers/aardvark-dns/releases"},"Aardvark-dns")," - container domain name resolution server for\nPodman containers")),(0,n.kt)("p",null,"Release v1.2.0 resolves a handful of edge case bugs that were found and reported. In addition, many of the libraries\nused by the projects were updated."))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/8a33da19.1697801f.js b/assets/js/8a33da19.1697801f.js new file mode 100644 index 000000000..9360d658a --- /dev/null +++ b/assets/js/8a33da19.1697801f.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[8523],{86416:e=>{e.exports=JSON.parse('{"label":"hpc","permalink":"/release/tags/hpc","allTagsPath":"/release/tags","count":8}')}}]); \ No newline at end of file diff --git a/assets/js/8bddd949.9bbf021e.js b/assets/js/8bddd949.9bbf021e.js new file mode 100644 index 000000000..00feac62f --- /dev/null +++ b/assets/js/8bddd949.9bbf021e.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[29307],{98122:e=>{e.exports=JSON.parse('{"permalink":"/release/tags/kubernetes","page":1,"postsPerPage":10,"totalPages":1,"totalCount":8,"blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/8e9960dc.dbbac736.js b/assets/js/8e9960dc.01099fba.js similarity index 81% rename from assets/js/8e9960dc.dbbac736.js rename to assets/js/8e9960dc.01099fba.js index 2d5ebb53f..f72978209 100644 --- a/assets/js/8e9960dc.dbbac736.js +++ b/assets/js/8e9960dc.01099fba.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[19509],{82788:a=>{a.exports=JSON.parse('{"permalink":"/blogs/tags/podman/page/8","page":8,"postsPerPage":10,"totalPages":19,"totalCount":190,"previousPage":"/blogs/tags/podman/page/7","nextPage":"/blogs/tags/podman/page/9","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[19509],{82788:a=>{a.exports=JSON.parse('{"permalink":"/blogs/tags/podman/page/8","page":8,"postsPerPage":10,"totalPages":19,"totalCount":181,"previousPage":"/blogs/tags/podman/page/7","nextPage":"/blogs/tags/podman/page/9","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/90e6bfa4.779c5896.js b/assets/js/90e6bfa4.dcd3aece.js similarity index 81% rename from assets/js/90e6bfa4.779c5896.js rename to assets/js/90e6bfa4.dcd3aece.js index 296d39f24..e171d45ba 100644 --- a/assets/js/90e6bfa4.779c5896.js +++ b/assets/js/90e6bfa4.dcd3aece.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[41021],{32268:a=>{a.exports=JSON.parse('{"permalink":"/blogs/tags/podman/page/15","page":15,"postsPerPage":10,"totalPages":19,"totalCount":190,"previousPage":"/blogs/tags/podman/page/14","nextPage":"/blogs/tags/podman/page/16","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[41021],{32268:a=>{a.exports=JSON.parse('{"permalink":"/blogs/tags/podman/page/15","page":15,"postsPerPage":10,"totalPages":19,"totalCount":181,"previousPage":"/blogs/tags/podman/page/14","nextPage":"/blogs/tags/podman/page/16","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/915b42ac.9e50b95f.js b/assets/js/915b42ac.9e50b95f.js new file mode 100644 index 000000000..09eeef963 --- /dev/null +++ b/assets/js/915b42ac.9e50b95f.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[83153],{3905:(e,n,t)=>{t.d(n,{Zo:()=>p,kt:()=>h});var o=t(67294);function a(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function r(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);n&&(o=o.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,o)}return t}function i(e){for(var n=1;n=0||(a[t]=e[t]);return a}(e,n);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(o=0;o=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(a[t]=e[t])}return a}var l=o.createContext({}),m=function(e){var n=o.useContext(l),t=n;return e&&(t="function"==typeof e?e(n):i(i({},n),e)),t},p=function(e){var n=m(e.components);return o.createElement(l.Provider,{value:n},e.children)},d="mdxType",u={inlineCode:"code",wrapper:function(e){var n=e.children;return o.createElement(o.Fragment,{},n)}},c=o.forwardRef((function(e,n){var t=e.components,a=e.mdxType,r=e.originalType,l=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),d=m(t),c=a,h=d["".concat(l,".").concat(c)]||d[c]||u[c]||r;return t?o.createElement(h,i(i({ref:n},p),{},{components:t})):o.createElement(h,i({ref:n},p))}));function h(e,n){var t=arguments,a=n&&n.mdxType;if("string"==typeof e||a){var r=t.length,i=new Array(r);i[0]=c;var s={};for(var l in n)hasOwnProperty.call(n,l)&&(s[l]=n[l]);s.originalType=e,s[d]="string"==typeof e?e:a,i[1]=s;for(var m=2;m{t.r(n),t.d(n,{assets:()=>l,contentTitle:()=>i,default:()=>u,frontMatter:()=>r,metadata:()=>s,toc:()=>m});var o=t(87462),a=(t(67294),t(3905));const r={title:"Podman v4.1.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman","hpc","kubernetes"]},i="Podman Release v4.1.0",s={permalink:"/release/2022/05/09/podman-release-v4.1.0",source:"@site/release/2022-05-09-podman-release-v4.1.0.md",title:"Podman v4.1.0 Released",description:"podman logo",date:"2022-05-09T00:00:00.000Z",formattedDate:"May 9, 2022",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"},{label:"hpc",permalink:"/release/tags/hpc"},{label:"kubernetes",permalink:"/release/tags/kubernetes"}],readingTime:2.145,hasTruncateMarker:!1,authors:[{name:"mheon"}],frontMatter:{title:"Podman v4.1.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman","hpc","kubernetes"]},prevItem:{title:"Podman v4.2.0 Released",permalink:"/release/2022/08/17/podman-release-v4.2.0"},nextItem:{title:"Podman v4.0.0 Released",permalink:"/release/2022/02/22/podman-release-v4.0.0"}},l={authorsImageUrls:[void 0]},m=[{value:"Podman v4.1 has been released!",id:"podman-v41-has-been-released",level:2}],p={toc:m},d="wrapper";function u(e){let{components:n,...r}=e;return(0,a.kt)(d,(0,o.Z)({},p,r,{components:n,mdxType:"MDXLayout"}),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"podman logo",src:t(1382).Z,width:"228",height:"61"})),(0,a.kt)("h2",{id:"podman-v41-has-been-released"},"Podman v4.1 has been released!"),(0,a.kt)("p",null,"The new Podman v4.1.0 release is now available. This release is all about new features, with some of the most exciting being improved support for running on Mac and Windows, and adding support for Docker Compose v2.0. These are just the beginning, though, as this release also includes the ability to clone containers, significant improvements to checkpointing, and over 25 bug fixes. Read on for more details!"),(0,a.kt)("p",null,"Podman\u2019s support for running on Mac and Windows via ",(0,a.kt)("inlineCode",{parentName:"p"},"podman machine")," has seen a number of major improvements, chief among them support for mounting the host machine\u2019s home directory into the ",(0,a.kt)("inlineCode",{parentName:"p"},"podman machine")," VMs by default. Also, on Windows, you can now refer to arbitrary Windows drive paths in your volume mount expressions. This allows containers run by Podman to use mounts from the host, an often-requested feature. Additionally, we\u2019ve added a ",(0,a.kt)("inlineCode",{parentName:"p"},"podman machine inspect")," command to inspect existing VMs, and support for modifying the CPU, memory, and disk limits of existing VMs using the ",(0,a.kt)("inlineCode",{parentName:"p"},"podman machine set")," command. Support for non-Linux operating systems continues to be one of our main focuses, and we\u2019re committed to improving our user experience here - stay tuned for more details!"),(0,a.kt)("p",null,"Podman v4.1 is also our first release to support Docker Compose v2.2.0 and up. Since our v3.0 release over a year ago, Podman has supported Compose v1, but the rewritten Compose v2 required further work in Podman to support. Please note that it may be necessary to disable the use of the BuildKit API by setting the environment variable ",(0,a.kt)("inlineCode",{parentName:"p"},"DOCKER_BUILDKIT=0"),"; we\u2019re looking into improving our Buildkit support in the future, so this is not necessary."),(0,a.kt)("p",null,"There are numerous other changes and improvements to all parts of Podman packed into this release. We\u2019ve added several new commands, including ",(0,a.kt)("inlineCode",{parentName:"p"},"podman volume mount")," and ",(0,a.kt)("inlineCode",{parentName:"p"},"podman volume unmount")," (to allow easy copying of files to and from volumes without using them in a container) and ",(0,a.kt)("inlineCode",{parentName:"p"},"podman container clone")," (creates a copy of an existing container, with the ability to change many settings while doing so). Checkpoint and restore have seen a major improvement with the ability to store checkpoints as OCI images, allowing them to be distributed via container registries. Finally, Podman has gone on a diet - we set out to reduce or eliminate many of our dependencies and managed to reduce our binary size by 8MB shaving off 15% of the original binary size. There are many more changes - too many to list all of them here - so be sure to check out the ",(0,a.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/releases/tag/v4.1.0"},"release notes"),"!"))}u.isMDXComponent=!0},1382:(e,n,t)=>{t.d(n,{Z:()=>o});const o=t.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/97ad7d7c.16ebe55b.js b/assets/js/97ad7d7c.16ebe55b.js deleted file mode 100644 index b86edc2c2..000000000 --- a/assets/js/97ad7d7c.16ebe55b.js +++ /dev/null @@ -1 +0,0 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[39103],{3905:(e,n,t)=>{t.d(n,{Zo:()=>c,kt:()=>f});var o=t(67294);function a(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function r(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);n&&(o=o.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,o)}return t}function i(e){for(var n=1;n=0||(a[t]=e[t]);return a}(e,n);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(o=0;o=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(a[t]=e[t])}return a}var s=o.createContext({}),p=function(e){var n=o.useContext(s),t=n;return e&&(t="function"==typeof e?e(n):i(i({},n),e)),t},c=function(e){var n=p(e.components);return o.createElement(s.Provider,{value:n},e.children)},d="mdxType",m={inlineCode:"code",wrapper:function(e){var n=e.children;return o.createElement(o.Fragment,{},n)}},u=o.forwardRef((function(e,n){var t=e.components,a=e.mdxType,r=e.originalType,s=e.parentName,c=l(e,["components","mdxType","originalType","parentName"]),d=p(t),u=a,f=d["".concat(s,".").concat(u)]||d[u]||m[u]||r;return t?o.createElement(f,i(i({ref:n},c),{},{components:t})):o.createElement(f,i({ref:n},c))}));function f(e,n){var t=arguments,a=n&&n.mdxType;if("string"==typeof e||a){var r=t.length,i=new Array(r);i[0]=u;var l={};for(var s in n)hasOwnProperty.call(n,s)&&(l[s]=n[s]);l.originalType=e,l[d]="string"==typeof e?e:a,i[1]=l;for(var p=2;p{t.r(n),t.d(n,{assets:()=>s,contentTitle:()=>i,default:()=>m,frontMatter:()=>r,metadata:()=>l,toc:()=>p});var o=t(87462),a=(t(67294),t(3905));const r={title:"Podman Alpha version 0.7.2 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},i=void 0,l={permalink:"/blogs/2018/07/16/podman-alpha-v0.7.2",source:"@site/blog/2018-07-16-podman-alpha-v0.7.2.md",title:"Podman Alpha version 0.7.2 Release Announcement",description:"podman logo",date:"2018-07-16T00:00:00.000Z",formattedDate:"July 16, 2018",tags:[{label:"community",permalink:"/blogs/tags/community"},{label:"open source",permalink:"/blogs/tags/open-source"},{label:"podman",permalink:"/blogs/tags/podman"}],readingTime:1.885,hasTruncateMarker:!0,authors:[{name:"bbaude"}],frontMatter:{title:"Podman Alpha version 0.7.2 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman Alpha version 0.8.1 Release Announcement",permalink:"/blogs/2018/08/08/podman-alpha-v0.8.1"},nextItem:{title:"Podman Alpha version 0.7.1 Release Announcement",permalink:"/blogs/2018/07/09/podman-alpha-v0.7.1"}},s={authorsImageUrls:[void 0]},p=[],c={toc:p},d="wrapper";function m(e){let{components:n,...r}=e;return(0,a.kt)(d,(0,o.Z)({},c,r,{components:n,mdxType:"MDXLayout"}),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"podman logo",src:t(1382).Z,width:"228",height:"61"})),(0,a.kt)("h1",{id:"podman-release-072"},"Podman release 0.7.2"),(0,a.kt)("p",null,"As most weeks are, this was fast and furious. You will see hand fulls of significant features below that have been added to podman this week. All of it is awesome work from the core team and its contributors. There were also two interesting features that users will be interested in: the ability to create a container with multiple networks and the podman remote client."),(0,a.kt)("p",null,"We have heard from users that they wish to be able to create containers with multiple networks. This can now be done with a combination of CNI configurations and podman. The easiest approach is to take the default podman configuration file ",(0,a.kt)("inlineCode",{parentName:"p"},"/etc/cni/net.d/87-podman-bridge.conflist")," and duplicate it. Within the file, change the:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"* network name\n* bridge device (cni0 -> cni1)\n* subnet\n")),(0,a.kt)("p",null,"Then run podman like:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ podman run -it --network=podman,podman2 fedora:28 /bin/bash\n")),(0,a.kt)("p",null,"Jhon Honce and I have also been working on a remote client for podman, called pypodman. It is written in Python and allows users to have a podman-like front-end that accesses an actual podman backend on another node. It relies heavily on ssh and we recommend the use of ssh keys to simplify things."),(0,a.kt)("p",null,"Our vision is this could eventually become useful for those using Macs or Windows as a development environment. Look for more official blogs and write-ups specifically on this."),(0,a.kt)("p",null,"This is also the release where we start introducing pod concepts. We now have minimal support for pods. Try ",(0,a.kt)("inlineCode",{parentName:"p"},"podman pod\u200a\u2014\u200ahelp")," for further information."),(0,a.kt)("h1",{id:"other-significant-features-include-but-are-not-limited-to"},"Other significant features include but are not limited to:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"* More unit tests for the varlink python client\n* Correction behavior for podman stats\n* Add\u200a\u2014\u200avolumes-from to podman run and create\n* Fix a small regression in our opt handling\n* Add a default AppArmor profile\n* Fix path for rootless containers\n* Varlink API fixes in how we start start and attach to containers\n* Podman ps now reports containers as \u2018dead\u2019 instead of \u2018unknown\u2019\n* Correct behavior in podman rmi on how to handle parent image deletions\n* Logged output now goes to syslog as well as STDERR\n* When pulling an image by SHA1, we now set the name and tag correctly.\n* Better recording of exit codes for container exits\n")))}m.isMDXComponent=!0},1382:(e,n,t)=>{t.d(n,{Z:()=>o});const o=t.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/5d47ffa8.5b2eae0b.js b/assets/js/97f5f3c2.12fe9d7e.js similarity index 55% rename from assets/js/5d47ffa8.5b2eae0b.js rename to assets/js/97f5f3c2.12fe9d7e.js index 9013eb80b..778a6094a 100644 --- a/assets/js/5d47ffa8.5b2eae0b.js +++ b/assets/js/97f5f3c2.12fe9d7e.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[25417],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>f});var r=n(67294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},m="mdxType",u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),m=c(n),d=a,f=m["".concat(s,".").concat(d)]||m[d]||u[d]||o;return n?r.createElement(f,l(l({ref:t},p),{},{components:n})):r.createElement(f,l({ref:t},p))}));function f(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,l=new Array(o);l[0]=d;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i[m]="string"==typeof e?e:a,l[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>l,default:()=>u,frontMatter:()=>o,metadata:()=>i,toc:()=>c});var r=n(87462),a=(n(67294),n(3905));const o={title:"Podman Alpha version 0.7.2 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},l=void 0,i={permalink:"/blogs/2018/07/16/podman-alpha-v0.7.2",source:"@site/blog/2018-07-16-podman-alpha-v0.7.2.md",title:"Podman Alpha version 0.7.2 Release Announcement",description:"podman logo",date:"2018-07-16T00:00:00.000Z",formattedDate:"July 16, 2018",tags:[{label:"community",permalink:"/blogs/tags/community"},{label:"open source",permalink:"/blogs/tags/open-source"},{label:"podman",permalink:"/blogs/tags/podman"}],readingTime:1.885,hasTruncateMarker:!0,authors:[{name:"bbaude"}],frontMatter:{title:"Podman Alpha version 0.7.2 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman Alpha version 0.8.1 Release Announcement",permalink:"/blogs/2018/08/08/podman-alpha-v0.8.1"},nextItem:{title:"Podman Alpha version 0.7.1 Release Announcement",permalink:"/blogs/2018/07/09/podman-alpha-v0.7.1"}},s={authorsImageUrls:[void 0]},c=[],p={toc:c},m="wrapper";function u(e){let{components:t,...o}=e;return(0,a.kt)(m,(0,r.Z)({},p,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,a.kt)("h1",{id:"podman-release-072"},"Podman release 0.7.2"),(0,a.kt)("p",null,"As most weeks are, this was fast and furious. You will see hand fulls of significant features below that have been added to podman this week. All of it is awesome work from the core team and its contributors. There were also two interesting features that users will be interested in: the ability to create a container with multiple networks and the podman remote client."))}u.isMDXComponent=!0},1382:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[31422],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>f});var r=n(67294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},m="mdxType",u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),m=c(n),d=a,f=m["".concat(s,".").concat(d)]||m[d]||u[d]||o;return n?r.createElement(f,l(l({ref:t},p),{},{components:n})):r.createElement(f,l({ref:t},p))}));function f(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,l=new Array(o);l[0]=d;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i[m]="string"==typeof e?e:a,l[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>l,default:()=>u,frontMatter:()=>o,metadata:()=>i,toc:()=>c});var r=n(87462),a=(n(67294),n(3905));const o={title:"Podman Alpha version 0.7.2 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},l=void 0,i={permalink:"/release/2018/07/16/podman-alpha-v0.7.2",source:"@site/release/2018-07-16-podman-alpha-v0.7.2.md",title:"Podman Alpha version 0.7.2 Release Announcement",description:"podman logo",date:"2018-07-16T00:00:00.000Z",formattedDate:"July 16, 2018",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"}],readingTime:1.885,hasTruncateMarker:!0,authors:[{name:"bbaude"}],frontMatter:{title:"Podman Alpha version 0.7.2 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman Alpha version 0.8.1 Release Announcement",permalink:"/release/2018/08/08/podman-alpha-v0.8.1"},nextItem:{title:"Podman Alpha version 0.7.1 Release Announcement",permalink:"/release/2018/07/09/podman-alpha-v0.7.1"}},s={authorsImageUrls:[void 0]},c=[],p={toc:c},m="wrapper";function u(e){let{components:t,...o}=e;return(0,a.kt)(m,(0,r.Z)({},p,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,a.kt)("h1",{id:"podman-release-072"},"Podman release 0.7.2"),(0,a.kt)("p",null,"As most weeks are, this was fast and furious. You will see hand fulls of significant features below that have been added to podman this week. All of it is awesome work from the core team and its contributors. There were also two interesting features that users will be interested in: the ability to create a container with multiple networks and the podman remote client."))}u.isMDXComponent=!0},1382:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/99b17796.7c8e3a84.js b/assets/js/99b17796.7c8e3a84.js new file mode 100644 index 000000000..acee33da6 --- /dev/null +++ b/assets/js/99b17796.7c8e3a84.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[38098],{48537:e=>{e.exports=JSON.parse('{"label":"open source","permalink":"/release/tags/open-source","allTagsPath":"/release/tags","count":25}')}}]); \ No newline at end of file diff --git a/assets/js/9d79cf0f.fa532aaa.js b/assets/js/9d79cf0f.3e929917.js similarity index 75% rename from assets/js/9d79cf0f.fa532aaa.js rename to assets/js/9d79cf0f.3e929917.js index 8f19d538b..0ccacb1a9 100644 --- a/assets/js/9d79cf0f.fa532aaa.js +++ b/assets/js/9d79cf0f.3e929917.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[62693],{7488:e=>{e.exports=JSON.parse('{"permalink":"/blogs/tags/open-source","page":1,"postsPerPage":10,"totalPages":1,"totalCount":9,"blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[62693],{7488:e=>{e.exports=JSON.parse('{"permalink":"/blogs/tags/open-source","page":1,"postsPerPage":10,"totalPages":1,"totalCount":1,"blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/9ec8eba6.a556ff23.js b/assets/js/9ec8eba6.a556ff23.js new file mode 100644 index 000000000..19ee81595 --- /dev/null +++ b/assets/js/9ec8eba6.a556ff23.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[5774],{3905:(e,n,t)=>{t.d(n,{Zo:()=>p,kt:()=>h});var a=t(67294);function o(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function r(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);n&&(a=a.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,a)}return t}function s(e){for(var n=1;n=0||(o[t]=e[t]);return o}(e,n);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(o[t]=e[t])}return o}var l=a.createContext({}),m=function(e){var n=a.useContext(l),t=n;return e&&(t="function"==typeof e?e(n):s(s({},n),e)),t},p=function(e){var n=m(e.components);return a.createElement(l.Provider,{value:n},e.children)},d="mdxType",u={inlineCode:"code",wrapper:function(e){var n=e.children;return a.createElement(a.Fragment,{},n)}},c=a.forwardRef((function(e,n){var t=e.components,o=e.mdxType,r=e.originalType,l=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),d=m(t),c=o,h=d["".concat(l,".").concat(c)]||d[c]||u[c]||r;return t?a.createElement(h,s(s({ref:n},p),{},{components:t})):a.createElement(h,s({ref:n},p))}));function h(e,n){var t=arguments,o=n&&n.mdxType;if("string"==typeof e||o){var r=t.length,s=new Array(r);s[0]=c;var i={};for(var l in n)hasOwnProperty.call(n,l)&&(i[l]=n[l]);i.originalType=e,i[d]="string"==typeof e?e:o,s[1]=i;for(var m=2;m{t.r(n),t.d(n,{assets:()=>l,contentTitle:()=>s,default:()=>u,frontMatter:()=>r,metadata:()=>i,toc:()=>m});var a=t(87462),o=(t(67294),t(3905));const r={title:"Podman v2.1.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},s="Podman Release 2.1.0",i={permalink:"/release/2020/10/05/podman-release-v2.1.0",source:"@site/release/2020-10-05-podman-release-v2.1.0.md",title:"Podman v2.1.0 Released",description:"podman logo",date:"2020-10-05T00:00:00.000Z",formattedDate:"October 5, 2020",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"}],readingTime:1.69,hasTruncateMarker:!1,authors:[{name:"mheon"}],frontMatter:{title:"Podman v2.1.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman v2.2.0 Released",permalink:"/release/2020/12/14/podman-release-v2.2.0"},nextItem:{title:"Podman v1.9.0 Released",permalink:"/release/2020/04/17/podman-release-v1.9.0"}},l={authorsImageUrls:[void 0]},m=[{value:"Podman 2.1 has been released!",id:"podman-21-has-been-released",level:2}],p={toc:m},d="wrapper";function u(e){let{components:n,...r}=e;return(0,o.kt)(d,(0,a.Z)({},p,r,{components:n,mdxType:"MDXLayout"}),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"podman logo",src:t(1382).Z,width:"228",height:"61"})),(0,o.kt)("h2",{id:"podman-21-has-been-released"},"Podman 2.1 has been released!"),(0,o.kt)("p",null,"Podman v2.1.0 has just been released! This is one of our largest releases ever, and features numerous new features, over 50 bugs fixed, and extensive work on the REST API. Read on for more details!"),(0,o.kt)("p",null,"Our biggest announcement is that rootless Podman now supports inter-container networking. Previously, it was impossible for rootless Podman containers to communicate directly with each other without using pods. Now, by joining rootless containers to a network, they can communicate with other containers in the same network in the same manner as containers running with full root privileges. This is a major improvement to rootless networking, and addresses one of the largest gaps between running Podman with and without root."),(0,o.kt)("p",null,"We\u2019ve also enabled a number of new features for images. Podman can now mount images (read-only) so their contents can be viewed without creating a container based on the image, using the ",(0,o.kt)("inlineCode",{parentName:"p"},"podman image mount")," command. Additionally, ",(0,o.kt)("inlineCode",{parentName:"p"},"podman save")," and ",(0,o.kt)("inlineCode",{parentName:"p"},"podman load")," can now work with archives containing multiple images, instead of only one at a time. Finally, Podman\u2019s pull logic has been reworked to retry pulling images when a pull fails due to network issues."),(0,o.kt)("p",null,"The ",(0,o.kt)("inlineCode",{parentName:"p"},"podman play kube")," command has also been a focus of attention. It now handles many additional options from Kubernetes YAML. These include support for new volume types (mounting sockets into your pods and setting volumes as read-only), setting restart policy for pods, adding entries to ",(0,o.kt)("inlineCode",{parentName:"p"},"/etc/hosts"),", and many more. These features are available to anyone using ",(0,o.kt)("inlineCode",{parentName:"p"},"podman generate kube")," as well."),(0,o.kt)("p",null,"In addition, there are numerous small improvements. Volume mounts can now use the ",(0,o.kt)("inlineCode",{parentName:"p"},":O")," option to be created as overlay mounts - mounts where changes made by the container will not be propagated back to the host. Podman now supports setting the timezone of containers (using the ",(0,o.kt)("inlineCode",{parentName:"p"},"--tz")," flag). The ",(0,o.kt)("inlineCode",{parentName:"p"},"podman ps")," command now supports a ",(0,o.kt)("inlineCode",{parentName:"p"},"--storage")," option which will display all containers on the system, even those not managed by Podman (e.g. Buildah and CRI-O containers)."))}u.isMDXComponent=!0},1382:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/a22ed5e4.fcb73ae9.js b/assets/js/a22ed5e4.145b6e12.js similarity index 59% rename from assets/js/a22ed5e4.fcb73ae9.js rename to assets/js/a22ed5e4.145b6e12.js index 8cf01b827..0969999be 100644 --- a/assets/js/a22ed5e4.fcb73ae9.js +++ b/assets/js/a22ed5e4.145b6e12.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[96688],{51966:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/20","page":20,"postsPerPage":10,"totalPages":26,"totalCount":255,"previousPage":"/blogs/page/19","nextPage":"/blogs/page/21","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[96688],{51966:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/20","page":20,"postsPerPage":10,"totalPages":25,"totalCount":246,"previousPage":"/blogs/page/19","nextPage":"/blogs/page/21","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/a2baab9e.ff1332e9.js b/assets/js/a2baab9e.ff1332e9.js new file mode 100644 index 000000000..8c4a36e65 --- /dev/null +++ b/assets/js/a2baab9e.ff1332e9.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[71693],{3905:(e,a,t)=>{t.d(a,{Zo:()=>m,kt:()=>f});var n=t(67294);function r(e,a,t){return a in e?Object.defineProperty(e,a,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[a]=t,e}function o(e,a){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);a&&(n=n.filter((function(a){return Object.getOwnPropertyDescriptor(e,a).enumerable}))),t.push.apply(t,n)}return t}function i(e){for(var a=1;a=0||(r[t]=e[t]);return r}(e,a);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(r[t]=e[t])}return r}var s=n.createContext({}),c=function(e){var a=n.useContext(s),t=a;return e&&(t="function"==typeof e?e(a):i(i({},a),e)),t},m=function(e){var a=c(e.components);return n.createElement(s.Provider,{value:a},e.children)},d="mdxType",p={inlineCode:"code",wrapper:function(e){var a=e.children;return n.createElement(n.Fragment,{},a)}},u=n.forwardRef((function(e,a){var t=e.components,r=e.mdxType,o=e.originalType,s=e.parentName,m=l(e,["components","mdxType","originalType","parentName"]),d=c(t),u=r,f=d["".concat(s,".").concat(u)]||d[u]||p[u]||o;return t?n.createElement(f,i(i({ref:a},m),{},{components:t})):n.createElement(f,i({ref:a},m))}));function f(e,a){var t=arguments,r=a&&a.mdxType;if("string"==typeof e||r){var o=t.length,i=new Array(o);i[0]=u;var l={};for(var s in a)hasOwnProperty.call(a,s)&&(l[s]=a[s]);l.originalType=e,l[d]="string"==typeof e?e:r,i[1]=l;for(var c=2;c{t.r(a),t.d(a,{assets:()=>s,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>l,toc:()=>c});var n=t(87462),r=(t(67294),t(3905));const o={title:"Podman v1.2.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},i="Podman Release 1.2.0",l={permalink:"/release/2019/04/10/podman-release-v1.2.0",source:"@site/release/2019-04-10-podman-release-v1.2.0.md",title:"Podman v1.2.0 Released",description:"podman logo",date:"2019-04-10T00:00:00.000Z",formattedDate:"April 10, 2019",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"}],readingTime:1.69,hasTruncateMarker:!1,authors:[{name:"mheon"}],frontMatter:{title:"Podman v1.2.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman v1.3.0 Released",permalink:"/release/2019/05/10/podman-release-v1.3.0"},nextItem:{title:"Podman v1.1.2 Released",permalink:"/release/2019/03/05/podman-release-v1.1.2"}},s={authorsImageUrls:[void 0]},c=[{value:"Welcome to Podman 1.2.0!",id:"welcome-to-podman-120",level:2}],m={toc:c},d="wrapper";function p(e){let{components:a,...o}=e;return(0,r.kt)(d,(0,n.Z)({},m,o,{components:a,mdxType:"MDXLayout"}),(0,r.kt)("p",null,(0,r.kt)("img",{alt:"podman logo",src:t(1382).Z,width:"228",height:"61"})),(0,r.kt)("h2",{id:"welcome-to-podman-120"},"Welcome to Podman 1.2.0!"),(0,r.kt)("p",null,"Podman 1.2.0 has been released, featuring many exciting new features and fixes for numerous bugs. With 1.2.0, Podman added support for container healthchecks, an events system, and a way to view image layers as a tree. Over 30 bugs were fixed in this new release, including numerous issues with rootless Podman. We also upgraded the version of Buildah driving ",(0,r.kt)("inlineCode",{parentName:"p"},"podman build")," from v1.7 to v1.7.2, picking up numerous fixes."),(0,r.kt)("p",null,"Our new Podman release includes support for container healthchecks. Healthchecks provide additional information on container status, running checks defined by the image or user to verify that the application in a container is working properly. Any containers with healthchecks defined will run them automatically, and their status can be checked with ",(0,r.kt)("inlineCode",{parentName:"p"},"podman inspect"),". The ",(0,r.kt)("inlineCode",{parentName:"p"},"podman healthcheck run")," command can also be used to manually trigger a healthcheck."),(0,r.kt)("p",null,"Podman also added a new command, ",(0,r.kt)("inlineCode",{parentName:"p"},"podman events"),", that can be used to view major lifecycle events for containers, pods, and images as they occur. This command and its corresponding Varlink API can be used by tools which wish to check the overall status of the system, or check when a specific container starts or exits. A few example events are shown below:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"2019-04-11 15:49:45.490227772 -0400 EDT container attach 0765d56e25939f66aed5817dd10c5cbc69f177b2b4ef94ec302b8b67475e0a1a (image=quay.io/crio/alpine:latest, name=optimistic_franklin)\n2019-04-11 15:49:45.58978211 -0400 EDT container start 0765d56e25939f66aed5817dd10c5cbc69f177b2b4ef94ec302b8b67475e0a1a (image=quay.io/crio/alpine:latest, name=optimistic_franklin)\n2019-04-11 15:49:45.590526456 -0400 EDT container died 0765d56e25939f66aed5817dd10c5cbc69f177b2b4ef94ec302b8b67475e0a1a (image=quay.io/crio/alpine:latest, name=optimistic_franklin)\n2019-04-11 15:49:46.363842802 -0400 EDT container remove 0765d56e25939f66aed5817dd10c5cbc69f177b2b4ef94ec302b8b67475e0a1a (image=quay.io/crio/alpine:latest, name=optimistic_franklin)\n")),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"podman image tree")," command was also added. This command will print a tree representation of an image's layers. This can be used to easily identify an image's dependencies. An example with a simple multilayer image is shown below:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"Image ID: 4a3e4f2db0ac\nTags: [localhost/buildah-ctr:latest localhost/myimage:latest]\nSize: 598.1MB\nImage Layers\n\u251c\u2500\u2500 ID: a13f3c019d29 Size: 274.9MB\n\u251c\u2500\u2500 ID: 6ae7c90cc44a Size: 323.2MB\n\u2514\u2500\u2500 ID: 610298fe2990 Size: 1.024kB Top Layer of: [localhost/buildah-ctr:latest localhost/myimage:latest]\n")),(0,r.kt)("p",null,"As always, please visit our release notes on ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/RELEASE_NOTES.md"},"GitHub")," to see the full changelog."),(0,r.kt)("p",null,"You can find instructions for installing Podman ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/install.md"},"here")))}p.isMDXComponent=!0},1382:(e,a,t)=>{t.d(a,{Z:()=>n});const n=t.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/a3470c53.ed0c9424.js b/assets/js/a3470c53.ed0c9424.js new file mode 100644 index 000000000..064d782d2 --- /dev/null +++ b/assets/js/a3470c53.ed0c9424.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[10601],{3905:(e,t,n)=>{n.d(t,{Zo:()=>m,kt:()=>f});var a=n(67294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var s=a.createContext({}),c=function(e){var t=a.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},m=function(e){var t=c(e.components);return a.createElement(s.Provider,{value:t},e.children)},p="mdxType",u={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},d=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,o=e.originalType,s=e.parentName,m=l(e,["components","mdxType","originalType","parentName"]),p=c(n),d=r,f=p["".concat(s,".").concat(d)]||p[d]||u[d]||o;return n?a.createElement(f,i(i({ref:t},m),{},{components:n})):a.createElement(f,i({ref:t},m))}));function f(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var o=n.length,i=new Array(o);i[0]=d;var l={};for(var s in t)hasOwnProperty.call(t,s)&&(l[s]=t[s]);l.originalType=e,l[p]="string"==typeof e?e:r,i[1]=l;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>u,frontMatter:()=>o,metadata:()=>l,toc:()=>c});var a=n(87462),r=(n(67294),n(3905));const o={title:"Podman v1.9.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},i="Podman Release 1.9.0",l={permalink:"/release/2020/04/17/podman-release-v1.9.0",source:"@site/release/2020-04-17-podman-release-v1.9.0.md",title:"Podman v1.9.0 Released",description:"podman logo",date:"2020-04-17T00:00:00.000Z",formattedDate:"April 17, 2020",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"}],readingTime:1.27,hasTruncateMarker:!1,authors:[{name:"mheon"}],frontMatter:{title:"Podman v1.9.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman v2.1.0 Released",permalink:"/release/2020/10/05/podman-release-v2.1.0"},nextItem:{title:"Podman v1.7.0 Released",permalink:"/release/2020/01/08/podman-release-v1.7.0"}},s={authorsImageUrls:[void 0]},c=[{value:"Podman 1.9 has been released!",id:"podman-19-has-been-released",level:2}],m={toc:c},p="wrapper";function u(e){let{components:t,...o}=e;return(0,r.kt)(p,(0,a.Z)({},m,o,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("p",null,(0,r.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,r.kt)("h2",{id:"podman-19-has-been-released"},"Podman 1.9 has been released!"),(0,r.kt)("p",null,"Podman 1.9.0 has been released, featuring initial support for the new ",(0,r.kt)("inlineCode",{parentName:"p"},"containers.conf")," configuration file, the ability to dynamically allocate user namespaces, and many improvements to the HTTP API."),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"containers.conf")," configuration file (documentation ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/common/blob/main/docs/containers.conf.5.md"},"here"),") is the eventual replacement for our old configuration file, ",(0,r.kt)("inlineCode",{parentName:"p"},"libpod.conf"),". It contains everything that file had, but also a large number of container-specific configuration settings, including the ability to add volume mounts, environment variables, DNS servers, and much more by default in new containers. As support is still in the early stages, we do not presently provide a default ",(0,r.kt)("inlineCode",{parentName:"p"},"containers.conf"),", but expect to find one in future releases! The ",(0,r.kt)("inlineCode",{parentName:"p"},"containers.conf")," file is also shared between Podman and Buildah, and sets defaults for both."),(0,r.kt)("p",null,"Podman continues to push the boundaries of containers and security. Podman has a new experimental feature to dynamically allocate user namespaces for containers run as root with the ",(0,r.kt)("inlineCode",{parentName:"p"},"--userns=auto")," flag. This option causes Podman to allocate unique user namespaces for each container it creates, dynamically sized based on the number of UIDs in the image. With this option, it is trivial to run containers in separate user namespaces, greatly improving isolation."),(0,r.kt)("p",null,"We expect that Podman 1.9.0 will be the last minor release before Podman 2.0. Podman 2.0 will feature a number of major architectural changes to better support the new HTTP API, and will allow Podman to be used locally, as it is today, or remotely, against a Podman HTTP service, with the same executable. More details ",(0,r.kt)("a",{parentName:"p",href:"https://podman.io/blogs/2020/04/16/podman-v2-announce.html"},"here"),"."))}u.isMDXComponent=!0},1382:(e,t,n)=>{n.d(t,{Z:()=>a});const a=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/a3937ff1.c80fa652.js b/assets/js/a3937ff1.13f6e676.js similarity index 59% rename from assets/js/a3937ff1.c80fa652.js rename to assets/js/a3937ff1.13f6e676.js index 0344025e1..1874dd0fa 100644 --- a/assets/js/a3937ff1.c80fa652.js +++ b/assets/js/a3937ff1.13f6e676.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[72868],{7291:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/22","page":22,"postsPerPage":10,"totalPages":26,"totalCount":255,"previousPage":"/blogs/page/21","nextPage":"/blogs/page/23","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[72868],{7291:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/22","page":22,"postsPerPage":10,"totalPages":25,"totalCount":246,"previousPage":"/blogs/page/21","nextPage":"/blogs/page/23","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/a4707478.f72c6883.js b/assets/js/a4707478.f72c6883.js new file mode 100644 index 000000000..d5ea8face --- /dev/null +++ b/assets/js/a4707478.f72c6883.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[99903],{3905:(e,n,t)=>{t.d(n,{Zo:()=>m,kt:()=>f});var a=t(67294);function r(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function o(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);n&&(a=a.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,a)}return t}function i(e){for(var n=1;n=0||(r[t]=e[t]);return r}(e,n);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(r[t]=e[t])}return r}var s=a.createContext({}),p=function(e){var n=a.useContext(s),t=n;return e&&(t="function"==typeof e?e(n):i(i({},n),e)),t},m=function(e){var n=p(e.components);return a.createElement(s.Provider,{value:n},e.children)},d="mdxType",c={inlineCode:"code",wrapper:function(e){var n=e.children;return a.createElement(a.Fragment,{},n)}},u=a.forwardRef((function(e,n){var t=e.components,r=e.mdxType,o=e.originalType,s=e.parentName,m=l(e,["components","mdxType","originalType","parentName"]),d=p(t),u=r,f=d["".concat(s,".").concat(u)]||d[u]||c[u]||o;return t?a.createElement(f,i(i({ref:n},m),{},{components:t})):a.createElement(f,i({ref:n},m))}));function f(e,n){var t=arguments,r=n&&n.mdxType;if("string"==typeof e||r){var o=t.length,i=new Array(o);i[0]=u;var l={};for(var s in n)hasOwnProperty.call(n,s)&&(l[s]=n[s]);l.originalType=e,l[d]="string"==typeof e?e:r,i[1]=l;for(var p=2;p{t.r(n),t.d(n,{assets:()=>s,contentTitle:()=>i,default:()=>c,frontMatter:()=>o,metadata:()=>l,toc:()=>p});var a=t(87462),r=(t(67294),t(3905));const o={title:"Podman v2.2.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman","hpc","kubernetes"]},i="Podman Release 2.2.0",l={permalink:"/release/2020/12/14/podman-release-v2.2.0",source:"@site/release/2020-12-14-podman-release-v2.2.0.md",title:"Podman v2.2.0 Released",description:"podman logo",date:"2020-12-14T00:00:00.000Z",formattedDate:"December 14, 2020",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"},{label:"hpc",permalink:"/release/tags/hpc"},{label:"kubernetes",permalink:"/release/tags/kubernetes"}],readingTime:1.79,hasTruncateMarker:!1,authors:[{name:"mheon"}],frontMatter:{title:"Podman v2.2.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman","hpc","kubernetes"]},prevItem:{title:"Podman v3.0.0 Released",permalink:"/release/2021/02/11/podman-release-v3.0.0"},nextItem:{title:"Podman v2.1.0 Released",permalink:"/release/2020/10/05/podman-release-v2.1.0"}},s={authorsImageUrls:[void 0]},p=[{value:"Podman 2.2 has been released!",id:"podman-22-has-been-released",level:2}],m={toc:p},d="wrapper";function c(e){let{components:n,...o}=e;return(0,r.kt)(d,(0,a.Z)({},m,o,{components:n,mdxType:"MDXLayout"}),(0,r.kt)("p",null,(0,r.kt)("img",{alt:"podman logo",src:t(1382).Z,width:"228",height:"61"})),(0,r.kt)("h2",{id:"podman-22-has-been-released"},"Podman 2.2 has been released!"),(0,r.kt)("p",null,"Podman v2.2.0 has been released! Featuring numerous new features and over 80 bugfixes, the new Podman offers a number of often-requested features and improved stability. Read on for more details!"),(0,r.kt)("p",null,"Some of our most exciting new features include support for network aliases and the ",(0,r.kt)("inlineCode",{parentName:"p"},"network connect")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"network disconnect")," commands. Network aliases are additional names that containers can be accessed through when using DNS. The ",(0,r.kt)("inlineCode",{parentName:"p"},"network connect")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"network disconnect")," commands allow running containers to be added to and removed from networks. These have been frequent requests from users, and significantly improve our compatibility with Docker in networking."),(0,r.kt)("p",null,"Podman 2.2 also comes with initial support for short name aliasing. This feature, explained more fully ",(0,r.kt)("a",{parentName:"p",href:"https://www.redhat.com/sysadmin/container-image-short-names"},"here"),", enhances the security of short names in the ",(0,r.kt)("inlineCode",{parentName:"p"},"podman pull")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"podman run")," commands (e.g. ",(0,r.kt)("inlineCode",{parentName:"p"},"podman pull ubi8"),") by ensuring that that the image we pull is actually the image the user wanted. This feature is purely opt-in for now but will be enabled by default in Podman 3.0."),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"podman generate kube")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"podman play kube")," commands also saw numerous improvements, most of which were provided by the community. Both ",(0,r.kt)("inlineCode",{parentName:"p"},"generate kube")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"play kube")," now support resource limits for containers. We\u2019ve also gained support for Kubernetes\u2019 persistent volume claims and configmaps in ",(0,r.kt)("inlineCode",{parentName:"p"},"podman play kube"),". We now offer increased control over the containers created by ",(0,r.kt)("inlineCode",{parentName:"p"},"play kube")," as well, with a ",(0,r.kt)("inlineCode",{parentName:"p"},"--start")," option (defaulting to true) controlling whether they are started immediately after being created, and the ability to set what log driver they use to improve the ability of ",(0,r.kt)("inlineCode",{parentName:"p"},"podman play kube")," to integrate with systemd unit files."),(0,r.kt)("p",null,"We\u2019ve also added several other improvements. The ",(0,r.kt)("inlineCode",{parentName:"p"},"--mount")," option to ",(0,r.kt)("inlineCode",{parentName:"p"},"podman create")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"podman run")," can now mount a container image into a container using the ",(0,r.kt)("inlineCode",{parentName:"p"},"type=image")," argument. Additionally, the ",(0,r.kt)("inlineCode",{parentName:"p"},"podman inspect")," command now works with more objects (networks, pods, and volumes) instead of just containers and images. Finally, more Podman commands (",(0,r.kt)("inlineCode",{parentName:"p"},"podman mount"),", ",(0,r.kt)("inlineCode",{parentName:"p"},"podman diff"),", ",(0,r.kt)("inlineCode",{parentName:"p"},"podman container exists"),") can now work with Buildah and CRI-O containers, in addition to Podman containers."),(0,r.kt)("p",null,"Numerous bug fixes to APIV2 to better support docker-compose and docker-py."))}c.isMDXComponent=!0},1382:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/a55c14b2.e7d31d42.js b/assets/js/a55c14b2.e7d31d42.js new file mode 100644 index 000000000..1374e109a --- /dev/null +++ b/assets/js/a55c14b2.e7d31d42.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[55764],{3905:(e,n,t)=>{t.d(n,{Zo:()=>m,kt:()=>h});var a=t(67294);function o(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function r(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);n&&(a=a.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,a)}return t}function s(e){for(var n=1;n=0||(o[t]=e[t]);return o}(e,n);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(o[t]=e[t])}return o}var l=a.createContext({}),p=function(e){var n=a.useContext(l),t=n;return e&&(t="function"==typeof e?e(n):s(s({},n),e)),t},m=function(e){var n=p(e.components);return a.createElement(l.Provider,{value:n},e.children)},d="mdxType",c={inlineCode:"code",wrapper:function(e){var n=e.children;return a.createElement(a.Fragment,{},n)}},u=a.forwardRef((function(e,n){var t=e.components,o=e.mdxType,r=e.originalType,l=e.parentName,m=i(e,["components","mdxType","originalType","parentName"]),d=p(t),u=o,h=d["".concat(l,".").concat(u)]||d[u]||c[u]||r;return t?a.createElement(h,s(s({ref:n},m),{},{components:t})):a.createElement(h,s({ref:n},m))}));function h(e,n){var t=arguments,o=n&&n.mdxType;if("string"==typeof e||o){var r=t.length,s=new Array(r);s[0]=u;var i={};for(var l in n)hasOwnProperty.call(n,l)&&(i[l]=n[l]);i.originalType=e,i[d]="string"==typeof e?e:o,s[1]=i;for(var p=2;p{t.r(n),t.d(n,{assets:()=>l,contentTitle:()=>s,default:()=>c,frontMatter:()=>r,metadata:()=>i,toc:()=>p});var a=t(87462),o=(t(67294),t(3905));const r={title:"Podman v4.0.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman","hpc","kubernetes"]},s="Podman Release v4.0.0",i={permalink:"/release/2022/02/22/podman-release-v4.0.0",source:"@site/release/2022-02-22-podman-release-v4.0.0.md",title:"Podman v4.0.0 Released",description:"podman logo",date:"2022-02-22T00:00:00.000Z",formattedDate:"February 22, 2022",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"},{label:"hpc",permalink:"/release/tags/hpc"},{label:"kubernetes",permalink:"/release/tags/kubernetes"}],readingTime:1.975,hasTruncateMarker:!1,authors:[{name:"mheon"}],frontMatter:{title:"Podman v4.0.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman","hpc","kubernetes"]},prevItem:{title:"Podman v4.1.0 Released",permalink:"/release/2022/05/09/podman-release-v4.1.0"},nextItem:{title:"Podman v3.3.0 Released",permalink:"/release/2021/08/31/podman-release-v3.3.0"}},l={authorsImageUrls:[void 0]},p=[{value:"Podman v4.0 has been released!",id:"podman-v40-has-been-released",level:2}],m={toc:p},d="wrapper";function c(e){let{components:n,...r}=e;return(0,o.kt)(d,(0,a.Z)({},m,r,{components:n,mdxType:"MDXLayout"}),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"podman logo",src:t(1382).Z,width:"228",height:"61"})),(0,o.kt)("h2",{id:"podman-v40-has-been-released"},"Podman v4.0 has been released!"),(0,o.kt)("p",null,"Podman v4.0.0, a brand-new major release, is now available. Podman 4.0 is one of our most significant releases ever, featuring over 60 new features. Headlining this release is a complete rewrite of the network stack for improved functionality and performance, but there are numerous other changes, including improvements to Podman\u2019s Mac and Windows support, improvements to pods, over 50 bug fixes, and much, much more!"),(0,o.kt)("p",null,"Podman now features support for a new network stack based on ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/containers/netavark"},"Netavark")," and ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/containers/aardvark-dns"},"Aardvark"),", in addition to the existing CNI stack. The new stack features improved support for containers in multiple networks, improved IPv6 support, and improved performance. To ensure that we don\u2019t break existing users, the old CNI stack will remain the default on existing installations, while new installs will use Netavark. We\u2019re planning an in-depth dive into the networking changes in a future blog, so look forward to more details there!"),(0,o.kt)("p",null,"Support for Podman on Windows and OS X has also been a top priority, and we have made several major improvements for Podman 4.0. Chief among them is support for mounting the Podman API socket on the host system, allowing tools like Docker Compose to be used on the host system instead of inside the ",(0,o.kt)("inlineCode",{parentName:"p"},"podman machine")," VM. Also, ",(0,o.kt)("inlineCode",{parentName:"p"},"podman machine")," can now use WSL2 as a backend on Windows, greatly improving Podman\u2019s support for Windows. More features, including support for volume mounts from the host, are planned for Podman v4.1, so stay tuned for more updates."),(0,o.kt)("p",null,"Podman Pods have seen numerous new features added to allow sharing resources between containers in the pod. The ",(0,o.kt)("inlineCode",{parentName:"p"},"--volume")," and ",(0,o.kt)("inlineCode",{parentName:"p"},"--device")," options to the ",(0,o.kt)("inlineCode",{parentName:"p"},"podman pod create")," command allows volumes and devices to be mounted to every container in the pod, and the ",(0,o.kt)("inlineCode",{parentName:"p"},"--security-opt")," and ",(0,o.kt)("inlineCode",{parentName:"p"},"--sysctl")," options allow these configurations to be set for every container in the pod. Again, these changes are just the beginning of what we have planned - eventually, we aim to have almost every option from ",(0,o.kt)("inlineCode",{parentName:"p"},"podman run")," available to pods to allow easy sharing of configuration options among containers within them."),(0,o.kt)("p",null,"These changes are just the tip of the iceberg - there\u2019s far more packed into this release, including major updates to checkpoint and restore, improvements to ",(0,o.kt)("inlineCode",{parentName:"p"},"podman generate systemd")," and ",(0,o.kt)("inlineCode",{parentName:"p"},"podman play kube"),", and so much more. Find out more in the ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/releases/tag/v4.0.0"},"release notes"),"."))}c.isMDXComponent=!0},1382:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/a94ee45d.aabcd677.js b/assets/js/a94ee45d.a0b75323.js similarity index 59% rename from assets/js/a94ee45d.aabcd677.js rename to assets/js/a94ee45d.a0b75323.js index d3bea86d6..7944de570 100644 --- a/assets/js/a94ee45d.aabcd677.js +++ b/assets/js/a94ee45d.a0b75323.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[13072],{24512:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/12","page":12,"postsPerPage":10,"totalPages":26,"totalCount":255,"previousPage":"/blogs/page/11","nextPage":"/blogs/page/13","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[13072],{24512:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/12","page":12,"postsPerPage":10,"totalPages":25,"totalCount":246,"previousPage":"/blogs/page/11","nextPage":"/blogs/page/13","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/a972ad3e.5649a6b1.js b/assets/js/a972ad3e.5649a6b1.js new file mode 100644 index 000000000..d77315eb1 --- /dev/null +++ b/assets/js/a972ad3e.5649a6b1.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[28614],{3905:(e,r,a)=>{a.d(r,{Zo:()=>c,kt:()=>v});var t=a(67294);function n(e,r,a){return r in e?Object.defineProperty(e,r,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[r]=a,e}function o(e,r){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var t=Object.getOwnPropertySymbols(e);r&&(t=t.filter((function(r){return Object.getOwnPropertyDescriptor(e,r).enumerable}))),a.push.apply(a,t)}return a}function l(e){for(var r=1;r=0||(n[a]=e[a]);return n}(e,r);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(t=0;t=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(n[a]=e[a])}return n}var d=t.createContext({}),i=function(e){var r=t.useContext(d),a=r;return e&&(a="function"==typeof e?e(r):l(l({},r),e)),a},c=function(e){var r=i(e.components);return t.createElement(d.Provider,{value:r},e.children)},p="mdxType",u={inlineCode:"code",wrapper:function(e){var r=e.children;return t.createElement(t.Fragment,{},r)}},m=t.forwardRef((function(e,r){var a=e.components,n=e.mdxType,o=e.originalType,d=e.parentName,c=s(e,["components","mdxType","originalType","parentName"]),p=i(a),m=n,v=p["".concat(d,".").concat(m)]||p[m]||u[m]||o;return a?t.createElement(v,l(l({ref:r},c),{},{components:a})):t.createElement(v,l({ref:r},c))}));function v(e,r){var a=arguments,n=r&&r.mdxType;if("string"==typeof e||n){var o=a.length,l=new Array(o);l[0]=m;var s={};for(var d in r)hasOwnProperty.call(r,d)&&(s[d]=r[d]);s.originalType=e,s[p]="string"==typeof e?e:n,l[1]=s;for(var i=2;i{a.r(r),a.d(r,{assets:()=>d,contentTitle:()=>l,default:()=>u,frontMatter:()=>o,metadata:()=>s,toc:()=>i});var t=a(87462),n=(a(67294),a(3905));const o={title:"Netavark and Aardvark-dns 1.2.0 released",layout:"default",author:"baude",categories:["releases"],tags:["community","podman"]},l="Netavark and Aardvark-dns v1.2.0 released",s={permalink:"/release/2022/09/28/updated-1.2.0",source:"@site/release/2022-09-28-updated-1.2.0.md",title:"Netavark and Aardvark-dns 1.2.0 released",description:"Netavark and Aardvark-dns v1.2.0 has been released!",date:"2022-09-28T00:00:00.000Z",formattedDate:"September 28, 2022",tags:[{label:"community",permalink:"/release/tags/community"},{label:"podman",permalink:"/release/tags/podman"}],readingTime:.34,hasTruncateMarker:!0,authors:[{name:"baude"}],frontMatter:{title:"Netavark and Aardvark-dns 1.2.0 released",layout:"default",author:"baude",categories:["releases"],tags:["community","podman"]},prevItem:{title:"Podman v4.3.0 Released",permalink:"/release/2022/10/22/podman-release-v4.3.0"},nextItem:{title:"Podman v4.2.0 Released",permalink:"/release/2022/08/17/podman-release-v4.2.0"}},d={authorsImageUrls:[void 0]},i=[{value:"Netavark and Aardvark-dns v1.2.0 has been released!",id:"netavark-and-aardvark-dns-v120-has-been-released",level:2}],c={toc:i},p="wrapper";function u(e){let{components:r,...a}=e;return(0,n.kt)(p,(0,t.Z)({},c,a,{components:r,mdxType:"MDXLayout"}),(0,n.kt)("h2",{id:"netavark-and-aardvark-dns-v120-has-been-released"},"Netavark and Aardvark-dns v1.2.0 has been released!"),(0,n.kt)("p",null,"The underlying network components for Podman have been updated. This consists of two projects:"),(0,n.kt)("ul",null,(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("a",{parentName:"li",href:"https://github.com/containers/netavark/releases"},"Netavark")," - network configuration tool for Podman"),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("a",{parentName:"li",href:"https://github.com/containers/aardvark-dns/releases"},"Aardvark-dns")," - container domain name resolution server for\nPodman containers")),(0,n.kt)("p",null,"Release v1.2.0 resolves a handful of edge case bugs that were found and reported. In addition, many of the libraries\nused by the projects were updated."))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/ab97ccc9.a4b59634.js b/assets/js/ab97ccc9.a4b59634.js new file mode 100644 index 000000000..860e0ef24 --- /dev/null +++ b/assets/js/ab97ccc9.a4b59634.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[47647],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>f});var a=n(67294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var s=a.createContext({}),m=function(e){var t=a.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},p=function(e){var t=m(e.components);return a.createElement(s.Provider,{value:t},e.children)},c="mdxType",d={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},u=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,o=e.originalType,s=e.parentName,p=l(e,["components","mdxType","originalType","parentName"]),c=m(n),u=r,f=c["".concat(s,".").concat(u)]||c[u]||d[u]||o;return n?a.createElement(f,i(i({ref:t},p),{},{components:n})):a.createElement(f,i({ref:t},p))}));function f(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var o=n.length,i=new Array(o);i[0]=u;var l={};for(var s in t)hasOwnProperty.call(t,s)&&(l[s]=t[s]);l.originalType=e,l[c]="string"==typeof e?e:r,i[1]=l;for(var m=2;m{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>d,frontMatter:()=>o,metadata:()=>l,toc:()=>m});var a=n(87462),r=(n(67294),n(3905));const o={title:"Podman v1.3.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},i="Podman Release 1.3.0",l={permalink:"/release/2019/05/10/podman-release-v1.3.0",source:"@site/release/2019-05-10-podman-release-v1.3.0.md",title:"Podman v1.3.0 Released",description:"podman logo",date:"2019-05-10T00:00:00.000Z",formattedDate:"May 10, 2019",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"}],readingTime:1.115,hasTruncateMarker:!1,authors:[{name:"mheon"}],frontMatter:{title:"Podman v1.3.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman v1.5.0 Released",permalink:"/release/2019/08/14/podman-release-v1.5.0"},nextItem:{title:"Podman v1.2.0 Released",permalink:"/release/2019/04/10/podman-release-v1.2.0"}},s={authorsImageUrls:[void 0]},m=[{value:"Welcome to Podman 1.3.0!",id:"welcome-to-podman-130",level:2}],p={toc:m},c="wrapper";function d(e){let{components:t,...o}=e;return(0,r.kt)(c,(0,a.Z)({},p,o,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("p",null,(0,r.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,r.kt)("h2",{id:"welcome-to-podman-130"},"Welcome to Podman 1.3.0!"),(0,r.kt)("p",null,"Podman 1.3.0 has been released! We've focused firmly on stability with 1.3.0, fixing over 25 bugs and making major changes to improve the stability of rootless Podman and Podman volumes. This release also includes a number of new features, including the ",(0,r.kt)("inlineCode",{parentName:"p"},"podman generate systemd")," command to generate unit files to manage Podman containers, and the ",(0,r.kt)("inlineCode",{parentName:"p"},"--restart")," flag for ",(0,r.kt)("inlineCode",{parentName:"p"},"podman run")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"podman create")," to restart containers on error. We also picked up a fresh version of Buildah, 1.8.2, including numerous fixes and improvements for ",(0,r.kt)("inlineCode",{parentName:"p"},"podman build"),"."),(0,r.kt)("p",null,"The biggest new features in Podman 1.3.0 are for managing container restart. The ",(0,r.kt)("inlineCode",{parentName:"p"},"--restart")," flag allows Podman to restart containers when they exit, and the ",(0,r.kt)("inlineCode",{parentName:"p"},"podman generate systemd")," command makes unit files so you can leverage systemd to manage container lifecycle. These commands seem very similar, but are very different in practice. The ",(0,r.kt)("inlineCode",{parentName:"p"},"--restart")," flag is much simpler, but more limited - it restarts containers when they exit, but cannot deal with a system restart or dependencies between containers. If you need access to these more advanced features, ",(0,r.kt)("inlineCode",{parentName:"p"},"podman generate systemd")," will allow you to manage your containers via systemd, leveraging all of its service management capabilities."),(0,r.kt)("p",null,"As always, please visit our release notes on ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/RELEASE_NOTES.md"},"GitHub")," to see the full changelog."),(0,r.kt)("p",null,"You can find instructions for installing Podman ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/install.md"},"here")))}d.isMDXComponent=!0},1382:(e,t,n)=>{n.d(t,{Z:()=>a});const a=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/af61538a.6958528e.js b/assets/js/af61538a.39363612.js similarity index 59% rename from assets/js/af61538a.6958528e.js rename to assets/js/af61538a.39363612.js index 54269ef05..47cb111e3 100644 --- a/assets/js/af61538a.6958528e.js +++ b/assets/js/af61538a.39363612.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[18348],{73945:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/10","page":10,"postsPerPage":10,"totalPages":26,"totalCount":255,"previousPage":"/blogs/page/9","nextPage":"/blogs/page/11","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[18348],{73945:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/10","page":10,"postsPerPage":10,"totalPages":25,"totalCount":246,"previousPage":"/blogs/page/9","nextPage":"/blogs/page/11","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/b066410d.5f7f61e8.js b/assets/js/b066410d.5f7f61e8.js deleted file mode 100644 index d209ea2cb..000000000 --- a/assets/js/b066410d.5f7f61e8.js +++ /dev/null @@ -1 +0,0 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[12712],{3905:(e,t,n)=>{n.d(t,{Zo:()=>m,kt:()=>h});var r=n(67294);function o(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function i(e){for(var t=1;t=0||(o[n]=e[n]);return o}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(o[n]=e[n])}return o}var s=r.createContext({}),p=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},m=function(e){var t=p(e.components);return r.createElement(s.Provider,{value:t},e.children)},c="mdxType",u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,o=e.mdxType,a=e.originalType,s=e.parentName,m=l(e,["components","mdxType","originalType","parentName"]),c=p(n),d=o,h=c["".concat(s,".").concat(d)]||c[d]||u[d]||a;return n?r.createElement(h,i(i({ref:t},m),{},{components:n})):r.createElement(h,i({ref:t},m))}));function h(e,t){var n=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var a=n.length,i=new Array(a);i[0]=d;var l={};for(var s in t)hasOwnProperty.call(t,s)&&(l[s]=t[s]);l.originalType=e,l[c]="string"==typeof e?e:o,i[1]=l;for(var p=2;p{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>u,frontMatter:()=>a,metadata:()=>l,toc:()=>p});var r=n(87462),o=(n(67294),n(3905));const a={title:"Podman Alpha version 0.6.1 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},i=void 0,l={permalink:"/blogs/2018/06/04/podman-alpha-v0.6.1",source:"@site/blog/2018-06-04-podman-alpha-v0.6.1.md",title:"Podman Alpha version 0.6.1 Release Announcement",description:"podman logo",date:"2018-06-04T00:00:00.000Z",formattedDate:"June 4, 2018",tags:[{label:"community",permalink:"/blogs/tags/community"},{label:"open source",permalink:"/blogs/tags/open-source"},{label:"podman",permalink:"/blogs/tags/podman"}],readingTime:1.115,hasTruncateMarker:!0,authors:[{name:"bbaude"}],frontMatter:{title:"Podman Alpha version 0.6.1 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman Alpha version 0.6.4 Release Announcement",permalink:"/blogs/2018/07/02/podman-alpha-v0.6.4"}},s={authorsImageUrls:[void 0]},p=[{value:"Improvements to podman Remote API",id:"improvements-to-podman-remote-api",level:2},{value:"Improvements to podman build",id:"improvements-to-podman-build",level:2},{value:"General Improvements",id:"general-improvements",level:2}],m={toc:p},c="wrapper";function u(e){let{components:t,...a}=e;return(0,o.kt)(c,(0,r.Z)({},m,a,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,o.kt)("h1",{id:"podman-release-061"},"Podman release 0.6.1"),(0,o.kt)("p",null,"It seems that when we have a short work week here in the US, we have rather large releases. To me, that flies in the face of logic. Speaking of which, one particular milestone was reached this week \u2026\nWe had our 1000th commit in Podman!"),(0,o.kt)("p",null,"That is particularly special, because prior to this repository, all libpod work was being done within the CRI-O repository. So the 1000 commits is in actuality since we broke apart from CRI-O. I want to recognize all the contributors who have been helping us along way. Great job!\n##Other notable items in the release:"),(0,o.kt)("h2",{id:"improvements-to-podman-remote-api"},"Improvements to podman Remote API"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},"* Example usage for the Podman python API\n* Correct issue with varlink container inspect where not all information was being parsed\n* varlink build added to the varlink API\n* Python API now can attach to a container\n")),(0,o.kt)("h2",{id:"improvements-to-podman-build"},"Improvements to podman build"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},"* OnBuild support for podman build\n")),(0,o.kt)("h2",{id:"general-improvements"},"General Improvements"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},"* Correctly drop security capabilities when running containers with\u200a\u2014\u200auser\n* Fix edge case of pulling images with shortnames and no registries defined\n* Lots of changes with the hooks command\n* Make some run options exclusive when using an existing container network namespace\n* Podman ps and images now sorts containers and images by their created time.\n")))}u.isMDXComponent=!0},1382:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/b2974c0c.ee132496.js b/assets/js/b2974c0c.ee132496.js new file mode 100644 index 000000000..4736ed6c6 --- /dev/null +++ b/assets/js/b2974c0c.ee132496.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[41748],{21805:e=>{e.exports=JSON.parse('{"permalink":"/release/page/2","page":2,"postsPerPage":10,"totalPages":3,"totalCount":26,"previousPage":"/release","nextPage":"/release/page/3","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/b49d70f9.94a897ee.js b/assets/js/b49d70f9.94a897ee.js new file mode 100644 index 000000000..f528460e4 --- /dev/null +++ b/assets/js/b49d70f9.94a897ee.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[35995],{65859:e=>{e.exports=JSON.parse('{"label":"community","permalink":"/release/tags/community","allTagsPath":"/release/tags","count":26}')}}]); \ No newline at end of file diff --git a/assets/js/b4cdaeff.4145caef.js b/assets/js/b4cdaeff.a887c608.js similarity index 59% rename from assets/js/b4cdaeff.4145caef.js rename to assets/js/b4cdaeff.a887c608.js index 2a616bcd5..0afff3400 100644 --- a/assets/js/b4cdaeff.4145caef.js +++ b/assets/js/b4cdaeff.a887c608.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[62811],{3905:(e,t,r)=>{r.d(t,{Zo:()=>s,kt:()=>h});var n=r(67294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function o(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function c(e){for(var t=1;t=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var l=n.createContext({}),p=function(e){var t=n.useContext(l),r=t;return e&&(r="function"==typeof e?e(t):c(c({},t),e)),r},s=function(e){var t=p(e.components);return n.createElement(l.Provider,{value:t},e.children)},m="mdxType",u={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},f=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,o=e.originalType,l=e.parentName,s=i(e,["components","mdxType","originalType","parentName"]),m=p(r),f=a,h=m["".concat(l,".").concat(f)]||m[f]||u[f]||o;return r?n.createElement(h,c(c({ref:t},s),{},{components:r})):n.createElement(h,c({ref:t},s))}));function h(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=r.length,c=new Array(o);c[0]=f;var i={};for(var l in t)hasOwnProperty.call(t,l)&&(i[l]=t[l]);i.originalType=e,i[m]="string"==typeof e?e:a,c[1]=i;for(var p=2;p{r.r(t),r.d(t,{assets:()=>l,contentTitle:()=>c,default:()=>u,frontMatter:()=>o,metadata:()=>i,toc:()=>p});var n=r(87462),a=(r(67294),r(3905));const o={layout:"default",title:"New Blog from Emilien Macchi, Part 4!",categories:["new"]},c=void 0,i={permalink:"/blogs/2018/12/14/openstack-podman-healthchecks",source:"@site/blog/2018-12-14-openstack-podman-healthchecks.md",title:"New Blog from Emilien Macchi, Part 4!",description:'Emilien Macchi has posted a fourth blog on how his group is running Healthchecks for Podman containers: "OpenStack Containerization with Podman \u2013 Part 4 (Healthchecks)". Check it out!',date:"2018-12-14T00:00:00.000Z",formattedDate:"December 14, 2018",tags:[],readingTime:.14,hasTruncateMarker:!1,authors:[],frontMatter:{layout:"default",title:"New Blog from Emilien Macchi, Part 4!",categories:["new"]},prevItem:{title:"Software Factory Container With Buildah And Podman",permalink:"/blogs/2019/01/07/software-factory-podman"},nextItem:{title:"Podman v0.12.1.1 Released",permalink:"/blogs/2018/12/12/podman-alpha-v0.12.1.1"}},l={authorsImageUrls:[]},p=[],s={toc:p},m="wrapper";function u(e){let{components:t,...r}=e;return(0,a.kt)(m,(0,n.Z)({},s,r,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("p",null,(0,a.kt)("a",{parentName:"p",href:"https://twitter.com/EmilienMacchi"},"Emilien Macchi"),' has posted a fourth blog on how his group is running Healthchecks for Podman containers: "',(0,a.kt)("a",{parentName:"p",href:"https://my1.fr/blog/openstack-containerization-with-podman-part-4-healthchecks/"},"OpenStack Containerization with Podman \u2013 Part 4 (Healthchecks)"),'". Check it out!'))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[62811],{3905:(e,t,r)=>{r.d(t,{Zo:()=>s,kt:()=>h});var n=r(67294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function o(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function i(e){for(var t=1;t=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var l=n.createContext({}),p=function(e){var t=n.useContext(l),r=t;return e&&(r="function"==typeof e?e(t):i(i({},t),e)),r},s=function(e){var t=p(e.components);return n.createElement(l.Provider,{value:t},e.children)},m="mdxType",u={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},f=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,o=e.originalType,l=e.parentName,s=c(e,["components","mdxType","originalType","parentName"]),m=p(r),f=a,h=m["".concat(l,".").concat(f)]||m[f]||u[f]||o;return r?n.createElement(h,i(i({ref:t},s),{},{components:r})):n.createElement(h,i({ref:t},s))}));function h(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=r.length,i=new Array(o);i[0]=f;var c={};for(var l in t)hasOwnProperty.call(t,l)&&(c[l]=t[l]);c.originalType=e,c[m]="string"==typeof e?e:a,i[1]=c;for(var p=2;p{r.r(t),r.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>u,frontMatter:()=>o,metadata:()=>c,toc:()=>p});var n=r(87462),a=(r(67294),r(3905));const o={layout:"default",title:"New Blog from Emilien Macchi, Part 4!",categories:["new"]},i=void 0,c={permalink:"/blogs/2018/12/14/openstack-podman-healthchecks",source:"@site/blog/2018-12-14-openstack-podman-healthchecks.md",title:"New Blog from Emilien Macchi, Part 4!",description:'Emilien Macchi has posted a fourth blog on how his group is running Healthchecks for Podman containers: "OpenStack Containerization with Podman \u2013 Part 4 (Healthchecks)". Check it out!',date:"2018-12-14T00:00:00.000Z",formattedDate:"December 14, 2018",tags:[],readingTime:.14,hasTruncateMarker:!1,authors:[],frontMatter:{layout:"default",title:"New Blog from Emilien Macchi, Part 4!",categories:["new"]},prevItem:{title:"Software Factory Container With Buildah And Podman",permalink:"/blogs/2019/01/07/software-factory-podman"},nextItem:{title:"Simplifying Podman commands with labels",permalink:"/blogs/2018/12/03/podman-runlabel"}},l={authorsImageUrls:[]},p=[],s={toc:p},m="wrapper";function u(e){let{components:t,...r}=e;return(0,a.kt)(m,(0,n.Z)({},s,r,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("p",null,(0,a.kt)("a",{parentName:"p",href:"https://twitter.com/EmilienMacchi"},"Emilien Macchi"),' has posted a fourth blog on how his group is running Healthchecks for Podman containers: "',(0,a.kt)("a",{parentName:"p",href:"https://my1.fr/blog/openstack-containerization-with-podman-part-4-healthchecks/"},"OpenStack Containerization with Podman \u2013 Part 4 (Healthchecks)"),'". Check it out!'))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/b52fa139.20e64efd.js b/assets/js/b52fa139.a6ebc928.js similarity index 59% rename from assets/js/b52fa139.20e64efd.js rename to assets/js/b52fa139.a6ebc928.js index b2e7f9eb3..92d2b53a9 100644 --- a/assets/js/b52fa139.20e64efd.js +++ b/assets/js/b52fa139.a6ebc928.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[31289],{32357:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/16","page":16,"postsPerPage":10,"totalPages":26,"totalCount":255,"previousPage":"/blogs/page/15","nextPage":"/blogs/page/17","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[31289],{32357:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/16","page":16,"postsPerPage":10,"totalPages":25,"totalCount":246,"previousPage":"/blogs/page/15","nextPage":"/blogs/page/17","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/b5430557.6d07a943.js b/assets/js/b5430557.6d07a943.js new file mode 100644 index 000000000..9a1ef87e6 --- /dev/null +++ b/assets/js/b5430557.6d07a943.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[66662],{3905:(e,n,t)=>{t.d(n,{Zo:()=>u,kt:()=>h});var a=t(67294);function o(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function r(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);n&&(a=a.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,a)}return t}function i(e){for(var n=1;n=0||(o[t]=e[t]);return o}(e,n);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(o[t]=e[t])}return o}var s=a.createContext({}),c=function(e){var n=a.useContext(s),t=n;return e&&(t="function"==typeof e?e(n):i(i({},n),e)),t},u=function(e){var n=c(e.components);return a.createElement(s.Provider,{value:n},e.children)},p="mdxType",d={inlineCode:"code",wrapper:function(e){var n=e.children;return a.createElement(a.Fragment,{},n)}},m=a.forwardRef((function(e,n){var t=e.components,o=e.mdxType,r=e.originalType,s=e.parentName,u=l(e,["components","mdxType","originalType","parentName"]),p=c(t),m=o,h=p["".concat(s,".").concat(m)]||p[m]||d[m]||r;return t?a.createElement(h,i(i({ref:n},u),{},{components:t})):a.createElement(h,i({ref:n},u))}));function h(e,n){var t=arguments,o=n&&n.mdxType;if("string"==typeof e||o){var r=t.length,i=new Array(r);i[0]=m;var l={};for(var s in n)hasOwnProperty.call(n,s)&&(l[s]=n[s]);l.originalType=e,l[p]="string"==typeof e?e:o,i[1]=l;for(var c=2;c{t.r(n),t.d(n,{assets:()=>s,contentTitle:()=>i,default:()=>d,frontMatter:()=>r,metadata:()=>l,toc:()=>c});var a=t(87462),o=(t(67294),t(3905));const r={title:"Podman Alpha version 0.6.4 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},i=void 0,l={permalink:"/release/2018/07/02/podman-alpha-v0.6.4",source:"@site/release/2018-07-02-podman-alpha-v0.6.4.md",title:"Podman Alpha version 0.6.4 Release Announcement",description:"podman logo",date:"2018-07-02T00:00:00.000Z",formattedDate:"July 2, 2018",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"}],readingTime:2.265,hasTruncateMarker:!0,authors:[{name:"bbaude"}],frontMatter:{title:"Podman Alpha version 0.6.4 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman Alpha version 0.7.1 Release Announcement",permalink:"/release/2018/07/09/podman-alpha-v0.7.1"},nextItem:{title:"Podman Alpha version 0.6.1 Release Announcement",permalink:"/release/2018/06/04/podman-alpha-v0.6.1"}},s={authorsImageUrls:[void 0]},c=[{value:"Notable features include:",id:"notable-features-include",level:2}],u={toc:c},p="wrapper";function d(e){let{components:n,...r}=e;return(0,o.kt)(p,(0,a.Z)({},u,r,{components:n,mdxType:"MDXLayout"}),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"podman logo",src:t(1382).Z,width:"228",height:"61"})),(0,o.kt)("h1",{id:"podman-release-064"},"Podman release 0.6.4"),(0,o.kt)("p",null,"This afternoon we were able to overcome some last minute bugs and release a new Podman. The packages are building in Fedora and will work their way through Fedora\u2019s bodhi system. For giggles, I looked at the number of individual contributors this week and was glad to see the number at 10."),(0,o.kt)("p",null,"Mainly bugfixes this week, one big one was that we do a better job cleaning up containers that run in the back ground."),(0,o.kt)("p",null,(0,o.kt)("strong",{parentName:"p"},"podman container cleanup")," was added to cleanup mountpoint, cgroups and network configuration when containers exit. When a container is run in background mode (-d), the podman command exits, but ",(0,o.kt)("strong",{parentName:"p"},"conmon")," continues to run and monitor the container, when the container exits, conmon executes podman container cleanup to cleanup the container."),(0,o.kt)("p",null,"There were a number of bug fixes and a lot of vendoring new code\u200a\u2014\u200aGolang speak for updating the code we depend on from other projects. Interesting things are in store for podman in the upcoming weeks. Stay tuned!"),(0,o.kt)("p",null,"I missed writing this blog the last couple of weeks, and wanted to point out a huge new feature from the ",(0,o.kt)("strong",{parentName:"p"},"buildah project"),". ",(0,o.kt)("strong",{parentName:"p"},"podman build")," now supports layering. As you may know podman build by default only adds one layer when processing a Dockerfile. This is different the ",(0,o.kt)("strong",{parentName:"p"},"docker build"),". Docker defaults to layering each line in the Dockerfile, which makes the creation of an application easier, since docker build jumps to the first line changed in the Dockerfile since the previous build. Podman build on the other hand starts at the beginning, which works better in using a Dockerfile in a build system. With the introducion of the\u200a\u2014\u200alayers flag, you can now get the same behaviour in podman build that you have in docker build, incremental changes to the Dockerfile will start the build at the change point rather then in the beginning. There is even a environment variable BUILDAH_LAYERS which can be set to default to the layers method."),(0,o.kt)("h2",{id:"notable-features-include"},"Notable features include:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},"* Continued work on podman remote client. A mock up of a podman remote client went into the contrib/ section of our repository. This is not ready for anyone but Jhon Honce as the primary contributor to the python library code.\n* Continued work on running podman without requiring you to be root. Giuseppe Scrivano made a bunch of commits related to rootless containers.\n* added podman-image and podman-container man page links\n* fixed a fatal error where when a container disappeared during podman ps.\n* added an authfile option to podman search to deal with private registries.\n* fixed a bug related to container startup and attached mode.\n* building podman with varlink support is now optionional.\n")))}d.isMDXComponent=!0},1382:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/bab8d2c4.b7c0423d.js b/assets/js/bab8d2c4.23a6d571.js similarity index 81% rename from assets/js/bab8d2c4.b7c0423d.js rename to assets/js/bab8d2c4.23a6d571.js index 176153592..d050a4f3c 100644 --- a/assets/js/bab8d2c4.b7c0423d.js +++ b/assets/js/bab8d2c4.23a6d571.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[81643],{97760:a=>{a.exports=JSON.parse('{"permalink":"/blogs/tags/podman/page/6","page":6,"postsPerPage":10,"totalPages":19,"totalCount":190,"previousPage":"/blogs/tags/podman/page/5","nextPage":"/blogs/tags/podman/page/7","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[81643],{97760:a=>{a.exports=JSON.parse('{"permalink":"/blogs/tags/podman/page/6","page":6,"postsPerPage":10,"totalPages":19,"totalCount":181,"previousPage":"/blogs/tags/podman/page/5","nextPage":"/blogs/tags/podman/page/7","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/c07ebe24.13807da9.js b/assets/js/c07ebe24.13807da9.js new file mode 100644 index 000000000..08bd65478 --- /dev/null +++ b/assets/js/c07ebe24.13807da9.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[94579],{3905:(e,n,t)=>{t.d(n,{Zo:()=>p,kt:()=>f});var a=t(67294);function r(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function o(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);n&&(a=a.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,a)}return t}function s(e){for(var n=1;n=0||(r[t]=e[t]);return r}(e,n);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(r[t]=e[t])}return r}var l=a.createContext({}),m=function(e){var n=a.useContext(l),t=n;return e&&(t="function"==typeof e?e(n):s(s({},n),e)),t},p=function(e){var n=m(e.components);return a.createElement(l.Provider,{value:n},e.children)},c="mdxType",d={inlineCode:"code",wrapper:function(e){var n=e.children;return a.createElement(a.Fragment,{},n)}},u=a.forwardRef((function(e,n){var t=e.components,r=e.mdxType,o=e.originalType,l=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),c=m(t),u=r,f=c["".concat(l,".").concat(u)]||c[u]||d[u]||o;return t?a.createElement(f,s(s({ref:n},p),{},{components:t})):a.createElement(f,s({ref:n},p))}));function f(e,n){var t=arguments,r=n&&n.mdxType;if("string"==typeof e||r){var o=t.length,s=new Array(o);s[0]=u;var i={};for(var l in n)hasOwnProperty.call(n,l)&&(i[l]=n[l]);i.originalType=e,i[c]="string"==typeof e?e:r,s[1]=i;for(var m=2;m{t.r(n),t.d(n,{assets:()=>l,contentTitle:()=>s,default:()=>d,frontMatter:()=>o,metadata:()=>i,toc:()=>m});var a=t(87462),r=(t(67294),t(3905));const o={title:"Podman v1.7.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},s="Podman Release 1.7.0",i={permalink:"/release/2020/01/08/podman-release-v1.7.0",source:"@site/release/2020-01-08-podman-release-v1.7.0.md",title:"Podman v1.7.0 Released",description:"podman logo",date:"2020-01-08T00:00:00.000Z",formattedDate:"January 8, 2020",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"}],readingTime:1.05,hasTruncateMarker:!1,authors:[{name:"mheon"}],frontMatter:{title:"Podman v1.7.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman v1.9.0 Released",permalink:"/release/2020/04/17/podman-release-v1.9.0"},nextItem:{title:"Podman v1.5.0 Released",permalink:"/release/2019/08/14/podman-release-v1.5.0"}},l={authorsImageUrls:[void 0]},m=[{value:"Podman 1.7 has been released!",id:"podman-17-has-been-released",level:2}],p={toc:m},c="wrapper";function d(e){let{components:n,...o}=e;return(0,r.kt)(c,(0,a.Z)({},p,o,{components:n,mdxType:"MDXLayout"}),(0,r.kt)("p",null,(0,r.kt)("img",{alt:"podman logo",src:t(1382).Z,width:"228",height:"61"})),(0,r.kt)("h2",{id:"podman-17-has-been-released"},"Podman 1.7 has been released!"),(0,r.kt)("p",null,"Podman v1.7.0 has been released, including many new features and numerous bugfixes. It features improvements to networking, ",(0,r.kt)("inlineCode",{parentName:"p"},"podman play kube"),", and systemd unit file integration. We\u2019ve also added the ",(0,r.kt)("inlineCode",{parentName:"p"},"podman system reset")," command, to remove all existing containers, pods, images, and volumes and reset the system to its initial state. Stability has not been neglected, and this release features almost 60 bugfixes, including major fixes for ",(0,r.kt)("inlineCode",{parentName:"p"},"podman rm"),", ",(0,r.kt)("inlineCode",{parentName:"p"},"podman exec"),", and volumes."),(0,r.kt)("p",null,"This new release features improved support for host networking via the CNI ",(0,r.kt)("inlineCode",{parentName:"p"},"macvlan")," plugin which allows containers to connect directly to networks the host is connected to. The ",(0,r.kt)("inlineCode",{parentName:"p"},"podman network create")," command can now create ",(0,r.kt)("inlineCode",{parentName:"p"},"macvlan")," configs via the ",(0,r.kt)("inlineCode",{parentName:"p"},"--macvlan")," flag. Containers can also set static MAC addresses. The ",(0,r.kt)("inlineCode",{parentName:"p"},"podman play kube")," command has also been updated to respect security settings, including user/group, SELinux configuration, and Seccomp profiles. Podman now creates a cgroup namespace by default on systems using cgroups v2, improving container isolation. We\u2019ve made major improvements for running Podman in a systemd service. These changes (and how to use them) are detailed elsewhere in a ",(0,r.kt)("a",{parentName:"p",href:"https://www.redhat.com/sysadmin/podman-shareable-systemd-services"},"blog"),"."),(0,r.kt)("p",null,"As always, please visit our page on ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/RELEASE_NOTES.md"},"GitHub")," to see the full changelog."),(0,r.kt)("p",null,"You can find instructions for installing Podman ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/install.md"},"here"),"."))}d.isMDXComponent=!0},1382:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/ff75e0ee.d543b9cb.js b/assets/js/c177c35c.0f358e7a.js similarity index 54% rename from assets/js/ff75e0ee.d543b9cb.js rename to assets/js/c177c35c.0f358e7a.js index 04f56df7a..87790ac44 100644 --- a/assets/js/ff75e0ee.d543b9cb.js +++ b/assets/js/c177c35c.0f358e7a.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[69423],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>h});var r=n(67294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},u="mdxType",m={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=c(n),d=a,h=u["".concat(s,".").concat(d)]||u[d]||m[d]||o;return n?r.createElement(h,l(l({ref:t},p),{},{components:n})):r.createElement(h,l({ref:t},p))}));function h(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,l=new Array(o);l[0]=d;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i[u]="string"==typeof e?e:a,l[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>l,default:()=>m,frontMatter:()=>o,metadata:()=>i,toc:()=>c});var r=n(87462),a=(n(67294),n(3905));const o={title:"Podman Alpha version 0.6.1 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},l=void 0,i={permalink:"/blogs/2018/06/04/podman-alpha-v0.6.1",source:"@site/blog/2018-06-04-podman-alpha-v0.6.1.md",title:"Podman Alpha version 0.6.1 Release Announcement",description:"podman logo",date:"2018-06-04T00:00:00.000Z",formattedDate:"June 4, 2018",tags:[{label:"community",permalink:"/blogs/tags/community"},{label:"open source",permalink:"/blogs/tags/open-source"},{label:"podman",permalink:"/blogs/tags/podman"}],readingTime:1.115,hasTruncateMarker:!0,authors:[{name:"bbaude"}],frontMatter:{title:"Podman Alpha version 0.6.1 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman Alpha version 0.6.4 Release Announcement",permalink:"/blogs/2018/07/02/podman-alpha-v0.6.4"}},s={authorsImageUrls:[void 0]},c=[],p={toc:c},u="wrapper";function m(e){let{components:t,...o}=e;return(0,a.kt)(u,(0,r.Z)({},p,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,a.kt)("h1",{id:"podman-release-061"},"Podman release 0.6.1"),(0,a.kt)("p",null,"It seems that when we have a short work week here in the US, we have rather large releases. To me, that flies in the face of logic. Speaking of which, one particular milestone was reached this week \u2026\nWe had our 1000th commit in Podman!"),(0,a.kt)("p",null,"That is particularly special, because prior to this repository, all libpod work was being done within the CRI-O repository. So the 1000 commits is in actuality since we broke apart from CRI-O. I want to recognize all the contributors who have been helping us along way. Great job!\n##Other notable items in the release:"))}m.isMDXComponent=!0},1382:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[54142],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>h});var r=n(67294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},u="mdxType",m={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=c(n),d=a,h=u["".concat(s,".").concat(d)]||u[d]||m[d]||o;return n?r.createElement(h,l(l({ref:t},p),{},{components:n})):r.createElement(h,l({ref:t},p))}));function h(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,l=new Array(o);l[0]=d;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i[u]="string"==typeof e?e:a,l[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>l,default:()=>m,frontMatter:()=>o,metadata:()=>i,toc:()=>c});var r=n(87462),a=(n(67294),n(3905));const o={title:"Podman Alpha version 0.6.1 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},l=void 0,i={permalink:"/release/2018/06/04/podman-alpha-v0.6.1",source:"@site/release/2018-06-04-podman-alpha-v0.6.1.md",title:"Podman Alpha version 0.6.1 Release Announcement",description:"podman logo",date:"2018-06-04T00:00:00.000Z",formattedDate:"June 4, 2018",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"}],readingTime:1.115,hasTruncateMarker:!0,authors:[{name:"bbaude"}],frontMatter:{title:"Podman Alpha version 0.6.1 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman Alpha version 0.6.4 Release Announcement",permalink:"/release/2018/07/02/podman-alpha-v0.6.4"}},s={authorsImageUrls:[void 0]},c=[],p={toc:c},u="wrapper";function m(e){let{components:t,...o}=e;return(0,a.kt)(u,(0,r.Z)({},p,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,a.kt)("h1",{id:"podman-release-061"},"Podman release 0.6.1"),(0,a.kt)("p",null,"It seems that when we have a short work week here in the US, we have rather large releases. To me, that flies in the face of logic. Speaking of which, one particular milestone was reached this week \u2026\nWe had our 1000th commit in Podman!"),(0,a.kt)("p",null,"That is particularly special, because prior to this repository, all libpod work was being done within the CRI-O repository. So the 1000 commits is in actuality since we broke apart from CRI-O. I want to recognize all the contributors who have been helping us along way. Great job!\n##Other notable items in the release:"))}m.isMDXComponent=!0},1382:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/c5d622c7.01516e1e.js b/assets/js/c5d622c7.01516e1e.js deleted file mode 100644 index 907876a53..000000000 --- a/assets/js/c5d622c7.01516e1e.js +++ /dev/null @@ -1 +0,0 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[69449],{3905:(e,t,n)=>{n.d(t,{Zo:()=>c,kt:()=>h});var r=n(67294);function o(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function s(e){for(var t=1;t=0||(o[n]=e[n]);return o}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(o[n]=e[n])}return o}var i=r.createContext({}),p=function(e){var t=r.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):s(s({},t),e)),n},c=function(e){var t=p(e.components);return r.createElement(i.Provider,{value:t},e.children)},m="mdxType",u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,o=e.mdxType,a=e.originalType,i=e.parentName,c=l(e,["components","mdxType","originalType","parentName"]),m=p(n),d=o,h=m["".concat(i,".").concat(d)]||m[d]||u[d]||a;return n?r.createElement(h,s(s({ref:t},c),{},{components:n})):r.createElement(h,s({ref:t},c))}));function h(e,t){var n=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var a=n.length,s=new Array(a);s[0]=d;var l={};for(var i in t)hasOwnProperty.call(t,i)&&(l[i]=t[i]);l.originalType=e,l[m]="string"==typeof e?e:o,s[1]=l;for(var p=2;p{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>s,default:()=>u,frontMatter:()=>a,metadata:()=>l,toc:()=>p});var r=n(87462),o=(n(67294),n(3905));const a={title:"Podman Alpha version 0.8.3 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},s=void 0,l={permalink:"/blogs/2018/08/20/podman-alpha-v0.8.3",source:"@site/blog/2018-08-20-podman-alpha-v0.8.3.md",title:"Podman Alpha version 0.8.3 Release Announcement",description:"podman logo",date:"2018-08-20T00:00:00.000Z",formattedDate:"August 20, 2018",tags:[{label:"community",permalink:"/blogs/tags/community"},{label:"open source",permalink:"/blogs/tags/open-source"},{label:"podman",permalink:"/blogs/tags/podman"}],readingTime:1.135,hasTruncateMarker:!0,authors:[{name:"bbaude"}],frontMatter:{title:"Podman Alpha version 0.8.3 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"What's NEW!",permalink:"/blogs/2018/09/10/welcome"},nextItem:{title:"Python3 support for Podman",permalink:"/blogs/2018/08/15/python-support-for-podman"}},i={authorsImageUrls:[void 0]},p=[],c={toc:p},m="wrapper";function u(e){let{components:t,...a}=e;return(0,o.kt)(m,(0,r.Z)({},c,a,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,o.kt)("h1",{id:"podman-release-083"},"Podman release 0.8.3"),(0,o.kt)("p",null,"Our release this week was very smooth. It seems like between CI infrastructure stability, last minute pull requests, and sometimes just plain bad luck, something always gives us trouble on Friday\u2019s. The Fedora packages are created and I see that they are getting their karma and working through the process already."),(0,o.kt)("p",null,"By the way, we moved! Our new upstream location is ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/containers/podman"},"https://github.com/containers/podman"),". It seems to be a more natural fit for our project and more closely associates us with some of our sister projects."),(0,o.kt)("p",null,"Some of the more obvious changes in this release are:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},"* Updated documentation to mention that systemd is now the default cgroup manager.\n* The create|run switch of\u200a\u2014\u200auts-host now works correctly.\n* Add pod stats as a sub-command. Similar to podman stats, it allows you to see statistics about running pods and their containers.\n* Varlink API endpoints for many of the pod subcommands were added.\n* Support format for the varlink API endpoint Commit (OCI or docker)\n* Fix handling of the container\u2019s hostname when using\u200a\u2014\u200ahost=net\n* When searching multiple registries, do not make an error from one registry be fatal.\n* Create and Pull commands were added to the python client.\n")),(0,o.kt)("p",null,"Our IRC channel has not moved. Much of the development team can be found on Freenode in #podman. Come by and introduce yourself!"))}u.isMDXComponent=!0},1382:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/c617b3ad.16756ba5.js b/assets/js/c617b3ad.0d108878.js similarity index 90% rename from assets/js/c617b3ad.16756ba5.js rename to assets/js/c617b3ad.0d108878.js index d5dc576fc..26e117088 100644 --- a/assets/js/c617b3ad.16756ba5.js +++ b/assets/js/c617b3ad.0d108878.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[47362],{48733:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/blogs/tags/podman","allTagsPath":"/blogs/tags","count":190}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[47362],{48733:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/blogs/tags/podman","allTagsPath":"/blogs/tags","count":181}')}}]); \ No newline at end of file diff --git a/assets/js/c7c76429.52097f0e.js b/assets/js/c7c76429.961c8d6a.js similarity index 81% rename from assets/js/c7c76429.52097f0e.js rename to assets/js/c7c76429.961c8d6a.js index 916de95ce..2fa68943f 100644 --- a/assets/js/c7c76429.52097f0e.js +++ b/assets/js/c7c76429.961c8d6a.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[43991],{92967:a=>{a.exports=JSON.parse('{"permalink":"/blogs/tags/podman/page/2","page":2,"postsPerPage":10,"totalPages":19,"totalCount":190,"previousPage":"/blogs/tags/podman","nextPage":"/blogs/tags/podman/page/3","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[43991],{92967:a=>{a.exports=JSON.parse('{"permalink":"/blogs/tags/podman/page/2","page":2,"postsPerPage":10,"totalPages":19,"totalCount":181,"previousPage":"/blogs/tags/podman","nextPage":"/blogs/tags/podman/page/3","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/c7d4ec6c.854df973.js b/assets/js/c7d4ec6c.854df973.js deleted file mode 100644 index cc0bb2508..000000000 --- a/assets/js/c7d4ec6c.854df973.js +++ /dev/null @@ -1 +0,0 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[30511],{3905:(e,t,n)=>{n.d(t,{Zo:()=>m,kt:()=>g});var r=n(67294);function o(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(o[n]=e[n]);return o}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(o[n]=e[n])}return o}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},m=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},p="mdxType",u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,o=e.mdxType,a=e.originalType,s=e.parentName,m=i(e,["components","mdxType","originalType","parentName"]),p=c(n),d=o,g=p["".concat(s,".").concat(d)]||p[d]||u[d]||a;return n?r.createElement(g,l(l({ref:t},m),{},{components:n})):r.createElement(g,l({ref:t},m))}));function g(e,t){var n=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var a=n.length,l=new Array(a);l[0]=d;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i[p]="string"==typeof e?e:o,l[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>l,default:()=>u,frontMatter:()=>a,metadata:()=>i,toc:()=>c});var r=n(87462),o=(n(67294),n(3905));const a={title:"Podman v1.0.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},l="Podman Release 1.0.0",i={permalink:"/blogs/2019/01/16/podman-release-v1.0.0",source:"@site/blog/2019-01-16-podman-release-v1.0.0.md",title:"Podman v1.0.0 Released",description:"podman logo",date:"2019-01-16T00:00:00.000Z",formattedDate:"January 16, 2019",tags:[{label:"community",permalink:"/blogs/tags/community"},{label:"open source",permalink:"/blogs/tags/open-source"},{label:"podman",permalink:"/blogs/tags/podman"}],readingTime:2.08,hasTruncateMarker:!0,authors:[{name:"mheon"}],frontMatter:{title:"Podman v1.0.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Container Tools on RHEL 8 & How to Hack Podman",permalink:"/blogs/2019/02/07/hack-and-tools"},nextItem:{title:"Programmatic remote access to Podman via the varlink protocol",permalink:"/blogs/2019/01/16/podman-varlink"}},s={authorsImageUrls:[void 0]},c=[{value:"Podman has gone 1.0!",id:"podman-has-gone-10",level:2}],m={toc:c},p="wrapper";function u(e){let{components:t,...a}=e;return(0,o.kt)(p,(0,r.Z)({},m,a,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,o.kt)("h2",{id:"podman-has-gone-10"},"Podman has gone 1.0!"),(0,o.kt)("p",null,"Our original goal with Podman was to provide a fully-featured debugging experience for ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/kubernetes-sigs/cri-o"},"CRI-O"),", but it has become so much more. Podman 1.0.0 is a fully-featured container engine. It provides a Docker-compatible command line to ease the transition from other container engines. Most Podman commands can be run as a regular user, without requiring additional privileges. Furthermore, all of this is accomplished without a daemon!"))}u.isMDXComponent=!0},1382:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/c8a30dcb.3ac466b0.js b/assets/js/c8a30dcb.3ac466b0.js new file mode 100644 index 000000000..228113bdb --- /dev/null +++ b/assets/js/c8a30dcb.3ac466b0.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[83276],{41678:e=>{e.exports=JSON.parse('{"permalink":"/release/tags/community/page/2","page":2,"postsPerPage":10,"totalPages":3,"totalCount":26,"previousPage":"/release/tags/community","nextPage":"/release/tags/community/page/3","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/c9f8f6c0.ff45c0cc.js b/assets/js/c9f8f6c0.ff45c0cc.js new file mode 100644 index 000000000..4a0648539 --- /dev/null +++ b/assets/js/c9f8f6c0.ff45c0cc.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[75223],{3905:(e,t,n)=>{n.d(t,{Zo:()=>m,kt:()=>f});var a=n(67294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var s=a.createContext({}),c=function(e){var t=a.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},m=function(e){var t=c(e.components);return a.createElement(s.Provider,{value:t},e.children)},p="mdxType",u={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},d=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,o=e.originalType,s=e.parentName,m=l(e,["components","mdxType","originalType","parentName"]),p=c(n),d=r,f=p["".concat(s,".").concat(d)]||p[d]||u[d]||o;return n?a.createElement(f,i(i({ref:t},m),{},{components:n})):a.createElement(f,i({ref:t},m))}));function f(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var o=n.length,i=new Array(o);i[0]=d;var l={};for(var s in t)hasOwnProperty.call(t,s)&&(l[s]=t[s]);l.originalType=e,l[p]="string"==typeof e?e:r,i[1]=l;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>u,frontMatter:()=>o,metadata:()=>l,toc:()=>c});var a=n(87462),r=(n(67294),n(3905));const o={title:"Podman v1.9.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},i="Podman Release 1.9.0",l={permalink:"/release/2020/04/17/podman-release-v1.9.0",source:"@site/release/2020-04-17-podman-release-v1.9.0.md",title:"Podman v1.9.0 Released",description:"podman logo",date:"2020-04-17T00:00:00.000Z",formattedDate:"April 17, 2020",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"}],readingTime:1.27,hasTruncateMarker:!1,authors:[{name:"mheon"}],frontMatter:{title:"Podman v1.9.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman v2.1.0 Released",permalink:"/release/2020/10/05/podman-release-v2.1.0"},nextItem:{title:"Podman v1.7.0 Released",permalink:"/release/2020/01/08/podman-release-v1.7.0"}},s={authorsImageUrls:[void 0]},c=[{value:"Podman 1.9 has been released!",id:"podman-19-has-been-released",level:2}],m={toc:c},p="wrapper";function u(e){let{components:t,...o}=e;return(0,r.kt)(p,(0,a.Z)({},m,o,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("p",null,(0,r.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,r.kt)("h2",{id:"podman-19-has-been-released"},"Podman 1.9 has been released!"),(0,r.kt)("p",null,"Podman 1.9.0 has been released, featuring initial support for the new ",(0,r.kt)("inlineCode",{parentName:"p"},"containers.conf")," configuration file, the ability to dynamically allocate user namespaces, and many improvements to the HTTP API."),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"containers.conf")," configuration file (documentation ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/common/blob/main/docs/containers.conf.5.md"},"here"),") is the eventual replacement for our old configuration file, ",(0,r.kt)("inlineCode",{parentName:"p"},"libpod.conf"),". It contains everything that file had, but also a large number of container-specific configuration settings, including the ability to add volume mounts, environment variables, DNS servers, and much more by default in new containers. As support is still in the early stages, we do not presently provide a default ",(0,r.kt)("inlineCode",{parentName:"p"},"containers.conf"),", but expect to find one in future releases! The ",(0,r.kt)("inlineCode",{parentName:"p"},"containers.conf")," file is also shared between Podman and Buildah, and sets defaults for both."),(0,r.kt)("p",null,"Podman continues to push the boundaries of containers and security. Podman has a new experimental feature to dynamically allocate user namespaces for containers run as root with the ",(0,r.kt)("inlineCode",{parentName:"p"},"--userns=auto")," flag. This option causes Podman to allocate unique user namespaces for each container it creates, dynamically sized based on the number of UIDs in the image. With this option, it is trivial to run containers in separate user namespaces, greatly improving isolation."),(0,r.kt)("p",null,"We expect that Podman 1.9.0 will be the last minor release before Podman 2.0. Podman 2.0 will feature a number of major architectural changes to better support the new HTTP API, and will allow Podman to be used locally, as it is today, or remotely, against a Podman HTTP service, with the same executable. More details ",(0,r.kt)("a",{parentName:"p",href:"https://podman.io/blogs/2020/04/16/podman-v2-announce.html"},"here"),"."))}u.isMDXComponent=!0},1382:(e,t,n)=>{n.d(t,{Z:()=>a});const a=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/c9fea71a.2c302fe3.js b/assets/js/c9fea71a.2c302fe3.js new file mode 100644 index 000000000..2760f17c2 --- /dev/null +++ b/assets/js/c9fea71a.2c302fe3.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[57256],{31821:e=>{e.exports=JSON.parse('{"permalink":"/release/tags/podman/page/3","page":3,"postsPerPage":10,"totalPages":3,"totalCount":26,"previousPage":"/release/tags/podman/page/2","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/cab9a096.f1eba984.js b/assets/js/cab9a096.718ac0fd.js similarity index 58% rename from assets/js/cab9a096.f1eba984.js rename to assets/js/cab9a096.718ac0fd.js index 8fff157f6..0a6c2fade 100644 --- a/assets/js/cab9a096.f1eba984.js +++ b/assets/js/cab9a096.718ac0fd.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[74076],{55990:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/2","page":2,"postsPerPage":10,"totalPages":26,"totalCount":255,"previousPage":"/blogs","nextPage":"/blogs/page/3","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[74076],{55990:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/2","page":2,"postsPerPage":10,"totalPages":25,"totalCount":246,"previousPage":"/blogs","nextPage":"/blogs/page/3","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/cb9e7599.ec1b29e7.js b/assets/js/cb9e7599.ec1b29e7.js new file mode 100644 index 000000000..e05e2ca28 --- /dev/null +++ b/assets/js/cb9e7599.ec1b29e7.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[41600],{3905:(e,a,t)=>{t.d(a,{Zo:()=>d,kt:()=>h});var n=t(67294);function r(e,a,t){return a in e?Object.defineProperty(e,a,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[a]=t,e}function o(e,a){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);a&&(n=n.filter((function(a){return Object.getOwnPropertyDescriptor(e,a).enumerable}))),t.push.apply(t,n)}return t}function i(e){for(var a=1;a=0||(r[t]=e[t]);return r}(e,a);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(r[t]=e[t])}return r}var s=n.createContext({}),m=function(e){var a=n.useContext(s),t=a;return e&&(t="function"==typeof e?e(a):i(i({},a),e)),t},d=function(e){var a=m(e.components);return n.createElement(s.Provider,{value:a},e.children)},p="mdxType",u={inlineCode:"code",wrapper:function(e){var a=e.children;return n.createElement(n.Fragment,{},a)}},c=n.forwardRef((function(e,a){var t=e.components,r=e.mdxType,o=e.originalType,s=e.parentName,d=l(e,["components","mdxType","originalType","parentName"]),p=m(t),c=r,h=p["".concat(s,".").concat(c)]||p[c]||u[c]||o;return t?n.createElement(h,i(i({ref:a},d),{},{components:t})):n.createElement(h,i({ref:a},d))}));function h(e,a){var t=arguments,r=a&&a.mdxType;if("string"==typeof e||r){var o=t.length,i=new Array(o);i[0]=c;var l={};for(var s in a)hasOwnProperty.call(a,s)&&(l[s]=a[s]);l.originalType=e,l[p]="string"==typeof e?e:r,i[1]=l;for(var m=2;m{t.r(a),t.d(a,{assets:()=>s,contentTitle:()=>i,default:()=>u,frontMatter:()=>o,metadata:()=>l,toc:()=>m});var n=t(87462),r=(t(67294),t(3905));const o={title:"Podman v1.1.1 Released",layout:"default",author:"tsweeney",categories:["releases"],tags:["community","open source","podman"]},i="Podman Release 1.1.1",l={permalink:"/release/2019/03/01/podman-release-v1.1.1",source:"@site/release/2019-03-01-podman-release-v1.1.1.md",title:"Podman v1.1.1 Released",description:"podman logo",date:"2019-03-01T00:00:00.000Z",formattedDate:"March 1, 2019",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"}],readingTime:2.495,hasTruncateMarker:!1,authors:[{name:"tsweeney"}],frontMatter:{title:"Podman v1.1.1 Released",layout:"default",author:"tsweeney",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman v1.1.2 Released",permalink:"/release/2019/03/05/podman-release-v1.1.2"},nextItem:{title:"Podman v1.1.0 Released",permalink:"/release/2019/02/26/podman-release-v1.1.0"}},s={authorsImageUrls:[void 0]},m=[{value:"Podman has gone 1.1.1!",id:"podman-has-gone-111",level:2},{value:"Changes",id:"changes",level:2},{value:"Bugfixes",id:"bugfixes",level:3},{value:"Misc",id:"misc",level:3}],d={toc:m},p="wrapper";function u(e){let{components:a,...o}=e;return(0,r.kt)(p,(0,n.Z)({},d,o,{components:a,mdxType:"MDXLayout"}),(0,r.kt)("p",null,(0,r.kt)("img",{alt:"podman logo",src:t(1382).Z,width:"228",height:"61"})),(0,r.kt)("h2",{id:"podman-has-gone-111"},"Podman has gone 1.1.1!"),(0,r.kt)("p",null,"After releasing Podman v1.1.0 a number of miscellaneous changes and several bug fixes\nfocusing on command line options and parsing were added.",(0,r.kt)("br",{parentName:"p"}),"\n","All the details follow!"),(0,r.kt)("h2",{id:"changes"},"Changes"),(0,r.kt)("h3",{id:"bugfixes"},"Bugfixes"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where podman container restore was erroneously available as podman restore ",(0,r.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2191"},"#2191")),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where the volume_path option in libpod.conf was not being respected"),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where Podman failed to build when the varlink tag was not present ",(0,r.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2459"},"#2459")),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where the podman image load command was listed twice in help text"),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where the podman image sign command was also listed as podman sign"),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where the podman image list command incorrectly had an image alias"),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where the podman images command incorrectly had ls and list aliases"),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where the podman image rm command was being displayed as podman image rmi"),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where the podman create command would attempt to parse arguments meant for the container"),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where the combination of FIPS mode and user namespaces resulted in permissions errors"),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where the --time alias for --timeout for the podman restart and podman stop commands did not function"),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where the default stop timeout for newly-created containers was being set to 0 seconds (resulting in an immediate SIGKILL on running podman stop)"),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where the output format of podman port was incorrect, printing full container ID instead of truncated ID"),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where the podman container list command did not exist"),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where podman build could not build a container from images tagged locally that did not exist in a registry ",(0,r.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2469"},"#2469")),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where some Podman commands that accept no arguments would not error when provided arguments"),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where podman play kube could not handle cases where a pod and a container shared a name")),(0,r.kt)("h3",{id:"misc"},"Misc"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},"Usage text for many commands was greatly improved"),(0,r.kt)("li",{parentName:"ul"},"Major cleanups were made to Podman manpages, ensuring that command lists are accurate"),(0,r.kt)("li",{parentName:"ul"},"Greatly improved debugging output when the newuidmap and newgidmap binaries fail when using rootless Podman"),(0,r.kt)("li",{parentName:"ul"},"The -s alias for the global --storage-driver option has been removed"),(0,r.kt)("li",{parentName:"ul"},"The podman container refresh command has been deprecated, as its intended use case is no longer relevant. The command has been hidden and manpages deleted. It will be removed in a future release"),(0,r.kt)("li",{parentName:"ul"},"The podman container runlabel command will now pull images not available locally even without the --pull option. The --pull option has been deprecated"),(0,r.kt)("li",{parentName:"ul"},"The podman container checkpoint and podman container restore commands are now only available on OCI runtimes where they are supported (e.g. runc)")),(0,r.kt)("p",null,"As always, please visit our release notes on ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/RELEASE_NOTES.md"},"GitHub")," to see the full changelog."),(0,r.kt)("p",null,"You can find instructions for installing Podman ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/install.md"},"here")))}u.isMDXComponent=!0},1382:(e,a,t)=>{t.d(a,{Z:()=>n});const n=t.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/cca70ef7.edc32b1a.js b/assets/js/cca70ef7.655166d8.js similarity index 88% rename from assets/js/cca70ef7.edc32b1a.js rename to assets/js/cca70ef7.655166d8.js index 9eacc0c97..26cb52cd7 100644 --- a/assets/js/cca70ef7.edc32b1a.js +++ b/assets/js/cca70ef7.655166d8.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[36868],{61607:a=>{a.exports=JSON.parse('{"label":"community","permalink":"/blogs/tags/community","allTagsPath":"/blogs/tags","count":10}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[36868],{61607:a=>{a.exports=JSON.parse('{"label":"community","permalink":"/blogs/tags/community","allTagsPath":"/blogs/tags","count":1}')}}]); \ No newline at end of file diff --git a/assets/js/cd0c0b67.07db27f7.js b/assets/js/cd0c0b67.07db27f7.js new file mode 100644 index 000000000..9664490bb --- /dev/null +++ b/assets/js/cd0c0b67.07db27f7.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[97635],{3905:(e,t,a)=>{a.d(t,{Zo:()=>p,kt:()=>g});var n=a(67294);function r(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function o(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function l(e){for(var t=1;t=0||(r[a]=e[a]);return r}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(r[a]=e[a])}return r}var s=n.createContext({}),m=function(e){var t=n.useContext(s),a=t;return e&&(a="function"==typeof e?e(t):l(l({},t),e)),a},p=function(e){var t=m(e.components);return n.createElement(s.Provider,{value:t},e.children)},u="mdxType",c={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var a=e.components,r=e.mdxType,o=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=m(a),d=r,g=u["".concat(s,".").concat(d)]||u[d]||c[d]||o;return a?n.createElement(g,l(l({ref:t},p),{},{components:a})):n.createElement(g,l({ref:t},p))}));function g(e,t){var a=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var o=a.length,l=new Array(o);l[0]=d;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i[u]="string"==typeof e?e:r,l[1]=i;for(var m=2;m{a.r(t),a.d(t,{assets:()=>s,contentTitle:()=>l,default:()=>c,frontMatter:()=>o,metadata:()=>i,toc:()=>m});var n=a(87462),r=(a(67294),a(3905));const o={title:"Podman v1.1.2 Released",layout:"default",author:"tsweeney",categories:["releases"],tags:["community","open source","podman"]},l="Podman Release 1.1.2",i={permalink:"/release/2019/03/05/podman-release-v1.1.2",source:"@site/release/2019-03-05-podman-release-v1.1.2.md",title:"Podman v1.1.2 Released",description:"podman logo",date:"2019-03-05T00:00:00.000Z",formattedDate:"March 5, 2019",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"}],readingTime:.845,hasTruncateMarker:!1,authors:[{name:"tsweeney"}],frontMatter:{title:"Podman v1.1.2 Released",layout:"default",author:"tsweeney",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman v1.2.0 Released",permalink:"/release/2019/04/10/podman-release-v1.2.0"},nextItem:{title:"Podman v1.1.1 Released",permalink:"/release/2019/03/01/podman-release-v1.1.1"}},s={authorsImageUrls:[void 0]},m=[{value:"Podman has gone 1.1.2!",id:"podman-has-gone-112",level:2},{value:"Changes",id:"changes",level:2},{value:"Bugfixes",id:"bugfixes",level:3},{value:"Misc",id:"misc",level:3}],p={toc:m},u="wrapper";function c(e){let{components:t,...o}=e;return(0,r.kt)(u,(0,n.Z)({},p,o,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("p",null,(0,r.kt)("img",{alt:"podman logo",src:a(1382).Z,width:"228",height:"61"})),(0,r.kt)("h2",{id:"podman-has-gone-112"},"Podman has gone 1.1.2!"),(0,r.kt)("p",null,"After releasing Podman v1.1.1 a number of bug fixes\nfocusing on command line options and parsing were added.\nAll the details follow!"),(0,r.kt)("h2",{id:"changes"},"Changes"),(0,r.kt)("h3",{id:"bugfixes"},"Bugfixes"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where the podman image list, podman image rm, and podman container list had broken global storage options"),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where the --label option to podman create and podman run was missing the -l alias"),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where running Podman with the --config flag would not set an appropriate default value for tmp_dir ",(0,r.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2408"},"#2408")),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where the podman logs command with the --timestamps flag produced unreadable output ",(0,r.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2500"},"#2500")),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where the podman cp command would automatically extract .tar files copied into the container ",(0,r.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2509"},"#2509"))),(0,r.kt)("h3",{id:"misc"},"Misc"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},"The podman container stop command is now usable with the Podman remote client")),(0,r.kt)("p",null,"As always, please visit our release notes on ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/RELEASE_NOTES.md"},"GitHub")," to see the full changelog."),(0,r.kt)("p",null,"You can find instructions for installing Podman ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/install.md"},"here")))}c.isMDXComponent=!0},1382:(e,t,a)=>{a.d(t,{Z:()=>n});const n=a.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/cde6b8a6.51490c6f.js b/assets/js/cde6b8a6.51490c6f.js new file mode 100644 index 000000000..bbcf2f923 --- /dev/null +++ b/assets/js/cde6b8a6.51490c6f.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[79978],{3905:(e,t,a)=>{a.d(t,{Zo:()=>p,kt:()=>g});var n=a(67294);function r(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function o(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function l(e){for(var t=1;t=0||(r[a]=e[a]);return r}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(r[a]=e[a])}return r}var s=n.createContext({}),m=function(e){var t=n.useContext(s),a=t;return e&&(a="function"==typeof e?e(t):l(l({},t),e)),a},p=function(e){var t=m(e.components);return n.createElement(s.Provider,{value:t},e.children)},u="mdxType",c={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var a=e.components,r=e.mdxType,o=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=m(a),d=r,g=u["".concat(s,".").concat(d)]||u[d]||c[d]||o;return a?n.createElement(g,l(l({ref:t},p),{},{components:a})):n.createElement(g,l({ref:t},p))}));function g(e,t){var a=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var o=a.length,l=new Array(o);l[0]=d;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i[u]="string"==typeof e?e:r,l[1]=i;for(var m=2;m{a.r(t),a.d(t,{assets:()=>s,contentTitle:()=>l,default:()=>c,frontMatter:()=>o,metadata:()=>i,toc:()=>m});var n=a(87462),r=(a(67294),a(3905));const o={title:"Podman v1.1.2 Released",layout:"default",author:"tsweeney",categories:["releases"],tags:["community","open source","podman"]},l="Podman Release 1.1.2",i={permalink:"/release/2019/03/05/podman-release-v1.1.2",source:"@site/release/2019-03-05-podman-release-v1.1.2.md",title:"Podman v1.1.2 Released",description:"podman logo",date:"2019-03-05T00:00:00.000Z",formattedDate:"March 5, 2019",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"}],readingTime:.845,hasTruncateMarker:!1,authors:[{name:"tsweeney"}],frontMatter:{title:"Podman v1.1.2 Released",layout:"default",author:"tsweeney",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman v1.2.0 Released",permalink:"/release/2019/04/10/podman-release-v1.2.0"},nextItem:{title:"Podman v1.1.1 Released",permalink:"/release/2019/03/01/podman-release-v1.1.1"}},s={authorsImageUrls:[void 0]},m=[{value:"Podman has gone 1.1.2!",id:"podman-has-gone-112",level:2},{value:"Changes",id:"changes",level:2},{value:"Bugfixes",id:"bugfixes",level:3},{value:"Misc",id:"misc",level:3}],p={toc:m},u="wrapper";function c(e){let{components:t,...o}=e;return(0,r.kt)(u,(0,n.Z)({},p,o,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("p",null,(0,r.kt)("img",{alt:"podman logo",src:a(1382).Z,width:"228",height:"61"})),(0,r.kt)("h2",{id:"podman-has-gone-112"},"Podman has gone 1.1.2!"),(0,r.kt)("p",null,"After releasing Podman v1.1.1 a number of bug fixes\nfocusing on command line options and parsing were added.\nAll the details follow!"),(0,r.kt)("h2",{id:"changes"},"Changes"),(0,r.kt)("h3",{id:"bugfixes"},"Bugfixes"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where the podman image list, podman image rm, and podman container list had broken global storage options"),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where the --label option to podman create and podman run was missing the -l alias"),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where running Podman with the --config flag would not set an appropriate default value for tmp_dir ",(0,r.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2408"},"#2408")),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where the podman logs command with the --timestamps flag produced unreadable output ",(0,r.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2500"},"#2500")),(0,r.kt)("li",{parentName:"ul"},"Fixed a bug where the podman cp command would automatically extract .tar files copied into the container ",(0,r.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2509"},"#2509"))),(0,r.kt)("h3",{id:"misc"},"Misc"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},"The podman container stop command is now usable with the Podman remote client")),(0,r.kt)("p",null,"As always, please visit our release notes on ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/RELEASE_NOTES.md"},"GitHub")," to see the full changelog."),(0,r.kt)("p",null,"You can find instructions for installing Podman ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/install.md"},"here")))}c.isMDXComponent=!0},1382:(e,t,a)=>{a.d(t,{Z:()=>n});const n=a.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/cf2b80f9.d76116c3.js b/assets/js/cf2b80f9.844afe79.js similarity index 73% rename from assets/js/cf2b80f9.d76116c3.js rename to assets/js/cf2b80f9.844afe79.js index 35928448c..e6dc0d98f 100644 --- a/assets/js/cf2b80f9.d76116c3.js +++ b/assets/js/cf2b80f9.844afe79.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[50155],{39603:e=>{e.exports=JSON.parse('{"permalink":"/blogs/tags/community","page":1,"postsPerPage":10,"totalPages":1,"totalCount":10,"blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[50155],{39603:e=>{e.exports=JSON.parse('{"permalink":"/blogs/tags/community","page":1,"postsPerPage":10,"totalPages":1,"totalCount":1,"blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/cf37d923.b6249726.js b/assets/js/cf37d923.b6249726.js deleted file mode 100644 index 3bec907ef..000000000 --- a/assets/js/cf37d923.b6249726.js +++ /dev/null @@ -1 +0,0 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[86015],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>h});var a=n(67294);function o(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function r(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(o[n]=e[n]);return o}(e,t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(o[n]=e[n])}return o}var s=a.createContext({}),m=function(e){var t=a.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},p=function(e){var t=m(e.components);return a.createElement(s.Provider,{value:t},e.children)},u="mdxType",c={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},d=a.forwardRef((function(e,t){var n=e.components,o=e.mdxType,r=e.originalType,s=e.parentName,p=l(e,["components","mdxType","originalType","parentName"]),u=m(n),d=o,h=u["".concat(s,".").concat(d)]||u[d]||c[d]||r;return n?a.createElement(h,i(i({ref:t},p),{},{components:n})):a.createElement(h,i({ref:t},p))}));function h(e,t){var n=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var r=n.length,i=new Array(r);i[0]=d;var l={};for(var s in t)hasOwnProperty.call(t,s)&&(l[s]=t[s]);l.originalType=e,l[u]="string"==typeof e?e:o,i[1]=l;for(var m=2;m{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>c,frontMatter:()=>r,metadata:()=>l,toc:()=>m});var a=n(87462),o=(n(67294),n(3905));const r={title:"Podman v1.0.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},i="Podman Release 1.0.0",l={permalink:"/blogs/2019/01/16/podman-release-v1.0.0",source:"@site/blog/2019-01-16-podman-release-v1.0.0.md",title:"Podman v1.0.0 Released",description:"podman logo",date:"2019-01-16T00:00:00.000Z",formattedDate:"January 16, 2019",tags:[{label:"community",permalink:"/blogs/tags/community"},{label:"open source",permalink:"/blogs/tags/open-source"},{label:"podman",permalink:"/blogs/tags/podman"}],readingTime:2.08,hasTruncateMarker:!0,authors:[{name:"mheon"}],frontMatter:{title:"Podman v1.0.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Container Tools on RHEL 8 & How to Hack Podman",permalink:"/blogs/2019/02/07/hack-and-tools"},nextItem:{title:"Programmatic remote access to Podman via the varlink protocol",permalink:"/blogs/2019/01/16/podman-varlink"}},s={authorsImageUrls:[void 0]},m=[{value:"Podman has gone 1.0!",id:"podman-has-gone-10",level:2},{value:"Changes",id:"changes",level:2}],p={toc:m},u="wrapper";function c(e){let{components:t,...r}=e;return(0,o.kt)(u,(0,a.Z)({},p,r,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,o.kt)("h2",{id:"podman-has-gone-10"},"Podman has gone 1.0!"),(0,o.kt)("p",null,"Our original goal with Podman was to provide a fully-featured debugging experience for ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/kubernetes-sigs/cri-o"},"CRI-O"),", but it has become so much more. Podman 1.0.0 is a fully-featured container engine. It provides a Docker-compatible command line to ease the transition from other container engines. Most Podman commands can be run as a regular user, without requiring additional privileges. Furthermore, all of this is accomplished without a daemon!"),(0,o.kt)("p",null,"Podman made its first public release, v0.2, a little less than a year ago. We've come a long way since then, adding new features like:"),(0,o.kt)("ul",null,(0,o.kt)("li",{parentName:"ul"},"Rootless containers"),(0,o.kt)("li",{parentName:"ul"},"Support for pods"),(0,o.kt)("li",{parentName:"ul"},"Interacting with Kubernetes pod YAML"),(0,o.kt)("li",{parentName:"ul"},"A Varlink API for interacting with Podman on remote machines")),(0,o.kt)("p",null,"We've kept our eyes firmly on stability, fixing over 150 bugs. We\u2019ve also worked on performance, making sure all common operations are optimized. While it is an iterative process, we are pleased with where we stand today. With that, we're excited to announce that Podman is ready for prime time, and it is ready for you."),(0,o.kt)("p",null,"A key focus of Podman is around security. In addition to support for rootless containers, we\u2019ve added many other security features. Great support for ",(0,o.kt)("a",{parentName:"p",href:"https://opensource.com/article/18/12/podman-and-user-namespaces"},"User Namespaces")," has resulted in better container separation. The ",(0,o.kt)("inlineCode",{parentName:"p"},"podman top")," command will tell you what security features are enabled for processes within containers. Podman\u2019s daemonless fork/exec model preserves audit information on containers."),(0,o.kt)("p",null,"This is just the beginning, and we have plans for much more. For example, numerous improvements are planned for rootless Podman, pod support, the Varlink API, and automatic user namespace separation. If you find a feature missing from Podman, feel free to open an enhancement request on our ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/issues"},"Github"),". We love your feedback, and many of our best ideas come from users and contributors."),(0,o.kt)("p",null,"Finally, the Podman team would like to thank all our contributors. Everyone who submitted code, improved documentation, or reported bugs has been a great help."),(0,o.kt)("h2",{id:"changes"},"Changes"),(0,o.kt)("p",null,"A few of the biggest changes from Podman 1.0.0 include:"),(0,o.kt)("ul",null,(0,o.kt)("li",{parentName:"ul"},"Added the ",(0,o.kt)("inlineCode",{parentName:"li"},"podman play kube")," command, which creates Podman pods based on Kubernetes pod YAML."),(0,o.kt)("li",{parentName:"ul"},"The ",(0,o.kt)("inlineCode",{parentName:"li"},"podman run")," and ",(0,o.kt)("inlineCode",{parentName:"li"},"podman create")," commands now support the ",(0,o.kt)("inlineCode",{parentName:"li"},"--init")," flag, to run a minimal init process in the container."),(0,o.kt)("li",{parentName:"ul"},"Added the ",(0,o.kt)("inlineCode",{parentName:"li"},"podman image sign")," command to sign container images."),(0,o.kt)("li",{parentName:"ul"},"Image pulls are now parallelized for increased speed")),(0,o.kt)("p",null,"As always, please visit our release notes on ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/RELEASE_NOTES.md"},"GitHub")," to see the full changelog."),(0,o.kt)("p",null,"You can find instructions for installing Podman ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/install.md"},"here")))}c.isMDXComponent=!0},1382:(e,t,n)=>{n.d(t,{Z:()=>a});const a=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/cf896737.2f484609.js b/assets/js/cf896737.9cbb80df.js similarity index 90% rename from assets/js/cf896737.2f484609.js rename to assets/js/cf896737.9cbb80df.js index 1021c4261..237a1f429 100644 --- a/assets/js/cf896737.2f484609.js +++ b/assets/js/cf896737.9cbb80df.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[73805],{99589:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/blogs/tags/podman","allTagsPath":"/blogs/tags","count":190}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[73805],{99589:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/blogs/tags/podman","allTagsPath":"/blogs/tags","count":181}')}}]); \ No newline at end of file diff --git a/assets/js/cfbe9d8e.e0f12206.js b/assets/js/cfbe9d8e.2fc8a251.js similarity index 58% rename from assets/js/cfbe9d8e.e0f12206.js rename to assets/js/cfbe9d8e.2fc8a251.js index 4e21e319f..d4fc08673 100644 --- a/assets/js/cfbe9d8e.e0f12206.js +++ b/assets/js/cfbe9d8e.2fc8a251.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[65731],{65647:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/6","page":6,"postsPerPage":10,"totalPages":26,"totalCount":255,"previousPage":"/blogs/page/5","nextPage":"/blogs/page/7","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[65731],{65647:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/6","page":6,"postsPerPage":10,"totalPages":25,"totalCount":246,"previousPage":"/blogs/page/5","nextPage":"/blogs/page/7","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/d1f0e4b8.6faa9fbf.js b/assets/js/d1f0e4b8.6faa9fbf.js deleted file mode 100644 index f35b7053b..000000000 --- a/assets/js/d1f0e4b8.6faa9fbf.js +++ /dev/null @@ -1 +0,0 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[78923],{3905:(e,t,r)=>{r.d(t,{Zo:()=>s,kt:()=>f});var n=r(67294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function o(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function l(e){for(var t=1;t=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var i=n.createContext({}),p=function(e){var t=n.useContext(i),r=t;return e&&(r="function"==typeof e?e(t):l(l({},t),e)),r},s=function(e){var t=p(e.components);return n.createElement(i.Provider,{value:t},e.children)},u="mdxType",m={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,o=e.originalType,i=e.parentName,s=c(e,["components","mdxType","originalType","parentName"]),u=p(r),d=a,f=u["".concat(i,".").concat(d)]||u[d]||m[d]||o;return r?n.createElement(f,l(l({ref:t},s),{},{components:r})):n.createElement(f,l({ref:t},s))}));function f(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=r.length,l=new Array(o);l[0]=d;var c={};for(var i in t)hasOwnProperty.call(t,i)&&(c[i]=t[i]);c.originalType=e,c[u]="string"==typeof e?e:a,l[1]=c;for(var p=2;p{r.r(t),r.d(t,{assets:()=>i,contentTitle:()=>l,default:()=>m,frontMatter:()=>o,metadata:()=>c,toc:()=>p});var n=r(87462),a=(r(67294),r(3905));const o={layout:"default",title:"Podman v4.2.0 Released",categories:["new"]},l=void 0,c={permalink:"/blogs/2022/08/17/new",source:"@site/blog/2022-08-17-new.md",title:"Podman v4.2.0 Released",description:"Podman has gone 4.2.0!",date:"2022-08-17T00:00:00.000Z",formattedDate:"August 17, 2022",tags:[],readingTime:.025,hasTruncateMarker:!1,authors:[],frontMatter:{layout:"default",title:"Podman v4.2.0 Released",categories:["new"]},prevItem:{title:"Netavark and Aardvark-dns 1.2.0 released",permalink:"/blogs/2022/09/28/updated-1.2.0"},nextItem:{title:"Podman Windows Installer",permalink:"/blogs/2022/06/08/new"}},i={authorsImageUrls:[]},p=[{value:"Podman has gone 4.2.0!",id:"podman-has-gone-420",level:2}],s={toc:p},u="wrapper";function m(e){let{components:t,...r}=e;return(0,a.kt)(u,(0,n.Z)({},s,r,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h2",{id:"podman-has-gone-420"},(0,a.kt)("a",{parentName:"h2",href:"https://podman.io/releases/2022/08/17/podman-release-v4.2.0.html"},"Podman has gone 4.2.0!")))}m.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/d1f0e4b8.fc3660cc.js b/assets/js/d1f0e4b8.fc3660cc.js new file mode 100644 index 000000000..244801ddf --- /dev/null +++ b/assets/js/d1f0e4b8.fc3660cc.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[78923],{3905:(e,t,n)=>{n.d(t,{Zo:()=>s,kt:()=>d});var r=n(67294);function o(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(o[n]=e[n]);return o}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(o[n]=e[n])}return o}var c=r.createContext({}),p=function(e){var t=r.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},s=function(e){var t=p(e.components);return r.createElement(c.Provider,{value:t},e.children)},u="mdxType",m={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},f=r.forwardRef((function(e,t){var n=e.components,o=e.mdxType,a=e.originalType,c=e.parentName,s=i(e,["components","mdxType","originalType","parentName"]),u=p(n),f=o,d=u["".concat(c,".").concat(f)]||u[f]||m[f]||a;return n?r.createElement(d,l(l({ref:t},s),{},{components:n})):r.createElement(d,l({ref:t},s))}));function d(e,t){var n=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var a=n.length,l=new Array(a);l[0]=f;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i[u]="string"==typeof e?e:o,l[1]=i;for(var p=2;p{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>l,default:()=>m,frontMatter:()=>a,metadata:()=>i,toc:()=>p});var r=n(87462),o=(n(67294),n(3905));const a={layout:"default",title:"Podman v4.2.0 Released",categories:["new"]},l=void 0,i={permalink:"/blogs/2022/08/17/new",source:"@site/blog/2022-08-17-new.md",title:"Podman v4.2.0 Released",description:"Podman has gone 4.2.0!",date:"2022-08-17T00:00:00.000Z",formattedDate:"August 17, 2022",tags:[],readingTime:.025,hasTruncateMarker:!1,authors:[],frontMatter:{layout:"default",title:"Podman v4.2.0 Released",categories:["new"]},prevItem:{title:"How Podman packaging works on Linux",permalink:"/blogs/2022/10/03/new"},nextItem:{title:"Podman Windows Installer",permalink:"/blogs/2022/06/08/new"}},c={authorsImageUrls:[]},p=[{value:"Podman has gone 4.2.0!",id:"podman-has-gone-420",level:2}],s={toc:p},u="wrapper";function m(e){let{components:t,...n}=e;return(0,o.kt)(u,(0,r.Z)({},s,n,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("h2",{id:"podman-has-gone-420"},(0,o.kt)("a",{parentName:"h2",href:"https://podman.io/releases/2022/08/17/podman-release-v4.2.0.html"},"Podman has gone 4.2.0!")))}m.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/d41cac77.67a26da1.js b/assets/js/d41cac77.67a26da1.js new file mode 100644 index 000000000..170951db4 --- /dev/null +++ b/assets/js/d41cac77.67a26da1.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[91698],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>y});var r=n(67294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var i=r.createContext({}),c=function(e){var t=r.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(i.Provider,{value:t},e.children)},m="mdxType",u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,i=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),m=c(n),d=a,y=m["".concat(i,".").concat(d)]||m[d]||u[d]||o;return n?r.createElement(y,l(l({ref:t},p),{},{components:n})):r.createElement(y,l({ref:t},p))}));function y(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,l=new Array(o);l[0]=d;var s={};for(var i in t)hasOwnProperty.call(t,i)&&(s[i]=t[i]);s.originalType=e,s[m]="string"==typeof e?e:a,l[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>l,default:()=>u,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var r=n(87462),a=(n(67294),n(3905));const o={title:"Podman v0.12.1.1 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},l=void 0,s={permalink:"/release/2018/12/12/podman-alpha-v0.12.1.1",source:"@site/release/2018-12-12-podman-alpha-v0.12.1.1.md",title:"Podman v0.12.1.1 Released",description:"podman logo",date:"2018-12-12T00:00:00.000Z",formattedDate:"December 12, 2018",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"}],readingTime:1.2,hasTruncateMarker:!0,authors:[{name:"mheon"}],frontMatter:{title:"Podman v0.12.1.1 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman v1.0.0 Released",permalink:"/release/2019/01/16/podman-release-v1.0.0"},nextItem:{title:"Podman Alpha version 0.8.3 Release Announcement",permalink:"/release/2018/08/20/podman-alpha-v0.8.3"}},i={authorsImageUrls:[void 0]},c=[],p={toc:c},m="wrapper";function u(e){let{components:t,...o}=e;return(0,a.kt)(m,(0,r.Z)({},p,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,a.kt)("h1",{id:"podman-release-01211"},"Podman Release 0.12.1.1"),(0,a.kt)("p",null,"We're happy to announce the availability of Podman 0.12.1.1, our latest version. We've been very busy over the last month, and it shows! We've merged over 150 new commits since our 0.11 releases, including major new functionality and several critical bugfixes. Pods, Kubernetes compatibility, and container volumes all saw major improvements."),(0,a.kt)("p",null,"We hope everyone enjoys the release, and stays with us in the future as Podman gets closer to 1.0. As always, many thanks to everyone who contributed to this release!"))}u.isMDXComponent=!0},1382:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/d45a981c.ecd38be5.js b/assets/js/d45a981c.d3837eae.js similarity index 81% rename from assets/js/d45a981c.ecd38be5.js rename to assets/js/d45a981c.d3837eae.js index e849e4a37..abd5a427d 100644 --- a/assets/js/d45a981c.ecd38be5.js +++ b/assets/js/d45a981c.d3837eae.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[7899],{49759:a=>{a.exports=JSON.parse('{"permalink":"/blogs/tags/podman/page/5","page":5,"postsPerPage":10,"totalPages":19,"totalCount":190,"previousPage":"/blogs/tags/podman/page/4","nextPage":"/blogs/tags/podman/page/6","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[7899],{49759:a=>{a.exports=JSON.parse('{"permalink":"/blogs/tags/podman/page/5","page":5,"postsPerPage":10,"totalPages":19,"totalCount":181,"previousPage":"/blogs/tags/podman/page/4","nextPage":"/blogs/tags/podman/page/6","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/d58b9252.cb0d1f9d.js b/assets/js/d58b9252.cb0d1f9d.js new file mode 100644 index 000000000..a6703361e --- /dev/null +++ b/assets/js/d58b9252.cb0d1f9d.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[71848],{3905:(e,t,n)=>{n.d(t,{Zo:()=>d,kt:()=>h});var a=n(67294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var l=a.createContext({}),p=function(e){var t=a.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},d=function(e){var t=p(e.components);return a.createElement(l.Provider,{value:t},e.children)},m="mdxType",u={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},c=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,o=e.originalType,l=e.parentName,d=s(e,["components","mdxType","originalType","parentName"]),m=p(n),c=r,h=m["".concat(l,".").concat(c)]||m[c]||u[c]||o;return n?a.createElement(h,i(i({ref:t},d),{},{components:n})):a.createElement(h,i({ref:t},d))}));function h(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var o=n.length,i=new Array(o);i[0]=c;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s[m]="string"==typeof e?e:r,i[1]=s;for(var p=2;p{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>u,frontMatter:()=>o,metadata:()=>s,toc:()=>p});var a=n(87462),r=(n(67294),n(3905));const o={title:"Podman v4.2.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman","hpc","kubernetes"]},i="Podman Release v4.2.0",s={permalink:"/release/2022/08/17/podman-release-v4.2.0",source:"@site/release/2022-08-17-podman-release-v4.2.0.md",title:"Podman v4.2.0 Released",description:"podman logo",date:"2022-08-17T00:00:00.000Z",formattedDate:"August 17, 2022",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"},{label:"hpc",permalink:"/release/tags/hpc"},{label:"kubernetes",permalink:"/release/tags/kubernetes"}],readingTime:2.565,hasTruncateMarker:!1,authors:[{name:"mheon"}],frontMatter:{title:"Podman v4.2.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman","hpc","kubernetes"]},prevItem:{title:"Netavark and Aardvark-dns 1.2.0 released",permalink:"/release/2022/09/28/updated-1.2.0"},nextItem:{title:"Podman v4.1.0 Released",permalink:"/release/2022/05/09/podman-release-v4.1.0"}},l={authorsImageUrls:[void 0]},p=[{value:"Podman v4.2.0 has been released!",id:"podman-v420-has-been-released",level:2}],d={toc:p},m="wrapper";function u(e){let{components:t,...o}=e;return(0,r.kt)(m,(0,a.Z)({},d,o,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("p",null,(0,r.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,r.kt)("h2",{id:"podman-v420-has-been-released"},"Podman v4.2.0 has been released!"),(0,r.kt)("p",null,"Podman 4.2.0, our latest release, is now available. Featuring dozens of new features, including support for the GitLab Runner, significant improvements to ",(0,r.kt)("inlineCode",{parentName:"p"},"podman play kube"),", and pods in general. We\u2019ve also been working on running Podman on Mac and Windows, with a number of major bug fixes and several new features for ",(0,r.kt)("inlineCode",{parentName:"p"},"podman machine")," landing. We are also happy to announce an early release of Podman Desktop, a GUI tool for Podman. Read on for more details!"),(0,r.kt)("p",null,"Our new release now supports being used with the GitLab Runner as part of GitLab CI platforms, using the Docker executor. This has been the culmination of months of effort, and required squashing a number of bugs in our REST API. GitLab Runner has been a much-requested feature, and we\u2019re eager to see what users do with it!"),(0,r.kt)("p",null,"As part of the 4.2.0 release, we have made many changes to both Podman pods and the ",(0,r.kt)("inlineCode",{parentName:"p"},"podman play kube")," command. Pods now have early support for resource limits, allowing CPU and memory use for a pod to be limited. All containers in the pod will share this limit but can still set their own limits. Pods can also be cloned now via the new ",(0,r.kt)("inlineCode",{parentName:"p"},"podman pod clone")," command. Support for YAML in ",(0,r.kt)("inlineCode",{parentName:"p"},"play kube")," has also been improved, with additional support for security context settings and the ability to use ",(0,r.kt)("inlineCode",{parentName:"p"},"BlockDevice")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"CharDevice")," volumes."),(0,r.kt)("p",null,"systemd integration with ",(0,r.kt)("inlineCode",{parentName:"p"},"podman play kube")," has been introduced. Pods launched by ",(0,r.kt)("inlineCode",{parentName:"p"},"podman play kube")," can be managed by systemd, using the new ",(0,r.kt)("inlineCode",{parentName:"p"},"podman-kube@.service")," service - e.g. ",(0,r.kt)("inlineCode",{parentName:"p"},"systemctl --user start podman-play-kube@$(systemd-escape my.yaml).service")," will run the ",(0,r.kt)("inlineCode",{parentName:"p"},"my.yaml")," file managed by systemd."),(0,r.kt)("p",null,"Several other features and changes also landed in Podman v4.2.0. Early support for Sigstore signatures is now available in ",(0,r.kt)("inlineCode",{parentName:"p"},"podman push")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"podman manifest push")," - expect more in this area in the future as we further integrate Sigstore and Podman. Podman networks can now be isolated (preventing traffic from being sent to other Podman-managed networks) with the ",(0,r.kt)("inlineCode",{parentName:"p"},"--opt isolate=")," option to ",(0,r.kt)("inlineCode",{parentName:"p"},"podman network create"),"."),(0,r.kt)("p",null,"These are just a few of the 40 new features and 50 bug fixes included in Podman 4.2.0. Be sure to check out the ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/releases/tag/v4.2.0"},"release notes")," for more details!"),(0,r.kt)("p",null,"Along with the release of Podman 4.2.0, a new version of Podman Desktop is available. If you are not yet aware of ",(0,r.kt)("a",{parentName:"p",href:"https://podman-desktop.io/"},"Podman Desktop"),", it\u2019s a new project under the container organization to help developers work with containers in their local environment with a desktop UI. Podman Desktop is still in its early days. Still, it already provides capabilities to list your images, interact with containers (access logs, get a terminal), connect to registries (pull private images, push your images) and configure podman settings (proxies).\nAn early adopter program has also been set up. Feel free to ",(0,r.kt)("a",{parentName:"p",href:"https://forms.gle/ow73dV7Ce3YLzoXH7"},"sign up")," if you are interested in testing Podman Desktop, providing feedback, and speaking about your ideas, experiences, and pain points! If you are interested in contributing to the tool, your help would also be appreciated. Feel free to investigate the project\u2019s ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman-desktop"},"Github"),"."))}u.isMDXComponent=!0},1382:(e,t,n)=>{n.d(t,{Z:()=>a});const a=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/d705183c.40d590c1.js b/assets/js/d705183c.40d590c1.js new file mode 100644 index 000000000..0730fb010 --- /dev/null +++ b/assets/js/d705183c.40d590c1.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[72938],{63289:e=>{e.exports=JSON.parse('{"permalink":"/release","page":1,"postsPerPage":10,"totalPages":3,"totalCount":26,"nextPage":"/release/page/2","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/d9ff0d7c.b562101b.js b/assets/js/d9ff0d7c.b562101b.js new file mode 100644 index 000000000..84f880f9e --- /dev/null +++ b/assets/js/d9ff0d7c.b562101b.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[43527],{4106:e=>{e.exports=JSON.parse('{"label":"open source","permalink":"/release/tags/open-source","allTagsPath":"/release/tags","count":25}')}}]); \ No newline at end of file diff --git a/assets/js/dac8816f.39b6ac65.js b/assets/js/dac8816f.39b6ac65.js new file mode 100644 index 000000000..da1483e13 --- /dev/null +++ b/assets/js/dac8816f.39b6ac65.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[59134],{2363:e=>{e.exports=JSON.parse('{"blogPosts":[{"id":"/2022/10/22/podman-release-v4.3.0","metadata":{"permalink":"/release/2022/10/22/podman-release-v4.3.0","source":"@site/release/2022-10-22-podman-release-v4.3.0.md","title":"Podman v4.3.0 Released","description":"podman logo","date":"2022-10-22T00:00:00.000Z","formattedDate":"October 22, 2022","tags":[{"label":"community","permalink":"/release/tags/community"},{"label":"open source","permalink":"/release/tags/open-source"},{"label":"podman","permalink":"/release/tags/podman"},{"label":"hpc","permalink":"/release/tags/hpc"},{"label":"kubernetes","permalink":"/release/tags/kubernetes"}],"readingTime":2.4,"hasTruncateMarker":false,"authors":[{"name":"mheon"}],"frontMatter":{"title":"Podman v4.3.0 Released","layout":"default","author":"mheon","categories":["releases"],"tags":["community","open source","podman","hpc","kubernetes"]},"nextItem":{"title":"Netavark and Aardvark-dns 1.2.0 released","permalink":"/release/2022/09/28/updated-1.2.0"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n\\nPodman 4.3.0 is now available! There\u2019s a lot to be excited about, including numerous new features, over 30 bug fixes, and many other improvements. A major focus of 4.3 has been on improving Docker compatibility, including the addition of many missing options and aliases to Podman\u2019s command line to further our efforts to make transitioning to Podman a seamless change. Podman\u2019s integration with Kubernetes has also seen many improvements, including improved integration with systemd and support for automatic updates. Read on for more details and these changes and more!\\n\x3c!--readmore--\x3e\\n\\nThe Podman team made improved compatibility with Docker a priority for Podman 4.3. We audited Podman\u2019s commands against the Docker command line tool to identify missing and unsupported options and then set to work adding and fixing differences. As part of these, we added a dozen new options to various Podman commands, with many of these being missing aliases for existing options. A new set of commands, `podman context`, have been added for compatibility with `docker context`. These are also aliases (for `podman system connection` commands), and will usually be hidden as they are only required for scripts originally written to use Docker. We have also removed a known incompatibility with Docker in Podman\u2019s volume handling. Docker compatibility remains a focus for Podman, and we will continue our efforts to make migrating to Podman effortless.\\n\\nPodman\u2019s Kubernetes integration also saw numerous changes, the biggest of which is the creation of the `podman kube` command. Previously, Kubernetes YAML was generated with `podman generate kube` and ran with `podman play kube`, but users found this confusing - it wasn\u2019t immediately obvious from `podman help` that the commands existed. By moving the commands to `podman kube generate` and `podman kube play` and introducing a new command to tear down pods (`podman kube down`), we consolidated all Kubernetes commands in one easy-to-find place. The `podman generate kube`, and `podman play kube` commands will continue to work, but the new `podman kube` commands will be preferred.\\n\\nOf course, we didn\u2019t stop at just renaming commands. We\u2019ve made a number of further additions to `podman kube play`, most notably improved systemd integration. In Podman 4.2, we added `podman-kube@.service` to allow pods created with `podman kube play` to be managed with systemd. With Podman 4.3, we\u2019ve improved this in two significant ways. First, pods using `podman-kube@.service` can now use sdnotify to verify to systemd that they have started. This laid the groundwork for the following major change: Pods from `podman-kube@.service` now support Podman\u2019s auto-updated mechanism, enabled using an annotation (`io.containers.auto-update`). Furthermore, we made several improvements to `podman kube play`, including support for `emptyDir` volumes, support for user namespaces via `HostUsers`, and support for binary data in ConfigMaps.\\n\\nThese are just a few of the over 30 features and bug fixes included in Podman 4.3.0. Be sure to check out the [release notes](https://github.com/containers/podman/releases/tag/v4.3.0) for more details!"},{"id":"/2022/09/28/updated-1.2.0","metadata":{"permalink":"/release/2022/09/28/updated-1.2.0","source":"@site/release/2022-09-28-updated-1.2.0.md","title":"Netavark and Aardvark-dns 1.2.0 released","description":"Netavark and Aardvark-dns v1.2.0 has been released!","date":"2022-09-28T00:00:00.000Z","formattedDate":"September 28, 2022","tags":[{"label":"community","permalink":"/release/tags/community"},{"label":"podman","permalink":"/release/tags/podman"}],"readingTime":0.34,"hasTruncateMarker":true,"authors":[{"name":"baude"}],"frontMatter":{"title":"Netavark and Aardvark-dns 1.2.0 released","layout":"default","author":"baude","categories":["releases"],"tags":["community","podman"]},"prevItem":{"title":"Podman v4.3.0 Released","permalink":"/release/2022/10/22/podman-release-v4.3.0"},"nextItem":{"title":"Podman v4.2.0 Released","permalink":"/release/2022/08/17/podman-release-v4.2.0"}},"content":"## Netavark and Aardvark-dns v1.2.0 has been released!\\n\\nThe underlying network components for Podman have been updated. This consists of two projects:\\n\\n- [Netavark](https://github.com/containers/netavark/releases) - network configuration tool for Podman\\n- [Aardvark-dns](https://github.com/containers/aardvark-dns/releases) - container domain name resolution server for\\n Podman containers\\n\\n\x3c!--truncate--\x3e\\n\\nRelease v1.2.0 resolves a handful of edge case bugs that were found and reported. In addition, many of the libraries\\nused by the projects were updated."},{"id":"/2022/08/17/podman-release-v4.2.0","metadata":{"permalink":"/release/2022/08/17/podman-release-v4.2.0","source":"@site/release/2022-08-17-podman-release-v4.2.0.md","title":"Podman v4.2.0 Released","description":"podman logo","date":"2022-08-17T00:00:00.000Z","formattedDate":"August 17, 2022","tags":[{"label":"community","permalink":"/release/tags/community"},{"label":"open source","permalink":"/release/tags/open-source"},{"label":"podman","permalink":"/release/tags/podman"},{"label":"hpc","permalink":"/release/tags/hpc"},{"label":"kubernetes","permalink":"/release/tags/kubernetes"}],"readingTime":2.565,"hasTruncateMarker":false,"authors":[{"name":"mheon"}],"frontMatter":{"title":"Podman v4.2.0 Released","layout":"default","author":"mheon","categories":["releases"],"tags":["community","open source","podman","hpc","kubernetes"]},"prevItem":{"title":"Netavark and Aardvark-dns 1.2.0 released","permalink":"/release/2022/09/28/updated-1.2.0"},"nextItem":{"title":"Podman v4.1.0 Released","permalink":"/release/2022/05/09/podman-release-v4.1.0"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n\\n## Podman v4.2.0 has been released!\\n\\nPodman 4.2.0, our latest release, is now available. Featuring dozens of new features, including support for the GitLab Runner, significant improvements to `podman play kube`, and pods in general. We\u2019ve also been working on running Podman on Mac and Windows, with a number of major bug fixes and several new features for `podman machine` landing. We are also happy to announce an early release of Podman Desktop, a GUI tool for Podman. Read on for more details!\\n\\n\x3c!--readmore--\x3e\\n\\nOur new release now supports being used with the GitLab Runner as part of GitLab CI platforms, using the Docker executor. This has been the culmination of months of effort, and required squashing a number of bugs in our REST API. GitLab Runner has been a much-requested feature, and we\u2019re eager to see what users do with it!\\n\\nAs part of the 4.2.0 release, we have made many changes to both Podman pods and the `podman play kube` command. Pods now have early support for resource limits, allowing CPU and memory use for a pod to be limited. All containers in the pod will share this limit but can still set their own limits. Pods can also be cloned now via the new `podman pod clone` command. Support for YAML in `play kube` has also been improved, with additional support for security context settings and the ability to use `BlockDevice` and `CharDevice` volumes.\\n\\nsystemd integration with `podman play kube` has been introduced. Pods launched by `podman play kube` can be managed by systemd, using the new `podman-kube@.service` service - e.g. `systemctl --user start podman-play-kube@$(systemd-escape my.yaml).service` will run the `my.yaml` file managed by systemd.\\n\\nSeveral other features and changes also landed in Podman v4.2.0. Early support for Sigstore signatures is now available in `podman push` and `podman manifest push` - expect more in this area in the future as we further integrate Sigstore and Podman. Podman networks can now be isolated (preventing traffic from being sent to other Podman-managed networks) with the `--opt isolate=` option to `podman network create`.\\n\\nThese are just a few of the 40 new features and 50 bug fixes included in Podman 4.2.0. Be sure to check out the [release notes](https://github.com/containers/podman/releases/tag/v4.2.0) for more details!\\n\\nAlong with the release of Podman 4.2.0, a new version of Podman Desktop is available. If you are not yet aware of [Podman Desktop](https://podman-desktop.io/), it\u2019s a new project under the container organization to help developers work with containers in their local environment with a desktop UI. Podman Desktop is still in its early days. Still, it already provides capabilities to list your images, interact with containers (access logs, get a terminal), connect to registries (pull private images, push your images) and configure podman settings (proxies).\\nAn early adopter program has also been set up. Feel free to [sign up](https://forms.gle/ow73dV7Ce3YLzoXH7) if you are interested in testing Podman Desktop, providing feedback, and speaking about your ideas, experiences, and pain points! If you are interested in contributing to the tool, your help would also be appreciated. Feel free to investigate the project\u2019s [Github](https://github.com/containers/podman-desktop)."},{"id":"/2022/05/09/podman-release-v4.1.0","metadata":{"permalink":"/release/2022/05/09/podman-release-v4.1.0","source":"@site/release/2022-05-09-podman-release-v4.1.0.md","title":"Podman v4.1.0 Released","description":"podman logo","date":"2022-05-09T00:00:00.000Z","formattedDate":"May 9, 2022","tags":[{"label":"community","permalink":"/release/tags/community"},{"label":"open source","permalink":"/release/tags/open-source"},{"label":"podman","permalink":"/release/tags/podman"},{"label":"hpc","permalink":"/release/tags/hpc"},{"label":"kubernetes","permalink":"/release/tags/kubernetes"}],"readingTime":2.145,"hasTruncateMarker":false,"authors":[{"name":"mheon"}],"frontMatter":{"title":"Podman v4.1.0 Released","layout":"default","author":"mheon","categories":["releases"],"tags":["community","open source","podman","hpc","kubernetes"]},"prevItem":{"title":"Podman v4.2.0 Released","permalink":"/release/2022/08/17/podman-release-v4.2.0"},"nextItem":{"title":"Podman v4.0.0 Released","permalink":"/release/2022/02/22/podman-release-v4.0.0"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n## Podman v4.1 has been released!\\n\\nThe new Podman v4.1.0 release is now available. This release is all about new features, with some of the most exciting being improved support for running on Mac and Windows, and adding support for Docker Compose v2.0. These are just the beginning, though, as this release also includes the ability to clone containers, significant improvements to checkpointing, and over 25 bug fixes. Read on for more details!\\n\\n\x3c!--readmore--\x3e\\n\\nPodman\u2019s support for running on Mac and Windows via `podman machine` has seen a number of major improvements, chief among them support for mounting the host machine\u2019s home directory into the `podman machine` VMs by default. Also, on Windows, you can now refer to arbitrary Windows drive paths in your volume mount expressions. This allows containers run by Podman to use mounts from the host, an often-requested feature. Additionally, we\u2019ve added a `podman machine inspect` command to inspect existing VMs, and support for modifying the CPU, memory, and disk limits of existing VMs using the `podman machine set` command. Support for non-Linux operating systems continues to be one of our main focuses, and we\u2019re committed to improving our user experience here - stay tuned for more details!\\n\\nPodman v4.1 is also our first release to support Docker Compose v2.2.0 and up. Since our v3.0 release over a year ago, Podman has supported Compose v1, but the rewritten Compose v2 required further work in Podman to support. Please note that it may be necessary to disable the use of the BuildKit API by setting the environment variable `DOCKER_BUILDKIT=0`; we\u2019re looking into improving our Buildkit support in the future, so this is not necessary.\\n\\nThere are numerous other changes and improvements to all parts of Podman packed into this release. We\u2019ve added several new commands, including `podman volume mount` and `podman volume unmount` (to allow easy copying of files to and from volumes without using them in a container) and `podman container clone` (creates a copy of an existing container, with the ability to change many settings while doing so). Checkpoint and restore have seen a major improvement with the ability to store checkpoints as OCI images, allowing them to be distributed via container registries. Finally, Podman has gone on a diet - we set out to reduce or eliminate many of our dependencies and managed to reduce our binary size by 8MB shaving off 15% of the original binary size. There are many more changes - too many to list all of them here - so be sure to check out the [release notes](https://github.com/containers/podman/releases/tag/v4.1.0)!"},{"id":"/2022/02/22/podman-release-v4.0.0","metadata":{"permalink":"/release/2022/02/22/podman-release-v4.0.0","source":"@site/release/2022-02-22-podman-release-v4.0.0.md","title":"Podman v4.0.0 Released","description":"podman logo","date":"2022-02-22T00:00:00.000Z","formattedDate":"February 22, 2022","tags":[{"label":"community","permalink":"/release/tags/community"},{"label":"open source","permalink":"/release/tags/open-source"},{"label":"podman","permalink":"/release/tags/podman"},{"label":"hpc","permalink":"/release/tags/hpc"},{"label":"kubernetes","permalink":"/release/tags/kubernetes"}],"readingTime":1.975,"hasTruncateMarker":false,"authors":[{"name":"mheon"}],"frontMatter":{"title":"Podman v4.0.0 Released","layout":"default","author":"mheon","categories":["releases"],"tags":["community","open source","podman","hpc","kubernetes"]},"prevItem":{"title":"Podman v4.1.0 Released","permalink":"/release/2022/05/09/podman-release-v4.1.0"},"nextItem":{"title":"Podman v3.3.0 Released","permalink":"/release/2021/08/31/podman-release-v3.3.0"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n## Podman v4.0 has been released!\\n\\nPodman v4.0.0, a brand-new major release, is now available. Podman 4.0 is one of our most significant releases ever, featuring over 60 new features. Headlining this release is a complete rewrite of the network stack for improved functionality and performance, but there are numerous other changes, including improvements to Podman\u2019s Mac and Windows support, improvements to pods, over 50 bug fixes, and much, much more!\\n\\n\x3c!--readmore--\x3e\\n\\nPodman now features support for a new network stack based on [Netavark](https://github.com/containers/netavark) and [Aardvark](https://github.com/containers/aardvark-dns), in addition to the existing CNI stack. The new stack features improved support for containers in multiple networks, improved IPv6 support, and improved performance. To ensure that we don\u2019t break existing users, the old CNI stack will remain the default on existing installations, while new installs will use Netavark. We\u2019re planning an in-depth dive into the networking changes in a future blog, so look forward to more details there!\\n\\nSupport for Podman on Windows and OS X has also been a top priority, and we have made several major improvements for Podman 4.0. Chief among them is support for mounting the Podman API socket on the host system, allowing tools like Docker Compose to be used on the host system instead of inside the `podman machine` VM. Also, `podman machine` can now use WSL2 as a backend on Windows, greatly improving Podman\u2019s support for Windows. More features, including support for volume mounts from the host, are planned for Podman v4.1, so stay tuned for more updates.\\n\\nPodman Pods have seen numerous new features added to allow sharing resources between containers in the pod. The `--volume` and `--device` options to the `podman pod create` command allows volumes and devices to be mounted to every container in the pod, and the `--security-opt` and `--sysctl` options allow these configurations to be set for every container in the pod. Again, these changes are just the beginning of what we have planned - eventually, we aim to have almost every option from `podman run` available to pods to allow easy sharing of configuration options among containers within them.\\n\\nThese changes are just the tip of the iceberg - there\u2019s far more packed into this release, including major updates to checkpoint and restore, improvements to `podman generate systemd` and `podman play kube`, and so much more. Find out more in the [release notes](https://github.com/containers/podman/releases/tag/v4.0.0)."},{"id":"/2021/08/31/podman-release-v3.3.0","metadata":{"permalink":"/release/2021/08/31/podman-release-v3.3.0","source":"@site/release/2021-08-31-podman-release-v3.3.0.md","title":"Podman v3.3.0 Released","description":"podman logo","date":"2021-08-31T00:00:00.000Z","formattedDate":"August 31, 2021","tags":[{"label":"community","permalink":"/release/tags/community"},{"label":"open source","permalink":"/release/tags/open-source"},{"label":"podman","permalink":"/release/tags/podman"},{"label":"hpc","permalink":"/release/tags/hpc"},{"label":"kubernetes","permalink":"/release/tags/kubernetes"}],"readingTime":1.695,"hasTruncateMarker":false,"authors":[{"name":"mheon"}],"frontMatter":{"title":"Podman v3.3.0 Released","layout":"default","author":"mheon","categories":["releases"],"tags":["community","open source","podman","hpc","kubernetes"]},"prevItem":{"title":"Podman v4.0.0 Released","permalink":"/release/2022/02/22/podman-release-v4.0.0"},"nextItem":{"title":"Podman v3.1.0 Released","permalink":"/release/2021/04/02/podman-release-v3.1.0"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n## Podman 3.3 has been released!\\n\\nA new Podman release is available, featuring a number of exciting new features, including improved support for running Podman on OS X, support for restarting containers after a system restart, improved support for checkpointing and restoring containers, and 60 bug fixes and stability improvements. Read on for more details!\\n\\n\x3c!--readmore--\x3e\\n\\nPodman\u2019s support for running on non-Linux operating systems via the `podman machine` command continues to improve in v3.3.0. When containers are run inside a virtual machine created by `podman machine`, port forwarding from the host to the container is now supported - that is, a container that forwards port 8080 on the host to port 80 in the container will now be accessible not just from port 8080 in the Podman-managed virtual machine, but also from port 8080 on the host system. Stability also continues to improve, with many fixes being made to both `podman machine` itself and the remote Podman client.\\n\\nPodman now supports restarting containers created with the `--restart` option after the system is rebooted. Containers created with `--restart=always` can be automatically started when the system boots if the `podman-restart.service` systemd unit is enabled. Our main focus continues to be on managing containers directly with systemd via `podman generate systemd`, which has always allowed containers to be automatically started after boot and provides greater flexibility than the `--restart` option, but the addition of `podman-restart.service` will be useful for those seeking improved compatibility with Docker. The `podman generate systemd` command also saw several improvements, and will not default to using SDNotify instead of PID files, producing smaller and easier-to-understand unit files.\\n\\nSupport for checkpoint and restoring containers has seen several new additions, most notably the ability to checkpoint and restore containers that are part of pods. Additionally, when restoring containers, you can now alter what ports the container publishes via the `--publish` option. Together, these greatly increase the flexibility of checkpoint and restore.\\n\\nThis release also includes numerous other changes, features, and fixes. Find out more in the [release notes](https://github.com/containers/podman/releases/tag/v3.3.0)."},{"id":"/2021/04/02/podman-release-v3.1.0","metadata":{"permalink":"/release/2021/04/02/podman-release-v3.1.0","source":"@site/release/2021-04-02-podman-release-v3.1.0.md","title":"Podman v3.1.0 Released","description":"podman logo","date":"2021-04-02T00:00:00.000Z","formattedDate":"April 2, 2021","tags":[{"label":"community","permalink":"/release/tags/community"},{"label":"open source","permalink":"/release/tags/open-source"},{"label":"podman","permalink":"/release/tags/podman"},{"label":"hpc","permalink":"/release/tags/hpc"},{"label":"kubernetes","permalink":"/release/tags/kubernetes"}],"readingTime":1.57,"hasTruncateMarker":false,"authors":[{"name":"mheon"}],"frontMatter":{"title":"Podman v3.1.0 Released","layout":"default","author":"mheon","categories":["releases"],"tags":["community","open source","podman","hpc","kubernetes"]},"prevItem":{"title":"Podman v3.3.0 Released","permalink":"/release/2021/08/31/podman-release-v3.3.0"},"nextItem":{"title":"Podman v3.0.0 Released","permalink":"/release/2021/02/11/podman-release-v3.0.0"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n## Podman 3.1 has been released!\\n\\nThe new Podman release includes a number of exciting new features, including the `podman secret` command for managing secrets, support for a volume chown option to fix permissions automatically, improved support for volumes in `podman generate kube`, and over 60 bug fixes, many to the HTTP API. Read on for more details!\\n\x3c!--readmore--\x3e\\n\\nSecrets support has been a frequent request for Podman, and 3.1.0 features the first step toward fulfilling it. Secrets add a way to easily add confidential data into containers, by having Podman-managed secret files, which can easily be added to containers. We have added a suite of new commands - `podman secret create`, `podman secret ls`, `podman secret inspect`, and `podman secret rm` - to manage these secrets, and a `--secret` flag to `podman create` and `podman run` to mount secrets into containers. Please note that the initial implementation of secrets does not encrypt secrets at rest - look for this in an upcoming release.\\n\\nPodman can now automatically change volume ownership to match the user a container is running as. The new `:U` mount option for volumes made with the `-v` flag to `podman create` and `podman run` will chown paths mounted into containers to ensure that the user in the container can access the volume. This is very useful with rootless containers, where the rootless user namespace can make it difficult to tell what user on the container will access a directory.\\n\\nThe `podman generate kube` command can now generate `PersistentVolumeClaim` volumes for Podman named volumes attached to containers. These have been supported in `podman play kube` since v2.2.0, but until now, Podman has not been able to create YAML with these volumes. This important addition restores symmetry between `generate kube` and `play kube`.\\n\\nThis release also includes numerous other changes, features, and fixes. Find out more in the [release notes](https://github.com/containers/podman/releases/tag/v3.1.0)."},{"id":"/2021/02/11/podman-release-v3.0.0","metadata":{"permalink":"/release/2021/02/11/podman-release-v3.0.0","source":"@site/release/2021-02-11-podman-release-v3.0.0.md","title":"Podman v3.0.0 Released","description":"podman logo","date":"2021-02-11T00:00:00.000Z","formattedDate":"February 11, 2021","tags":[{"label":"community","permalink":"/release/tags/community"},{"label":"open source","permalink":"/release/tags/open-source"},{"label":"podman","permalink":"/release/tags/podman"},{"label":"hpc","permalink":"/release/tags/hpc"},{"label":"kubernetes","permalink":"/release/tags/kubernetes"}],"readingTime":2.05,"hasTruncateMarker":false,"authors":[{"name":"mheon"}],"frontMatter":{"title":"Podman v3.0.0 Released","layout":"default","author":"mheon","categories":["releases"],"tags":["community","open source","podman","hpc","kubernetes"]},"prevItem":{"title":"Podman v3.1.0 Released","permalink":"/release/2021/04/02/podman-release-v3.1.0"},"nextItem":{"title":"Podman v2.2.0 Released","permalink":"/release/2020/12/14/podman-release-v2.2.0"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n## Podman 3.0 has been released!\\n\\nThis new major release features several exciting new features, including support for [Docker Compose](https://www.redhat.com/sysadmin/podman-docker-compose), improved security around image pulls by short name, improved networking support, and over 100 bug fixes. Podman v3.0 also features numerous improvements to our REST API and the Podman remote client.\\n\x3c!--readmore--\x3e\\n\\nThe headlining feature of Podman 3.0 is the addition of support for Docker Compose which can now run against the Podman REST API. There are no changes needed as Compose won\u2019t even realize it\u2019s using Podman. Compose is only supported when running Podman as root; we aim to support it with rootless Podman in a future release.\\n\\nPodman 3.0 also enables [secure short name aliasing](https://www.redhat.com/sysadmin/container-image-short-names) by default, a feature that debuted in experimental form in Podman 2.2. With short name aliasing enabled, every time a user-facing Podman process pulls an image by a short name for the first time (e.g. `podman pull fedora`), it will prompt to ask the user where they want to pull from. This removes several potential ways an attacker could manipulate where an image was pulled from to cause Podman to pull a malicious image.\\n\\nPodman networking has seen numerous fixes as part of Podman 3.0. We have added a new command, `podman network reload`, which recreates firewall rules for Podman containers. Previously, reloading the system firewall would render all containers running as root unusable until they were restarted; `podman network reload` fixes this. Networks created by `podman network create` also now support labels, and the `podman network ls` command can filter using these labels.\\n\\nPodman v3.0 includes the latest version of [Buildah](https://buildah.io) along with updates to our other container libraries. Buildah 1.19.2 includes many new features and fixes, including improved support for building multi-platform container images.\\n\\nPodman v3.0 also includes a fix for CVE-2021-20199. This is a security issue where rootless Podman would rewrite the source address on traffic from published ports to `127.0.0.1`, which could cause an authentication bypass on certain images. We strongly suggest upgrading if you use rootless Podman.\\n\\nAs part of 3.0, Podman has dropped support for the legacy Varlink API, which we deprecated in Podman 2.0. We recommend all users of the Varlink API upgrade to the new REST API.\\n\\nDozens of other features, changes, and bug fixes are all included to improve stability, performance, and compatibility. These include numerous additional commands and options as well as API changes and fixes. You can read more [here](https://github.com/containers/podman/releases/tag/v3.0.0)."},{"id":"/2020/12/14/podman-release-v2.2.0","metadata":{"permalink":"/release/2020/12/14/podman-release-v2.2.0","source":"@site/release/2020-12-14-podman-release-v2.2.0.md","title":"Podman v2.2.0 Released","description":"podman logo","date":"2020-12-14T00:00:00.000Z","formattedDate":"December 14, 2020","tags":[{"label":"community","permalink":"/release/tags/community"},{"label":"open source","permalink":"/release/tags/open-source"},{"label":"podman","permalink":"/release/tags/podman"},{"label":"hpc","permalink":"/release/tags/hpc"},{"label":"kubernetes","permalink":"/release/tags/kubernetes"}],"readingTime":1.79,"hasTruncateMarker":false,"authors":[{"name":"mheon"}],"frontMatter":{"title":"Podman v2.2.0 Released","layout":"default","author":"mheon","categories":["releases"],"tags":["community","open source","podman","hpc","kubernetes"]},"prevItem":{"title":"Podman v3.0.0 Released","permalink":"/release/2021/02/11/podman-release-v3.0.0"},"nextItem":{"title":"Podman v2.1.0 Released","permalink":"/release/2020/10/05/podman-release-v2.1.0"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n## Podman 2.2 has been released!\\n\\nPodman v2.2.0 has been released! Featuring numerous new features and over 80 bugfixes, the new Podman offers a number of often-requested features and improved stability. Read on for more details!\\n\x3c!--readmore--\x3e\\n\\nSome of our most exciting new features include support for network aliases and the `network connect` and `network disconnect` commands. Network aliases are additional names that containers can be accessed through when using DNS. The `network connect` and `network disconnect` commands allow running containers to be added to and removed from networks. These have been frequent requests from users, and significantly improve our compatibility with Docker in networking.\\n\\nPodman 2.2 also comes with initial support for short name aliasing. This feature, explained more fully [here](https://www.redhat.com/sysadmin/container-image-short-names), enhances the security of short names in the `podman pull` and `podman run` commands (e.g. `podman pull ubi8`) by ensuring that that the image we pull is actually the image the user wanted. This feature is purely opt-in for now but will be enabled by default in Podman 3.0.\\n\\nThe `podman generate kube` and `podman play kube` commands also saw numerous improvements, most of which were provided by the community. Both `generate kube` and `play kube` now support resource limits for containers. We\u2019ve also gained support for Kubernetes\u2019 persistent volume claims and configmaps in `podman play kube`. We now offer increased control over the containers created by `play kube` as well, with a `--start` option (defaulting to true) controlling whether they are started immediately after being created, and the ability to set what log driver they use to improve the ability of `podman play kube` to integrate with systemd unit files.\\n\\nWe\u2019ve also added several other improvements. The `--mount` option to `podman create` and `podman run` can now mount a container image into a container using the `type=image` argument. Additionally, the `podman inspect` command now works with more objects (networks, pods, and volumes) instead of just containers and images. Finally, more Podman commands (`podman mount`, `podman diff`, `podman container exists`) can now work with Buildah and CRI-O containers, in addition to Podman containers.\\n\\nNumerous bug fixes to APIV2 to better support docker-compose and docker-py."},{"id":"/2020/10/05/podman-release-v2.1.0","metadata":{"permalink":"/release/2020/10/05/podman-release-v2.1.0","source":"@site/release/2020-10-05-podman-release-v2.1.0.md","title":"Podman v2.1.0 Released","description":"podman logo","date":"2020-10-05T00:00:00.000Z","formattedDate":"October 5, 2020","tags":[{"label":"community","permalink":"/release/tags/community"},{"label":"open source","permalink":"/release/tags/open-source"},{"label":"podman","permalink":"/release/tags/podman"}],"readingTime":1.69,"hasTruncateMarker":false,"authors":[{"name":"mheon"}],"frontMatter":{"title":"Podman v2.1.0 Released","layout":"default","author":"mheon","categories":["releases"],"tags":["community","open source","podman"]},"prevItem":{"title":"Podman v2.2.0 Released","permalink":"/release/2020/12/14/podman-release-v2.2.0"},"nextItem":{"title":"Podman v1.9.0 Released","permalink":"/release/2020/04/17/podman-release-v1.9.0"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n## Podman 2.1 has been released!\\n\\n\\nPodman v2.1.0 has just been released! This is one of our largest releases ever, and features numerous new features, over 50 bugs fixed, and extensive work on the REST API. Read on for more details!\\n\x3c!--readmore--\x3e\\n\\nOur biggest announcement is that rootless Podman now supports inter-container networking. Previously, it was impossible for rootless Podman containers to communicate directly with each other without using pods. Now, by joining rootless containers to a network, they can communicate with other containers in the same network in the same manner as containers running with full root privileges. This is a major improvement to rootless networking, and addresses one of the largest gaps between running Podman with and without root.\\n\\nWe\u2019ve also enabled a number of new features for images. Podman can now mount images (read-only) so their contents can be viewed without creating a container based on the image, using the `podman image mount` command. Additionally, `podman save` and `podman load` can now work with archives containing multiple images, instead of only one at a time. Finally, Podman\u2019s pull logic has been reworked to retry pulling images when a pull fails due to network issues.\\n\\nThe `podman play kube` command has also been a focus of attention. It now handles many additional options from Kubernetes YAML. These include support for new volume types (mounting sockets into your pods and setting volumes as read-only), setting restart policy for pods, adding entries to `/etc/hosts`, and many more. These features are available to anyone using `podman generate kube` as well.\\n\\nIn addition, there are numerous small improvements. Volume mounts can now use the `:O` option to be created as overlay mounts - mounts where changes made by the container will not be propagated back to the host. Podman now supports setting the timezone of containers (using the `--tz` flag). The `podman ps` command now supports a `--storage` option which will display all containers on the system, even those not managed by Podman (e.g. Buildah and CRI-O containers)."},{"id":"/2020/04/17/podman-release-v1.9.0","metadata":{"permalink":"/release/2020/04/17/podman-release-v1.9.0","source":"@site/release/2020-04-17-podman-release-v1.9.0.md","title":"Podman v1.9.0 Released","description":"podman logo","date":"2020-04-17T00:00:00.000Z","formattedDate":"April 17, 2020","tags":[{"label":"community","permalink":"/release/tags/community"},{"label":"open source","permalink":"/release/tags/open-source"},{"label":"podman","permalink":"/release/tags/podman"}],"readingTime":1.27,"hasTruncateMarker":false,"authors":[{"name":"mheon"}],"frontMatter":{"title":"Podman v1.9.0 Released","layout":"default","author":"mheon","categories":["releases"],"tags":["community","open source","podman"]},"prevItem":{"title":"Podman v2.1.0 Released","permalink":"/release/2020/10/05/podman-release-v2.1.0"},"nextItem":{"title":"Podman v1.7.0 Released","permalink":"/release/2020/01/08/podman-release-v1.7.0"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n## Podman 1.9 has been released!\\n\\nPodman 1.9.0 has been released, featuring initial support for the new `containers.conf` configuration file, the ability to dynamically allocate user namespaces, and many improvements to the HTTP API.\\n\\n\x3c!--readmore--\x3e\\n\\nThe `containers.conf` configuration file (documentation [here](https://github.com/containers/common/blob/main/docs/containers.conf.5.md)) is the eventual replacement for our old configuration file, `libpod.conf`. It contains everything that file had, but also a large number of container-specific configuration settings, including the ability to add volume mounts, environment variables, DNS servers, and much more by default in new containers. As support is still in the early stages, we do not presently provide a default `containers.conf`, but expect to find one in future releases! The `containers.conf` file is also shared between Podman and Buildah, and sets defaults for both.\\n\\nPodman continues to push the boundaries of containers and security. Podman has a new experimental feature to dynamically allocate user namespaces for containers run as root with the `--userns=auto` flag. This option causes Podman to allocate unique user namespaces for each container it creates, dynamically sized based on the number of UIDs in the image. With this option, it is trivial to run containers in separate user namespaces, greatly improving isolation.\\n\\nWe expect that Podman 1.9.0 will be the last minor release before Podman 2.0. Podman 2.0 will feature a number of major architectural changes to better support the new HTTP API, and will allow Podman to be used locally, as it is today, or remotely, against a Podman HTTP service, with the same executable. More details [here](https://podman.io/blogs/2020/04/16/podman-v2-announce.html)."},{"id":"/2020/01/08/podman-release-v1.7.0","metadata":{"permalink":"/release/2020/01/08/podman-release-v1.7.0","source":"@site/release/2020-01-08-podman-release-v1.7.0.md","title":"Podman v1.7.0 Released","description":"podman logo","date":"2020-01-08T00:00:00.000Z","formattedDate":"January 8, 2020","tags":[{"label":"community","permalink":"/release/tags/community"},{"label":"open source","permalink":"/release/tags/open-source"},{"label":"podman","permalink":"/release/tags/podman"}],"readingTime":1.05,"hasTruncateMarker":false,"authors":[{"name":"mheon"}],"frontMatter":{"title":"Podman v1.7.0 Released","layout":"default","author":"mheon","categories":["releases"],"tags":["community","open source","podman"]},"prevItem":{"title":"Podman v1.9.0 Released","permalink":"/release/2020/04/17/podman-release-v1.9.0"},"nextItem":{"title":"Podman v1.5.0 Released","permalink":"/release/2019/08/14/podman-release-v1.5.0"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n## Podman 1.7 has been released!\\n\\nPodman v1.7.0 has been released, including many new features and numerous bugfixes. It features improvements to networking, `podman play kube`, and systemd unit file integration. We\u2019ve also added the `podman system reset` command, to remove all existing containers, pods, images, and volumes and reset the system to its initial state. Stability has not been neglected, and this release features almost 60 bugfixes, including major fixes for `podman rm`, `podman exec`, and volumes.\\n\\n\x3c!--readmore--\x3e\\n\\nThis new release features improved support for host networking via the CNI `macvlan` plugin which allows containers to connect directly to networks the host is connected to. The `podman network create` command can now create `macvlan` configs via the `--macvlan` flag. Containers can also set static MAC addresses. The `podman play kube` command has also been updated to respect security settings, including user/group, SELinux configuration, and Seccomp profiles. Podman now creates a cgroup namespace by default on systems using cgroups v2, improving container isolation. We\u2019ve made major improvements for running Podman in a systemd service. These changes (and how to use them) are detailed elsewhere in a [blog](https://www.redhat.com/sysadmin/podman-shareable-systemd-services).\\n\\nAs always, please visit our page on [GitHub](https://github.com/containers/podman/blob/main/RELEASE_NOTES.md) to see the full changelog.\\n\\nYou can find instructions for installing Podman [here](https://github.com/containers/podman/blob/main/install.md)."},{"id":"/2019/08/14/podman-release-v1.5.0","metadata":{"permalink":"/release/2019/08/14/podman-release-v1.5.0","source":"@site/release/2019-08-14-podman-release-v1.5.0.md","title":"Podman v1.5.0 Released","description":"podman logo","date":"2019-08-14T00:00:00.000Z","formattedDate":"August 14, 2019","tags":[{"label":"community","permalink":"/release/tags/community"},{"label":"open source","permalink":"/release/tags/open-source"},{"label":"podman","permalink":"/release/tags/podman"}],"readingTime":1.355,"hasTruncateMarker":false,"authors":[{"name":"mheon"}],"frontMatter":{"title":"Podman v1.5.0 Released","layout":"default","author":"mheon","categories":["releases"],"tags":["community","open source","podman"]},"prevItem":{"title":"Podman v1.7.0 Released","permalink":"/release/2020/01/08/podman-release-v1.7.0"},"nextItem":{"title":"Podman v1.3.0 Released","permalink":"/release/2019/05/10/podman-release-v1.3.0"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n## Podman has gone 1.5!\\n\\nPodman 1.5.0 has been released! We\u2019ve made major improvements to `podman exec`, `podman generate kube`, and rootless containers in this release. Stability has also been a focus, and we\u2019ve fixed over 30 bugs and several performance issues. The new 1.5.0 release is available for Fedora and Ubuntu right now!\\n\\n\x3c!--readmore--\x3e\\n\\nWith this new release, Podman has picked up a number of improvements to core container functionality. The `podman exec` command has been completely reworked, including improved handling for attaching to containers. Expect to see more work on `exec` in future releases. CGroups have also seen major work, with support for CGroup namespaces via the `--cgroupns` flag to `podman create` and `podman run`, and support for CGroups v2 when using the `crun` OCI runtime - more details [here](https://www.scrivano.org/2019/05/12/rootless-resources-management-with-podman-on-fedora-30/). The `podman generate kube` command has also been improved and now includes volumes mounted into containers. Finally, we\u2019ve addressed several memory leaks and other performance issues, and Podman should be much more responsive on systems under high load.\\n\\nRootless containers have also been improved, featuring improved handling for privileged containers and the ability to use container health checks. Podman now has experimental support for running rootless containers with a single UID and GID using the new `ignore_chown_errors` storage option. This allows Podman to be run without the `newuidmap` and `newgidmap` binaries, and removes the need for any elevated privileges to start rootless containers. This approach is more limited (but more secure) than normal rootless containers.\\n\\nAs always, please visit our release notes on [GitHub](https://github.com/containers/podman/blob/main/RELEASE_NOTES.md) to see the full changelog.\\n\\nYou can find instructions for installing Podman [here](https://github.com/containers/podman/blob/main/install.md)."},{"id":"/2019/05/10/podman-release-v1.3.0","metadata":{"permalink":"/release/2019/05/10/podman-release-v1.3.0","source":"@site/release/2019-05-10-podman-release-v1.3.0.md","title":"Podman v1.3.0 Released","description":"podman logo","date":"2019-05-10T00:00:00.000Z","formattedDate":"May 10, 2019","tags":[{"label":"community","permalink":"/release/tags/community"},{"label":"open source","permalink":"/release/tags/open-source"},{"label":"podman","permalink":"/release/tags/podman"}],"readingTime":1.115,"hasTruncateMarker":false,"authors":[{"name":"mheon"}],"frontMatter":{"title":"Podman v1.3.0 Released","layout":"default","author":"mheon","categories":["releases"],"tags":["community","open source","podman"]},"prevItem":{"title":"Podman v1.5.0 Released","permalink":"/release/2019/08/14/podman-release-v1.5.0"},"nextItem":{"title":"Podman v1.2.0 Released","permalink":"/release/2019/04/10/podman-release-v1.2.0"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n## Welcome to Podman 1.3.0!\\n\\nPodman 1.3.0 has been released! We\'ve focused firmly on stability with 1.3.0, fixing over 25 bugs and making major changes to improve the stability of rootless Podman and Podman volumes. This release also includes a number of new features, including the `podman generate systemd` command to generate unit files to manage Podman containers, and the `--restart` flag for `podman run` and `podman create` to restart containers on error. We also picked up a fresh version of Buildah, 1.8.2, including numerous fixes and improvements for `podman build`.\\n\\n\x3c!--readmore--\x3e\\n\\nThe biggest new features in Podman 1.3.0 are for managing container restart. The `--restart` flag allows Podman to restart containers when they exit, and the `podman generate systemd` command makes unit files so you can leverage systemd to manage container lifecycle. These commands seem very similar, but are very different in practice. The `--restart` flag is much simpler, but more limited - it restarts containers when they exit, but cannot deal with a system restart or dependencies between containers. If you need access to these more advanced features, `podman generate systemd` will allow you to manage your containers via systemd, leveraging all of its service management capabilities.\\n\\nAs always, please visit our release notes on [GitHub](https://github.com/containers/podman/blob/main/RELEASE_NOTES.md) to see the full changelog.\\n\\nYou can find instructions for installing Podman [here](https://github.com/containers/podman/blob/main/install.md)"},{"id":"/2019/04/10/podman-release-v1.2.0","metadata":{"permalink":"/release/2019/04/10/podman-release-v1.2.0","source":"@site/release/2019-04-10-podman-release-v1.2.0.md","title":"Podman v1.2.0 Released","description":"podman logo","date":"2019-04-10T00:00:00.000Z","formattedDate":"April 10, 2019","tags":[{"label":"community","permalink":"/release/tags/community"},{"label":"open source","permalink":"/release/tags/open-source"},{"label":"podman","permalink":"/release/tags/podman"}],"readingTime":1.69,"hasTruncateMarker":false,"authors":[{"name":"mheon"}],"frontMatter":{"title":"Podman v1.2.0 Released","layout":"default","author":"mheon","categories":["releases"],"tags":["community","open source","podman"]},"prevItem":{"title":"Podman v1.3.0 Released","permalink":"/release/2019/05/10/podman-release-v1.3.0"},"nextItem":{"title":"Podman v1.1.2 Released","permalink":"/release/2019/03/05/podman-release-v1.1.2"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n## Welcome to Podman 1.2.0!\\n\\nPodman 1.2.0 has been released, featuring many exciting new features and fixes for numerous bugs. With 1.2.0, Podman added support for container healthchecks, an events system, and a way to view image layers as a tree. Over 30 bugs were fixed in this new release, including numerous issues with rootless Podman. We also upgraded the version of Buildah driving `podman build` from v1.7 to v1.7.2, picking up numerous fixes.\\n\\n\x3c!--readmore--\x3e\\n\\nOur new Podman release includes support for container healthchecks. Healthchecks provide additional information on container status, running checks defined by the image or user to verify that the application in a container is working properly. Any containers with healthchecks defined will run them automatically, and their status can be checked with `podman inspect`. The `podman healthcheck run` command can also be used to manually trigger a healthcheck.\\n\\nPodman also added a new command, `podman events`, that can be used to view major lifecycle events for containers, pods, and images as they occur. This command and its corresponding Varlink API can be used by tools which wish to check the overall status of the system, or check when a specific container starts or exits. A few example events are shown below:\\n```\\n2019-04-11 15:49:45.490227772 -0400 EDT container attach 0765d56e25939f66aed5817dd10c5cbc69f177b2b4ef94ec302b8b67475e0a1a (image=quay.io/crio/alpine:latest, name=optimistic_franklin)\\n2019-04-11 15:49:45.58978211 -0400 EDT container start 0765d56e25939f66aed5817dd10c5cbc69f177b2b4ef94ec302b8b67475e0a1a (image=quay.io/crio/alpine:latest, name=optimistic_franklin)\\n2019-04-11 15:49:45.590526456 -0400 EDT container died 0765d56e25939f66aed5817dd10c5cbc69f177b2b4ef94ec302b8b67475e0a1a (image=quay.io/crio/alpine:latest, name=optimistic_franklin)\\n2019-04-11 15:49:46.363842802 -0400 EDT container remove 0765d56e25939f66aed5817dd10c5cbc69f177b2b4ef94ec302b8b67475e0a1a (image=quay.io/crio/alpine:latest, name=optimistic_franklin)\\n```\\n\\nThe `podman image tree` command was also added. This command will print a tree representation of an image\'s layers. This can be used to easily identify an image\'s dependencies. An example with a simple multilayer image is shown below:\\n```\\nImage ID: 4a3e4f2db0ac\\nTags:\\t [localhost/buildah-ctr:latest localhost/myimage:latest]\\nSize:\\t 598.1MB\\nImage Layers\\n\u251c\u2500\u2500 ID: a13f3c019d29 Size: 274.9MB\\n\u251c\u2500\u2500 ID: 6ae7c90cc44a Size: 323.2MB\\n\u2514\u2500\u2500 ID: 610298fe2990 Size: 1.024kB Top Layer of: [localhost/buildah-ctr:latest localhost/myimage:latest]\\n```\\n\\nAs always, please visit our release notes on [GitHub](https://github.com/containers/podman/blob/main/RELEASE_NOTES.md) to see the full changelog.\\n\\nYou can find instructions for installing Podman [here](https://github.com/containers/podman/blob/main/install.md)"},{"id":"/2019/03/05/podman-release-v1.1.2","metadata":{"permalink":"/release/2019/03/05/podman-release-v1.1.2","source":"@site/release/2019-03-05-podman-release-v1.1.2.md","title":"Podman v1.1.2 Released","description":"podman logo","date":"2019-03-05T00:00:00.000Z","formattedDate":"March 5, 2019","tags":[{"label":"community","permalink":"/release/tags/community"},{"label":"open source","permalink":"/release/tags/open-source"},{"label":"podman","permalink":"/release/tags/podman"}],"readingTime":0.845,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman v1.1.2 Released","layout":"default","author":"tsweeney","categories":["releases"],"tags":["community","open source","podman"]},"prevItem":{"title":"Podman v1.2.0 Released","permalink":"/release/2019/04/10/podman-release-v1.2.0"},"nextItem":{"title":"Podman v1.1.1 Released","permalink":"/release/2019/03/01/podman-release-v1.1.1"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n## Podman has gone 1.1.2!\\n\\nAfter releasing Podman v1.1.1 a number of bug fixes\\nfocusing on command line options and parsing were added. \\nAll the details follow!\\n\\n\x3c!--readmore--\x3e\\n\\n## Changes\\n\\n### Bugfixes\\n\\n * Fixed a bug where the podman image list, podman image rm, and podman container list had broken global storage options\\n * Fixed a bug where the --label option to podman create and podman run was missing the -l alias\\n * Fixed a bug where running Podman with the --config flag would not set an appropriate default value for tmp_dir [#2408](https://github.com/containers/podman/issues/2408)\\n * Fixed a bug where the podman logs command with the --timestamps flag produced unreadable output [#2500](https://github.com/containers/podman/issues/2500)\\n * Fixed a bug where the podman cp command would automatically extract .tar files copied into the container [#2509](https://github.com/containers/podman/issues/2509)\\n\\n### Misc\\n\\n * The podman container stop command is now usable with the Podman remote client\\n\\nAs always, please visit our release notes on [GitHub](https://github.com/containers/podman/blob/main/RELEASE_NOTES.md) to see the full changelog.\\n\\nYou can find instructions for installing Podman [here](https://github.com/containers/podman/blob/main/install.md)"},{"id":"/2019/03/01/podman-release-v1.1.1","metadata":{"permalink":"/release/2019/03/01/podman-release-v1.1.1","source":"@site/release/2019-03-01-podman-release-v1.1.1.md","title":"Podman v1.1.1 Released","description":"podman logo","date":"2019-03-01T00:00:00.000Z","formattedDate":"March 1, 2019","tags":[{"label":"community","permalink":"/release/tags/community"},{"label":"open source","permalink":"/release/tags/open-source"},{"label":"podman","permalink":"/release/tags/podman"}],"readingTime":2.495,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman v1.1.1 Released","layout":"default","author":"tsweeney","categories":["releases"],"tags":["community","open source","podman"]},"prevItem":{"title":"Podman v1.1.2 Released","permalink":"/release/2019/03/05/podman-release-v1.1.2"},"nextItem":{"title":"Podman v1.1.0 Released","permalink":"/release/2019/02/26/podman-release-v1.1.0"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n## Podman has gone 1.1.1!\\n\\nAfter releasing Podman v1.1.0 a number of miscellaneous changes and several bug fixes\\nfocusing on command line options and parsing were added. \\nAll the details follow!\\n\\n\x3c!--readmore--\x3e\\n\\n## Changes\\n\\n### Bugfixes\\n\\n * Fixed a bug where podman container restore was erroneously available as podman restore [#2191](https://github.com/containers/podman/issues/2191)\\n * Fixed a bug where the volume_path option in libpod.conf was not being respected\\n * Fixed a bug where Podman failed to build when the varlink tag was not present [#2459](https://github.com/containers/podman/issues/2459)\\n * Fixed a bug where the podman image load command was listed twice in help text\\n * Fixed a bug where the podman image sign command was also listed as podman sign\\n * Fixed a bug where the podman image list command incorrectly had an image alias\\n * Fixed a bug where the podman images command incorrectly had ls and list aliases\\n * Fixed a bug where the podman image rm command was being displayed as podman image rmi\\n * Fixed a bug where the podman create command would attempt to parse arguments meant for the container\\n * Fixed a bug where the combination of FIPS mode and user namespaces resulted in permissions errors\\n * Fixed a bug where the --time alias for --timeout for the podman restart and podman stop commands did not function\\n * Fixed a bug where the default stop timeout for newly-created containers was being set to 0 seconds (resulting in an immediate SIGKILL on running podman stop)\\n * Fixed a bug where the output format of podman port was incorrect, printing full container ID instead of truncated ID\\n * Fixed a bug where the podman container list command did not exist\\n * Fixed a bug where podman build could not build a container from images tagged locally that did not exist in a registry [#2469](https://github.com/containers/podman/issues/2469)\\n * Fixed a bug where some Podman commands that accept no arguments would not error when provided arguments\\n * Fixed a bug where podman play kube could not handle cases where a pod and a container shared a name\\n\\n### Misc\\n\\n * Usage text for many commands was greatly improved\\n * Major cleanups were made to Podman manpages, ensuring that command lists are accurate\\n * Greatly improved debugging output when the newuidmap and newgidmap binaries fail when using rootless Podman\\n * The -s alias for the global --storage-driver option has been removed\\n * The podman container refresh command has been deprecated, as its intended use case is no longer relevant. The command has been hidden and manpages deleted. It will be removed in a future release\\n * The podman container runlabel command will now pull images not available locally even without the --pull option. The --pull option has been deprecated\\n * The podman container checkpoint and podman container restore commands are now only available on OCI runtimes where they are supported (e.g. runc)\\n\\nAs always, please visit our release notes on [GitHub](https://github.com/containers/podman/blob/main/RELEASE_NOTES.md) to see the full changelog.\\n\\nYou can find instructions for installing Podman [here](https://github.com/containers/podman/blob/main/install.md)"},{"id":"/2019/02/26/podman-release-v1.1.0","metadata":{"permalink":"/release/2019/02/26/podman-release-v1.1.0","source":"@site/release/2019-02-26-podman-release-v1.1.0.md","title":"Podman v1.1.0 Released","description":"podman logo","date":"2019-02-26T00:00:00.000Z","formattedDate":"February 26, 2019","tags":[{"label":"community","permalink":"/release/tags/community"},{"label":"open source","permalink":"/release/tags/open-source"},{"label":"podman","permalink":"/release/tags/podman"}],"readingTime":6.435,"hasTruncateMarker":false,"authors":[{"name":"tsweeney"}],"frontMatter":{"title":"Podman v1.1.0 Released","layout":"default","author":"tsweeney","categories":["releases"],"tags":["community","open source","podman"]},"prevItem":{"title":"Podman v1.1.1 Released","permalink":"/release/2019/03/01/podman-release-v1.1.1"},"nextItem":{"title":"Podman v1.0.0 Released","permalink":"/release/2019/01/16/podman-release-v1.0.0"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n## Podman has gone 1.1!\\n\\nAfter releasing Podman v1.0 a number of new features were added and several bug fixes\\nhave been added. Some of the new features include the ability to forward ports as\\nrootless Podman, adding short options to some of the existing command options,\\nadded `--all-tags` to the the pull command, further changes for\\nrootless containers and more. All the details follow!\\n\\n\x3c!--readmore--\x3e\\n\\n## Changes\\n\\n### Features\\n\\n * Added --latest and --all flags to podman mount and podman umount\\n * Rootless Podman can now forward ports into containers (using the same -p and -P flags as root Podman)\\n * Rootless Podman will now pull some configuration options (for example, OCI runtime path) from the default root libpod.conf if they are not explicitly set in the user\'s own libpod.conf [#2174](https://github.com/containers/podman/issues/2174)\\n * Added an alias -f for the --format flag of the podman info and podman version commands\\n * Added an alias -s for the --size flag of the podman inspect command\\n * Added the podman system info and podman system prune commands\\n * Added the podman cp command to copy files between containers and the host [#613](https://github.com/containers/podman/issues/613)\\n * Added the --password-stdin flag to podman login\\n * Added the --all-tags flag to podman pull\\n * The --rm and --detach flags can now be used together with podman run\\n * The podman start and podman run commands for containers in pods will now start dependency containers if they are stopped\\n * Added the podman system renumber command to handle lock changes\\n * The --net=host and --dns flags for podman run and podman create no longer conflict\\n * Podman now handles mounting the shared /etc/resolv.conf from network namespaces created by ip netns add when they are passed in via podman run --net=ns:\\n\\n### Bugfixes\\n\\n * Fixed a bug with podman inspect where different information would be returned when the container was running versus when it was stopped\\n * Fixed a bug where errors in Go templates passed to podman inspect were silently ignored instead of reported to the user [#2159](https://github.com/containers/podman/issues/2159)\\n * Fixed a bug where rootless Podman with --pid=host containers was incorrectly masking paths in /proc\\n * Fixed a bug where full errors starting rootless Podman were not reported when a refresh was requested\\n * Fixed a bug where Podman would override the config file-specified storage driver with the driver the backing database was created with without warning users\\n * Fixed a bug where podman prune would prune all images not in use by a container, as opposed to only untagged images, by default [#2192](https://github.com/containers/podman/issues/2192)\\n * Fixed a bug where podman create --quiet and podman run --quiet were not properly suppressing output\\n * Fixed a bug where the table keyword in Go template output of podman ps was not working [#2221](https://github.com/containers/podman/issues/2221)\\n * Fixed a bug where podman inspect on images pulled by digest would double-print @sha256 in output when printing digests [#2086](https://github.com/containers/podman/issues/2086)\\n * Fixed a bug where podman container runlabel will return a non-0 exit code if the label does not exist\\n * Fixed a bug where container state was always reset to Created after a reboot [#1703](https://github.com/containers/podman/issues/1703)\\n * Fixed a bug where /dev/pts was unconditionally overridden in rootless Podman, which was unnecessary except in very specific cases\\n * Fixed a bug where Podman run as root was ignoring some options in /etc/containers/storage.conf [#2217](https://github.com/containers/podman/issues/2217)\\n * Fixed a bug where Podman cleanup processes were not being given the proper OCI runtime path if a custom one was specified\\n * Fixed a bug where podman images --filter dangling=true would crash if no dangling images were present [#2246](https://github.com/containers/podman/issues/2246)\\n * Fixed a bug where podman ps --format {% raw %}\\"{{.Mounts}}\\"{% endraw %} would not display a container\'s mounts [#2238](https://github.com/containers/podman/issues/2238)\\n * Fixed a bug where podman pod stats was ignoring Go templates specified by --format [#2258](https://github.com/containers/podman/issues/2258)\\n * Fixed a bug where podman generate kube would fail on containers with --user specified [#2304](https://github.com/containers/podman/issues/2304)\\n * Fixed a bug where podman images displayed incorrect output for images pulled by digest [#2175](https://github.com/containers/podman/issues/2175)\\n * Fixed a bug where podman port and podman ps did not properly display ports if the container joined a network namespace from a pod or another container [#846](https://github.com/containers/podman/issues/846)\\n * Fixed a bug where detaching from a container using the detach keys would cause Podman to hang until the container exited\\n * Fixed a bug where podman create --rm did not work with podman start --attach\\n * Fixed a bug where invalid named volumes specified in podman create and podman run could cause segfaults [#2301](https://github.com/containers/podman/issues/2301)\\n * Fixed a bug where the runtime field in libpod.conf was being ignored. runtime is legacy and deprecated, but will continue to be respected for the foreseeable future\\n * Fixed a bug where podman login would sometimes report it logged in successfully when it did not\\n * Fixed a bug where podman pod create would not error on receiving unused CLI argument\\n * Fixed a bug where rootless podman run with the --pod argument would fail if the pod was stopped\\n * Fixed a bug where podman images did not print a trailing newline when not invoked on a TTY [#2388](https://github.com/containers/podman/issues/2388)\\n * Fixed a bug where the --runtime option was sometimes not overriding libpod.conf\\n * Fixed a bug where podman pull and podman runlabel would sometimes exit with 0 when they should have exited with an error [#2405](https://github.com/containers/podman/issues/2405)\\n * Fixed a bug where rootless podman export -o would fail [#2381](https://github.com/containers/podman/issues/2381)\\n * Fixed a bug where read-only volumes would fail in rootless Podman when the volume originated on a filesystem mounted nosuid, nodev, or noexec [#2312](https://github.com/containers/podman/issues/2312)\\n * Fixed a bug where some files used by checkpoint and restore received improper SELinux labels [#2334](https://github.com/containers/podman/issues/2334)\\n * Fixed a bug where Podman\'s volume path was not properly changed when containers/storage changed location [#2395](https://github.com/containers/podman/issues/2395)\\n\\n### Misc\\n\\n * Podman migrated to a new, shared memory locking model in this release. As part of this, if you are running Podman with pods or dependency containers (e.g. --net=container:), you should run the podman system renumber command to migrate your containers to the new model - please reference the podman-system-renumber(1) man page for further details\\n * Podman migrated to a new command-line parsing library, and the output format of help and usage text has somewhat changed as a result\\n * Updated Buildah to v1.7, picking up a number of bugfixes\\n * Updated containers/image library to v1.5, picking up a number of bugfixes and performance improvements to pushing images\\n * Updated containers/storage library to v1.10, picking up a number of bugfixes\\n * Work on the remote Podman client for interacting with Podman remotely over Varlink is progressing steadily, and many image and pod commands are supported\\n * Added path masking to mounts with the :z and :Z options, preventing users from accidentally performing an SELinux relabel of their entire home directory\\n * The podman container runlabel command will not pull an image if it does not contain the requested label\\n * Many commands\' usage information now includes examples\\n * podman rm can now delete containers in containers/storage, which can be used to resolve some situations where Podman fails to remove a container\\n * The podman search command now searches multiple registries in parallel for improved performance\\n * The podman build command now defaults --pull-always to true\\n * Containers which share a network namespace (for example, when in a pod) will now share /etc/hosts and /etc/resolv.conf between all containers in the pod, causing changes in one container to propagate to all containers sharing their networks\\n * The podman rm and podman rmi commands now return 1 (instead of 127) when all specified container or images are missing\\n\\nAs always, please visit our release notes on [GitHub](https://github.com/containers/podman/blob/main/RELEASE_NOTES.md) to see the full changelog.\\n\\nYou can find instructions for installing Podman [here](https://github.com/containers/podman/blob/main/install.md)"},{"id":"/2019/01/16/podman-release-v1.0.0","metadata":{"permalink":"/release/2019/01/16/podman-release-v1.0.0","source":"@site/release/2019-01-16-podman-release-v1.0.0.md","title":"Podman v1.0.0 Released","description":"podman logo","date":"2019-01-16T00:00:00.000Z","formattedDate":"January 16, 2019","tags":[{"label":"community","permalink":"/release/tags/community"},{"label":"open source","permalink":"/release/tags/open-source"},{"label":"podman","permalink":"/release/tags/podman"}],"readingTime":2.08,"hasTruncateMarker":true,"authors":[{"name":"mheon"}],"frontMatter":{"title":"Podman v1.0.0 Released","layout":"default","author":"mheon","categories":["releases"],"tags":["community","open source","podman"]},"prevItem":{"title":"Podman v1.1.0 Released","permalink":"/release/2019/02/26/podman-release-v1.1.0"},"nextItem":{"title":"Podman v0.12.1.1 Released","permalink":"/release/2018/12/12/podman-alpha-v0.12.1.1"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n## Podman has gone 1.0!\\n\\nOur original goal with Podman was to provide a fully-featured debugging experience for [CRI-O](https://github.com/kubernetes-sigs/cri-o), but it has become so much more. Podman 1.0.0 is a fully-featured container engine. It provides a Docker-compatible command line to ease the transition from other container engines. Most Podman commands can be run as a regular user, without requiring additional privileges. Furthermore, all of this is accomplished without a daemon!\\n\\n\x3c!--truncate--\x3e\\n\\nPodman made its first public release, v0.2, a little less than a year ago. We\'ve come a long way since then, adding new features like:\\n\\n- Rootless containers\\n- Support for pods\\n- Interacting with Kubernetes pod YAML\\n- A Varlink API for interacting with Podman on remote machines\\n\\nWe\'ve kept our eyes firmly on stability, fixing over 150 bugs. We\u2019ve also worked on performance, making sure all common operations are optimized. While it is an iterative process, we are pleased with where we stand today. With that, we\'re excited to announce that Podman is ready for prime time, and it is ready for you.\\n\\nA key focus of Podman is around security. In addition to support for rootless containers, we\u2019ve added many other security features. Great support for [User Namespaces](https://opensource.com/article/18/12/podman-and-user-namespaces) has resulted in better container separation. The `podman top` command will tell you what security features are enabled for processes within containers. Podman\u2019s daemonless fork/exec model preserves audit information on containers.\\n\\nThis is just the beginning, and we have plans for much more. For example, numerous improvements are planned for rootless Podman, pod support, the Varlink API, and automatic user namespace separation. If you find a feature missing from Podman, feel free to open an enhancement request on our [Github](https://github.com/containers/podman/issues). We love your feedback, and many of our best ideas come from users and contributors.\\n\\nFinally, the Podman team would like to thank all our contributors. Everyone who submitted code, improved documentation, or reported bugs has been a great help.\\n\\n## Changes\\n\\nA few of the biggest changes from Podman 1.0.0 include:\\n\\n- Added the `podman play kube` command, which creates Podman pods based on Kubernetes pod YAML.\\n- The `podman run` and `podman create` commands now support the `--init` flag, to run a minimal init process in the container.\\n- Added the `podman image sign` command to sign container images.\\n- Image pulls are now parallelized for increased speed\\n\\nAs always, please visit our release notes on [GitHub](https://github.com/containers/podman/blob/main/RELEASE_NOTES.md) to see the full changelog.\\n\\nYou can find instructions for installing Podman [here](https://github.com/containers/podman/blob/main/install.md)"},{"id":"/2018/12/12/podman-alpha-v0.12.1.1","metadata":{"permalink":"/release/2018/12/12/podman-alpha-v0.12.1.1","source":"@site/release/2018-12-12-podman-alpha-v0.12.1.1.md","title":"Podman v0.12.1.1 Released","description":"podman logo","date":"2018-12-12T00:00:00.000Z","formattedDate":"December 12, 2018","tags":[{"label":"community","permalink":"/release/tags/community"},{"label":"open source","permalink":"/release/tags/open-source"},{"label":"podman","permalink":"/release/tags/podman"}],"readingTime":1.2,"hasTruncateMarker":true,"authors":[{"name":"mheon"}],"frontMatter":{"title":"Podman v0.12.1.1 Released","layout":"default","author":"mheon","categories":["releases"],"tags":["community","open source","podman"]},"prevItem":{"title":"Podman v1.0.0 Released","permalink":"/release/2019/01/16/podman-release-v1.0.0"},"nextItem":{"title":"Podman Alpha version 0.8.3 Release Announcement","permalink":"/release/2018/08/20/podman-alpha-v0.8.3"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman Release 0.12.1.1\\n\\nWe\'re happy to announce the availability of Podman 0.12.1.1, our latest version. We\'ve been very busy over the last month, and it shows! We\'ve merged over 150 new commits since our 0.11 releases, including major new functionality and several critical bugfixes. Pods, Kubernetes compatibility, and container volumes all saw major improvements.\\n\\nWe hope everyone enjoys the release, and stays with us in the future as Podman gets closer to 1.0. As always, many thanks to everyone who contributed to this release!\\n\\n\x3c!--truncate--\x3e\\n\\n## Changes\\n\\nThis release comes with many exciting new features. To highlight a few of our biggest changes:\\n\\n- The `podman generate kube` command was added by Brent Baude, which generates Kubernetes pod and service YAML from Podman containers and pods.\\n- Initial support for named volumes using the `podman volume` set of commands was landed by Urvashi Mohnani\\n- The `podman rm` and `podman rmi` commands can now prune unused containers and images with the `--prune` flag\\n- Ports can now be published to the host from pods\\n\\nNumerous bugs were fixed as well, including a breaking change in rootless Podman found in 0.11.x releases.\\n\\nTo see the full changelog, please visit our release notes on [GitHub](https://github.com/containers/podman/blob/main/RELEASE_NOTES.md)\\n\\nSome of this work, like the `podman volume` command, is still very early. We\'d greatly appreciate feedback! If you have an enhancement request or a bug report, please file them on our [issue page](https://github.com/containers/podman/issues)."},{"id":"/2018/08/20/podman-alpha-v0.8.3","metadata":{"permalink":"/release/2018/08/20/podman-alpha-v0.8.3","source":"@site/release/2018-08-20-podman-alpha-v0.8.3.md","title":"Podman Alpha version 0.8.3 Release Announcement","description":"podman logo","date":"2018-08-20T00:00:00.000Z","formattedDate":"August 20, 2018","tags":[{"label":"community","permalink":"/release/tags/community"},{"label":"open source","permalink":"/release/tags/open-source"},{"label":"podman","permalink":"/release/tags/podman"}],"readingTime":1.135,"hasTruncateMarker":true,"authors":[{"name":"bbaude"}],"frontMatter":{"title":"Podman Alpha version 0.8.3 Release Announcement","layout":"default","author":"bbaude","categories":["releases"],"tags":["community","open source","podman"]},"prevItem":{"title":"Podman v0.12.1.1 Released","permalink":"/release/2018/12/12/podman-alpha-v0.12.1.1"},"nextItem":{"title":"Podman Alpha version 0.8.1 Release Announcement","permalink":"/release/2018/08/08/podman-alpha-v0.8.1"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman release 0.8.3\\n\\nOur release this week was very smooth. It seems like between CI infrastructure stability, last minute pull requests, and sometimes just plain bad luck, something always gives us trouble on Friday\u2019s. The Fedora packages are created and I see that they are getting their karma and working through the process already.\\n\\nBy the way, we moved! Our new upstream location is [https://github.com/containers/podman](https://github.com/containers/podman). It seems to be a more natural fit for our project and more closely associates us with some of our sister projects.\\n\\n\x3c!--truncate--\x3e\\n\\nSome of the more obvious changes in this release are:\\n\\n * Updated documentation to mention that systemd is now the default cgroup manager.\\n * The create|run switch of\u200a\u2014\u200auts-host now works correctly.\\n * Add pod stats as a sub-command. Similar to podman stats, it allows you to see statistics about running pods and their containers.\\n * Varlink API endpoints for many of the pod subcommands were added.\\n * Support format for the varlink API endpoint Commit (OCI or docker)\\n * Fix handling of the container\u2019s hostname when using\u200a\u2014\u200ahost=net\\n * When searching multiple registries, do not make an error from one registry be fatal.\\n * Create and Pull commands were added to the python client.\\n\\nOur IRC channel has not moved. Much of the development team can be found on Freenode in #podman. Come by and introduce yourself!"},{"id":"/2018/08/08/podman-alpha-v0.8.1","metadata":{"permalink":"/release/2018/08/08/podman-alpha-v0.8.1","source":"@site/release/2018-08-08-podman-alpha-v0.8.1.md","title":"Podman Alpha version 0.8.1 Release Announcement","description":"podman logo","date":"2018-08-08T00:00:00.000Z","formattedDate":"August 8, 2018","tags":[{"label":"community","permalink":"/release/tags/community"},{"label":"open source","permalink":"/release/tags/open-source"},{"label":"podman","permalink":"/release/tags/podman"}],"readingTime":0.725,"hasTruncateMarker":true,"authors":[{"name":"bbaude"}],"frontMatter":{"title":"Podman Alpha version 0.8.1 Release Announcement","layout":"default","author":"bbaude","categories":["releases"],"tags":["community","open source","podman"]},"prevItem":{"title":"Podman Alpha version 0.8.3 Release Announcement","permalink":"/release/2018/08/20/podman-alpha-v0.8.3"},"nextItem":{"title":"Podman Alpha version 0.7.2 Release Announcement","permalink":"/release/2018/07/16/podman-alpha-v0.7.2"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman release 0.8.1\\n\\nOur latest podman release turned out to be a lot of internal plumbing. We had more than 50 commits but most were tweaks that most users would not notice. So I don\u2019t have a singular, hot feature to point you at.\\n\\n\x3c!--truncate--\x3e\\n\\nThat said, if you haven\u2019t tried the python client to for podman, I recommend you do. It allows you to interact with a remote podman instance via SSH.\\n\\n## Other notable benefits of this release are:\\n\\n * Fixes to rootless containers including network support using slirp4netns written by Akihiro Suda\\n * Adjustments to how images are pulled and their metadata\\n * podman build now supports different isolation mechanims, to better run within a confined container.\\n * Changes to our integration tests to speed them up\\n * podman load now supports xz compression\\n * Tidy up man pages"},{"id":"/2018/07/16/podman-alpha-v0.7.2","metadata":{"permalink":"/release/2018/07/16/podman-alpha-v0.7.2","source":"@site/release/2018-07-16-podman-alpha-v0.7.2.md","title":"Podman Alpha version 0.7.2 Release Announcement","description":"podman logo","date":"2018-07-16T00:00:00.000Z","formattedDate":"July 16, 2018","tags":[{"label":"community","permalink":"/release/tags/community"},{"label":"open source","permalink":"/release/tags/open-source"},{"label":"podman","permalink":"/release/tags/podman"}],"readingTime":1.885,"hasTruncateMarker":true,"authors":[{"name":"bbaude"}],"frontMatter":{"title":"Podman Alpha version 0.7.2 Release Announcement","layout":"default","author":"bbaude","categories":["releases"],"tags":["community","open source","podman"]},"prevItem":{"title":"Podman Alpha version 0.8.1 Release Announcement","permalink":"/release/2018/08/08/podman-alpha-v0.8.1"},"nextItem":{"title":"Podman Alpha version 0.7.1 Release Announcement","permalink":"/release/2018/07/09/podman-alpha-v0.7.1"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman release 0.7.2\\n\\nAs most weeks are, this was fast and furious. You will see hand fulls of significant features below that have been added to podman this week. All of it is awesome work from the core team and its contributors. There were also two interesting features that users will be interested in: the ability to create a container with multiple networks and the podman remote client.\\n\\n\x3c!--truncate--\x3e\\n\\nWe have heard from users that they wish to be able to create containers with multiple networks. This can now be done with a combination of CNI configurations and podman. The easiest approach is to take the default podman configuration file `/etc/cni/net.d/87-podman-bridge.conflist` and duplicate it. Within the file, change the:\\n\\n * network name\\n * bridge device (cni0 -> cni1)\\n * subnet\\n\\nThen run podman like:\\n\\n```\\n$ podman run -it --network=podman,podman2 fedora:28 /bin/bash\\n```\\n\\nJhon Honce and I have also been working on a remote client for podman, called pypodman. It is written in Python and allows users to have a podman-like front-end that accesses an actual podman backend on another node. It relies heavily on ssh and we recommend the use of ssh keys to simplify things.\\n\\nOur vision is this could eventually become useful for those using Macs or Windows as a development environment. Look for more official blogs and write-ups specifically on this.\\n\\nThis is also the release where we start introducing pod concepts. We now have minimal support for pods. Try `podman pod\u200a\u2014\u200ahelp` for further information.\\n\\n# Other significant features include but are not limited to:\\n\\n * More unit tests for the varlink python client\\n * Correction behavior for podman stats\\n * Add\u200a\u2014\u200avolumes-from to podman run and create\\n * Fix a small regression in our opt handling\\n * Add a default AppArmor profile\\n * Fix path for rootless containers\\n * Varlink API fixes in how we start start and attach to containers\\n * Podman ps now reports containers as \u2018dead\u2019 instead of \u2018unknown\u2019\\n * Correct behavior in podman rmi on how to handle parent image deletions\\n * Logged output now goes to syslog as well as STDERR\\n * When pulling an image by SHA1, we now set the name and tag correctly.\\n * Better recording of exit codes for container exits"},{"id":"/2018/07/09/podman-alpha-v0.7.1","metadata":{"permalink":"/release/2018/07/09/podman-alpha-v0.7.1","source":"@site/release/2018-07-09-podman-alpha-v0.7.1.md","title":"Podman Alpha version 0.7.1 Release Announcement","description":"podman logo","date":"2018-07-09T00:00:00.000Z","formattedDate":"July 9, 2018","tags":[{"label":"community","permalink":"/release/tags/community"},{"label":"open source","permalink":"/release/tags/open-source"},{"label":"podman","permalink":"/release/tags/podman"}],"readingTime":1.26,"hasTruncateMarker":true,"authors":[{"name":"bbaude"}],"frontMatter":{"title":"Podman Alpha version 0.7.1 Release Announcement","layout":"default","author":"bbaude","categories":["releases"],"tags":["community","open source","podman"]},"prevItem":{"title":"Podman Alpha version 0.7.2 Release Announcement","permalink":"/release/2018/07/16/podman-alpha-v0.7.2"},"nextItem":{"title":"Podman Alpha version 0.6.4 Release Announcement","permalink":"/release/2018/07/02/podman-alpha-v0.6.4"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman release 0.7.1\\n\\nLast week was a busy holiday week here in the United States, but we still managed a nice release full of interesting merges.\\n\\nMany of the significant merges are going to be less than noticeable to users. A lot of updated vendor code was added as well as the removal of unused functions due to cgroups and platform changes.\\n\\n\x3c!--truncate--\x3e\\n\\nSpeaking of platform changes, one thing I have been working on the last few weeks is to cross-compile for Darwin from Linux. This was really our first need to deal with other platforms and was rather invasive at times. It took several merges over the last few weeks to complete but we have are able to _build_ a Darwin binary. I must emphasize _build_ because the binary is known to not run\u200a\u2014\u200aas there is a lengthy list of things that would need to be fixed or implemented first. Nevertheless, my goal here was to implement a CI test that would always perform the build so we can protect against subsequent regressions for Darwin should someone decide to work on that platform.\\n\\n## Other significant changes include:\\n\\n * several changes to the makefile to make it more efficient\\n * fix parsing of short options by vendoring in a new urfave/cli\\n * tutorial fixes\\n * revert back to a shared cgroup for conmon processes\\n * remove buildah requirement for the libpod image library\\n * block use of /proc/acpi from inside containers\\n * factor pkg/ctime into a separate package"},{"id":"/2018/07/02/podman-alpha-v0.6.4","metadata":{"permalink":"/release/2018/07/02/podman-alpha-v0.6.4","source":"@site/release/2018-07-02-podman-alpha-v0.6.4.md","title":"Podman Alpha version 0.6.4 Release Announcement","description":"podman logo","date":"2018-07-02T00:00:00.000Z","formattedDate":"July 2, 2018","tags":[{"label":"community","permalink":"/release/tags/community"},{"label":"open source","permalink":"/release/tags/open-source"},{"label":"podman","permalink":"/release/tags/podman"}],"readingTime":2.265,"hasTruncateMarker":true,"authors":[{"name":"bbaude"}],"frontMatter":{"title":"Podman Alpha version 0.6.4 Release Announcement","layout":"default","author":"bbaude","categories":["releases"],"tags":["community","open source","podman"]},"prevItem":{"title":"Podman Alpha version 0.7.1 Release Announcement","permalink":"/release/2018/07/09/podman-alpha-v0.7.1"},"nextItem":{"title":"Podman Alpha version 0.6.1 Release Announcement","permalink":"/release/2018/06/04/podman-alpha-v0.6.1"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman release 0.6.4\\n\\nThis afternoon we were able to overcome some last minute bugs and release a new Podman. The packages are building in Fedora and will work their way through Fedora\u2019s bodhi system. For giggles, I looked at the number of individual contributors this week and was glad to see the number at 10.\\n\\nMainly bugfixes this week, one big one was that we do a better job cleaning up containers that run in the back ground.\\n\\n\x3c!--truncate--\x3e\\n\\n**podman container cleanup** was added to cleanup mountpoint, cgroups and network configuration when containers exit. When a container is run in background mode (-d), the podman command exits, but **conmon** continues to run and monitor the container, when the container exits, conmon executes podman container cleanup to cleanup the container.\\n\\nThere were a number of bug fixes and a lot of vendoring new code\u200a\u2014\u200aGolang speak for updating the code we depend on from other projects. Interesting things are in store for podman in the upcoming weeks. Stay tuned!\\n\\nI missed writing this blog the last couple of weeks, and wanted to point out a huge new feature from the **buildah project**. **podman build** now supports layering. As you may know podman build by default only adds one layer when processing a Dockerfile. This is different the **docker build**. Docker defaults to layering each line in the Dockerfile, which makes the creation of an application easier, since docker build jumps to the first line changed in the Dockerfile since the previous build. Podman build on the other hand starts at the beginning, which works better in using a Dockerfile in a build system. With the introducion of the\u200a\u2014\u200alayers flag, you can now get the same behaviour in podman build that you have in docker build, incremental changes to the Dockerfile will start the build at the change point rather then in the beginning. There is even a environment variable BUILDAH_LAYERS which can be set to default to the layers method.\\n\\n## Notable features include:\\n\\n * Continued work on podman remote client. A mock up of a podman remote client went into the contrib/ section of our repository. This is not ready for anyone but Jhon Honce as the primary contributor to the python library code.\\n * Continued work on running podman without requiring you to be root. Giuseppe Scrivano made a bunch of commits related to rootless containers.\\n * added podman-image and podman-container man page links\\n * fixed a fatal error where when a container disappeared during podman ps.\\n * added an authfile option to podman search to deal with private registries.\\n * fixed a bug related to container startup and attached mode.\\n * building podman with varlink support is now optionional."},{"id":"/2018/06/04/podman-alpha-v0.6.1","metadata":{"permalink":"/release/2018/06/04/podman-alpha-v0.6.1","source":"@site/release/2018-06-04-podman-alpha-v0.6.1.md","title":"Podman Alpha version 0.6.1 Release Announcement","description":"podman logo","date":"2018-06-04T00:00:00.000Z","formattedDate":"June 4, 2018","tags":[{"label":"community","permalink":"/release/tags/community"},{"label":"open source","permalink":"/release/tags/open-source"},{"label":"podman","permalink":"/release/tags/podman"}],"readingTime":1.115,"hasTruncateMarker":true,"authors":[{"name":"bbaude"}],"frontMatter":{"title":"Podman Alpha version 0.6.1 Release Announcement","layout":"default","author":"bbaude","categories":["releases"],"tags":["community","open source","podman"]},"prevItem":{"title":"Podman Alpha version 0.6.4 Release Announcement","permalink":"/release/2018/07/02/podman-alpha-v0.6.4"}},"content":"![podman logo](../static/vectors/raw/podman.svg)\\n\\n# Podman release 0.6.1\\n\\nIt seems that when we have a short work week here in the US, we have rather large releases. To me, that flies in the face of logic. Speaking of which, one particular milestone was reached this week \u2026\\nWe had our 1000th commit in Podman!\\n\\nThat is particularly special, because prior to this repository, all libpod work was being done within the CRI-O repository. So the 1000 commits is in actuality since we broke apart from CRI-O. I want to recognize all the contributors who have been helping us along way. Great job!\\n##Other notable items in the release:\\n\\n\x3c!--truncate--\x3e\\n\\n## Improvements to podman Remote API\\n\\n * Example usage for the Podman python API\\n * Correct issue with varlink container inspect where not all information was being parsed\\n * varlink build added to the varlink API\\n * Python API now can attach to a container\\n\\n## Improvements to podman build\\n\\n * OnBuild support for podman build\\n\\n## General Improvements\\n\\n * Correctly drop security capabilities when running containers with\u200a\u2014\u200auser\\n * Fix edge case of pulling images with shortnames and no registries defined\\n * Lots of changes with the hooks command\\n * Make some run options exclusive when using an existing container network namespace\\n * Podman ps and images now sorts containers and images by their created time."}]}')}}]); \ No newline at end of file diff --git a/assets/js/db189e95.c1330350.js b/assets/js/db189e95.df600d5d.js similarity index 58% rename from assets/js/db189e95.c1330350.js rename to assets/js/db189e95.df600d5d.js index 0b47c840b..ccd0e105e 100644 --- a/assets/js/db189e95.c1330350.js +++ b/assets/js/db189e95.df600d5d.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[61337],{50254:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/7","page":7,"postsPerPage":10,"totalPages":26,"totalCount":255,"previousPage":"/blogs/page/6","nextPage":"/blogs/page/8","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[61337],{50254:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/7","page":7,"postsPerPage":10,"totalPages":25,"totalCount":246,"previousPage":"/blogs/page/6","nextPage":"/blogs/page/8","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/dc366153.93adc98c.js b/assets/js/dc366153.6dfd0167.js similarity index 90% rename from assets/js/dc366153.93adc98c.js rename to assets/js/dc366153.6dfd0167.js index 378853758..ef93602da 100644 --- a/assets/js/dc366153.93adc98c.js +++ b/assets/js/dc366153.6dfd0167.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[18233],{33270:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/blogs/tags/podman","allTagsPath":"/blogs/tags","count":190}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[18233],{33270:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/blogs/tags/podman","allTagsPath":"/blogs/tags","count":181}')}}]); \ No newline at end of file diff --git a/assets/js/dc648997.d3d9992f.js b/assets/js/dc648997.d3d9992f.js new file mode 100644 index 000000000..35be472dc --- /dev/null +++ b/assets/js/dc648997.d3d9992f.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[95654],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>f});var a=n(67294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var l=a.createContext({}),c=function(e){var t=a.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},p=function(e){var t=c(e.components);return a.createElement(l.Provider,{value:t},e.children)},u="mdxType",m={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},d=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,o=e.originalType,l=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),u=c(n),d=r,f=u["".concat(l,".").concat(d)]||u[d]||m[d]||o;return n?a.createElement(f,i(i({ref:t},p),{},{components:n})):a.createElement(f,i({ref:t},p))}));function f(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var o=n.length,i=new Array(o);i[0]=d;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s[u]="string"==typeof e?e:r,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>m,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var a=n(87462),r=(n(67294),n(3905));const o={title:"Podman Alpha version 0.7.1 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},i=void 0,s={permalink:"/release/2018/07/09/podman-alpha-v0.7.1",source:"@site/release/2018-07-09-podman-alpha-v0.7.1.md",title:"Podman Alpha version 0.7.1 Release Announcement",description:"podman logo",date:"2018-07-09T00:00:00.000Z",formattedDate:"July 9, 2018",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"}],readingTime:1.26,hasTruncateMarker:!0,authors:[{name:"bbaude"}],frontMatter:{title:"Podman Alpha version 0.7.1 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman Alpha version 0.7.2 Release Announcement",permalink:"/release/2018/07/16/podman-alpha-v0.7.2"},nextItem:{title:"Podman Alpha version 0.6.4 Release Announcement",permalink:"/release/2018/07/02/podman-alpha-v0.6.4"}},l={authorsImageUrls:[void 0]},c=[{value:"Other significant changes include:",id:"other-significant-changes-include",level:2}],p={toc:c},u="wrapper";function m(e){let{components:t,...o}=e;return(0,r.kt)(u,(0,a.Z)({},p,o,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("p",null,(0,r.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,r.kt)("h1",{id:"podman-release-071"},"Podman release 0.7.1"),(0,r.kt)("p",null,"Last week was a busy holiday week here in the United States, but we still managed a nice release full of interesting merges."),(0,r.kt)("p",null,"Many of the significant merges are going to be less than noticeable to users. A lot of updated vendor code was added as well as the removal of unused functions due to cgroups and platform changes."),(0,r.kt)("p",null,"Speaking of platform changes, one thing I have been working on the last few weeks is to cross-compile for Darwin from Linux. This was really our first need to deal with other platforms and was rather invasive at times. It took several merges over the last few weeks to complete but we have are able to ",(0,r.kt)("em",{parentName:"p"},"build")," a Darwin binary. I must emphasize ",(0,r.kt)("em",{parentName:"p"},"build")," because the binary is known to not run\u200a\u2014\u200aas there is a lengthy list of things that would need to be fixed or implemented first. Nevertheless, my goal here was to implement a CI test that would always perform the build so we can protect against subsequent regressions for Darwin should someone decide to work on that platform."),(0,r.kt)("h2",{id:"other-significant-changes-include"},"Other significant changes include:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"* several changes to the makefile to make it more efficient\n* fix parsing of short options by vendoring in a new urfave/cli\n* tutorial fixes\n* revert back to a shared cgroup for conmon processes\n* remove buildah requirement for the libpod image library\n* block use of /proc/acpi from inside containers\n* factor pkg/ctime into a separate package\n")))}m.isMDXComponent=!0},1382:(e,t,n)=>{n.d(t,{Z:()=>a});const a=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/deb891b7.aad6846f.js b/assets/js/deb891b7.aad6846f.js new file mode 100644 index 000000000..b9170065d --- /dev/null +++ b/assets/js/deb891b7.aad6846f.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[56630],{94567:e=>{e.exports=JSON.parse('{"label":"open source","permalink":"/release/tags/open-source","allTagsPath":"/release/tags","count":25}')}}]); \ No newline at end of file diff --git a/assets/js/defea45c.25f285bd.js b/assets/js/defea45c.25f285bd.js new file mode 100644 index 000000000..26ec602a6 --- /dev/null +++ b/assets/js/defea45c.25f285bd.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[86847],{3905:(e,a,t)=>{t.d(a,{Zo:()=>m,kt:()=>h});var n=t(67294);function o(e,a,t){return a in e?Object.defineProperty(e,a,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[a]=t,e}function r(e,a){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);a&&(n=n.filter((function(a){return Object.getOwnPropertyDescriptor(e,a).enumerable}))),t.push.apply(t,n)}return t}function i(e){for(var a=1;a=0||(o[t]=e[t]);return o}(e,a);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(o[t]=e[t])}return o}var l=n.createContext({}),d=function(e){var a=n.useContext(l),t=a;return e&&(t="function"==typeof e?e(a):i(i({},a),e)),t},m=function(e){var a=d(e.components);return n.createElement(l.Provider,{value:a},e.children)},p="mdxType",u={inlineCode:"code",wrapper:function(e){var a=e.children;return n.createElement(n.Fragment,{},a)}},c=n.forwardRef((function(e,a){var t=e.components,o=e.mdxType,r=e.originalType,l=e.parentName,m=s(e,["components","mdxType","originalType","parentName"]),p=d(t),c=o,h=p["".concat(l,".").concat(c)]||p[c]||u[c]||r;return t?n.createElement(h,i(i({ref:a},m),{},{components:t})):n.createElement(h,i({ref:a},m))}));function h(e,a){var t=arguments,o=a&&a.mdxType;if("string"==typeof e||o){var r=t.length,i=new Array(r);i[0]=c;var s={};for(var l in a)hasOwnProperty.call(a,l)&&(s[l]=a[l]);s.originalType=e,s[p]="string"==typeof e?e:o,i[1]=s;for(var d=2;d{t.r(a),t.d(a,{assets:()=>l,contentTitle:()=>i,default:()=>u,frontMatter:()=>r,metadata:()=>s,toc:()=>d});var n=t(87462),o=(t(67294),t(3905));const r={title:"Podman v1.1.0 Released",layout:"default",author:"tsweeney",categories:["releases"],tags:["community","open source","podman"]},i="Podman Release 1.1.0",s={permalink:"/release/2019/02/26/podman-release-v1.1.0",source:"@site/release/2019-02-26-podman-release-v1.1.0.md",title:"Podman v1.1.0 Released",description:"podman logo",date:"2019-02-26T00:00:00.000Z",formattedDate:"February 26, 2019",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"}],readingTime:6.435,hasTruncateMarker:!1,authors:[{name:"tsweeney"}],frontMatter:{title:"Podman v1.1.0 Released",layout:"default",author:"tsweeney",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman v1.1.1 Released",permalink:"/release/2019/03/01/podman-release-v1.1.1"},nextItem:{title:"Podman v1.0.0 Released",permalink:"/release/2019/01/16/podman-release-v1.0.0"}},l={authorsImageUrls:[void 0]},d=[{value:"Podman has gone 1.1!",id:"podman-has-gone-11",level:2},{value:"Changes",id:"changes",level:2},{value:"Features",id:"features",level:3},{value:"Bugfixes",id:"bugfixes",level:3},{value:"Misc",id:"misc",level:3}],m={toc:d},p="wrapper";function u(e){let{components:a,...r}=e;return(0,o.kt)(p,(0,n.Z)({},m,r,{components:a,mdxType:"MDXLayout"}),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"podman logo",src:t(1382).Z,width:"228",height:"61"})),(0,o.kt)("h2",{id:"podman-has-gone-11"},"Podman has gone 1.1!"),(0,o.kt)("p",null,"After releasing Podman v1.0 a number of new features were added and several bug fixes\nhave been added. Some of the new features include the ability to forward ports as\nrootless Podman, adding short options to some of the existing command options,\nadded ",(0,o.kt)("inlineCode",{parentName:"p"},"--all-tags")," to the the pull command, further changes for\nrootless containers and more. All the details follow!"),(0,o.kt)("h2",{id:"changes"},"Changes"),(0,o.kt)("h3",{id:"features"},"Features"),(0,o.kt)("ul",null,(0,o.kt)("li",{parentName:"ul"},"Added --latest and --all flags to podman mount and podman umount"),(0,o.kt)("li",{parentName:"ul"},"Rootless Podman can now forward ports into containers (using the same -p and -P flags as root Podman)"),(0,o.kt)("li",{parentName:"ul"},"Rootless Podman will now pull some configuration options (for example, OCI runtime path) from the default root libpod.conf if they are not explicitly set in the user's own libpod.conf ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2174"},"#2174")),(0,o.kt)("li",{parentName:"ul"},"Added an alias -f for the --format flag of the podman info and podman version commands"),(0,o.kt)("li",{parentName:"ul"},"Added an alias -s for the --size flag of the podman inspect command"),(0,o.kt)("li",{parentName:"ul"},"Added the podman system info and podman system prune commands"),(0,o.kt)("li",{parentName:"ul"},"Added the podman cp command to copy files between containers and the host ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/613"},"#613")),(0,o.kt)("li",{parentName:"ul"},"Added the --password-stdin flag to podman login"),(0,o.kt)("li",{parentName:"ul"},"Added the --all-tags flag to podman pull"),(0,o.kt)("li",{parentName:"ul"},"The --rm and --detach flags can now be used together with podman run"),(0,o.kt)("li",{parentName:"ul"},"The podman start and podman run commands for containers in pods will now start dependency containers if they are stopped"),(0,o.kt)("li",{parentName:"ul"},"Added the podman system renumber command to handle lock changes"),(0,o.kt)("li",{parentName:"ul"},"The --net=host and --dns flags for podman run and podman create no longer conflict"),(0,o.kt)("li",{parentName:"ul"},"Podman now handles mounting the shared /etc/resolv.conf from network namespaces created by ip netns add when they are passed in via podman run --net=ns:")),(0,o.kt)("h3",{id:"bugfixes"},"Bugfixes"),(0,o.kt)("ul",null,(0,o.kt)("li",{parentName:"ul"},"Fixed a bug with podman inspect where different information would be returned when the container was running versus when it was stopped"),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where errors in Go templates passed to podman inspect were silently ignored instead of reported to the user ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2159"},"#2159")),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where rootless Podman with --pid=host containers was incorrectly masking paths in /proc"),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where full errors starting rootless Podman were not reported when a refresh was requested"),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where Podman would override the config file-specified storage driver with the driver the backing database was created with without warning users"),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where podman prune would prune all images not in use by a container, as opposed to only untagged images, by default ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2192"},"#2192")),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where podman create --quiet and podman run --quiet were not properly suppressing output"),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where the table keyword in Go template output of podman ps was not working ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2221"},"#2221")),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where podman inspect on images pulled by digest would double-print @sha256 in output when printing digests ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2086"},"#2086")),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where podman container runlabel will return a non-0 exit code if the label does not exist"),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where container state was always reset to Created after a reboot ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/1703"},"#1703")),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where /dev/pts was unconditionally overridden in rootless Podman, which was unnecessary except in very specific cases"),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where Podman run as root was ignoring some options in /etc/containers/storage.conf ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2217"},"#2217")),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where Podman cleanup processes were not being given the proper OCI runtime path if a custom one was specified"),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where podman images --filter dangling=true would crash if no dangling images were present ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2246"},"#2246")),(0,o.kt)("li",{parentName:"ul"},'Fixed a bug where podman ps --format {% raw %}"{{.Mounts}}"{% endraw %} would not display a container\'s mounts ',(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2238"},"#2238")),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where podman pod stats was ignoring Go templates specified by --format ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2258"},"#2258")),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where podman generate kube would fail on containers with --user specified ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2304"},"#2304")),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where podman images displayed incorrect output for images pulled by digest ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2175"},"#2175")),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where podman port and podman ps did not properly display ports if the container joined a network namespace from a pod or another container ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/846"},"#846")),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where detaching from a container using the detach keys would cause Podman to hang until the container exited"),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where podman create --rm did not work with podman start --attach"),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where invalid named volumes specified in podman create and podman run could cause segfaults ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2301"},"#2301")),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where the runtime field in libpod.conf was being ignored. runtime is legacy and deprecated, but will continue to be respected for the foreseeable future"),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where podman login would sometimes report it logged in successfully when it did not"),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where podman pod create would not error on receiving unused CLI argument"),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where rootless podman run with the --pod argument would fail if the pod was stopped"),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where podman images did not print a trailing newline when not invoked on a TTY ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2388"},"#2388")),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where the --runtime option was sometimes not overriding libpod.conf"),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where podman pull and podman runlabel would sometimes exit with 0 when they should have exited with an error ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2405"},"#2405")),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where rootless podman export -o would fail ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2381"},"#2381")),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where read-only volumes would fail in rootless Podman when the volume originated on a filesystem mounted nosuid, nodev, or noexec ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2312"},"#2312")),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where some files used by checkpoint and restore received improper SELinux labels ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2334"},"#2334")),(0,o.kt)("li",{parentName:"ul"},"Fixed a bug where Podman's volume path was not properly changed when containers/storage changed location ",(0,o.kt)("a",{parentName:"li",href:"https://github.com/containers/podman/issues/2395"},"#2395"))),(0,o.kt)("h3",{id:"misc"},"Misc"),(0,o.kt)("ul",null,(0,o.kt)("li",{parentName:"ul"},"Podman migrated to a new, shared memory locking model in this release. As part of this, if you are running Podman with pods or dependency containers (e.g. --net=container:), you should run the podman system renumber command to migrate your containers to the new model - please reference the podman-system-renumber(1) man page for further details"),(0,o.kt)("li",{parentName:"ul"},"Podman migrated to a new command-line parsing library, and the output format of help and usage text has somewhat changed as a result"),(0,o.kt)("li",{parentName:"ul"},"Updated Buildah to v1.7, picking up a number of bugfixes"),(0,o.kt)("li",{parentName:"ul"},"Updated containers/image library to v1.5, picking up a number of bugfixes and performance improvements to pushing images"),(0,o.kt)("li",{parentName:"ul"},"Updated containers/storage library to v1.10, picking up a number of bugfixes"),(0,o.kt)("li",{parentName:"ul"},"Work on the remote Podman client for interacting with Podman remotely over Varlink is progressing steadily, and many image and pod commands are supported"),(0,o.kt)("li",{parentName:"ul"},"Added path masking to mounts with the :z and :Z options, preventing users from accidentally performing an SELinux relabel of their entire home directory"),(0,o.kt)("li",{parentName:"ul"},"The podman container runlabel command will not pull an image if it does not contain the requested label"),(0,o.kt)("li",{parentName:"ul"},"Many commands' usage information now includes examples"),(0,o.kt)("li",{parentName:"ul"},"podman rm can now delete containers in containers/storage, which can be used to resolve some situations where Podman fails to remove a container"),(0,o.kt)("li",{parentName:"ul"},"The podman search command now searches multiple registries in parallel for improved performance"),(0,o.kt)("li",{parentName:"ul"},"The podman build command now defaults --pull-always to true"),(0,o.kt)("li",{parentName:"ul"},"Containers which share a network namespace (for example, when in a pod) will now share /etc/hosts and /etc/resolv.conf between all containers in the pod, causing changes in one container to propagate to all containers sharing their networks"),(0,o.kt)("li",{parentName:"ul"},"The podman rm and podman rmi commands now return 1 (instead of 127) when all specified container or images are missing")),(0,o.kt)("p",null,"As always, please visit our release notes on ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/RELEASE_NOTES.md"},"GitHub")," to see the full changelog."),(0,o.kt)("p",null,"You can find instructions for installing Podman ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/install.md"},"here")))}u.isMDXComponent=!0},1382:(e,a,t)=>{t.d(a,{Z:()=>n});const n=t.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/e19ba590.d536cac1.js b/assets/js/e19ba590.d536cac1.js new file mode 100644 index 000000000..7a7968476 --- /dev/null +++ b/assets/js/e19ba590.d536cac1.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[92711],{49876:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/release/tags/podman","allTagsPath":"/release/tags","count":26}')}}]); \ No newline at end of file diff --git a/assets/js/e656dc47.048385e5.js b/assets/js/e656dc47.74508a41.js similarity index 58% rename from assets/js/e656dc47.048385e5.js rename to assets/js/e656dc47.74508a41.js index 667042521..de891e95b 100644 --- a/assets/js/e656dc47.048385e5.js +++ b/assets/js/e656dc47.74508a41.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[80912],{74014:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/3","page":3,"postsPerPage":10,"totalPages":26,"totalCount":255,"previousPage":"/blogs/page/2","nextPage":"/blogs/page/4","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[80912],{74014:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/3","page":3,"postsPerPage":10,"totalPages":25,"totalCount":246,"previousPage":"/blogs/page/2","nextPage":"/blogs/page/4","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/e699d4d1.602d503b.js b/assets/js/e699d4d1.c54c83a6.js similarity index 90% rename from assets/js/e699d4d1.602d503b.js rename to assets/js/e699d4d1.c54c83a6.js index 63b702496..5f4c2e7ba 100644 --- a/assets/js/e699d4d1.602d503b.js +++ b/assets/js/e699d4d1.c54c83a6.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[18091],{22103:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/blogs/tags/podman","allTagsPath":"/blogs/tags","count":190}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[18091],{22103:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/blogs/tags/podman","allTagsPath":"/blogs/tags","count":181}')}}]); \ No newline at end of file diff --git a/assets/js/e6dd6da5.57b75b06.js b/assets/js/e6dd6da5.fa2c1846.js similarity index 59% rename from assets/js/e6dd6da5.57b75b06.js rename to assets/js/e6dd6da5.fa2c1846.js index 1f13fbcc7..beb5b54a7 100644 --- a/assets/js/e6dd6da5.57b75b06.js +++ b/assets/js/e6dd6da5.fa2c1846.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[10582],{93025:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/24","page":24,"postsPerPage":10,"totalPages":26,"totalCount":255,"previousPage":"/blogs/page/23","nextPage":"/blogs/page/25","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[10582],{93025:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/24","page":24,"postsPerPage":10,"totalPages":25,"totalCount":246,"previousPage":"/blogs/page/23","nextPage":"/blogs/page/25","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/e6dd87aa.23f8714b.js b/assets/js/e6dd87aa.23f8714b.js new file mode 100644 index 000000000..b0cf7de74 --- /dev/null +++ b/assets/js/e6dd87aa.23f8714b.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[31386],{91544:e=>{e.exports=JSON.parse('{"permalink":"/release/tags/community","page":1,"postsPerPage":10,"totalPages":3,"totalCount":26,"nextPage":"/release/tags/community/page/2","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/e957a797.2ddaedff.js b/assets/js/e957a797.2ddaedff.js new file mode 100644 index 000000000..6f1d96d67 --- /dev/null +++ b/assets/js/e957a797.2ddaedff.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[51519],{30957:e=>{e.exports=JSON.parse('{"label":"kubernetes","permalink":"/release/tags/kubernetes","allTagsPath":"/release/tags","count":8}')}}]); \ No newline at end of file diff --git a/assets/js/ea710672.b8a1d405.js b/assets/js/ea710672.b8a1d405.js new file mode 100644 index 000000000..87e065549 --- /dev/null +++ b/assets/js/ea710672.b8a1d405.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[41232],{71257:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/release/tags/podman","allTagsPath":"/release/tags","count":26}')}}]); \ No newline at end of file diff --git a/assets/js/eb51026c.ef9e1e77.js b/assets/js/eb51026c.5f73f442.js similarity index 53% rename from assets/js/eb51026c.ef9e1e77.js rename to assets/js/eb51026c.5f73f442.js index e0f211582..8e689c62d 100644 --- a/assets/js/eb51026c.ef9e1e77.js +++ b/assets/js/eb51026c.5f73f442.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[70879],{3905:(e,t,n)=>{n.d(t,{Zo:()=>m,kt:()=>b});var r=n(67294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function i(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},m=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},p="mdxType",u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,s=e.parentName,m=l(e,["components","mdxType","originalType","parentName"]),p=c(n),d=a,b=p["".concat(s,".").concat(d)]||p[d]||u[d]||o;return n?r.createElement(b,i(i({ref:t},m),{},{components:n})):r.createElement(b,i({ref:t},m))}));function b(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,i=new Array(o);i[0]=d;var l={};for(var s in t)hasOwnProperty.call(t,s)&&(l[s]=t[s]);l.originalType=e,l[p]="string"==typeof e?e:a,i[1]=l;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>u,frontMatter:()=>o,metadata:()=>l,toc:()=>c});var r=n(87462),a=(n(67294),n(3905));const o={title:"Simplifying Podman commands with labels",layout:"default",author:"baude",categories:["blogs"],tags:["podman","containers"]},i=void 0,l={permalink:"/blogs/2018/12/03/podman-runlabel",source:"@site/blog/2018-12-03-podman-runlabel.md",title:"Simplifying Podman commands with labels",description:"podman logo",date:"2018-12-03T00:00:00.000Z",formattedDate:"December 3, 2018",tags:[{label:"podman",permalink:"/blogs/tags/podman"},{label:"containers",permalink:"/blogs/tags/containers"}],readingTime:2.015,hasTruncateMarker:!0,authors:[{name:"baude"}],frontMatter:{title:"Simplifying Podman commands with labels",layout:"default",author:"baude",categories:["blogs"],tags:["podman","containers"]},prevItem:{title:"Podman v0.12.1.1 Released",permalink:"/blogs/2018/12/12/podman-alpha-v0.12.1.1"},nextItem:{title:"Podman container|image exists",permalink:"/blogs/2018/11/27/podman-exists"}},s={authorsImageUrls:[void 0]},c=[{value:"By Brent Baude GitHub",id:"by-brent-baude-github",level:2}],m={toc:c},p="wrapper";function u(e){let{components:t,...o}=e;return(0,a.kt)(p,(0,r.Z)({},m,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,a.kt)("h1",{id:"simplifying-podman-commands-with-labels"},"Simplifying Podman commands with labels"),(0,a.kt)("h2",{id:"by-brent-baude-github"},"By Brent Baude ",(0,a.kt)("a",{parentName:"h2",href:"https://github.com/baude"},"GitHub")),(0,a.kt)("p",null,"Commands used by container runtimes to create containers have become complex. It is on purpose of course. When creating\ncontainers, we want the ability to specify various security or network attributes. But if you are in the unenviable position to have to keystroke in some of these lengthy commands, it can grow tiresome. Defining labels on the container image is a great way to define how the container should be run; however, now with Podman we can read and execute that label saving you potential command line bloat."))}u.isMDXComponent=!0},1382:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[70879],{3905:(e,t,n)=>{n.d(t,{Zo:()=>m,kt:()=>b});var r=n(67294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function i(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var c=r.createContext({}),s=function(e){var t=r.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},m=function(e){var t=s(e.components);return r.createElement(c.Provider,{value:t},e.children)},p="mdxType",u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,c=e.parentName,m=l(e,["components","mdxType","originalType","parentName"]),p=s(n),d=a,b=p["".concat(c,".").concat(d)]||p[d]||u[d]||o;return n?r.createElement(b,i(i({ref:t},m),{},{components:n})):r.createElement(b,i({ref:t},m))}));function b(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,i=new Array(o);i[0]=d;var l={};for(var c in t)hasOwnProperty.call(t,c)&&(l[c]=t[c]);l.originalType=e,l[p]="string"==typeof e?e:a,i[1]=l;for(var s=2;s{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>i,default:()=>u,frontMatter:()=>o,metadata:()=>l,toc:()=>s});var r=n(87462),a=(n(67294),n(3905));const o={title:"Simplifying Podman commands with labels",layout:"default",author:"baude",categories:["blogs"],tags:["podman","containers"]},i=void 0,l={permalink:"/blogs/2018/12/03/podman-runlabel",source:"@site/blog/2018-12-03-podman-runlabel.md",title:"Simplifying Podman commands with labels",description:"podman logo",date:"2018-12-03T00:00:00.000Z",formattedDate:"December 3, 2018",tags:[{label:"podman",permalink:"/blogs/tags/podman"},{label:"containers",permalink:"/blogs/tags/containers"}],readingTime:2.015,hasTruncateMarker:!0,authors:[{name:"baude"}],frontMatter:{title:"Simplifying Podman commands with labels",layout:"default",author:"baude",categories:["blogs"],tags:["podman","containers"]},prevItem:{title:"New Blog from Emilien Macchi, Part 4!",permalink:"/blogs/2018/12/14/openstack-podman-healthchecks"},nextItem:{title:"Podman container|image exists",permalink:"/blogs/2018/11/27/podman-exists"}},c={authorsImageUrls:[void 0]},s=[{value:"By Brent Baude GitHub",id:"by-brent-baude-github",level:2}],m={toc:s},p="wrapper";function u(e){let{components:t,...o}=e;return(0,a.kt)(p,(0,r.Z)({},m,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,a.kt)("h1",{id:"simplifying-podman-commands-with-labels"},"Simplifying Podman commands with labels"),(0,a.kt)("h2",{id:"by-brent-baude-github"},"By Brent Baude ",(0,a.kt)("a",{parentName:"h2",href:"https://github.com/baude"},"GitHub")),(0,a.kt)("p",null,"Commands used by container runtimes to create containers have become complex. It is on purpose of course. When creating\ncontainers, we want the ability to specify various security or network attributes. But if you are in the unenviable position to have to keystroke in some of these lengthy commands, it can grow tiresome. Defining labels on the container image is a great way to define how the container should be run; however, now with Podman we can read and execute that label saving you potential command line bloat."))}u.isMDXComponent=!0},1382:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/9564d070.0bd3a65c.js b/assets/js/eb5c7b0a.f4875fa3.js similarity index 55% rename from assets/js/9564d070.0bd3a65c.js rename to assets/js/eb5c7b0a.f4875fa3.js index 4787f680b..9ac5ae9f3 100644 --- a/assets/js/9564d070.0bd3a65c.js +++ b/assets/js/eb5c7b0a.f4875fa3.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[18789],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>f});var r=n(67294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var i=r.createContext({}),c=function(e){var t=r.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(i.Provider,{value:t},e.children)},u="mdxType",m={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,i=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),u=c(n),d=a,f=u["".concat(i,".").concat(d)]||u[d]||m[d]||o;return n?r.createElement(f,l(l({ref:t},p),{},{components:n})):r.createElement(f,l({ref:t},p))}));function f(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,l=new Array(o);l[0]=d;var s={};for(var i in t)hasOwnProperty.call(t,i)&&(s[i]=t[i]);s.originalType=e,s[u]="string"==typeof e?e:a,l[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>l,default:()=>m,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var r=n(87462),a=(n(67294),n(3905));const o={title:"Podman Alpha version 0.7.1 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},l=void 0,s={permalink:"/blogs/2018/07/09/podman-alpha-v0.7.1",source:"@site/blog/2018-07-09-podman-alpha-v0.7.1.md",title:"Podman Alpha version 0.7.1 Release Announcement",description:"podman logo",date:"2018-07-09T00:00:00.000Z",formattedDate:"July 9, 2018",tags:[{label:"community",permalink:"/blogs/tags/community"},{label:"open source",permalink:"/blogs/tags/open-source"},{label:"podman",permalink:"/blogs/tags/podman"}],readingTime:1.26,hasTruncateMarker:!0,authors:[{name:"bbaude"}],frontMatter:{title:"Podman Alpha version 0.7.1 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman Alpha version 0.7.2 Release Announcement",permalink:"/blogs/2018/07/16/podman-alpha-v0.7.2"},nextItem:{title:"Podman Alpha version 0.6.4 Release Announcement",permalink:"/blogs/2018/07/02/podman-alpha-v0.6.4"}},i={authorsImageUrls:[void 0]},c=[],p={toc:c},u="wrapper";function m(e){let{components:t,...o}=e;return(0,a.kt)(u,(0,r.Z)({},p,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,a.kt)("h1",{id:"podman-release-071"},"Podman release 0.7.1"),(0,a.kt)("p",null,"Last week was a busy holiday week here in the United States, but we still managed a nice release full of interesting merges."),(0,a.kt)("p",null,"Many of the significant merges are going to be less than noticeable to users. A lot of updated vendor code was added as well as the removal of unused functions due to cgroups and platform changes."))}m.isMDXComponent=!0},1382:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[65193],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>f});var r=n(67294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var i=r.createContext({}),c=function(e){var t=r.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(i.Provider,{value:t},e.children)},u="mdxType",m={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,i=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),u=c(n),d=a,f=u["".concat(i,".").concat(d)]||u[d]||m[d]||o;return n?r.createElement(f,l(l({ref:t},p),{},{components:n})):r.createElement(f,l({ref:t},p))}));function f(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,l=new Array(o);l[0]=d;var s={};for(var i in t)hasOwnProperty.call(t,i)&&(s[i]=t[i]);s.originalType=e,s[u]="string"==typeof e?e:a,l[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>l,default:()=>m,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var r=n(87462),a=(n(67294),n(3905));const o={title:"Podman Alpha version 0.7.1 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},l=void 0,s={permalink:"/release/2018/07/09/podman-alpha-v0.7.1",source:"@site/release/2018-07-09-podman-alpha-v0.7.1.md",title:"Podman Alpha version 0.7.1 Release Announcement",description:"podman logo",date:"2018-07-09T00:00:00.000Z",formattedDate:"July 9, 2018",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"}],readingTime:1.26,hasTruncateMarker:!0,authors:[{name:"bbaude"}],frontMatter:{title:"Podman Alpha version 0.7.1 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman Alpha version 0.7.2 Release Announcement",permalink:"/release/2018/07/16/podman-alpha-v0.7.2"},nextItem:{title:"Podman Alpha version 0.6.4 Release Announcement",permalink:"/release/2018/07/02/podman-alpha-v0.6.4"}},i={authorsImageUrls:[void 0]},c=[],p={toc:c},u="wrapper";function m(e){let{components:t,...o}=e;return(0,a.kt)(u,(0,r.Z)({},p,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,a.kt)("h1",{id:"podman-release-071"},"Podman release 0.7.1"),(0,a.kt)("p",null,"Last week was a busy holiday week here in the United States, but we still managed a nice release full of interesting merges."),(0,a.kt)("p",null,"Many of the significant merges are going to be less than noticeable to users. A lot of updated vendor code was added as well as the removal of unused functions due to cgroups and platform changes."))}m.isMDXComponent=!0},1382:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/ec0bc416.b190d896.js b/assets/js/ec0bc416.c236e494.js similarity index 90% rename from assets/js/ec0bc416.b190d896.js rename to assets/js/ec0bc416.c236e494.js index 22b4d198d..6a71c3ae4 100644 --- a/assets/js/ec0bc416.b190d896.js +++ b/assets/js/ec0bc416.c236e494.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[93009],{23551:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/blogs/tags/podman","allTagsPath":"/blogs/tags","count":190}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[93009],{23551:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/blogs/tags/podman","allTagsPath":"/blogs/tags","count":181}')}}]); \ No newline at end of file diff --git a/assets/js/ec887574.bedfff80.js b/assets/js/ec887574.3b78e779.js similarity index 81% rename from assets/js/ec887574.bedfff80.js rename to assets/js/ec887574.3b78e779.js index 256b3d656..24c693d65 100644 --- a/assets/js/ec887574.bedfff80.js +++ b/assets/js/ec887574.3b78e779.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[78740],{2293:a=>{a.exports=JSON.parse('{"permalink":"/blogs/tags/podman/page/16","page":16,"postsPerPage":10,"totalPages":19,"totalCount":190,"previousPage":"/blogs/tags/podman/page/15","nextPage":"/blogs/tags/podman/page/17","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[78740],{2293:a=>{a.exports=JSON.parse('{"permalink":"/blogs/tags/podman/page/16","page":16,"postsPerPage":10,"totalPages":19,"totalCount":181,"previousPage":"/blogs/tags/podman/page/15","nextPage":"/blogs/tags/podman/page/17","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/ed642a45.e60a0766.js b/assets/js/ed642a45.a4adee3d.js similarity index 90% rename from assets/js/ed642a45.e60a0766.js rename to assets/js/ed642a45.a4adee3d.js index b60d27e31..1e8add665 100644 --- a/assets/js/ed642a45.e60a0766.js +++ b/assets/js/ed642a45.a4adee3d.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[75360],{26095:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/blogs/tags/podman","allTagsPath":"/blogs/tags","count":190}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[75360],{26095:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/blogs/tags/podman","allTagsPath":"/blogs/tags","count":181}')}}]); \ No newline at end of file diff --git a/assets/js/f17a645b.5e67c90f.js b/assets/js/f17a645b.c9e4c4e2.js similarity index 53% rename from assets/js/f17a645b.5e67c90f.js rename to assets/js/f17a645b.c9e4c4e2.js index 203711b29..035a48992 100644 --- a/assets/js/f17a645b.5e67c90f.js +++ b/assets/js/f17a645b.c9e4c4e2.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[70163],{15241:e=>{e.exports=JSON.parse('{"permalink":"/blogs","page":1,"postsPerPage":10,"totalPages":26,"totalCount":255,"nextPage":"/blogs/page/2","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[70163],{15241:e=>{e.exports=JSON.parse('{"permalink":"/blogs","page":1,"postsPerPage":10,"totalPages":25,"totalCount":246,"nextPage":"/blogs/page/2","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/f24deb99.929ccd1d.js b/assets/js/f24deb99.929ccd1d.js new file mode 100644 index 000000000..82aff2c48 --- /dev/null +++ b/assets/js/f24deb99.929ccd1d.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[94881],{3905:(e,a,t)=>{t.d(a,{Zo:()=>m,kt:()=>f});var n=t(67294);function r(e,a,t){return a in e?Object.defineProperty(e,a,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[a]=t,e}function o(e,a){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);a&&(n=n.filter((function(a){return Object.getOwnPropertyDescriptor(e,a).enumerable}))),t.push.apply(t,n)}return t}function i(e){for(var a=1;a=0||(r[t]=e[t]);return r}(e,a);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(r[t]=e[t])}return r}var s=n.createContext({}),c=function(e){var a=n.useContext(s),t=a;return e&&(t="function"==typeof e?e(a):i(i({},a),e)),t},m=function(e){var a=c(e.components);return n.createElement(s.Provider,{value:a},e.children)},d="mdxType",p={inlineCode:"code",wrapper:function(e){var a=e.children;return n.createElement(n.Fragment,{},a)}},u=n.forwardRef((function(e,a){var t=e.components,r=e.mdxType,o=e.originalType,s=e.parentName,m=l(e,["components","mdxType","originalType","parentName"]),d=c(t),u=r,f=d["".concat(s,".").concat(u)]||d[u]||p[u]||o;return t?n.createElement(f,i(i({ref:a},m),{},{components:t})):n.createElement(f,i({ref:a},m))}));function f(e,a){var t=arguments,r=a&&a.mdxType;if("string"==typeof e||r){var o=t.length,i=new Array(o);i[0]=u;var l={};for(var s in a)hasOwnProperty.call(a,s)&&(l[s]=a[s]);l.originalType=e,l[d]="string"==typeof e?e:r,i[1]=l;for(var c=2;c{t.r(a),t.d(a,{assets:()=>s,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>l,toc:()=>c});var n=t(87462),r=(t(67294),t(3905));const o={title:"Podman v1.2.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},i="Podman Release 1.2.0",l={permalink:"/release/2019/04/10/podman-release-v1.2.0",source:"@site/release/2019-04-10-podman-release-v1.2.0.md",title:"Podman v1.2.0 Released",description:"podman logo",date:"2019-04-10T00:00:00.000Z",formattedDate:"April 10, 2019",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"}],readingTime:1.69,hasTruncateMarker:!1,authors:[{name:"mheon"}],frontMatter:{title:"Podman v1.2.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman v1.3.0 Released",permalink:"/release/2019/05/10/podman-release-v1.3.0"},nextItem:{title:"Podman v1.1.2 Released",permalink:"/release/2019/03/05/podman-release-v1.1.2"}},s={authorsImageUrls:[void 0]},c=[{value:"Welcome to Podman 1.2.0!",id:"welcome-to-podman-120",level:2}],m={toc:c},d="wrapper";function p(e){let{components:a,...o}=e;return(0,r.kt)(d,(0,n.Z)({},m,o,{components:a,mdxType:"MDXLayout"}),(0,r.kt)("p",null,(0,r.kt)("img",{alt:"podman logo",src:t(1382).Z,width:"228",height:"61"})),(0,r.kt)("h2",{id:"welcome-to-podman-120"},"Welcome to Podman 1.2.0!"),(0,r.kt)("p",null,"Podman 1.2.0 has been released, featuring many exciting new features and fixes for numerous bugs. With 1.2.0, Podman added support for container healthchecks, an events system, and a way to view image layers as a tree. Over 30 bugs were fixed in this new release, including numerous issues with rootless Podman. We also upgraded the version of Buildah driving ",(0,r.kt)("inlineCode",{parentName:"p"},"podman build")," from v1.7 to v1.7.2, picking up numerous fixes."),(0,r.kt)("p",null,"Our new Podman release includes support for container healthchecks. Healthchecks provide additional information on container status, running checks defined by the image or user to verify that the application in a container is working properly. Any containers with healthchecks defined will run them automatically, and their status can be checked with ",(0,r.kt)("inlineCode",{parentName:"p"},"podman inspect"),". The ",(0,r.kt)("inlineCode",{parentName:"p"},"podman healthcheck run")," command can also be used to manually trigger a healthcheck."),(0,r.kt)("p",null,"Podman also added a new command, ",(0,r.kt)("inlineCode",{parentName:"p"},"podman events"),", that can be used to view major lifecycle events for containers, pods, and images as they occur. This command and its corresponding Varlink API can be used by tools which wish to check the overall status of the system, or check when a specific container starts or exits. A few example events are shown below:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"2019-04-11 15:49:45.490227772 -0400 EDT container attach 0765d56e25939f66aed5817dd10c5cbc69f177b2b4ef94ec302b8b67475e0a1a (image=quay.io/crio/alpine:latest, name=optimistic_franklin)\n2019-04-11 15:49:45.58978211 -0400 EDT container start 0765d56e25939f66aed5817dd10c5cbc69f177b2b4ef94ec302b8b67475e0a1a (image=quay.io/crio/alpine:latest, name=optimistic_franklin)\n2019-04-11 15:49:45.590526456 -0400 EDT container died 0765d56e25939f66aed5817dd10c5cbc69f177b2b4ef94ec302b8b67475e0a1a (image=quay.io/crio/alpine:latest, name=optimistic_franklin)\n2019-04-11 15:49:46.363842802 -0400 EDT container remove 0765d56e25939f66aed5817dd10c5cbc69f177b2b4ef94ec302b8b67475e0a1a (image=quay.io/crio/alpine:latest, name=optimistic_franklin)\n")),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"podman image tree")," command was also added. This command will print a tree representation of an image's layers. This can be used to easily identify an image's dependencies. An example with a simple multilayer image is shown below:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"Image ID: 4a3e4f2db0ac\nTags: [localhost/buildah-ctr:latest localhost/myimage:latest]\nSize: 598.1MB\nImage Layers\n\u251c\u2500\u2500 ID: a13f3c019d29 Size: 274.9MB\n\u251c\u2500\u2500 ID: 6ae7c90cc44a Size: 323.2MB\n\u2514\u2500\u2500 ID: 610298fe2990 Size: 1.024kB Top Layer of: [localhost/buildah-ctr:latest localhost/myimage:latest]\n")),(0,r.kt)("p",null,"As always, please visit our release notes on ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/RELEASE_NOTES.md"},"GitHub")," to see the full changelog."),(0,r.kt)("p",null,"You can find instructions for installing Podman ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/install.md"},"here")))}p.isMDXComponent=!0},1382:(e,a,t)=>{t.d(a,{Z:()=>n});const n=t.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/f2b72252.c32bf09d.js b/assets/js/f2b72252.55c492f9.js similarity index 90% rename from assets/js/f2b72252.c32bf09d.js rename to assets/js/f2b72252.55c492f9.js index f0080d247..71a01133c 100644 --- a/assets/js/f2b72252.c32bf09d.js +++ b/assets/js/f2b72252.55c492f9.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[30144],{64053:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/blogs/tags/podman","allTagsPath":"/blogs/tags","count":190}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[30144],{64053:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/blogs/tags/podman","allTagsPath":"/blogs/tags","count":181}')}}]); \ No newline at end of file diff --git a/assets/js/f30c03b2.f224e78e.js b/assets/js/f30c03b2.f224e78e.js new file mode 100644 index 000000000..4f6fc7d33 --- /dev/null +++ b/assets/js/f30c03b2.f224e78e.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[56104],{3905:(e,a,n)=>{n.d(a,{Zo:()=>m,kt:()=>h});var t=n(67294);function r(e,a,n){return a in e?Object.defineProperty(e,a,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[a]=n,e}function o(e,a){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var t=Object.getOwnPropertySymbols(e);a&&(t=t.filter((function(a){return Object.getOwnPropertyDescriptor(e,a).enumerable}))),n.push.apply(n,t)}return n}function s(e){for(var a=1;a=0||(r[n]=e[n]);return r}(e,a);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(t=0;t=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var i=t.createContext({}),p=function(e){var a=t.useContext(i),n=a;return e&&(n="function"==typeof e?e(a):s(s({},a),e)),n},m=function(e){var a=p(e.components);return t.createElement(i.Provider,{value:a},e.children)},d="mdxType",u={inlineCode:"code",wrapper:function(e){var a=e.children;return t.createElement(t.Fragment,{},a)}},c=t.forwardRef((function(e,a){var n=e.components,r=e.mdxType,o=e.originalType,i=e.parentName,m=l(e,["components","mdxType","originalType","parentName"]),d=p(n),c=r,h=d["".concat(i,".").concat(c)]||d[c]||u[c]||o;return n?t.createElement(h,s(s({ref:a},m),{},{components:n})):t.createElement(h,s({ref:a},m))}));function h(e,a){var n=arguments,r=a&&a.mdxType;if("string"==typeof e||r){var o=n.length,s=new Array(o);s[0]=c;var l={};for(var i in a)hasOwnProperty.call(a,i)&&(l[i]=a[i]);l.originalType=e,l[d]="string"==typeof e?e:r,s[1]=l;for(var p=2;p{n.r(a),n.d(a,{assets:()=>i,contentTitle:()=>s,default:()=>u,frontMatter:()=>o,metadata:()=>l,toc:()=>p});var t=n(87462),r=(n(67294),n(3905));const o={title:"Podman v3.0.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman","hpc","kubernetes"]},s="Podman Release v3.0.0",l={permalink:"/release/2021/02/11/podman-release-v3.0.0",source:"@site/release/2021-02-11-podman-release-v3.0.0.md",title:"Podman v3.0.0 Released",description:"podman logo",date:"2021-02-11T00:00:00.000Z",formattedDate:"February 11, 2021",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"},{label:"hpc",permalink:"/release/tags/hpc"},{label:"kubernetes",permalink:"/release/tags/kubernetes"}],readingTime:2.05,hasTruncateMarker:!1,authors:[{name:"mheon"}],frontMatter:{title:"Podman v3.0.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman","hpc","kubernetes"]},prevItem:{title:"Podman v3.1.0 Released",permalink:"/release/2021/04/02/podman-release-v3.1.0"},nextItem:{title:"Podman v2.2.0 Released",permalink:"/release/2020/12/14/podman-release-v2.2.0"}},i={authorsImageUrls:[void 0]},p=[{value:"Podman 3.0 has been released!",id:"podman-30-has-been-released",level:2}],m={toc:p},d="wrapper";function u(e){let{components:a,...o}=e;return(0,r.kt)(d,(0,t.Z)({},m,o,{components:a,mdxType:"MDXLayout"}),(0,r.kt)("p",null,(0,r.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,r.kt)("h2",{id:"podman-30-has-been-released"},"Podman 3.0 has been released!"),(0,r.kt)("p",null,"This new major release features several exciting new features, including support for ",(0,r.kt)("a",{parentName:"p",href:"https://www.redhat.com/sysadmin/podman-docker-compose"},"Docker Compose"),", improved security around image pulls by short name, improved networking support, and over 100 bug fixes. Podman v3.0 also features numerous improvements to our REST API and the Podman remote client."),(0,r.kt)("p",null,"The headlining feature of Podman 3.0 is the addition of support for Docker Compose which can now run against the Podman REST API. There are no changes needed as Compose won\u2019t even realize it\u2019s using Podman. Compose is only supported when running Podman as root; we aim to support it with rootless Podman in a future release."),(0,r.kt)("p",null,"Podman 3.0 also enables ",(0,r.kt)("a",{parentName:"p",href:"https://www.redhat.com/sysadmin/container-image-short-names"},"secure short name aliasing")," by default, a feature that debuted in experimental form in Podman 2.2. With short name aliasing enabled, every time a user-facing Podman process pulls an image by a short name for the first time (e.g. ",(0,r.kt)("inlineCode",{parentName:"p"},"podman pull fedora"),"), it will prompt to ask the user where they want to pull from. This removes several potential ways an attacker could manipulate where an image was pulled from to cause Podman to pull a malicious image."),(0,r.kt)("p",null,"Podman networking has seen numerous fixes as part of Podman 3.0. We have added a new command, ",(0,r.kt)("inlineCode",{parentName:"p"},"podman network reload"),", which recreates firewall rules for Podman containers. Previously, reloading the system firewall would render all containers running as root unusable until they were restarted; ",(0,r.kt)("inlineCode",{parentName:"p"},"podman network reload")," fixes this. Networks created by ",(0,r.kt)("inlineCode",{parentName:"p"},"podman network create")," also now support labels, and the ",(0,r.kt)("inlineCode",{parentName:"p"},"podman network ls")," command can filter using these labels."),(0,r.kt)("p",null,"Podman v3.0 includes the latest version of ",(0,r.kt)("a",{parentName:"p",href:"https://buildah.io"},"Buildah")," along with updates to our other container libraries. Buildah 1.19.2 includes many new features and fixes, including improved support for building multi-platform container images."),(0,r.kt)("p",null,"Podman v3.0 also includes a fix for CVE-2021-20199. This is a security issue where rootless Podman would rewrite the source address on traffic from published ports to ",(0,r.kt)("inlineCode",{parentName:"p"},"127.0.0.1"),", which could cause an authentication bypass on certain images. We strongly suggest upgrading if you use rootless Podman."),(0,r.kt)("p",null,"As part of 3.0, Podman has dropped support for the legacy Varlink API, which we deprecated in Podman 2.0. We recommend all users of the Varlink API upgrade to the new REST API."),(0,r.kt)("p",null,"Dozens of other features, changes, and bug fixes are all included to improve stability, performance, and compatibility. These include numerous additional commands and options as well as API changes and fixes. You can read more ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/releases/tag/v3.0.0"},"here"),"."))}u.isMDXComponent=!0},1382:(e,a,n)=>{n.d(a,{Z:()=>t});const t=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/f3d6bf7d.ca3b1310.js b/assets/js/f3d6bf7d.ca3b1310.js new file mode 100644 index 000000000..db361cc64 --- /dev/null +++ b/assets/js/f3d6bf7d.ca3b1310.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[94243],{69967:e=>{e.exports=JSON.parse('{"permalink":"/release/tags/open-source","page":1,"postsPerPage":10,"totalPages":3,"totalCount":25,"nextPage":"/release/tags/open-source/page/2","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/f42d2ef1.a21cacc0.js b/assets/js/f42d2ef1.5afdde65.js similarity index 81% rename from assets/js/f42d2ef1.a21cacc0.js rename to assets/js/f42d2ef1.5afdde65.js index daccb48f5..89d7d2c31 100644 --- a/assets/js/f42d2ef1.a21cacc0.js +++ b/assets/js/f42d2ef1.5afdde65.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[22159],{97795:a=>{a.exports=JSON.parse('{"permalink":"/blogs/tags/podman/page/9","page":9,"postsPerPage":10,"totalPages":19,"totalCount":190,"previousPage":"/blogs/tags/podman/page/8","nextPage":"/blogs/tags/podman/page/10","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[22159],{97795:a=>{a.exports=JSON.parse('{"permalink":"/blogs/tags/podman/page/9","page":9,"postsPerPage":10,"totalPages":19,"totalCount":181,"previousPage":"/blogs/tags/podman/page/8","nextPage":"/blogs/tags/podman/page/10","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/f70b5741.4b7f01aa.js b/assets/js/f70b5741.4b7f01aa.js new file mode 100644 index 000000000..44afcb22f --- /dev/null +++ b/assets/js/f70b5741.4b7f01aa.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[63299],{3905:(e,n,t)=>{t.d(n,{Zo:()=>m,kt:()=>h});var a=t(67294);function r(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function o(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);n&&(a=a.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,a)}return t}function s(e){for(var n=1;n=0||(r[t]=e[t]);return r}(e,n);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(r[t]=e[t])}return r}var l=a.createContext({}),p=function(e){var n=a.useContext(l),t=n;return e&&(t="function"==typeof e?e(n):s(s({},n),e)),t},m=function(e){var n=p(e.components);return a.createElement(l.Provider,{value:n},e.children)},d="mdxType",c={inlineCode:"code",wrapper:function(e){var n=e.children;return a.createElement(a.Fragment,{},n)}},u=a.forwardRef((function(e,n){var t=e.components,r=e.mdxType,o=e.originalType,l=e.parentName,m=i(e,["components","mdxType","originalType","parentName"]),d=p(t),u=r,h=d["".concat(l,".").concat(u)]||d[u]||c[u]||o;return t?a.createElement(h,s(s({ref:n},m),{},{components:t})):a.createElement(h,s({ref:n},m))}));function h(e,n){var t=arguments,r=n&&n.mdxType;if("string"==typeof e||r){var o=t.length,s=new Array(o);s[0]=u;var i={};for(var l in n)hasOwnProperty.call(n,l)&&(i[l]=n[l]);i.originalType=e,i[d]="string"==typeof e?e:r,s[1]=i;for(var p=2;p{t.r(n),t.d(n,{assets:()=>l,contentTitle:()=>s,default:()=>c,frontMatter:()=>o,metadata:()=>i,toc:()=>p});var a=t(87462),r=(t(67294),t(3905));const o={title:"Podman v1.5.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},s="Podman Release 1.5.0",i={permalink:"/release/2019/08/14/podman-release-v1.5.0",source:"@site/release/2019-08-14-podman-release-v1.5.0.md",title:"Podman v1.5.0 Released",description:"podman logo",date:"2019-08-14T00:00:00.000Z",formattedDate:"August 14, 2019",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"}],readingTime:1.355,hasTruncateMarker:!1,authors:[{name:"mheon"}],frontMatter:{title:"Podman v1.5.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman v1.7.0 Released",permalink:"/release/2020/01/08/podman-release-v1.7.0"},nextItem:{title:"Podman v1.3.0 Released",permalink:"/release/2019/05/10/podman-release-v1.3.0"}},l={authorsImageUrls:[void 0]},p=[{value:"Podman has gone 1.5!",id:"podman-has-gone-15",level:2}],m={toc:p},d="wrapper";function c(e){let{components:n,...o}=e;return(0,r.kt)(d,(0,a.Z)({},m,o,{components:n,mdxType:"MDXLayout"}),(0,r.kt)("p",null,(0,r.kt)("img",{alt:"podman logo",src:t(1382).Z,width:"228",height:"61"})),(0,r.kt)("h2",{id:"podman-has-gone-15"},"Podman has gone 1.5!"),(0,r.kt)("p",null,"Podman 1.5.0 has been released! We\u2019ve made major improvements to ",(0,r.kt)("inlineCode",{parentName:"p"},"podman exec"),", ",(0,r.kt)("inlineCode",{parentName:"p"},"podman generate kube"),", and rootless containers in this release. Stability has also been a focus, and we\u2019ve fixed over 30 bugs and several performance issues. The new 1.5.0 release is available for Fedora and Ubuntu right now!"),(0,r.kt)("p",null,"With this new release, Podman has picked up a number of improvements to core container functionality. The ",(0,r.kt)("inlineCode",{parentName:"p"},"podman exec")," command has been completely reworked, including improved handling for attaching to containers. Expect to see more work on ",(0,r.kt)("inlineCode",{parentName:"p"},"exec")," in future releases. CGroups have also seen major work, with support for CGroup namespaces via the ",(0,r.kt)("inlineCode",{parentName:"p"},"--cgroupns")," flag to ",(0,r.kt)("inlineCode",{parentName:"p"},"podman create")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"podman run"),", and support for CGroups v2 when using the ",(0,r.kt)("inlineCode",{parentName:"p"},"crun")," OCI runtime - more details ",(0,r.kt)("a",{parentName:"p",href:"https://www.scrivano.org/2019/05/12/rootless-resources-management-with-podman-on-fedora-30/"},"here"),". The ",(0,r.kt)("inlineCode",{parentName:"p"},"podman generate kube")," command has also been improved and now includes volumes mounted into containers. Finally, we\u2019ve addressed several memory leaks and other performance issues, and Podman should be much more responsive on systems under high load."),(0,r.kt)("p",null,"Rootless containers have also been improved, featuring improved handling for privileged containers and the ability to use container health checks. Podman now has experimental support for running rootless containers with a single UID and GID using the new ",(0,r.kt)("inlineCode",{parentName:"p"},"ignore_chown_errors")," storage option. This allows Podman to be run without the ",(0,r.kt)("inlineCode",{parentName:"p"},"newuidmap")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"newgidmap")," binaries, and removes the need for any elevated privileges to start rootless containers. This approach is more limited (but more secure) than normal rootless containers."),(0,r.kt)("p",null,"As always, please visit our release notes on ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/RELEASE_NOTES.md"},"GitHub")," to see the full changelog."),(0,r.kt)("p",null,"You can find instructions for installing Podman ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/blob/main/install.md"},"here"),"."))}c.isMDXComponent=!0},1382:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/f8085e57.75549b69.js b/assets/js/f8085e57.d6d149cb.js similarity index 81% rename from assets/js/f8085e57.75549b69.js rename to assets/js/f8085e57.d6d149cb.js index b597e7db2..89c1f20a1 100644 --- a/assets/js/f8085e57.75549b69.js +++ b/assets/js/f8085e57.d6d149cb.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[54763],{36442:a=>{a.exports=JSON.parse('{"permalink":"/blogs/tags/podman/page/17","page":17,"postsPerPage":10,"totalPages":19,"totalCount":190,"previousPage":"/blogs/tags/podman/page/16","nextPage":"/blogs/tags/podman/page/18","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[54763],{36442:a=>{a.exports=JSON.parse('{"permalink":"/blogs/tags/podman/page/17","page":17,"postsPerPage":10,"totalPages":19,"totalCount":181,"previousPage":"/blogs/tags/podman/page/16","nextPage":"/blogs/tags/podman/page/18","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/5a164eb5.52205f24.js b/assets/js/f8b3aa78.7be5a84a.js similarity index 50% rename from assets/js/5a164eb5.52205f24.js rename to assets/js/f8b3aa78.7be5a84a.js index fbc52304c..ab1087698 100644 --- a/assets/js/5a164eb5.52205f24.js +++ b/assets/js/f8b3aa78.7be5a84a.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[36703],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>b});var r=n(67294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},u="mdxType",m={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=c(n),d=a,b=u["".concat(s,".").concat(d)]||u[d]||m[d]||o;return n?r.createElement(b,l(l({ref:t},p),{},{components:n})):r.createElement(b,l({ref:t},p))}));function b(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,l=new Array(o);l[0]=d;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i[u]="string"==typeof e?e:a,l[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>l,default:()=>m,frontMatter:()=>o,metadata:()=>i,toc:()=>c});var r=n(87462),a=(n(67294),n(3905));const o={title:"Podman Alpha version 0.6.4 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},l=void 0,i={permalink:"/blogs/2018/07/02/podman-alpha-v0.6.4",source:"@site/blog/2018-07-02-podman-alpha-v0.6.4.md",title:"Podman Alpha version 0.6.4 Release Announcement",description:"podman logo",date:"2018-07-02T00:00:00.000Z",formattedDate:"July 2, 2018",tags:[{label:"community",permalink:"/blogs/tags/community"},{label:"open source",permalink:"/blogs/tags/open-source"},{label:"podman",permalink:"/blogs/tags/podman"}],readingTime:2.265,hasTruncateMarker:!0,authors:[{name:"bbaude"}],frontMatter:{title:"Podman Alpha version 0.6.4 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman Alpha version 0.7.1 Release Announcement",permalink:"/blogs/2018/07/09/podman-alpha-v0.7.1"},nextItem:{title:"Podman Alpha version 0.6.1 Release Announcement",permalink:"/blogs/2018/06/04/podman-alpha-v0.6.1"}},s={authorsImageUrls:[void 0]},c=[],p={toc:c},u="wrapper";function m(e){let{components:t,...o}=e;return(0,a.kt)(u,(0,r.Z)({},p,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,a.kt)("h1",{id:"podman-release-064"},"Podman release 0.6.4"),(0,a.kt)("p",null,"This afternoon we were able to overcome some last minute bugs and release a new Podman. The packages are building in Fedora and will work their way through Fedora\u2019s bodhi system. For giggles, I looked at the number of individual contributors this week and was glad to see the number at 10."),(0,a.kt)("p",null,"Mainly bugfixes this week, one big one was that we do a better job cleaning up containers that run in the back ground."))}m.isMDXComponent=!0},1382:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[13056],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>f});var r=n(67294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},u="mdxType",m={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=c(n),d=a,f=u["".concat(s,".").concat(d)]||u[d]||m[d]||o;return n?r.createElement(f,l(l({ref:t},p),{},{components:n})):r.createElement(f,l({ref:t},p))}));function f(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,l=new Array(o);l[0]=d;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i[u]="string"==typeof e?e:a,l[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>l,default:()=>m,frontMatter:()=>o,metadata:()=>i,toc:()=>c});var r=n(87462),a=(n(67294),n(3905));const o={title:"Podman Alpha version 0.6.4 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},l=void 0,i={permalink:"/release/2018/07/02/podman-alpha-v0.6.4",source:"@site/release/2018-07-02-podman-alpha-v0.6.4.md",title:"Podman Alpha version 0.6.4 Release Announcement",description:"podman logo",date:"2018-07-02T00:00:00.000Z",formattedDate:"July 2, 2018",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"}],readingTime:2.265,hasTruncateMarker:!0,authors:[{name:"bbaude"}],frontMatter:{title:"Podman Alpha version 0.6.4 Release Announcement",layout:"default",author:"bbaude",categories:["releases"],tags:["community","open source","podman"]},prevItem:{title:"Podman Alpha version 0.7.1 Release Announcement",permalink:"/release/2018/07/09/podman-alpha-v0.7.1"},nextItem:{title:"Podman Alpha version 0.6.1 Release Announcement",permalink:"/release/2018/06/04/podman-alpha-v0.6.1"}},s={authorsImageUrls:[void 0]},c=[],p={toc:c},u="wrapper";function m(e){let{components:t,...o}=e;return(0,a.kt)(u,(0,r.Z)({},p,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,a.kt)("h1",{id:"podman-release-064"},"Podman release 0.6.4"),(0,a.kt)("p",null,"This afternoon we were able to overcome some last minute bugs and release a new Podman. The packages are building in Fedora and will work their way through Fedora\u2019s bodhi system. For giggles, I looked at the number of individual contributors this week and was glad to see the number at 10."),(0,a.kt)("p",null,"Mainly bugfixes this week, one big one was that we do a better job cleaning up containers that run in the back ground."))}m.isMDXComponent=!0},1382:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/f9f60325.2c911c0b.js b/assets/js/f9f60325.e00db7d4.js similarity index 70% rename from assets/js/f9f60325.2c911c0b.js rename to assets/js/f9f60325.e00db7d4.js index 0694789e3..df5df1f43 100644 --- a/assets/js/f9f60325.2c911c0b.js +++ b/assets/js/f9f60325.e00db7d4.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[43570],{3905:(e,t,r)=>{r.d(t,{Zo:()=>p,kt:()=>f});var n=r(67294);function o(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function a(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function l(e){for(var t=1;t=0||(o[r]=e[r]);return o}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(o[r]=e[r])}return o}var c=n.createContext({}),s=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):l(l({},t),e)),r},p=function(e){var t=s(e.components);return n.createElement(c.Provider,{value:t},e.children)},u="mdxType",m={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var r=e.components,o=e.mdxType,a=e.originalType,c=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=s(r),d=o,f=u["".concat(c,".").concat(d)]||u[d]||m[d]||a;return r?n.createElement(f,l(l({ref:t},p),{},{components:r})):n.createElement(f,l({ref:t},p))}));function f(e,t){var r=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var a=r.length,l=new Array(a);l[0]=d;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i[u]="string"==typeof e?e:o,l[1]=i;for(var s=2;s{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>l,default:()=>m,frontMatter:()=>a,metadata:()=>i,toc:()=>s});var n=r(87462),o=(r(67294),r(3905));const a={layout:"default",title:"Container Tools on RHEL 8 & How to Hack Podman",author:"tsweeney",categories:["blogs"]},l=void 0,i={permalink:"/blogs/2019/02/07/hack-and-tools",source:"@site/blog/2019-02-07-hack-and-tools.md",title:"Container Tools on RHEL 8 & How to Hack Podman",description:"podman logo",date:"2019-02-07T00:00:00.000Z",formattedDate:"February 7, 2019",tags:[],readingTime:.355,hasTruncateMarker:!1,authors:[{name:"tsweeney"}],frontMatter:{layout:"default",title:"Container Tools on RHEL 8 & How to Hack Podman",author:"tsweeney",categories:["blogs"]},prevItem:{title:"Podman and Buildah for Docker Users!",permalink:"/blogs/2019/02/21/pandb-4-users"},nextItem:{title:"Podman v1.0.0 Released",permalink:"/blogs/2019/01/16/podman-release-v1.0.0"}},c={authorsImageUrls:[void 0]},s=[],p={toc:s},u="wrapper";function m(e){let{components:t,...a}=e;return(0,o.kt)(u,(0,n.Z)({},p,a,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"podman logo",src:r(1382).Z,width:"228",height:"61"})),(0,o.kt)("p",null,'Scott McCarty wrote "',(0,o.kt)("a",{parentName:"p",href:"https://www.redhat.com/en/blog/red-hat-enterprise-linux-8-beta-new-set-container-tools"},"Red Hat Enterprise Linux 8 Beta: A new set of container tools"),'". In the blog Scott introduces the new container tools in RHEL 8 Beta. Spoiler Alert! No Big Fat Daemons were harmed in the examples Scott provides!'),(0,o.kt)("p",null,'Herv\xe9 Beraud wrote "',(0,o.kt)("a",{parentName:"p",href:"https://herve.beraud.io/containers/linux/podman/isolate/environment/2019/02/06/how-to-hack-on-podman.html"},"How to Hack on Podman"),", which walks you through contributing to the Podman project."),(0,o.kt)("p",null,"Both are great reads to help build your container tools knowledge."))}m.isMDXComponent=!0},1382:(e,t,r)=>{r.d(t,{Z:()=>n});const n=r.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[43570],{3905:(e,t,r)=>{r.d(t,{Zo:()=>p,kt:()=>f});var n=r(67294);function o(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function a(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function l(e){for(var t=1;t=0||(o[r]=e[r]);return o}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(o[r]=e[r])}return o}var c=n.createContext({}),s=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):l(l({},t),e)),r},p=function(e){var t=s(e.components);return n.createElement(c.Provider,{value:t},e.children)},u="mdxType",m={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var r=e.components,o=e.mdxType,a=e.originalType,c=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=s(r),d=o,f=u["".concat(c,".").concat(d)]||u[d]||m[d]||a;return r?n.createElement(f,l(l({ref:t},p),{},{components:r})):n.createElement(f,l({ref:t},p))}));function f(e,t){var r=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var a=r.length,l=new Array(a);l[0]=d;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i[u]="string"==typeof e?e:o,l[1]=i;for(var s=2;s{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>l,default:()=>m,frontMatter:()=>a,metadata:()=>i,toc:()=>s});var n=r(87462),o=(r(67294),r(3905));const a={layout:"default",title:"Container Tools on RHEL 8 & How to Hack Podman",author:"tsweeney",categories:["blogs"]},l=void 0,i={permalink:"/blogs/2019/02/07/hack-and-tools",source:"@site/blog/2019-02-07-hack-and-tools.md",title:"Container Tools on RHEL 8 & How to Hack Podman",description:"podman logo",date:"2019-02-07T00:00:00.000Z",formattedDate:"February 7, 2019",tags:[],readingTime:.355,hasTruncateMarker:!1,authors:[{name:"tsweeney"}],frontMatter:{layout:"default",title:"Container Tools on RHEL 8 & How to Hack Podman",author:"tsweeney",categories:["blogs"]},prevItem:{title:"Podman and Buildah for Docker Users!",permalink:"/blogs/2019/02/21/pandb-4-users"},nextItem:{title:"Programmatic remote access to Podman via the varlink protocol",permalink:"/blogs/2019/01/16/podman-varlink"}},c={authorsImageUrls:[void 0]},s=[],p={toc:s},u="wrapper";function m(e){let{components:t,...a}=e;return(0,o.kt)(u,(0,n.Z)({},p,a,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"podman logo",src:r(1382).Z,width:"228",height:"61"})),(0,o.kt)("p",null,'Scott McCarty wrote "',(0,o.kt)("a",{parentName:"p",href:"https://www.redhat.com/en/blog/red-hat-enterprise-linux-8-beta-new-set-container-tools"},"Red Hat Enterprise Linux 8 Beta: A new set of container tools"),'". In the blog Scott introduces the new container tools in RHEL 8 Beta. Spoiler Alert! No Big Fat Daemons were harmed in the examples Scott provides!'),(0,o.kt)("p",null,'Herv\xe9 Beraud wrote "',(0,o.kt)("a",{parentName:"p",href:"https://herve.beraud.io/containers/linux/podman/isolate/environment/2019/02/06/how-to-hack-on-podman.html"},"How to Hack on Podman"),", which walks you through contributing to the Podman project."),(0,o.kt)("p",null,"Both are great reads to help build your container tools knowledge."))}m.isMDXComponent=!0},1382:(e,t,r)=>{r.d(t,{Z:()=>n});const n=r.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/fafc9877.b9a543b3.js b/assets/js/fafc9877.b9a543b3.js new file mode 100644 index 000000000..c9a296639 --- /dev/null +++ b/assets/js/fafc9877.b9a543b3.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[62974],{3905:(e,n,t)=>{t.d(n,{Zo:()=>m,kt:()=>f});var a=t(67294);function r(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function o(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);n&&(a=a.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,a)}return t}function i(e){for(var n=1;n=0||(r[t]=e[t]);return r}(e,n);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(r[t]=e[t])}return r}var s=a.createContext({}),p=function(e){var n=a.useContext(s),t=n;return e&&(t="function"==typeof e?e(n):i(i({},n),e)),t},m=function(e){var n=p(e.components);return a.createElement(s.Provider,{value:n},e.children)},d="mdxType",c={inlineCode:"code",wrapper:function(e){var n=e.children;return a.createElement(a.Fragment,{},n)}},u=a.forwardRef((function(e,n){var t=e.components,r=e.mdxType,o=e.originalType,s=e.parentName,m=l(e,["components","mdxType","originalType","parentName"]),d=p(t),u=r,f=d["".concat(s,".").concat(u)]||d[u]||c[u]||o;return t?a.createElement(f,i(i({ref:n},m),{},{components:t})):a.createElement(f,i({ref:n},m))}));function f(e,n){var t=arguments,r=n&&n.mdxType;if("string"==typeof e||r){var o=t.length,i=new Array(o);i[0]=u;var l={};for(var s in n)hasOwnProperty.call(n,s)&&(l[s]=n[s]);l.originalType=e,l[d]="string"==typeof e?e:r,i[1]=l;for(var p=2;p{t.r(n),t.d(n,{assets:()=>s,contentTitle:()=>i,default:()=>c,frontMatter:()=>o,metadata:()=>l,toc:()=>p});var a=t(87462),r=(t(67294),t(3905));const o={title:"Podman v2.2.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman","hpc","kubernetes"]},i="Podman Release 2.2.0",l={permalink:"/release/2020/12/14/podman-release-v2.2.0",source:"@site/release/2020-12-14-podman-release-v2.2.0.md",title:"Podman v2.2.0 Released",description:"podman logo",date:"2020-12-14T00:00:00.000Z",formattedDate:"December 14, 2020",tags:[{label:"community",permalink:"/release/tags/community"},{label:"open source",permalink:"/release/tags/open-source"},{label:"podman",permalink:"/release/tags/podman"},{label:"hpc",permalink:"/release/tags/hpc"},{label:"kubernetes",permalink:"/release/tags/kubernetes"}],readingTime:1.79,hasTruncateMarker:!1,authors:[{name:"mheon"}],frontMatter:{title:"Podman v2.2.0 Released",layout:"default",author:"mheon",categories:["releases"],tags:["community","open source","podman","hpc","kubernetes"]},prevItem:{title:"Podman v3.0.0 Released",permalink:"/release/2021/02/11/podman-release-v3.0.0"},nextItem:{title:"Podman v2.1.0 Released",permalink:"/release/2020/10/05/podman-release-v2.1.0"}},s={authorsImageUrls:[void 0]},p=[{value:"Podman 2.2 has been released!",id:"podman-22-has-been-released",level:2}],m={toc:p},d="wrapper";function c(e){let{components:n,...o}=e;return(0,r.kt)(d,(0,a.Z)({},m,o,{components:n,mdxType:"MDXLayout"}),(0,r.kt)("p",null,(0,r.kt)("img",{alt:"podman logo",src:t(1382).Z,width:"228",height:"61"})),(0,r.kt)("h2",{id:"podman-22-has-been-released"},"Podman 2.2 has been released!"),(0,r.kt)("p",null,"Podman v2.2.0 has been released! Featuring numerous new features and over 80 bugfixes, the new Podman offers a number of often-requested features and improved stability. Read on for more details!"),(0,r.kt)("p",null,"Some of our most exciting new features include support for network aliases and the ",(0,r.kt)("inlineCode",{parentName:"p"},"network connect")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"network disconnect")," commands. Network aliases are additional names that containers can be accessed through when using DNS. The ",(0,r.kt)("inlineCode",{parentName:"p"},"network connect")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"network disconnect")," commands allow running containers to be added to and removed from networks. These have been frequent requests from users, and significantly improve our compatibility with Docker in networking."),(0,r.kt)("p",null,"Podman 2.2 also comes with initial support for short name aliasing. This feature, explained more fully ",(0,r.kt)("a",{parentName:"p",href:"https://www.redhat.com/sysadmin/container-image-short-names"},"here"),", enhances the security of short names in the ",(0,r.kt)("inlineCode",{parentName:"p"},"podman pull")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"podman run")," commands (e.g. ",(0,r.kt)("inlineCode",{parentName:"p"},"podman pull ubi8"),") by ensuring that that the image we pull is actually the image the user wanted. This feature is purely opt-in for now but will be enabled by default in Podman 3.0."),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"podman generate kube")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"podman play kube")," commands also saw numerous improvements, most of which were provided by the community. Both ",(0,r.kt)("inlineCode",{parentName:"p"},"generate kube")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"play kube")," now support resource limits for containers. We\u2019ve also gained support for Kubernetes\u2019 persistent volume claims and configmaps in ",(0,r.kt)("inlineCode",{parentName:"p"},"podman play kube"),". We now offer increased control over the containers created by ",(0,r.kt)("inlineCode",{parentName:"p"},"play kube")," as well, with a ",(0,r.kt)("inlineCode",{parentName:"p"},"--start")," option (defaulting to true) controlling whether they are started immediately after being created, and the ability to set what log driver they use to improve the ability of ",(0,r.kt)("inlineCode",{parentName:"p"},"podman play kube")," to integrate with systemd unit files."),(0,r.kt)("p",null,"We\u2019ve also added several other improvements. The ",(0,r.kt)("inlineCode",{parentName:"p"},"--mount")," option to ",(0,r.kt)("inlineCode",{parentName:"p"},"podman create")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"podman run")," can now mount a container image into a container using the ",(0,r.kt)("inlineCode",{parentName:"p"},"type=image")," argument. Additionally, the ",(0,r.kt)("inlineCode",{parentName:"p"},"podman inspect")," command now works with more objects (networks, pods, and volumes) instead of just containers and images. Finally, more Podman commands (",(0,r.kt)("inlineCode",{parentName:"p"},"podman mount"),", ",(0,r.kt)("inlineCode",{parentName:"p"},"podman diff"),", ",(0,r.kt)("inlineCode",{parentName:"p"},"podman container exists"),") can now work with Buildah and CRI-O containers, in addition to Podman containers."),(0,r.kt)("p",null,"Numerous bug fixes to APIV2 to better support docker-compose and docker-py."))}c.isMDXComponent=!0},1382:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/fb6543cb.00dc5f25.js b/assets/js/fb6543cb.24822864.js similarity index 50% rename from assets/js/fb6543cb.00dc5f25.js rename to assets/js/fb6543cb.24822864.js index 47cfb9e3e..749406c4f 100644 --- a/assets/js/fb6543cb.00dc5f25.js +++ b/assets/js/fb6543cb.24822864.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[41550],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(67294);function o(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function i(e){for(var t=1;t=0||(o[n]=e[n]);return o}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(o[n]=e[n])}return o}var l=r.createContext({}),c=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(l.Provider,{value:t},e.children)},m="mdxType",u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},f=r.forwardRef((function(e,t){var n=e.components,o=e.mdxType,a=e.originalType,l=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),m=c(n),f=o,d=m["".concat(l,".").concat(f)]||m[f]||u[f]||a;return n?r.createElement(d,i(i({ref:t},p),{},{components:n})):r.createElement(d,i({ref:t},p))}));function d(e,t){var n=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var a=n.length,i=new Array(a);i[0]=f;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s[m]="string"==typeof e?e:o,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>u,frontMatter:()=>a,metadata:()=>s,toc:()=>c});var r=n(87462),o=(n(67294),n(3905));const a={layout:"default",title:"What's NEW!",categories:["new"]},i="Welcome to the [podman.io](https://podman.io) website!",s={permalink:"/blogs/2018/09/10/welcome",source:"@site/blog/2018-09-10-welcome.md",title:"What's NEW!",description:"If you've missed the news so far, CoreOS was acquired by Red Hat at the beginning of 2018. This also means some changes for Buildah and Podman.",date:"2018-09-10T00:00:00.000Z",formattedDate:"September 10, 2018",tags:[],readingTime:.5,hasTruncateMarker:!1,authors:[],frontMatter:{layout:"default",title:"What's NEW!",categories:["new"]},prevItem:{title:"Using systemd to control the startup of Podman containers",permalink:"/blogs/2018/09/13/systemd"},nextItem:{title:"Podman Alpha version 0.8.3 Release Announcement",permalink:"/blogs/2018/08/20/podman-alpha-v0.8.3"}},l={authorsImageUrls:[]},c=[],p={toc:c},m="wrapper";function u(e){let{components:t,...n}=e;return(0,o.kt)(m,(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("p",null,"If you've missed the news so far, CoreOS was acquired by Red Hat at the beginning of 2018. This also means some changes for Buildah and Podman."),(0,o.kt)("p",null,"Buildah and Podman were previously projects within Project Atomic which is going to be sunset in favor of an immutable host combination of Container Linux and Fedora Atomic Host: this combination is called ",(0,o.kt)("a",{parentName:"p",href:"https://coreos.fedoraproject.org"},"Fedora CoreOS"),". We therefore welcome you to the new websites, ",(0,o.kt)("a",{parentName:"p",href:"https://buildah.io"},"buildah.io")," and ",(0,o.kt)("a",{parentName:"p",href:"https://podman.io"},"podman.io")," where you will find news, announcements, and more around the respective projects."),(0,o.kt)("p",null,"To start it up, check out the new ",(0,o.kt)("a",{parentName:"p",href:"https://podman.io/blogs"},"Blogs")," and ",(0,o.kt)("a",{parentName:"p",href:"https://podman.io/releases"},"Releases")," sections on the site."))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[41550],{3905:(e,t,n)=>{n.d(t,{Zo:()=>l,kt:()=>d});var r=n(67294);function o(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function i(e){for(var t=1;t=0||(o[n]=e[n]);return o}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(o[n]=e[n])}return o}var p=r.createContext({}),c=function(e){var t=r.useContext(p),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},l=function(e){var t=c(e.components);return r.createElement(p.Provider,{value:t},e.children)},u="mdxType",m={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},f=r.forwardRef((function(e,t){var n=e.components,o=e.mdxType,a=e.originalType,p=e.parentName,l=s(e,["components","mdxType","originalType","parentName"]),u=c(n),f=o,d=u["".concat(p,".").concat(f)]||u[f]||m[f]||a;return n?r.createElement(d,i(i({ref:t},l),{},{components:n})):r.createElement(d,i({ref:t},l))}));function d(e,t){var n=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var a=n.length,i=new Array(a);i[0]=f;var s={};for(var p in t)hasOwnProperty.call(t,p)&&(s[p]=t[p]);s.originalType=e,s[u]="string"==typeof e?e:o,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>p,contentTitle:()=>i,default:()=>m,frontMatter:()=>a,metadata:()=>s,toc:()=>c});var r=n(87462),o=(n(67294),n(3905));const a={layout:"default",title:"What's NEW!",categories:["new"]},i="Welcome to the [podman.io](https://podman.io) website!",s={permalink:"/blogs/2018/09/10/welcome",source:"@site/blog/2018-09-10-welcome.md",title:"What's NEW!",description:"If you've missed the news so far, CoreOS was acquired by Red Hat at the beginning of 2018. This also means some changes for Buildah and Podman.",date:"2018-09-10T00:00:00.000Z",formattedDate:"September 10, 2018",tags:[],readingTime:.5,hasTruncateMarker:!1,authors:[],frontMatter:{layout:"default",title:"What's NEW!",categories:["new"]},prevItem:{title:"Using systemd to control the startup of Podman containers",permalink:"/blogs/2018/09/13/systemd"},nextItem:{title:"Python3 support for Podman",permalink:"/blogs/2018/08/15/python-support-for-podman"}},p={authorsImageUrls:[]},c=[],l={toc:c},u="wrapper";function m(e){let{components:t,...n}=e;return(0,o.kt)(u,(0,r.Z)({},l,n,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("p",null,"If you've missed the news so far, CoreOS was acquired by Red Hat at the beginning of 2018. This also means some changes for Buildah and Podman."),(0,o.kt)("p",null,"Buildah and Podman were previously projects within Project Atomic which is going to be sunset in favor of an immutable host combination of Container Linux and Fedora Atomic Host: this combination is called ",(0,o.kt)("a",{parentName:"p",href:"https://coreos.fedoraproject.org"},"Fedora CoreOS"),". We therefore welcome you to the new websites, ",(0,o.kt)("a",{parentName:"p",href:"https://buildah.io"},"buildah.io")," and ",(0,o.kt)("a",{parentName:"p",href:"https://podman.io"},"podman.io")," where you will find news, announcements, and more around the respective projects."),(0,o.kt)("p",null,"To start it up, check out the new ",(0,o.kt)("a",{parentName:"p",href:"https://podman.io/blogs"},"Blogs")," and ",(0,o.kt)("a",{parentName:"p",href:"https://podman.io/releases"},"Releases")," sections on the site."))}m.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/fb6c00a7.1be5d667.js b/assets/js/fb6c00a7.a0e472fa.js similarity index 90% rename from assets/js/fb6c00a7.1be5d667.js rename to assets/js/fb6c00a7.a0e472fa.js index db2b2c477..e91c2c54c 100644 --- a/assets/js/fb6c00a7.1be5d667.js +++ b/assets/js/fb6c00a7.a0e472fa.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[38429],{61578:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/blogs/tags/podman","allTagsPath":"/blogs/tags","count":190}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[38429],{61578:a=>{a.exports=JSON.parse('{"label":"podman","permalink":"/blogs/tags/podman","allTagsPath":"/blogs/tags","count":181}')}}]); \ No newline at end of file diff --git a/assets/js/fc1959c7.7f503b64.js b/assets/js/fc1959c7.7f503b64.js new file mode 100644 index 000000000..dfe3ba7be --- /dev/null +++ b/assets/js/fc1959c7.7f503b64.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[79694],{3905:(e,t,n)=>{n.d(t,{Zo:()=>c,kt:()=>h});var o=n(67294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function r(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);t&&(o=o.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,o)}return n}function i(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(o=0;o=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var l=o.createContext({}),p=function(e){var t=o.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},c=function(e){var t=p(e.components);return o.createElement(l.Provider,{value:t},e.children)},m="mdxType",d={inlineCode:"code",wrapper:function(e){var t=e.children;return o.createElement(o.Fragment,{},t)}},u=o.forwardRef((function(e,t){var n=e.components,a=e.mdxType,r=e.originalType,l=e.parentName,c=s(e,["components","mdxType","originalType","parentName"]),m=p(n),u=a,h=m["".concat(l,".").concat(u)]||m[u]||d[u]||r;return n?o.createElement(h,i(i({ref:t},c),{},{components:n})):o.createElement(h,i({ref:t},c))}));function h(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var r=n.length,i=new Array(r);i[0]=u;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s[m]="string"==typeof e?e:a,i[1]=s;for(var p=2;p{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>d,frontMatter:()=>r,metadata:()=>s,toc:()=>p});var o=n(87462),a=(n(67294),n(3905));const r={title:"Python3 support for Podman",layout:"default",author:"jwhonce",categories:["blogs"],tags:["podman","containers"]},i=void 0,s={permalink:"/blogs/2018/08/15/python-support-for-podman",source:"@site/blog/2018-08-15-python-support-for-podman.md",title:"Python3 support for Podman",description:"podman logo",date:"2018-08-15T00:00:00.000Z",formattedDate:"August 15, 2018",tags:[{label:"podman",permalink:"/blogs/tags/podman"},{label:"containers",permalink:"/blogs/tags/containers"}],readingTime:5.175,hasTruncateMarker:!0,authors:[{name:"jwhonce"}],frontMatter:{title:"Python3 support for Podman",layout:"default",author:"jwhonce",categories:["blogs"],tags:["podman","containers"]},prevItem:{title:"What's NEW!",permalink:"/blogs/2018/09/10/welcome"}},l={authorsImageUrls:[void 0]},p=[{value:"By Jhon Honce GitHub",id:"by-jhon-honce-github",level:2},{value:"Now lets start coding:",id:"now-lets-start-coding",level:2},{value:"But wait there is more!",id:"but-wait-there-is-more",level:2}],c={toc:p},m="wrapper";function d(e){let{components:t,...r}=e;return(0,a.kt)(m,(0,o.Z)({},c,r,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,a.kt)("h1",{id:"python3-support-for-podman"},"Python3 support for Podman"),(0,a.kt)("h2",{id:"by-jhon-honce-github"},"By Jhon Honce ",(0,a.kt)("a",{parentName:"h2",href:"https://github.com/jwhonce"},"GitHub")),(0,a.kt)("p",null,"You\u2019ve learned of Podman and all it\u2019s coolness for running OCI-based containers, but you need a solution that is repeatable and scripted. Rather than just executing Podman commands, you want a stable API to call into and not need to screen scrape the output."),(0,a.kt)("p",null,"We heard you and now provide a Python package, python3-podman. This package allows you to access the facilities of a Podman service with #nobigfatdaemons."),(0,a.kt)("p",null,"The python3-podman package containers a module that allows you to connect to a Podman socket activated systemd service on the same host or a remote host using a ssh tunnel. Using the python interface means you can run these commands from a MAC or Windows Box, as long as you have a Linux box with podman installed. We connect using ",(0,a.kt)("em",{parentName:"p"},"varlink")," for the messaging protocol between client and service."),(0,a.kt)("p",null,"For the environment, you will need:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"* Linux host\n* podman package\n* enable the io.podman.socket systemd unit file by executing\n")),(0,a.kt)("p",null,"systemctl enable --now io.podman.socket"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"* Python3\n* The python3-podman rpm, or podman package from PyPi.\n")),(0,a.kt)("p",null,(0,a.kt)("em",{parentName:"p"},"Note: Currently, there is a matching rpm for each version of podman. In time, after the API stabilizes that may no longer be true.")),(0,a.kt)("h2",{id:"now-lets-start-coding"},"Now lets start coding:"),(0,a.kt)("p",null,"Using your favorite code editor you can copy and paste the following Python program into a file named latest_containers.py. Don\u2019t forget Python uses whitespace to signify end-of-line and code blocks when you paste. The below python code will show all of the containers created since midnight UTC when it is run. The code comments provide a running commentary on how the module works in context."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-console"},"#!/usr/bin/env python3\n\n# Python standard date/time support\nfrom datetime import datetime, time, timezone\n\n# the module with all the goodness\nimport podman\n\nmidnight = datetime.combine(datetime.today(), time.min, tzinfo=timezone.utc)\n\n# Our client is a context manager to make resource clean up easy. No arguments implies\n# connect to a local Podman service using the default interfaces.\nwith podman.Client() as client:\n\n # Retrieve all containers in containers storage. Each container is presented\n # as a Namespace and dict. You determine which is easiest for you to use\n # for your solution.\n for c in client.containers.list():\n\n # A bit of sugar, convert any podman-formatted timestamp to\n # a python datetime\n created_at = podman.datetime_parse(c.createdat)\n\n if created_at > midnight:\n\n # Now the results. We provide datetime_format() for consistent\n # iso format in results if you wish to use it.\n print('ID: {}\\n image: {}\\n createdAt: {}'.format(\nc.id[:12], c.image[:33], podman.datetime_format(created_at)))\n")),(0,a.kt)("p",null,"Once you have this code copied into the file:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"* chmod 755 latest_containers.py\n* podman run fedora sleep 300 &\n* ./latest_containers.py\n")),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-console"},"ID: d7337530c6d1\n image: registry.fedoraproject.org/fedora\n createdAt: 2018\u201308\u201310T09:18:09.728858\u201307:00\n")),(0,a.kt)("p",null,"You can watch the whole process ",(0,a.kt)("a",{parentName:"p",href:"https://asciinema.org/a/mu8Knm5dj8mII19evrF9heNCF"},"here"),"."),(0,a.kt)("p",null,"The container object above supports the Namespace and dict protocols. This is our most used data structure providing you the ability to use the returned object in your code as you wish."),(0,a.kt)("p",null,"Connecting to a remote host, requires only changing how you create the Client() in any script:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-console"},"With podman.Client(uri='unix:/run/user/17945/podman/io.podman',\nremote_uri='ssh://ruser@podman.example.com:22/run/podman/io.podman') as client:\n")),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"* uri provides the local side of the ssh tunnel\n* user is your username\n* remote_uri provides the details needed to connect to the remote host, plus the socket file for podman. A complete ssh uri is supported to allow configuration of ports etc.\n* ruser is the remote host username to be used for authentication\n* podman.example.com is the FQDN of the host you are running the podman service on\n* The port number of 22 is given above for completeness, that is the default and may be omitted.\n* An identity file may be provided via identity_file, otherwise the podman library will defer to ssh for authenticating.\n")),(0,a.kt)("p",null,"All other function and method calls are the same whether they are remote or local. Note: all filesystem paths are resolved on the host running the podman service not the podman client."),(0,a.kt)("h2",{id:"but-wait-there-is-more"},"But wait there is more!"),(0,a.kt)("p",null,"To iterate over all the images stored on the system, you only need to change containers to images like:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-console"},"for i in client.images.list():\n")),(0,a.kt)("p",null,"To find podman system information, you need to use: ",(0,a.kt)("inlineCode",{parentName:"p"},"client.system.info()"),". Or, ",(0,a.kt)("inlineCode",{parentName:"p"},"client.system.versions()")," if you need to know the release of the podman service components."),(0,a.kt)("p",null,"To determine if the podman service is available and working, ",(0,a.kt)("inlineCode",{parentName:"p"},"client.system.ping()")," will return ",(0,a.kt)("inlineCode",{parentName:"p"},"True")," if everything is working correctly."),(0,a.kt)("p",null,"One of the most complex operations is creating a new container from an image, the workflow:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"* Pull image from registry\n* Instantiate image object\n* Set container options\n* Create OCI container and object\n")),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-console"},"with podman.Client() as client:\n ident = client.images.pull(name)\n img = client.images.get(ident)\nopts = {\n 'memory': '1G',\n 'memory-reservation': '750M',\n 'Memory-swap': '1.5G',\n }\nctnr = img.container(**opts)\n")),(0,a.kt)("p",null,"Our calling pattern is \u201cclient.","<","model",">",".","<","method",">","(","<","options",">",")\u201d, where the current models are:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"* Images\n* Containers\n* System\n")),(0,a.kt)("p",null,"The Podman man pages provide details on the methods and options to be used for each."),(0,a.kt)("p",null,"What\u2019s been shown in this blog is how easy it is to use the Python module to do Podman commands from your Linux host. These bindings can be used on the same host that Podman is running on, or they could be used on a remote host. Although there is not a complete one to one correspondence between the Podman commands and the ones available via the Python bindings\u200a\u2014\u200ayet, the end goal for this project is to get to that point. For instance the commands for interacting with pods are currently under development and when available, the Python module will be updated to allow access. In addition to that, there\u2019s work underway to make this Python module available on MacOS and Windows via PyPi. When these ports go live, you will be able to interact with Podman service from any Linux, MacOS or Windows host."),(0,a.kt)("p",null,"I hope you have found the information in this blog to be useful and gives you further insight into Podman and this Python module. If you have any questions a great place to ask them is the IRC channel ",(0,a.kt)("em",{parentName:"p"},"#podman")," on ",(0,a.kt)("em",{parentName:"p"},"FREENODE"),"."),(0,a.kt)("p",null,"Better yet if you\u2019d like to help contribute to Podman or this Python module, please feel free to join us on GitHub!"),(0,a.kt)("p",null,(0,a.kt)("a",{parentName:"p",href:"https://github.com/containers/podman"},"https://github.com/containers/podman"),"\n",(0,a.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/tree/main/contrib/python"},"https://github.com/containers/podman/tree/main/contrib/python")))}d.isMDXComponent=!0},1382:(e,t,n)=>{n.d(t,{Z:()=>o});const o=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/fc1959c7.b02fb096.js b/assets/js/fc1959c7.b02fb096.js deleted file mode 100644 index 0aebb2f24..000000000 --- a/assets/js/fc1959c7.b02fb096.js +++ /dev/null @@ -1 +0,0 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[79694],{3905:(e,t,n)=>{n.d(t,{Zo:()=>m,kt:()=>h});var o=n(67294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function r(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);t&&(o=o.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,o)}return n}function i(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(o=0;o=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var l=o.createContext({}),p=function(e){var t=o.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},m=function(e){var t=p(e.components);return o.createElement(l.Provider,{value:t},e.children)},c="mdxType",d={inlineCode:"code",wrapper:function(e){var t=e.children;return o.createElement(o.Fragment,{},t)}},u=o.forwardRef((function(e,t){var n=e.components,a=e.mdxType,r=e.originalType,l=e.parentName,m=s(e,["components","mdxType","originalType","parentName"]),c=p(n),u=a,h=c["".concat(l,".").concat(u)]||c[u]||d[u]||r;return n?o.createElement(h,i(i({ref:t},m),{},{components:n})):o.createElement(h,i({ref:t},m))}));function h(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var r=n.length,i=new Array(r);i[0]=u;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s[c]="string"==typeof e?e:a,i[1]=s;for(var p=2;p{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>d,frontMatter:()=>r,metadata:()=>s,toc:()=>p});var o=n(87462),a=(n(67294),n(3905));const r={title:"Python3 support for Podman",layout:"default",author:"jwhonce",categories:["blogs"],tags:["podman","containers"]},i=void 0,s={permalink:"/blogs/2018/08/15/python-support-for-podman",source:"@site/blog/2018-08-15-python-support-for-podman.md",title:"Python3 support for Podman",description:"podman logo",date:"2018-08-15T00:00:00.000Z",formattedDate:"August 15, 2018",tags:[{label:"podman",permalink:"/blogs/tags/podman"},{label:"containers",permalink:"/blogs/tags/containers"}],readingTime:5.175,hasTruncateMarker:!0,authors:[{name:"jwhonce"}],frontMatter:{title:"Python3 support for Podman",layout:"default",author:"jwhonce",categories:["blogs"],tags:["podman","containers"]},prevItem:{title:"Podman Alpha version 0.8.3 Release Announcement",permalink:"/blogs/2018/08/20/podman-alpha-v0.8.3"},nextItem:{title:"Podman Alpha version 0.8.1 Release Announcement",permalink:"/blogs/2018/08/08/podman-alpha-v0.8.1"}},l={authorsImageUrls:[void 0]},p=[{value:"By Jhon Honce GitHub",id:"by-jhon-honce-github",level:2},{value:"Now lets start coding:",id:"now-lets-start-coding",level:2},{value:"But wait there is more!",id:"but-wait-there-is-more",level:2}],m={toc:p},c="wrapper";function d(e){let{components:t,...r}=e;return(0,a.kt)(c,(0,o.Z)({},m,r,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"podman logo",src:n(1382).Z,width:"228",height:"61"})),(0,a.kt)("h1",{id:"python3-support-for-podman"},"Python3 support for Podman"),(0,a.kt)("h2",{id:"by-jhon-honce-github"},"By Jhon Honce ",(0,a.kt)("a",{parentName:"h2",href:"https://github.com/jwhonce"},"GitHub")),(0,a.kt)("p",null,"You\u2019ve learned of Podman and all it\u2019s coolness for running OCI-based containers, but you need a solution that is repeatable and scripted. Rather than just executing Podman commands, you want a stable API to call into and not need to screen scrape the output."),(0,a.kt)("p",null,"We heard you and now provide a Python package, python3-podman. This package allows you to access the facilities of a Podman service with #nobigfatdaemons."),(0,a.kt)("p",null,"The python3-podman package containers a module that allows you to connect to a Podman socket activated systemd service on the same host or a remote host using a ssh tunnel. Using the python interface means you can run these commands from a MAC or Windows Box, as long as you have a Linux box with podman installed. We connect using ",(0,a.kt)("em",{parentName:"p"},"varlink")," for the messaging protocol between client and service."),(0,a.kt)("p",null,"For the environment, you will need:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"* Linux host\n* podman package\n* enable the io.podman.socket systemd unit file by executing\n")),(0,a.kt)("p",null,"systemctl enable --now io.podman.socket"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"* Python3\n* The python3-podman rpm, or podman package from PyPi.\n")),(0,a.kt)("p",null,(0,a.kt)("em",{parentName:"p"},"Note: Currently, there is a matching rpm for each version of podman. In time, after the API stabilizes that may no longer be true.")),(0,a.kt)("h2",{id:"now-lets-start-coding"},"Now lets start coding:"),(0,a.kt)("p",null,"Using your favorite code editor you can copy and paste the following Python program into a file named latest_containers.py. Don\u2019t forget Python uses whitespace to signify end-of-line and code blocks when you paste. The below python code will show all of the containers created since midnight UTC when it is run. The code comments provide a running commentary on how the module works in context."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-console"},"#!/usr/bin/env python3\n\n# Python standard date/time support\nfrom datetime import datetime, time, timezone\n\n# the module with all the goodness\nimport podman\n\nmidnight = datetime.combine(datetime.today(), time.min, tzinfo=timezone.utc)\n\n# Our client is a context manager to make resource clean up easy. No arguments implies\n# connect to a local Podman service using the default interfaces.\nwith podman.Client() as client:\n\n # Retrieve all containers in containers storage. Each container is presented\n # as a Namespace and dict. You determine which is easiest for you to use\n # for your solution.\n for c in client.containers.list():\n\n # A bit of sugar, convert any podman-formatted timestamp to\n # a python datetime\n created_at = podman.datetime_parse(c.createdat)\n\n if created_at > midnight:\n\n # Now the results. We provide datetime_format() for consistent\n # iso format in results if you wish to use it.\n print('ID: {}\\n image: {}\\n createdAt: {}'.format(\nc.id[:12], c.image[:33], podman.datetime_format(created_at)))\n")),(0,a.kt)("p",null,"Once you have this code copied into the file:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"* chmod 755 latest_containers.py\n* podman run fedora sleep 300 &\n* ./latest_containers.py\n")),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-console"},"ID: d7337530c6d1\n image: registry.fedoraproject.org/fedora\n createdAt: 2018\u201308\u201310T09:18:09.728858\u201307:00\n")),(0,a.kt)("p",null,"You can watch the whole process ",(0,a.kt)("a",{parentName:"p",href:"https://asciinema.org/a/mu8Knm5dj8mII19evrF9heNCF"},"here"),"."),(0,a.kt)("p",null,"The container object above supports the Namespace and dict protocols. This is our most used data structure providing you the ability to use the returned object in your code as you wish."),(0,a.kt)("p",null,"Connecting to a remote host, requires only changing how you create the Client() in any script:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-console"},"With podman.Client(uri='unix:/run/user/17945/podman/io.podman',\nremote_uri='ssh://ruser@podman.example.com:22/run/podman/io.podman') as client:\n")),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"* uri provides the local side of the ssh tunnel\n* user is your username\n* remote_uri provides the details needed to connect to the remote host, plus the socket file for podman. A complete ssh uri is supported to allow configuration of ports etc.\n* ruser is the remote host username to be used for authentication\n* podman.example.com is the FQDN of the host you are running the podman service on\n* The port number of 22 is given above for completeness, that is the default and may be omitted.\n* An identity file may be provided via identity_file, otherwise the podman library will defer to ssh for authenticating.\n")),(0,a.kt)("p",null,"All other function and method calls are the same whether they are remote or local. Note: all filesystem paths are resolved on the host running the podman service not the podman client."),(0,a.kt)("h2",{id:"but-wait-there-is-more"},"But wait there is more!"),(0,a.kt)("p",null,"To iterate over all the images stored on the system, you only need to change containers to images like:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-console"},"for i in client.images.list():\n")),(0,a.kt)("p",null,"To find podman system information, you need to use: ",(0,a.kt)("inlineCode",{parentName:"p"},"client.system.info()"),". Or, ",(0,a.kt)("inlineCode",{parentName:"p"},"client.system.versions()")," if you need to know the release of the podman service components."),(0,a.kt)("p",null,"To determine if the podman service is available and working, ",(0,a.kt)("inlineCode",{parentName:"p"},"client.system.ping()")," will return ",(0,a.kt)("inlineCode",{parentName:"p"},"True")," if everything is working correctly."),(0,a.kt)("p",null,"One of the most complex operations is creating a new container from an image, the workflow:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"* Pull image from registry\n* Instantiate image object\n* Set container options\n* Create OCI container and object\n")),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-console"},"with podman.Client() as client:\n ident = client.images.pull(name)\n img = client.images.get(ident)\nopts = {\n 'memory': '1G',\n 'memory-reservation': '750M',\n 'Memory-swap': '1.5G',\n }\nctnr = img.container(**opts)\n")),(0,a.kt)("p",null,"Our calling pattern is \u201cclient.","<","model",">",".","<","method",">","(","<","options",">",")\u201d, where the current models are:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"* Images\n* Containers\n* System\n")),(0,a.kt)("p",null,"The Podman man pages provide details on the methods and options to be used for each."),(0,a.kt)("p",null,"What\u2019s been shown in this blog is how easy it is to use the Python module to do Podman commands from your Linux host. These bindings can be used on the same host that Podman is running on, or they could be used on a remote host. Although there is not a complete one to one correspondence between the Podman commands and the ones available via the Python bindings\u200a\u2014\u200ayet, the end goal for this project is to get to that point. For instance the commands for interacting with pods are currently under development and when available, the Python module will be updated to allow access. In addition to that, there\u2019s work underway to make this Python module available on MacOS and Windows via PyPi. When these ports go live, you will be able to interact with Podman service from any Linux, MacOS or Windows host."),(0,a.kt)("p",null,"I hope you have found the information in this blog to be useful and gives you further insight into Podman and this Python module. If you have any questions a great place to ask them is the IRC channel ",(0,a.kt)("em",{parentName:"p"},"#podman")," on ",(0,a.kt)("em",{parentName:"p"},"FREENODE"),"."),(0,a.kt)("p",null,"Better yet if you\u2019d like to help contribute to Podman or this Python module, please feel free to join us on GitHub!"),(0,a.kt)("p",null,(0,a.kt)("a",{parentName:"p",href:"https://github.com/containers/podman"},"https://github.com/containers/podman"),"\n",(0,a.kt)("a",{parentName:"p",href:"https://github.com/containers/podman/tree/main/contrib/python"},"https://github.com/containers/podman/tree/main/contrib/python")))}d.isMDXComponent=!0},1382:(e,t,n)=>{n.d(t,{Z:()=>o});const o=n.p+"assets/images/podman-ce586c2894883ad9c353492b5e1893a8.svg"}}]); \ No newline at end of file diff --git a/assets/js/feb1236d.dadc6148.js b/assets/js/feb1236d.9b9265af.js similarity index 58% rename from assets/js/feb1236d.dadc6148.js rename to assets/js/feb1236d.9b9265af.js index aff327c01..91db34086 100644 --- a/assets/js/feb1236d.dadc6148.js +++ b/assets/js/feb1236d.9b9265af.js @@ -1 +1 @@ -"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[46947],{59192:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/8","page":8,"postsPerPage":10,"totalPages":26,"totalCount":255,"previousPage":"/blogs/page/7","nextPage":"/blogs/page/9","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file +"use strict";(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[46947],{59192:e=>{e.exports=JSON.parse('{"permalink":"/blogs/page/8","page":8,"postsPerPage":10,"totalPages":25,"totalCount":246,"previousPage":"/blogs/page/7","nextPage":"/blogs/page/9","blogDescription":"Blog","blogTitle":"Blog"}')}}]); \ No newline at end of file diff --git a/assets/js/main.ed2636cd.js b/assets/js/main.ed2636cd.js deleted file mode 100644 index 727dd24e8..000000000 --- a/assets/js/main.ed2636cd.js +++ /dev/null @@ -1,2 +0,0 @@ -/*! For license information please see main.ed2636cd.js.LICENSE.txt */ -(self.webpackChunkpodman=self.webpackChunkpodman||[]).push([[40179],{723:(e,t,n)=>{"use strict";n.d(t,{Z:()=>g});var o=n(67294),a=n(87462),c=n(68356),r=n.n(c),i=n(16887);const s={"001e1716":[()=>n.e(53121).then(n.bind(n,2471)),"@site/blog/2019-10-31-cgroupv2.md",2471],"003bd65f":[()=>n.e(87659).then(n.t.bind(n,66599,19)),"~blog/default/blogs-tags-distro-321-list.json",66599],"008e479d":[()=>n.e(48111).then(n.t.bind(n,64630,19)),"~blog/default/blogs-page-19-909.json",64630],"00d5b134":[()=>n.e(13581).then(n.t.bind(n,21240,19)),"~blog/default/blogs-tags-oci-f02-list.json",21240],"00f5d06d":[()=>n.e(96030).then(n.bind(n,54277)),"@site/blog/2020-07-17-new.md",54277],"00f8cb14":[()=>n.e(44913).then(n.bind(n,2310)),"@site/blog/2020-12-23-containers-com-podman.md",2310],"00feb899":[()=>n.e(5291).then(n.t.bind(n,93233,19)),"~blog/default/blogs-tags-hpc-page-8-18e.json",93233],"0142e598":[()=>n.e(77333).then(n.t.bind(n,14562,19)),"~blog/default/blogs-tags-windows-page-4-8b3-list.json",14562],"019131da":[()=>n.e(67232).then(n.t.bind(n,63731,19)),"~blog/default/blogs-tags-nfs-cf6-list.json",63731],"01a85c17":[()=>Promise.all([n.e(40532),n.e(64013)]).then(n.bind(n,91223)),"@theme/BlogTagsListPage",91223],"01d5614e":[()=>n.e(59814).then(n.bind(n,51782)),"@site/blog/2019-01-08-rhel-8-and-podman.md?truncated=true",51782],"02ec521e":[()=>n.e(65870).then(n.bind(n,50319)),"@site/blog/2019-12-17-new.md?truncated=true",50319],"03118738":[()=>n.e(60467).then(n.bind(n,19296)),"@site/blog/2020-08-01-deprecate-and-remove-varlink-notice.md",19296],"03174832":[()=>n.e(44437).then(n.bind(n,39321)),"@site/blog/2019-12-14-new.md?truncated=true",39321],"03d0b641":[()=>n.e(31967).then(n.bind(n,59706)),"@site/blog/2020-03-03-new.md",59706],"0462cff2":[()=>n.e(97140).then(n.t.bind(n,34234,19)),"~blog/default/blogs-tags-pod-page-8-67c-list.json",34234],"047e6a26":[()=>n.e(59827).then(n.t.bind(n,77654,19)),"~blog/default/blogs-tags-microsoft-f72-list.json",77654],"04c84ab7":[()=>n.e(42815).then(n.bind(n,9346)),"@site/blog/2019-01-15-podman-pods.md",9346],"053d7e42":[()=>n.e(61265).then(n.bind(n,88493)),"@site/blog/2020-09-22-security.md",88493],"0565c07f":[()=>n.e(43855).then(n.bind(n,72627)),"@site/blog/2020-12-14-new.md",72627],"05827d53":[()=>n.e(80357).then(n.t.bind(n,71693,19)),"~blog/default/blogs-tags-pod-page-9-5c8.json",71693],"05c17326":[()=>n.e(72447).then(n.bind(n,15265)),"@site/blog/2021-07-02-podman-inside-container.md",15265],"05d073aa":[()=>n.e(26546).then(n.bind(n,22534)),"@site/blog/2018-12-14-openstack-podman-healthchecks.md",22534],"0614adf5":[()=>n.e(54993).then(n.bind(n,23693)),"@site/blog/2020-09-28-new.md?truncated=true",23693],"0619e1d5":[()=>n.e(9887).then(n.bind(n,21577)),"@site/blog/2022-05-08-podman-posts-of-interests.md",21577],"06d6451e":[()=>n.e(62324).then(n.bind(n,34533)),"@site/blog/2022-10-03-new.md",34533],"0702198c":[()=>n.e(24180).then(n.t.bind(n,56810,19)),"~blog/default/blogs-tags-containers-page-8-dd0.json",56810],"0752e30e":[()=>n.e(97120).then(n.t.bind(n,71350,19)),"~blog/default/blogs-tags-containers-page-2-ad9.json",71350],"0756af21":[()=>n.e(93323).then(n.t.bind(n,98963,19)),"~blog/default/blogs-tags-api-page-3-25a-list.json",98963],"076802e0":[()=>n.e(61763).then(n.bind(n,91392)),"@site/blog/2022-03-06-new.md",91392],"078ca05e":[()=>n.e(34740).then(n.t.bind(n,54173,19)),"~blog/default/blogs-tags-images-page-2-bca-list.json",54173],"07a41131":[()=>n.e(29996).then(n.bind(n,43538)),"@site/blog/2021-06-13-podman-posts-of-interests.md?truncated=true",43538],"07b2872f":[()=>n.e(22036).then(n.bind(n,19193)),"@site/blog/2020-12-07-podman-posts-of-interests.md",19193],"07fcb413":[()=>n.e(95142).then(n.t.bind(n,96807,19)),"~blog/default/blogs-page-4-fdd.json",96807],"080a77b8":[()=>n.e(14986).then(n.t.bind(n,17044,19)),"~blog/default/blogs-page-18-832.json",17044],"08650cf2":[()=>n.e(4714).then(n.t.bind(n,59696,19)),"~blog/default/blogs-page-17-507.json",59696],"0899fb24":[()=>n.e(81100).then(n.bind(n,57924)),"@site/blog/2019-08-28-buildah-in-containers.md",57924],"08b38161":[()=>n.e(91617).then(n.bind(n,79958)),"@site/blog/2022-02-22-new.md",79958],"08cd2194":[()=>n.e(78010).then(n.t.bind(n,55905,19)),"~blog/default/blogs-tags-images-page-4-273-list.json",55905],"08d52cd0":[()=>n.e(61708).then(n.bind(n,77621)),"@site/blog/2020-08-13-walk-through.md?truncated=true",77621],"08d58ed6":[()=>n.e(64978).then(n.t.bind(n,32692,19)),"~blog/default/blogs-tags-linux-f88.json",32692],"08efe41f":[()=>n.e(31921).then(n.t.bind(n,55227,19)),"~blog/default/blogs-tags-podman-page-12-512.json",55227],"0902dbf0":[()=>n.e(53015).then(n.bind(n,27071)),"@site/blog/2021-01-15-new.md",27071],"0904ab64":[()=>n.e(82168).then(n.bind(n,50310)),"@site/blog/2020-01-22-new.md?truncated=true",50310],"0965286a":[()=>n.e(69320).then(n.bind(n,65738)),"@site/blog/2021-05-26-new.md?truncated=true",65738],"096b53d1":[()=>n.e(85511).then(n.t.bind(n,93715,19)),"~blog/default/blogs-tags-v-2-page-4-fe4.json",93715],"0984e7b7":[()=>n.e(84143).then(n.bind(n,19177)),"@site/blog/2019-10-02-container-networking.md?truncated=true",19177],"09ac5c49":[()=>n.e(37184).then(n.bind(n,95194)),"@site/blog/2018-08-08-podman-alpha-v0.8.1.md",95194],"0a00aed9":[()=>n.e(41048).then(n.bind(n,32548)),"@site/blog/2019-06-26-new.md?truncated=true",32548],"0a3ca7a0":[()=>n.e(28424).then(n.t.bind(n,85831,19)),"~blog/default/blogs-page-25-ba8.json",85831],"0b13c270":[()=>n.e(4358).then(n.t.bind(n,9430,19)),"~blog/default/blogs-tags-containers-837.json",9430],"0b3545e4":[()=>n.e(36358).then(n.bind(n,84768)),"@site/blog/2021-06-16-install-podman-on-ubuntu.md?truncated=true",84768],"0bb7bcfa":[()=>n.e(74708).then(n.t.bind(n,45479,19)),"~blog/default/blogs-tags-ruby-c26-list.json",45479],"0befdadd":[()=>n.e(45182).then(n.bind(n,69834)),"@site/blog/2020-01-17-podman-new-api.md",69834],"0c4492b5":[()=>n.e(86925).then(n.bind(n,37663)),"@site/blog/2019-08-28-new.md",37663],"0ca5e369":[()=>n.e(83669).then(n.t.bind(n,77225,19)),"~blog/default/blogs-tags-podman-page-11-25b.json",77225],"0d8d3350":[()=>n.e(72629).then(n.bind(n,43232)),"@site/blog/2019-12-17-new.md",43232],"0da6392e":[()=>n.e(64325).then(n.bind(n,7294)),"@site/blog/2020-03-31-new.md",7294],"0f92a9a8":[()=>n.e(48440).then(n.bind(n,23685)),"@site/blog/2021-10-11-new.md?truncated=true",23685],"0fc51021":[()=>n.e(30836).then(n.bind(n,73215)),"@site/blog/2020-04-17-new.md?truncated=true",73215],"103f9e04":[()=>n.e(76638).then(n.t.bind(n,82409,19)),"~blog/default/blogs-tags-networking-page-7-16a-list.json",82409],"1055a711":[()=>n.e(67036).then(n.t.bind(n,74895,19)),"~blog/default/blogs-tags-signing-425.json",74895],"1076f64b":[()=>n.e(17541).then(n.bind(n,19175)),"@site/blog/2020-10-17-new.md?truncated=true",19175],"1095b338":[()=>n.e(90744).then(n.t.bind(n,79859,19)),"~blog/default/blogs-page-14-3f8.json",79859],"1170c774":[()=>n.e(61846).then(n.bind(n,62243)),"@site/blog/2021-03-27-podman-posts-of-interests.md",62243],"119399a8":[()=>n.e(88799).then(n.t.bind(n,26257,19)),"~blog/default/blogs-tags-v-2-page-9-0dd.json",26257],"126508e2":[()=>n.e(16380).then(n.bind(n,76261)),"@site/blog/2022-12-07-new.md",76261],"12a06ad6":[()=>n.e(10330).then(n.t.bind(n,61582,19)),"~blog/default/blogs-tags-podman-page-12-512-list.json",61582],"1398643a":[()=>n.e(52303).then(n.t.bind(n,41628,19)),"~blog/default/blogs-tags-tent-280-list.json",41628],"140f3dee":[()=>n.e(47057).then(n.bind(n,73257)),"@site/blog/2021-10-28-new.md?truncated=true",73257],"1431f569":[()=>n.e(3465).then(n.bind(n,86325)),"@site/blog/2020-05-13-new.md?truncated=true",86325],"146d05d7":[()=>n.e(23169).then(n.bind(n,37642)),"@site/blog/2018-08-15-python-support-for-podman.md?truncated=true",37642],"14706c8b":[()=>n.e(80145).then(n.bind(n,62423)),"@site/blog/2020-03-03-behind-the-covers.md?truncated=true",62423],"1517121d":[()=>n.e(31803).then(n.t.bind(n,48711,19)),"~blog/default/blogs-tags-api-page-9-d23.json",48711],15706790:[()=>n.e(92511).then(n.t.bind(n,99598,19)),"~blog/default/blogs-tags-systemd-1c9.json",99598],"15960ad5":[()=>n.e(94012).then(n.bind(n,81203)),"@site/blog/2021-05-04-new.md",81203],"15d0580c":[()=>n.e(312).then(n.bind(n,26251)),"@site/blog/2019-12-14-rhel8-podman.md?truncated=true",26251],"15f6fe0f":[()=>n.e(22970).then(n.t.bind(n,97564,19)),"~blog/default/blogs-page-13-d7c.json",97564],"16029c63":[()=>n.e(61766).then(n.t.bind(n,86039,19)),"~blog/default/blogs-archive-004.json",86039],"1608665e":[()=>n.e(96902).then(n.t.bind(n,92862,19)),"~blog/default/blogs-tags-podman-page-4-20a-list.json",92862],"1608ab0c":[()=>n.e(77467).then(n.bind(n,74732)),"@site/blog/2021-03-27-new.md",74732],"161712d6":[()=>n.e(58255).then(n.t.bind(n,86801,19)),"~blog/default/blogs-tags-images-page-2-bca.json",86801],"16304c1d":[()=>n.e(79355).then(n.t.bind(n,89597,19)),"~blog/default/blogs-tags-containers-page-10-d43.json",89597],"1677abc3":[()=>n.e(39880).then(n.t.bind(n,97016,19)),"~blog/default/blogs-tags-kubernetes-page-2-3a1.json",97016],"16b4412b":[()=>n.e(36714).then(n.t.bind(n,25337,19)),"~blog/default/blogs-tags-tracing-a36-list.json",25337],"16b64f07":[()=>n.e(4250).then(n.t.bind(n,76932,19)),"~blog/default/blogs-tags-kubernetes-page-4-282-list.json",76932],"170c3def":[()=>n.e(69319).then(n.t.bind(n,14332,19)),"~blog/default/blogs-page-9-3b6.json",14332],"173771a7":[()=>n.e(7096).then(n.bind(n,99517)),"@site/blog/2020-04-05-new.md",99517],"1738210e":[()=>n.e(41119).then(n.t.bind(n,57693,19)),"~blog/default/blogs-tags-v-2-page-5-ddb.json",57693],"173f7963":[()=>n.e(81357).then(n.bind(n,36716)),"@site/blog/2020-09-02-new.md",36716],"175c78b3":[()=>n.e(23910).then(n.bind(n,44721)),"@site/blog/2020-07-16-new.md?truncated=true",44721],17896441:[()=>Promise.all([n.e(40532),n.e(50840),n.e(28490),n.e(27918)]).then(n.bind(n,78945)),"@theme/DocItem",78945],"1855c9f4":[()=>n.e(78658).then(n.t.bind(n,66224,19)),"~blog/default/blogs-tags-networking-page-9-477.json",66224],18714417:[()=>n.e(74009).then(n.t.bind(n,78959,19)),"~blog/default/blogs-tags-containers-page-5-48b.json",78959],"18ba6a46":[()=>n.e(26571).then(n.bind(n,550)),"@site/blog/2020-02-07-new.md",550],"18c538ec":[()=>n.e(66291).then(n.bind(n,27495)),"@site/blog/2020-03-31-build-pull-options.md",27495],"18f289aa":[()=>n.e(59353).then(n.bind(n,12532)),"@site/blog/2020-08-02-new.md?truncated=true",12532],"190acd9c":[()=>n.e(61213).then(n.t.bind(n,48585,19)),"~blog/default/blogs-tags-mac-14d.json",48585],"192ae610":[()=>n.e(75191).then(n.bind(n,77340)),"@site/blog/2022-04-05-ubuntu-2204-lts-kubic.md?truncated=true",77340],"199adf45":[()=>n.e(50475).then(n.t.bind(n,58547,19)),"~blog/default/blogs-tags-windows-page-5-afe-list.json",58547],"19e0fcb3":[()=>n.e(41337).then(n.t.bind(n,70665,19)),"~blog/default/blogs-tags-netavark-299-list.json",70665],"1a180b3e":[()=>n.e(17391).then(n.bind(n,78583)),"@site/blog/2018-12-12-podman-alpha-v0.12.1.1.md?truncated=true",78583],"1a52eae7":[()=>n.e(71877).then(n.t.bind(n,95097,19)),"~blog/default/blogs-tags-api-page-3-25a.json",95097],"1a5edc34":[()=>n.e(53711).then(n.bind(n,68412)),"@site/blog/2019-03-22-podman-made-easy.md?truncated=true",68412],"1aa3183d":[()=>n.e(83037).then(n.t.bind(n,48811,19)),"~blog/default/blogs-tags-api-page-6-628-list.json",48811],"1aba2a20":[()=>n.e(56779).then(n.bind(n,69076)),"@site/blog/2019-10-31-cgroupv2.md?truncated=true",69076],"1ac601ec":[()=>n.e(6380).then(n.bind(n,34750)),"@site/blog/2020-12-11-remove-varlink-libpod-conf-notice.md",34750],"1b19517e":[()=>n.e(4247).then(n.bind(n,17833)),"@site/blog/2019-12-11-new.md",17833],"1b28acf9":[()=>n.e(25929).then(n.t.bind(n,26430,19)),"~blog/default/blogs-page-5-67a.json",26430],"1b42d056":[()=>n.e(73167).then(n.bind(n,85844)),"@site/blog/2021-09-03-podman-posts-of-interests.md?truncated=true",85844],"1be78505":[()=>Promise.all([n.e(40532),n.e(29514)]).then(n.bind(n,19963)),"@theme/DocPage",19963],"1c05226e":[()=>n.e(95051).then(n.bind(n,27899)),"@site/blog/2019-11-08-build-ctrs-with-open-tools.md?truncated=true",27899],"1c0e9aa0":[()=>n.e(12882).then(n.bind(n,52796)),"@site/blog/2020-07-01-new.md",52796],"1c21ba58":[()=>n.e(49492).then(n.bind(n,71332)),"@site/blog/2022-05-08-podman-posts-of-interests.md?truncated=true",71332],"1c258b38":[()=>n.e(29245).then(n.t.bind(n,3188,19)),"~blog/default/blogs-tags-containers-page-18-e4b-list.json",3188],"1c3c8be8":[()=>n.e(96298).then(n.t.bind(n,32557,19)),"~blog/default/blogs-tags-windows-page-7-f98.json",32557],"1cc400ce":[()=>n.e(20769).then(n.bind(n,50539)),"@site/blog/2020-09-02-running_windows_or_mac.md",50539],"1cc46930":[()=>n.e(57574).then(n.t.bind(n,13592,19)),"~blog/default/blogs-tags-windows-page-2-c4b.json",13592],"1d40ab52":[()=>n.e(74926).then(n.bind(n,68734)),"@site/blog/2020-01-17-new.md",68734],"1d52074d":[()=>n.e(12105).then(n.bind(n,73112)),"@site/blog/2021-01-26-new.md",73112],"1d5b23e2":[()=>n.e(36549).then(n.bind(n,10072)),"@site/blog/2020-12-07-podman-posts-of-interests.md?truncated=true",10072],"1dc9c973":[()=>n.e(70714).then(n.bind(n,16892)),"@site/blog/2020-01-15-new.md?truncated=true",16892],"1dcbf034":[()=>n.e(40300).then(n.t.bind(n,84492,19)),"~blog/default/blogs-tags-gpg-2fd.json",84492],"1ddde341":[()=>n.e(67356).then(n.t.bind(n,6581,19)),"~blog/default/blogs-tags-hpc-page-7-737.json",6581],"1df93b7f":[()=>Promise.all([n.e(1954),n.e(68584),n.e(53237)]).then(n.bind(n,46584)),"@site/src/pages/index.tsx",46584],"1e415b6f":[()=>n.e(34049).then(n.t.bind(n,20222,19)),"~blog/default/blogs-tags-containers-837-list.json",20222],"1e439a5b":[()=>n.e(2077).then(n.t.bind(n,9684,19)),"~blog/default/blogs-tags-buildah-page-2-ce5.json",9684],"1f1afc48":[()=>n.e(2572).then(n.bind(n,70147)),"@site/blog/2020-04-14-new.md?truncated=true",70147],"1f1b61b4":[()=>n.e(37300).then(n.bind(n,72442)),"@site/blog/2019-10-28-new.md",72442],"1fd61002":[()=>n.e(38342).then(n.bind(n,90961)),"@site/blog/2020-03-03-behind-the-covers.md",90961],"20643d6a":[()=>n.e(81771).then(n.t.bind(n,81392,19)),"~blog/default/blogs-tags-rust-295.json",81392],20979765:[()=>n.e(46596).then(n.t.bind(n,72489,19)),"~blog/default/blogs-tags-networking-74c.json",72489],"20a75fd7":[()=>n.e(67301).then(n.bind(n,81691)),"@site/blog/2021-04-02-new.md?truncated=true",81691],"20d73eb2":[()=>n.e(24354).then(n.bind(n,27964)),"@site/blog/2019-11-12-new.md",27964],"2132f2c8":[()=>n.e(24174).then(n.t.bind(n,61132,19)),"~blog/default/blogs-tags-seccomp-c92-list.json",61132],"216a98d5":[()=>n.e(29946).then(n.bind(n,23093)),"@site/blog/2019-12-11-new.md?truncated=true",23093],"217d978d":[()=>n.e(38773).then(n.bind(n,18392)),"@site/blog/2020-03-13-image-signing.md",18392],"222f68c8":[()=>n.e(94899).then(n.t.bind(n,81290,19)),"~blog/default/blogs-tags-mac-os-b6f.json",81290],"226b0cb1":[()=>n.e(77248).then(n.bind(n,67809)),"@site/blog/2022-10-12-new.md",67809],"22bf71e8":[()=>n.e(93656).then(n.bind(n,19340)),"@site/blog/2020-12-22-behind-container-images.md",19340],"22d1e350":[()=>n.e(64322).then(n.t.bind(n,42497,19)),"~blog/default/blogs-tags-rest-api-page-2-6f8-list.json",42497],"22f788e4":[()=>n.e(26583).then(n.bind(n,90575)),"@site/blog/2022-06-08-new.md?truncated=true",90575],"23091f88":[()=>n.e(51701).then(n.t.bind(n,70006,19)),"~blog/default/blogs-tags-rust-295-list.json",70006],"23352ec4":[()=>n.e(10704).then(n.t.bind(n,31522,19)),"~blog/default/blogs-tags-networking-page-6-1cd-list.json",31522],"236783c9":[()=>n.e(83050).then(n.t.bind(n,56804,19)),"~blog/default/blogs-tags-hpc-8e6.json",56804],"23b969f8":[()=>n.e(16186).then(n.bind(n,83929)),"@site/blog/2018-09-10-welcome.md?truncated=true",83929],"23d9fe45":[()=>n.e(93432).then(n.bind(n,31369)),"@site/blog/2019-11-20-run-podman-on-debian.md",31369],"244e56d5":[()=>n.e(47484).then(n.t.bind(n,8126,19)),"~blog/default/blogs-tags-rootless-649-list.json",8126],"2456a5e0":[()=>n.e(82654).then(n.t.bind(n,1715,19)),"~blog/default/blogs-tags-networking-page-5-36e.json",1715],"24e002ac":[()=>n.e(61981).then(n.bind(n,43254)),"@site/blog/2019-06-19-ondemand-course.md",43254],"259d4bd8":[()=>n.e(94325).then(n.t.bind(n,78457,19)),"~blog/default/blogs-tags-systemd-1c9-list.json",78457],"260a4a36":[()=>n.e(747).then(n.t.bind(n,9497,19)),"~blog/default/blogs-tags-docker-compose-8d7.json",9497],"2628b79f":[()=>n.e(69300).then(n.bind(n,57023)),"@site/blog/2018-10-05-tripleo-undercloud.md?truncated=true",57023],"265621d8":[()=>n.e(38515).then(n.t.bind(n,67004,19)),"~blog/default/blogs-tags-rename-ff7-list.json",67004],"266461e3":[()=>n.e(95510).then(n.t.bind(n,11955,19)),"~blog/default/blogs-tags-kube-page-4-c8d.json",11955],"26684b7d":[()=>n.e(18676).then(n.t.bind(n,14521,19)),"~blog/default/blogs-tags-containers-page-13-d34-list.json",14521],"276a35f2":[()=>n.e(70545).then(n.bind(n,81700)),"@site/blog/2019-08-14-new.md?truncated=true",81700],27772462:[()=>n.e(77184).then(n.bind(n,3506)),"@site/blog/2018-10-05-tripleo-undercloud.md",3506],"27b2bedd":[()=>n.e(25088).then(n.bind(n,61841)),"@site/blog/2020-07-07-repo-rename.md",61841],"282850f5":[()=>n.e(28621).then(n.t.bind(n,8600,19)),"~blog/default/blogs-page-15-429.json",8600],"284a080c":[()=>n.e(35821).then(n.bind(n,40533)),"@site/blog/2019-09-25-new.md?truncated=true",40533],"285fd50d":[()=>n.e(99812).then(n.bind(n,81513)),"@site/blog/2022-03-06-why_no_podman4_f35.md?truncated=true",81513],"2865d6a1":[()=>n.e(26123).then(n.bind(n,46837)),"@site/blog/2019-02-21-pandb-4-users.md",46837],"28d6087e":[()=>n.e(97357).then(n.bind(n,15948)),"@site/blog/2020-02-06-new.md?truncated=true",15948],"29a08e9a":[()=>n.e(38279).then(n.bind(n,94288)),"@site/blog/2020-04-16-new.md",94288],"29b0c18d":[()=>n.e(38590).then(n.bind(n,8579)),"@site/blog/2020-07-18-speed-up-build-with-overlayfs.md?truncated=true",8579],"29e3a43b":[()=>n.e(50030).then(n.bind(n,15678)),"@site/blog/2021-09-06-podman-on-macs.md",15678],"2a592757":[()=>n.e(59337).then(n.bind(n,49359)),"@site/blog/2019-10-31-new.md?truncated=true",49359],"2a769183":[()=>n.e(28006).then(n.bind(n,61054)),"@site/blog/2020-06-29-new.md?truncated=true",61054],"2ae252f9":[()=>n.e(21994).then(n.t.bind(n,8184,19)),"~blog/default/blogs-tags-kube-page-5-5ba.json",8184],"2b1e53d2":[()=>n.e(69078).then(n.bind(n,71550)),"@site/blog/2019-11-20-run-podman-on-debian.md?truncated=true",71550],"2b4e7f11":[()=>n.e(99554).then(n.t.bind(n,15745,19)),"/home/runner/work/podman.io/podman.io/.docusaurus/docusaurus-plugin-content-pages/default/plugin-route-context-module-100.json",15745],"2b956348":[()=>n.e(6455).then(n.t.bind(n,61854,19)),"~blog/default/blogs-tags-rest-api-page-3-3fe-list.json",61854],"2bd82a96":[()=>n.e(40412).then(n.bind(n,72233)),"@site/blog/2021-10-16-sudo-with-rootless-podman.md?truncated=true",72233],"2c2bdd6a":[()=>n.e(69040).then(n.t.bind(n,20472,19)),"~blog/default/blogs-tags-hpc-page-6-448.json",20472],"2c647459":[()=>n.e(56805).then(n.t.bind(n,11847,19)),"~blog/default/blogs-tags-pod-page-7-5a5-list.json",11847],"2c65c31e":[()=>n.e(7865).then(n.bind(n,43840)),"@site/blog/2022-06-08-podman-on-windows.md",43840],"2cd08dad":[()=>n.e(59706).then(n.t.bind(n,73114,19)),"~blog/default/blogs-tags-pod-page-6-b64.json",73114],"2d11d1c7":[()=>n.e(84541).then(n.t.bind(n,34897,19)),"~blog/default/blogs-tags-mac-page-5-d87-list.json",34897],"2dd6b9ac":[()=>n.e(49201).then(n.t.bind(n,29825,19)),"~blog/default/blogs-tags-restful-913-list.json",29825],"2e0a315c":[()=>n.e(3729).then(n.bind(n,30750)),"@site/blog/2020-08-24-container-time.md?truncated=true",30750],"2ea98982":[()=>n.e(48441).then(n.t.bind(n,17254,19)),"~blog/default/blogs-tags-distro-321.json",17254],"2f0cfb14":[()=>n.e(7319).then(n.bind(n,88345)),"@site/blog/2019-10-14-SayHello.md",88345],"2f9a61f7":[()=>n.e(86621).then(n.bind(n,78823)),"@site/blog/2019-10-14-SayHello.md?truncated=true",78823],"2fd2ba7e":[()=>n.e(21574).then(n.t.bind(n,68648,19)),"~blog/default/blogs-tags-windows-page-7-f98-list.json",68648],"2ffafe2d":[()=>n.e(25480).then(n.t.bind(n,84668,19)),"~blog/default/blogs-tags-windows-page-2-c4b-list.json",84668],"300f4cd6":[()=>n.e(21).then(n.bind(n,25823)),"@site/blog/2019-12-17-podman-systemd-1-7.md",25823],"30269bac":[()=>n.e(14640).then(n.t.bind(n,42273,19)),"~blog/default/blogs-tags-bioinformatics-0ae.json",42273],"306e9acb":[()=>n.e(89635).then(n.t.bind(n,6782,19)),"~blog/default/blogs-tags-kube-03a-list.json",6782],"30983fb2":[()=>n.e(5422).then(n.bind(n,46103)),"@site/blog/2021-06-13-new.md",46103],"30ad8f72":[()=>n.e(39977).then(n.bind(n,85111)),"@site/blog/2019-10-15-generate-seccomp-profiles.md",85111],"3151d179":[()=>n.e(30433).then(n.bind(n,44055)),"@site/blog/2019-08-08-new.md?truncated=true",44055],"316e84de":[()=>n.e(59425).then(n.bind(n,38)),"@site/blog/2020-03-13-image-signing.md?truncated=true",38],"32828b2c":[()=>n.e(75950).then(n.bind(n,97786)),"@site/blog/2022-10-12-new.md?truncated=true",97786],"32b646fc":[()=>n.e(46436).then(n.bind(n,83821)),"@site/blog/2020-08-10-new.md?truncated=true",83821],"32e847b8":[()=>n.e(98498).then(n.bind(n,2209)),"@site/blog/2018-10-03-podman-remove-content-homedir.md",2209],"32f482e1":[()=>n.e(95683).then(n.bind(n,41240)),"@site/blog/2018-09-25-pulling-images-from-docker.md",41240],"330ac9fe":[()=>n.e(74713).then(n.t.bind(n,9038,19)),"~blog/default/blogs-tags-docker-page-2-c02.json",9038],"33212b4b":[()=>n.e(12021).then(n.bind(n,69003)),"@site/blog/2022-04-05-new.md",69003],"34156d76":[()=>n.e(21020).then(n.t.bind(n,69594,19)),"~blog/default/blogs-tags-pod-page-7-5a5.json",69594],"341b1c91":[()=>n.e(33698).then(n.bind(n,21636)),"@site/blog/2019-06-19-new.md",21636],"342f8f1b":[()=>n.e(76194).then(n.bind(n,81114)),"@site/blog/2020-05-13-podman-v2-update.md",81114],"346c6f31":[()=>n.e(85350).then(n.bind(n,609)),"@site/blog/2019-06-26-replace-docker-with-podman.md",609],"3488fd6c":[()=>n.e(62109).then(n.bind(n,8773)),"@site/blog/2019-12-17-podman-systemd-1-7.md?truncated=true",8773],"34f2ca0c":[()=>n.e(86781).then(n.t.bind(n,61832,19)),"~blog/default/blogs-page-26-824.json",61832],"35265ade":[()=>n.e(31626).then(n.bind(n,94854)),"@site/blog/2019-01-07-software-factory-podman.md",94854],"352fe4c2":[()=>n.e(42293).then(n.bind(n,82429)),"@site/blog/2018-10-01-talk-replace-docker-with-podman.md",82429],"35eb483f":[()=>n.e(31472).then(n.bind(n,52477)),"@site/blog/2019-01-16-podman-varlink.md?truncated=true",52477],"365269c3":[()=>n.e(24276).then(n.bind(n,71755)),"@site/blog/2019-07-29-podman-made-easy3.md?truncated=true",71755],"369767ab":[()=>n.e(42408).then(n.t.bind(n,64802,19)),"~blog/default/blogs-tags-v-2-page-10-6f9-list.json",64802],"36a4e4f0":[()=>n.e(94156).then(n.t.bind(n,97633,19)),"~blog/default/blogs-tags-hpc-page-10-d6c-list.json",97633],"36b5d89b":[()=>n.e(69538).then(n.bind(n,24735)),"@site/blog/2021-10-16-new.md",24735],"36d71838":[()=>n.e(13245).then(n.t.bind(n,88682,19)),"~blog/default/blogs-tags-cri-o-586.json",88682],"36e2d848":[()=>n.e(925).then(n.t.bind(n,24555,19)),"~blog/default/blogs-tags-kube-page-7-7f8.json",24555],"3706fe77":[()=>n.e(9140).then(n.bind(n,88297)),"@site/blog/2022-05-08-new.md?truncated=true",88297],"370de2d9":[()=>n.e(10149).then(n.t.bind(n,33526,19)),"~blog/default/blogs-tags-nfs-cf6.json",33526],"371c68ed":[()=>n.e(77752).then(n.bind(n,85426)),"@site/blog/2019-08-10-new.md?truncated=true",85426],"37963c82":[()=>n.e(19612).then(n.bind(n,47840)),"@site/blog/2020-08-02-systemd-integration-v2.md",47840],"381d9cc2":[()=>n.e(84606).then(n.bind(n,18018)),"@site/blog/2020-01-17-podman-new-api.md?truncated=true",18018],"38d8ce0a":[()=>n.e(94013).then(n.t.bind(n,78509,19)),"~blog/default/blogs-tags-podman-machine-6dc-list.json",78509],"38dc8bc1":[()=>n.e(76066).then(n.bind(n,17177)),"@site/blog/2019-06-17-mailinglist.md",17177],"38dfefea":[()=>n.e(74595).then(n.t.bind(n,34033,19)),"~blog/default/blogs-tags-kubernetes-page-6-8cf-list.json",34033],"3923cff6":[()=>n.e(82120).then(n.bind(n,18948)),"@site/blog/2019-01-14-podman-machine-and-boot2podman.md",18948],"3962ec11":[()=>n.e(28600).then(n.t.bind(n,21741,19)),"~blog/default/blogs-tags-containers-page-3-a5c-list.json",21741],"3a435e54":[()=>n.e(12658).then(n.t.bind(n,34562,19)),"~blog/default/blogs-tags-containers-page-3-a5c.json",34562],"3a836242":[()=>n.e(81758).then(n.bind(n,21259)),"@site/blog/2020-02-07-secure-containers.md?truncated=true",21259],"3a93bb9c":[()=>n.e(48509).then(n.bind(n,25958)),"@site/blog/2018-08-08-podman-alpha-v0.8.1.md?truncated=true",25958],"3ab60fbf":[()=>n.e(89110).then(n.t.bind(n,53001,19)),"~blog/default/blogs-tags-openstack-595-list.json",53001],"3ad596a9":[()=>n.e(34203).then(n.bind(n,17968)),"@site/blog/2022-10-22-new.md",17968],"3b10f148":[()=>n.e(51596).then(n.bind(n,25178)),"@site/blog/2020-09-28-devconf-ctr-tech.md",25178],"3b1282ea":[()=>n.e(60930).then(n.t.bind(n,69284,19)),"~blog/default/blogs-tags-containers-page-17-97f-list.json",69284],"3b3d7813":[()=>n.e(50786).then(n.bind(n,20453)),"@site/blog/2019-08-08-podman-images.md",20453],"3b8c55ea":[()=>n.e(83217).then(n.bind(n,89803)),"@site/docs/installation.md",89803],"3c116a82":[()=>n.e(22681).then(n.bind(n,61418)),"@site/blog/2019-06-13-new.md",61418],"3c5e5778":[()=>n.e(91993).then(n.t.bind(n,38394,19)),"~blog/default/blogs-tags-skopeo-23a-list.json",38394],"3cc8df7b":[()=>n.e(64070).then(n.t.bind(n,79949,19)),"~blog/default/blogs-tags-networking-page-8-48d.json",79949],"3d23d174":[()=>n.e(85957).then(n.bind(n,57795)),"@site/blog/2019-10-02-new.md?truncated=true",57795],"3d4ef3a7":[()=>n.e(98087).then(n.bind(n,94406)),"@site/blog/2019-05-24-podman-made-easy2.md?truncated=true",94406],"3d57ba44":[()=>n.e(67371).then(n.bind(n,50634)),"@site/blog/2021-10-16-sudo-with-rootless-podman.md",50634],"3da507b6":[()=>n.e(79526).then(n.bind(n,93758)),"@site/blog/2021-10-04-m1macs.md?truncated=true",93758],"3da98dca":[()=>n.e(7087).then(n.t.bind(n,21443,19)),"~blog/default/blogs-tags-containers-page-6-89f.json",21443],"3e12f454":[()=>n.e(10507).then(n.bind(n,6422)),"@site/blog/2022-05-09-new.md?truncated=true",6422],"3e21b64c":[()=>n.e(82344).then(n.bind(n,45420)),"@site/blog/2020-08-17-work-the-problems.md",45420],"3e264488":[()=>n.e(13261).then(n.t.bind(n,11165,19)),"~blog/default/blogs-tags-networking-page-4-c0d-list.json",11165],"3e3d3813":[()=>n.e(75884).then(n.bind(n,73051)),"@site/blog/2021-10-27-how-podman-runs-on-macs.md",73051],"3ecf99f6":[()=>n.e(50536).then(n.bind(n,47955)),"@site/blog/2020-09-02-running_windows_or_mac.md?truncated=true",47955],"3ed7e301":[()=>n.e(67060).then(n.bind(n,56815)),"@site/blog/2018-09-25-pulling-images-from-docker.md?truncated=true",56815],"3f324a56":[()=>n.e(35674).then(n.t.bind(n,24161,19)),"~blog/default/blogs-tags-api-page-9-d23-list.json",24161],"3f6be463":[()=>n.e(12368).then(n.bind(n,90312)),"@site/blog/2022-08-17-new.md?truncated=true",90312],"3fa77eb9":[()=>n.e(93716).then(n.bind(n,92116)),"@site/blog/2018-11-27-podman-exists.md",92116],"3fdf6886":[()=>n.e(28250).then(n.bind(n,60694)),"@site/blog/2020-01-30-podman-wsl.md?truncated=true",60694],"40616ef9":[()=>n.e(81229).then(n.t.bind(n,61174,19)),"~blog/default/blogs-tags-debian-3e6.json",61174],"40907c41":[()=>n.e(19186).then(n.bind(n,21757)),"@site/blog/2019-07-29-podman-made-easy3.md",21757],"40c869fc":[()=>n.e(75092).then(n.bind(n,74126)),"@site/blog/2019-10-14-docker-vs-podman-security.md",74126],"40f1cf9e":[()=>n.e(18952).then(n.bind(n,42400)),"@site/blog/2018-12-03-podman-runlabel.md",42400],"4121ff2e":[()=>n.e(85330).then(n.t.bind(n,28696,19)),"~blog/default/blogs-tags-kubernetes-page-5-f3a.json",28696],"41bc5d3f":[()=>n.e(2879).then(n.bind(n,40187)),"@site/blog/2020-03-02-building-with-podman-and-buildah.md?truncated=true",40187],"41e2cb2a":[()=>n.e(28427).then(n.bind(n,58011)),"@site/blog/2019-03-22-podman-made-easy.md",58011],42428214:[()=>n.e(57891).then(n.t.bind(n,84045,19)),"~blog/default/blogs-tags-rest-page-2-681.json",84045],"42705cec":[()=>n.e(80316).then(n.bind(n,80934)),"@site/blog/2021-05-26-new.md",80934],"42895aa9":[()=>n.e(22697).then(n.t.bind(n,13957,19)),"~blog/default/blogs-tags-kube-page-7-7f8-list.json",13957],"42d74bd0":[()=>n.e(42213).then(n.bind(n,73249)),"@site/blog/2020-08-10-podman-go-bindings.md",73249],"43947e47":[()=>n.e(35542).then(n.t.bind(n,96294,19)),"~blog/default/blogs-tags-docker-e90-list.json",96294],"456cfd32":[()=>n.e(45621).then(n.bind(n,44600)),"@site/blog/2022-02-04-new.md",44600],"457b963a":[()=>n.e(18975).then(n.t.bind(n,46632,19)),"~blog/default/blogs-tags-network-4ad.json",46632],"4593cc08":[()=>n.e(98991).then(n.bind(n,46890)),"@site/blog/2021-01-11-podman-compose.md?truncated=true",46890],"461bbd2f":[()=>n.e(42900).then(n.bind(n,41081)),"@site/blog/2020-08-31-new.md?truncated=true",41081],"462cb3ee":[()=>n.e(92901).then(n.t.bind(n,54147,19)),"~blog/default/blogs-tags-networking-page-3-be3.json",54147],"465a7087":[()=>n.e(40104).then(n.t.bind(n,33862,19)),"~blog/default/blogs-tags-docker-e90.json",33862],"46886cb0":[()=>n.e(58821).then(n.t.bind(n,90923,19)),"~blog/default/blogs-tags-syscall-672.json",90923],"46b1bedd":[()=>n.e(52277).then(n.bind(n,50297)),"@site/blog/2020-12-22-new.md?truncated=true",50297],"4741f96c":[()=>n.e(32810).then(n.t.bind(n,37251,19)),"~blog/default/blogs-tags-podman-8be-list.json",37251],"474899f0":[()=>n.e(78202).then(n.bind(n,83376)),"@site/blog/2019-10-14-2-new.md?truncated=true",83376],"47bafca7":[()=>n.e(65754).then(n.bind(n,76020)),"@site/blog/2019-12-11-understanding-root.md?truncated=true",76020],"481cb13b":[()=>n.e(61890).then(n.t.bind(n,76915,19)),"~blog/default/blogs-tags-git-lab-ff7.json",76915],"48f8f874":[()=>n.e(74517).then(n.t.bind(n,83465,19)),"~blog/default/blogs-tags-networking-page-10-7f7.json",83465],"49fd035e":[()=>n.e(63048).then(n.bind(n,17206)),"@site/blog/2021-07-01-new.md?truncated=true",17206],"4a41c9ed":[()=>n.e(67764).then(n.t.bind(n,6757,19)),"~blog/default/blogs-tags-cri-o-586-list.json",6757],"4a506fa9":[()=>n.e(36694).then(n.t.bind(n,83941,19)),"~blog/default/blogs-tags-open-source-ae7.json",83941],"4a70cc0d":[()=>n.e(56948).then(n.t.bind(n,14872,19)),"~blog/default/blogs-tags-podman-page-2-770.json",14872],"4a76d056":[()=>n.e(46734).then(n.t.bind(n,40780,19)),"~blog/default/blogs-tags-api-page-6-628.json",40780],"4ab0658f":[()=>n.e(64967).then(n.t.bind(n,91733,19)),"~blog/default/blogs-tags-debian-3e6-list.json",91733],"4ad80290":[()=>n.e(24686).then(n.bind(n,18332)),"@site/blog/2018-07-09-podman-alpha-v0.7.1.md",18332],"4aebba5d":[()=>n.e(93851).then(n.t.bind(n,92395,19)),"~blog/default/blogs-tags-pod-page-5-54f-list.json",92395],"4b04188a":[()=>n.e(44351).then(n.t.bind(n,4261,19)),"~blog/default/blogs-tags-images-f05.json",4261],"4b385260":[()=>n.e(97267).then(n.bind(n,9621)),"@site/blog/2022-10-03-debbuild.md?truncated=true",9621],"4b415865":[()=>n.e(67624).then(n.bind(n,31239)),"@site/blog/2019-07-06-ruby.md",31239],"4b535752":[()=>n.e(91550).then(n.bind(n,36755)),"@site/blog/2019-05-24-podman-made-easy2.md",36755],"4bdadcb4":[()=>n.e(60996).then(n.bind(n,7324)),"@site/blog/2021-09-03-new.md",7324],"4bf67133":[()=>n.e(60266).then(n.bind(n,49017)),"@site/blog/2021-07-02-new.md",49017],"4c5e3d0c":[()=>n.e(41026).then(n.bind(n,75724)),"@site/src/pages/getting-started/installation.tsx",75724],"4c601101":[()=>n.e(72685).then(n.bind(n,25461)),"@site/blog/2021-06-16-new.md",25461],"4c8bab11":[()=>n.e(42060).then(n.t.bind(n,80487,19)),"~blog/default/blogs-tags-windows-page-4-8b3.json",80487],"4d635c76":[()=>n.e(69164).then(n.bind(n,78149)),"@site/blog/2020-07-18-speed-up-build-with-overlayfs.md",78149],"4db9da1d":[()=>n.e(63022).then(n.t.bind(n,71204,19)),"~blog/default/blogs-tags-podman-page-3-c53-list.json",71204],"4e291c72":[()=>n.e(75601).then(n.bind(n,74210)),"@site/blog/2020-04-14-podman-systemd.md?truncated=true",74210],"4e5322cc":[()=>n.e(37998).then(n.bind(n,77784)),"@site/blog/2021-10-11-multiarch.md?truncated=true",77784],"4e6ed8f3":[()=>n.e(65533).then(n.bind(n,73516)),"@site/blog/2022-10-03-new.md?truncated=true",73516],"4e8ec2d5":[()=>n.e(61931).then(n.t.bind(n,47158,19)),"~blog/default/blogs-tags-hpc-page-5-616-list.json",47158],"4ea5776c":[()=>n.e(26824).then(n.t.bind(n,31711,19)),"~blog/default/blogs-tags-bindings-e41.json",31711],"4f3516e2":[()=>n.e(11274).then(n.bind(n,55069)),"@site/blog/2018-09-13-systemd.md?truncated=true",55069],"4f5d49a9":[()=>n.e(11930).then(n.bind(n,32330)),"@site/blog/2020-05-06-new.md",32330],"4fd18230":[()=>n.e(45403).then(n.t.bind(n,91558,19)),"~blog/default/blogs-tags-api-page-4-aba-list.json",91558],"4fdcd587":[()=>n.e(57842).then(n.t.bind(n,59887,19)),"~blog/default/blogs-tags-bpf-a59-list.json",59887],"4fe46fb7":[()=>n.e(54468).then(n.bind(n,75493)),"@site/blog/2019-11-20-new.md",75493],50610133:[()=>n.e(22092).then(n.t.bind(n,25643,19)),"~blog/default/blogs-tags-oci-page-3-7fc.json",25643],"511f43e7":[()=>n.e(84615).then(n.t.bind(n,90339,19)),"~blog/default/blogs-tags-rest-api-page-3-3fe.json",90339],"5183b70e":[()=>n.e(52916).then(n.bind(n,23184)),"@site/blog/2019-01-16-podman-varlink.md",23184],"51a6b448":[()=>n.e(28065).then(n.t.bind(n,3648,19)),"~blog/default/blogs-tags-v-2-b4e-list.json",3648],"51b3f280":[()=>n.e(47497).then(n.bind(n,19562)),"@site/blog/2019-02-21-pandb-4-users.md?truncated=true",19562],"51e252e1":[()=>n.e(54797).then(n.bind(n,32782)),"@site/blog/2019-03-18-CI3.md?truncated=true",32782],"522cb5d3":[()=>n.e(74891).then(n.bind(n,80399)),"@site/blog/2022-03-23-nvav1.0.2.md?truncated=true",80399],"526841b1":[()=>n.e(26389).then(n.t.bind(n,88352,19)),"~blog/default/blogs-tags-crun-31c.json",88352],52763308:[()=>n.e(47532).then(n.bind(n,18717)),"@site/blog/2020-12-01-new.md",18717],"52caa0fa":[()=>n.e(54495).then(n.bind(n,30267)),"@site/blog/2020-04-04-convert-docker-compose-to-pods.md?truncated=true",30267],"52d10dde":[()=>n.e(55183).then(n.t.bind(n,49230,19)),"~blog/default/blogs-page-11-289.json",49230],53094378:[()=>n.e(78861).then(n.bind(n,72665)),"@site/blog/2020-01-17-new.md?truncated=true",72665],"532cc112":[()=>n.e(87089).then(n.bind(n,16318)),"@site/blog/2020-03-03-new.md?truncated=true",16318],"53470b9e":[()=>n.e(61581).then(n.t.bind(n,25091,19)),"~blog/default/blogs-tags-v-2-page-8-4ff-list.json",25091],"535a9867":[()=>n.e(87097).then(n.t.bind(n,45252,19)),"~blog/default/blogs-tags-kube-page-2-556-list.json",45252],"53d6371d":[()=>n.e(40421).then(n.t.bind(n,57400,19)),"~blog/default/blogs-tags-hpc-page-8-18e-list.json",57400],"5457b00e":[()=>n.e(12602).then(n.bind(n,23382)),"@site/blog/2021-03-27-podman-posts-of-interests.md?truncated=true",23382],"550fad1a":[()=>n.e(78442).then(n.bind(n,22883)),"@site/blog/2019-06-19-ondemand-course.md?truncated=true",22883],"558e1c6c":[()=>n.e(81636).then(n.t.bind(n,7434,19)),"~blog/default/blogs-tags-podman-page-14-aee.json",7434],"55e4d810":[()=>n.e(6213).then(n.bind(n,63272)),"@site/blog/2019-02-07-hack-and-tools.md?truncated=true",63272],56554851:[()=>n.e(30763).then(n.t.bind(n,98209,19)),"~blog/default/blogs-tags-api-page-2-f35-list.json",98209],"5665fc6b":[()=>n.e(86019).then(n.bind(n,73044)),"@site/blog/2019-09-11-rootless-pulling.md?truncated=true",73044],"56af85b5":[()=>n.e(42774).then(n.bind(n,95060)),"@site/blog/2021-10-11-new.md",95060],"56d060ef":[()=>n.e(79110).then(n.bind(n,94593)),"@site/blog/2020-02-06-deploy-pod-on-centos.md",94593],"56d960a3":[()=>n.e(82347).then(n.bind(n,68059)),"@site/blog/2021-01-11-new.md",68059],"56e0102d":[()=>n.e(42807).then(n.bind(n,53397)),"@site/blog/2020-07-01-rest-versioning.md?truncated=true",53397],57333199:[()=>n.e(83066).then(n.bind(n,76765)),"@site/blog/2019-06-19-new.md?truncated=true",76765],"5757960c":[()=>n.e(7800).then(n.t.bind(n,87114,19)),"~blog/default/blogs-tags-ubuntu-763.json",87114],"57b59cd4":[()=>Promise.all([n.e(40532),n.e(1954),n.e(86849)]).then(n.bind(n,8039)),"@site/src/pages/community.tsx",8039],"5837c87c":[()=>n.e(62275).then(n.bind(n,7074)),"@site/blog/2021-04-02-new.md",7074],"58f46323":[()=>n.e(22394).then(n.bind(n,88721)),"@site/blog/2019-08-28-new.md?truncated=true",88721],"59476d7b":[()=>n.e(25297).then(n.bind(n,59298)),"@site/blog/2020-08-11-migrate-from-docker-compose.md?truncated=true",59298],"59c3a605":[()=>n.e(31617).then(n.t.bind(n,18941,19)),"~blog/default/blogs-tags-boot-2-podman-39b.json",18941],"59f2fdda":[()=>n.e(40613).then(n.t.bind(n,58185,19)),"~blog/default/blogs-tags-docker-compose-page-2-0bf.json",58185],"59f6952c":[()=>n.e(57793).then(n.bind(n,25696)),"@site/blog/2018-11-27-podman-exists.md?truncated=true",25696],"5a164eb5":[()=>n.e(36703).then(n.bind(n,92091)),"@site/blog/2018-07-02-podman-alpha-v0.6.4.md?truncated=true",92091],"5a44e4dd":[()=>n.e(65161).then(n.t.bind(n,42769,19)),"~blog/default/blogs-tags-api-page-7-00e.json",42769],"5a638c7a":[()=>n.e(1741).then(n.bind(n,36959)),"@site/blog/2020-04-16-podman-v2-announce.md",36959],"5a7d75ff":[()=>n.e(1358).then(n.bind(n,98879)),"@site/blog/2021-10-11-multiarch.md",98879],"5b09d46c":[()=>n.e(11697).then(n.t.bind(n,77131,19)),"~blog/default/blogs-tags-podman-page-10-c85.json",77131],"5b1b9265":[()=>n.e(89213).then(n.t.bind(n,68662,19)),"~blog/default/blogs-tags-images-page-5-7c5.json",68662],"5b1d965c":[()=>n.e(51661).then(n.t.bind(n,85455,19)),"~blog/default/blogs-tags-pod-0c7.json",85455],"5bc595e9":[()=>n.e(32440).then(n.bind(n,39065)),"@site/blog/2020-03-02-new.md",39065],"5bdb327e":[()=>n.e(48085).then(n.bind(n,3916)),"@site/blog/2020-03-31-new.md?truncated=true",3916],"5c098672":[()=>n.e(88462).then(n.bind(n,53708)),"@site/blog/2019-11-05-new.md",53708],"5c2c8950":[()=>n.e(92341).then(n.bind(n,78225)),"@site/blog/2020-07-17-additional-image-stores.md",78225],"5cf52972":[()=>n.e(52607).then(n.bind(n,46107)),"@site/blog/2021-07-01-podman-inside-kubernets.md?truncated=true",46107],"5d01a869":[()=>n.e(75623).then(n.t.bind(n,4312,19)),"~blog/default/blogs-tags-oci-page-4-477-list.json",4312],"5d47ffa8":[()=>n.e(25417).then(n.bind(n,17930)),"@site/blog/2018-07-16-podman-alpha-v0.7.2.md?truncated=true",17930],"5d8dde6e":[()=>n.e(79178).then(n.t.bind(n,30504,19)),"~blog/default/blogs-tags-centos-962-list.json",30504],"5dbe590f":[()=>n.e(45971).then(n.bind(n,38542)),"@site/blog/2020-08-21-rootless-separation-openscap.md?truncated=true",38542],"5e15c15b":[()=>n.e(22609).then(n.bind(n,26578)),"@site/blog/2020-10-17-expoloring-restful-api.md?truncated=true",26578],"5e2a7dec":[()=>n.e(79842).then(n.bind(n,40586)),"@site/blog/2019-11-12-new.md?truncated=true",40586],"5e9f5e1a":[()=>Promise.resolve().then(n.bind(n,36809)),"@generated/docusaurus.config",36809],"5eb60198":[()=>n.e(91043).then(n.bind(n,83307)),"@site/blog/2019-10-29-podman-crun-f31.md",83307],"5eb6fbed":[()=>n.e(81560).then(n.bind(n,76817)),"@site/blog/2022-02-22-new.md?truncated=true",76817],"5f002f12":[()=>n.e(45570).then(n.bind(n,48855)),"@site/blog/2021-10-27-new.md?truncated=true",48855],"5f058c77":[()=>n.e(62024).then(n.t.bind(n,37845,19)),"~blog/default/blogs-page-21-949.json",37845],"5f2498b2":[()=>n.e(80009).then(n.t.bind(n,80681,19)),"~blog/default/blogs-tags-podman-page-6-b22.json",80681],"5f3ec91d":[()=>n.e(41606).then(n.t.bind(n,53394,19)),"~blog/default/blogs-tags-hpc-page-2-804.json",53394],"5f593e60":[()=>n.e(93117).then(n.t.bind(n,99200,19)),"~blog/default/blogs-tags-windows-page-6-125.json",99200],"5f6ea5d7":[()=>n.e(37704).then(n.t.bind(n,88540,19)),"~blog/default/blogs-tags-kube-page-6-560.json",88540],"5fd3099d":[()=>n.e(79346).then(n.t.bind(n,85175,19)),"~blog/default/blogs-tags-openstack-595.json",85175],"60e1e52f":[()=>n.e(98437).then(n.bind(n,27985)),"@site/blog/2018-11-19-build_libpod-container-images.md",27985],"610c6209":[()=>n.e(83590).then(n.bind(n,51066)),"@site/blog/2021-10-04-new.md?truncated=true",51066],"611ed0af":[()=>n.e(90434).then(n.bind(n,54312)),"@site/blog/2020-05-06-new.md?truncated=true",54312],"619f4ce6":[()=>n.e(43386).then(n.bind(n,48286)),"@site/blog/2019-08-22-podman-tech-preview.md",48286],"61ac022e":[()=>n.e(86007).then(n.bind(n,69152)),"@site/blog/2019-10-23-Perona-PMM.md?truncated=true",69152],"625eab23":[()=>n.e(74570).then(n.t.bind(n,97106,19)),"~blog/default/blogs-tags-rest-page-2-681-list.json",97106],"628c5638":[()=>n.e(29969).then(n.t.bind(n,52687,19)),"~blog/default/blogs-tags-pod-page-9-5c8-list.json",52687],"62c56f8b":[()=>n.e(93502).then(n.t.bind(n,90847,19)),"~blog/default/blogs-tags-images-page-5-7c5-list.json",90847],"636ce216":[()=>n.e(26283).then(n.bind(n,38524)),"@site/blog/2019-10-28-podman-with-nfs.md",38524],"63814cb7":[()=>n.e(55817).then(n.bind(n,35938)),"@site/blog/2020-08-17-work-the-problems.md?truncated=true",35938],"63831db4":[()=>n.e(79679).then(n.t.bind(n,91762,19)),"~blog/default/blogs-tags-hpc-8e6-list.json",91762],"63c93610":[()=>n.e(8007).then(n.t.bind(n,89013,19)),"~blog/default/blogs-tags-kubernetes-58a-list.json",89013],"640423d2":[()=>n.e(38002).then(n.bind(n,65897)),"@site/blog/2018-11-01-talk-state_of_container_technologies.md?truncated=true",65897],"649093c4":[()=>n.e(45007).then(n.t.bind(n,67787,19)),"~blog/default/blogs-tags-podman-page-19-711-list.json",67787],"64b2938c":[()=>n.e(18083).then(n.t.bind(n,17842,19)),"~blog/default/blogs-tags-images-f05-list.json",17842],"6525da2f":[()=>n.e(80948).then(n.bind(n,1192)),"@site/blog/2019-08-23-podman-en-espanol.md?truncated=true",1192],"655adf18":[()=>n.e(9546).then(n.t.bind(n,35972,19)),"~blog/default/blogs-tags-pod-0c7-list.json",35972],65769068:[()=>n.e(63797).then(n.bind(n,50501)),"@site/blog/2019-10-14-2-new.md",50501],"6591a8d4":[()=>n.e(29597).then(n.t.bind(n,12257,19)),"~blog/default/blogs-tags-v-2-page-6-cf0.json",12257],"6598a7ba":[()=>n.e(8214).then(n.bind(n,4972)),"@site/blog/2019-03-18-CI3.md",4972],"659951bd":[()=>n.e(45585).then(n.t.bind(n,38346,19)),"~blog/default/blogs-tags-runtime-c7c-list.json",38346],"65a1b790":[()=>n.e(64395).then(n.t.bind(n,61021,19)),"~blog/default/blogs-tags-containers-page-17-97f.json",61021],"65d527ac":[()=>n.e(69796).then(n.bind(n,77495)),"@site/blog/2020-09-28-new.md",77495],"66766c59":[()=>n.e(56461).then(n.bind(n,55945)),"@site/blog/2019-10-02-new.md",55945],"66bc78fc":[()=>n.e(72829).then(n.t.bind(n,65102,19)),"~blog/default/blogs-tags-seccomp-c92.json",65102],"6728c7a9":[()=>n.e(19478).then(n.bind(n,32834)),"@site/blog/2020-12-01-new.md?truncated=true",32834],"672b3b49":[()=>n.e(17634).then(n.t.bind(n,76989,19)),"~blog/default/blogs-tags-compose-a24.json",76989],"673cfd93":[()=>n.e(87908).then(n.bind(n,25424)),"@site/blog/2020-07-07-repo-rename.md?truncated=true",25424],"6767fc64":[()=>n.e(54197).then(n.t.bind(n,91315,19)),"~blog/default/blogs-tags-buildah-page-3-a59.json",91315],"67a3f72d":[()=>n.e(90342).then(n.bind(n,22256)),"@site/blog/2019-10-14-1-new.md",22256],"6875c492":[()=>Promise.all([n.e(40532),n.e(50840),n.e(28490),n.e(46048),n.e(48610)]).then(n.bind(n,41714)),"@theme/BlogTagsPostsPage",41714],"687e20bc":[()=>n.e(8298).then(n.t.bind(n,71101,19)),"~blog/default/blogs-tags-docker-page-4-19d.json",71101],"692db14d":[()=>n.e(50295).then(n.bind(n,39041)),"@site/blog/2020-12-23-containers-com-podman.md?truncated=true",39041],"69fd7c0e":[()=>n.e(32663).then(n.bind(n,61964)),"@site/blog/2019-10-15-new.md?truncated=true",61964],"6a545a3d":[()=>n.e(93891).then(n.bind(n,886)),"@site/blog/2020-04-05-managing-podman-pods-with-pods-compose.md",886],"6a78568e":[()=>n.e(78361).then(n.t.bind(n,12897,19)),"~blog/default/blogs-tags-multiarch-0e4.json",12897],"6acab07e":[()=>n.e(63905).then(n.bind(n,15044)),"@site/blog/2020-01-30-new.md",15044],"6b5f3f1c":[()=>n.e(42977).then(n.bind(n,79382)),"@site/blog/2020-12-11-new.md",79382],"6b670249":[()=>n.e(21499).then(n.bind(n,45013)),"@site/blog/2020-12-09-podman-systemd-demo.md",45013],"6baa2cef":[()=>n.e(81182).then(n.t.bind(n,2031,19)),"~blog/default/blogs-tags-aardvark-dns-6c1-list.json",2031],"6bfb1f3b":[()=>n.e(88746).then(n.bind(n,27803)),"@site/blog/2019-08-23-podman-en-espanol.md",27803],"6cc9d60c":[()=>n.e(82763).then(n.t.bind(n,33995,19)),"~blog/default/blogs-tags-hpc-page-5-616.json",33995],"6cda4436":[()=>n.e(1416).then(n.t.bind(n,85573,19)),"~blog/default/blogs-tags-mac-page-3-b7f-list.json",85573],"6d0e887d":[()=>n.e(34682).then(n.bind(n,31713)),"@site/blog/2019-11-26-rootless-podman-and-nfs.md?truncated=true",31713],"6d895060":[()=>n.e(2467).then(n.bind(n,55425)),"@site/blog/2021-02-08-new.md?truncated=true",55425],"6dd1a436":[()=>n.e(52131).then(n.t.bind(n,86655,19)),"~blog/default/blogs-tags-pod-page-2-902.json",86655],"6e286be6":[()=>n.e(53303).then(n.bind(n,2218)),"@site/blog/2019-08-14-new.md",2218],"6e48d5f2":[()=>n.e(1514).then(n.bind(n,53901)),"@site/blog/2020-08-31-podman-and-kubernetes.md?truncated=true",53901],"6ed3fb3b":[()=>n.e(17104).then(n.t.bind(n,87267,19)),"~blog/default/blogs-tags-podman-page-9-72a.json",87267],"6eed3feb":[()=>n.e(20739).then(n.bind(n,12701)),"@site/blog/2020-08-21-new.md?truncated=true",12701],"6f23519e":[()=>n.e(41713).then(n.bind(n,79968)),"@site/blog/2022-04-05-ubuntu-2204-lts-kubic.md",79968],"6f717a16":[()=>n.e(43240).then(n.bind(n,11485)),"@site/blog/2020-09-30-Oct-6-Agenda.md?truncated=true",11485],"6f8faf89":[()=>n.e(2232).then(n.t.bind(n,52050,19)),"~blog/default/blogs-tags-podman-machine-6dc.json",52050],"6f94884f":[()=>n.e(58349).then(n.t.bind(n,26274,19)),"~blog/default/blogs-tags-oci-page-2-af1.json",26274],"6ff39321":[()=>n.e(58805).then(n.t.bind(n,39385,19)),"~blog/default/blogs-tags-buildah-page-4-25b.json",39385],"70365baa":[()=>n.e(4336).then(n.bind(n,47277)),"@site/blog/2020-12-01-short-container-names.md?truncated=true",47277],"7040ea16":[()=>n.e(24920).then(n.bind(n,43557)),"@site/blog/2020-08-31-podman-and-kubernetes.md",43557],"708daa68":[()=>n.e(46779).then(n.t.bind(n,79132,19)),"~blog/default/blogs-tags-tags-39a.json",79132],"70c58991":[()=>n.e(63410).then(n.t.bind(n,83581,19)),"~blog/default/blogs-tags-kube-page-4-c8d-list.json",83581],"70de5b5f":[()=>n.e(32942).then(n.t.bind(n,58654,19)),"~blog/default/blogs-tags-podman-page-16-d90.json",58654],"70ea087d":[()=>n.e(37739).then(n.t.bind(n,79610,19)),"~blog/default/blogs-tags-netavark-299.json",79610],"714a0345":[()=>n.e(35119).then(n.bind(n,21764)),"@site/blog/2018-09-13-systemd.md",21764],"71f012fd":[()=>n.e(14050).then(n.bind(n,73183)),"@site/blog/2022-11-11-nvav1.3.md?truncated=true",73183],"7259f1b1":[()=>n.e(40791).then(n.t.bind(n,13470,19)),"~blog/default/blogs-tags-kubernetes-page-7-4c8.json",13470],"7283e440":[()=>n.e(60017).then(n.bind(n,9382)),"@site/blog/2022-09-28-updated-1.2.0.md?truncated=true",9382],"72cc6d1e":[()=>n.e(48772).then(n.bind(n,56007)),"@site/blog/2019-12-11-understanding-root.md",56007],"7313540a":[()=>n.e(56427).then(n.t.bind(n,93890,19)),"~blog/default/blogs-tags-v-2-page-8-4ff.json",93890],"7350c59a":[()=>n.e(97722).then(n.bind(n,49448)),"@site/blog/2020-09-30-new.md",49448],"7371e1a3":[()=>n.e(12865).then(n.bind(n,65867)),"@site/blog/2018-10-07-tripleo-upgrade.md",65867],"7379db51":[()=>n.e(39781).then(n.t.bind(n,87574,19)),"~blog/default/blogs-tags-podman-page-10-c85-list.json",87574],"737abd23":[()=>n.e(96979).then(n.bind(n,31060)),"@site/blog/2020-08-02-new.md",31060],"73c0098d":[()=>n.e(77802).then(n.bind(n,3665)),"@site/blog/2019-11-07-new.md",3665],"7430a490":[()=>n.e(46878).then(n.bind(n,69826)),"@site/blog/2021-01-11-new.md?truncated=true",69826],"74376b51":[()=>n.e(81960).then(n.bind(n,2857)),"@site/blog/2020-01-15-bioinformatics-with-rootless-podman.md",2857],"7455c1f8":[()=>n.e(50682).then(n.t.bind(n,32307,19)),"~blog/default/blogs-tags-rails-a57-list.json",32307],"747c87af":[()=>n.e(56454).then(n.bind(n,11284)),"@site/blog/2019-03-16-podman-install.md?truncated=true",11284],"74b3ebbb":[()=>n.e(64411).then(n.bind(n,25685)),"@site/blog/2020-02-07-secure-containers.md",25685],"752e02a7":[()=>n.e(64247).then(n.bind(n,93180)),"@site/blog/2020-09-18-multi-blog-posts.md",93180],"7566cda2":[()=>n.e(77503).then(n.t.bind(n,24657,19)),"~blog/default/blogs-tags-crun-31c-list.json",24657],"759f5d40":[()=>n.e(32809).then(n.t.bind(n,80401,19)),"~blog/default/blogs-tags-test-339.json",80401],"75fb7ff2":[()=>n.e(65839).then(n.bind(n,97735)),"@site/blog/2019-08-08-podman-images.md?truncated=true",97735],76752974:[()=>n.e(44164).then(n.bind(n,53908)),"@site/blog/2018-10-05-tripleo-systemd.md?truncated=true",53908],"7675a0fe":[()=>n.e(91709).then(n.bind(n,90605)),"@site/blog/2020-07-18-new.md",90605],"770d309f":[()=>n.e(57523).then(n.bind(n,74095)),"@site/blog/2021-01-26-new.md?truncated=true",74095],"7720bb24":[()=>n.e(19096).then(n.bind(n,66188)),"@site/blog/2022-10-03-debbuild.md",66188],"7792adb1":[()=>n.e(57456).then(n.t.bind(n,5924,19)),"~blog/default/blogs-tags-rest-api-160.json",5924],"77a3d39e":[()=>n.e(5481).then(n.t.bind(n,28585,19)),"~blog/default/blogs-tags-podman-page-7-5fe.json",28585],"77ff8c5f":[()=>n.e(24930).then(n.bind(n,94621)),"@site/blog/2019-05-18-micro-dnf.md",94621],"7820f9d0":[()=>n.e(41863).then(n.bind(n,25118)),"@site/blog/2021-06-16-new.md?truncated=true",25118],"783edba4":[()=>n.e(65540).then(n.t.bind(n,49088,19)),"~blog/default/blogs-tags-github-page-2-fd2-list.json",49088],"78aa31c9":[()=>n.e(69047).then(n.t.bind(n,94707,19)),"~blog/default/blogs-tags-v-2-page-5-ddb-list.json",94707],"78dce1fd":[()=>n.e(74556).then(n.t.bind(n,41924,19)),"~blog/default/blogs-tags-containers-page-4-7a6.json",41924],"78e0e367":[()=>n.e(73860).then(n.bind(n,85101)),"@site/blog/2020-08-24-new.md",85101],"78e22a47":[()=>n.e(1488).then(n.bind(n,25927)),"@site/blog/2021-09-06-new.md",25927],"795f3bdb":[()=>n.e(109).then(n.t.bind(n,12280,19)),"~blog/default/blogs-tags-podman-page-13-e0f-list.json",12280],"799df3c7":[()=>Promise.all([n.e(1954),n.e(68584),n.e(93185)]).then(n.bind(n,56586)),"@site/src/pages/features.tsx",56586],"79c12c19":[()=>n.e(65637).then(n.bind(n,67259)),"@site/blog/2020-07-17-additional-image-stores.md?truncated=true",67259],"79f1cb63":[()=>n.e(54779).then(n.bind(n,63177)),"@site/blog/2019-09-26-podman-in-hpc.md?truncated=true",63177],"7a3cbbc1":[()=>n.e(52642).then(n.t.bind(n,13977,19)),"~blog/default/blogs-tags-python-781.json",13977],"7a4d057f":[()=>n.e(32077).then(n.t.bind(n,89089,19)),"~blog/default/blogs-tags-api-page-7-00e-list.json",89089],"7a52780b":[()=>n.e(29106).then(n.bind(n,21497)),"@site/blog/2020-08-10-podman-go-bindings.md?truncated=true",21497],"7aa5df64":[()=>n.e(11180).then(n.t.bind(n,15295,19)),"~blog/default/blogs-tags-podman-page-14-aee-list.json",15295],"7ab81c4a":[()=>n.e(97964).then(n.bind(n,98733)),"@site/docs/documentation.md",98733],"7ac0181b":[()=>n.e(35174).then(n.bind(n,96814)),"@site/blog/2020-08-02-systemd-integration-v2.md?truncated=true",96814],"7ac58bfb":[()=>n.e(27510).then(n.bind(n,45848)),"@site/blog/2019-11-13-lease-routable-ip-addrs.md?truncated=true",45848],"7ae58247":[()=>n.e(81747).then(n.bind(n,80129)),"@site/blog/2018-12-12-podman-alpha-v0.12.1.1.md",80129],"7bbfc3b6":[()=>n.e(5166).then(n.t.bind(n,77587,19)),"~blog/default/blogs-tags-hpc-page-9-2ec-list.json",77587],"7bff08c9":[()=>n.e(99734).then(n.t.bind(n,76822,19)),"~blog/default/blogs-tags-podman-page-15-116.json",76822],"7c224e35":[()=>n.e(43567).then(n.t.bind(n,48602,19)),"~blog/default/blogs-page-23-3f4.json",48602],"7c404f02":[()=>n.e(34998).then(n.bind(n,11463)),"@site/blog/2019-01-15-podman-pods.md?truncated=true",11463],"7c409bae":[()=>n.e(96813).then(n.bind(n,8664)),"@site/blog/2018-10-31-podman-buildah-relationship.md?truncated=true",8664],"7c5fdb97":[()=>n.e(82478).then(n.bind(n,19242)),"@site/blog/2019-10-29-podman-crun-f31.md?truncated=true",19242],"7d1e7a7c":[()=>n.e(68418).then(n.bind(n,37518)),"@site/blog/2019-08-22-new.md?truncated=true",37518],"7d2009bc":[()=>n.e(47618).then(n.t.bind(n,97891,19)),"~blog/default/blogs-tags-pod-page-8-67c.json",97891],"7e337a56":[()=>n.e(9769).then(n.t.bind(n,6194,19)),"~blog/default/blogs-tags-mac-page-6-4a9-list.json",6194],"7f1215b4":[()=>n.e(79777).then(n.bind(n,35540)),"@site/blog/2018-10-07-tripleo-upgrade.md?truncated=true",35540],"7f5a4972":[()=>n.e(55444).then(n.t.bind(n,51036,19)),"~blog/default/blogs-tags-containers-page-9-b2b.json",51036],"7f7d57e5":[()=>n.e(91075).then(n.t.bind(n,63396,19)),"~blog/default/blogs-tags-podman-page-11-25b-list.json",63396],"7f9606e9":[()=>n.e(97912).then(n.bind(n,66514)),"@site/blog/2022-02-04-new.md?truncated=true",66514],"7fb7e253":[()=>n.e(97006).then(n.bind(n,30543)),"@site/blog/2019-04-01-podman-crosswords.md?truncated=true",30543],"803e3a4a":[()=>n.e(64891).then(n.bind(n,90127)),"@site/blog/2018-07-02-podman-alpha-v0.6.4.md",90127],"80a8b741":[()=>n.e(36555).then(n.bind(n,39583)),"@site/blog/2019-01-07-software-factory-podman.md?truncated=true",39583],"813b8b2b":[()=>n.e(86997).then(n.bind(n,70973)),"@site/blog/2022-10-12-podman-posts-of-interests.md",70973],"814f3328":[()=>n.e(52535).then(n.t.bind(n,45641,19)),"~blog/default/blog-post-list-prop-default.json",45641],"826a4450":[()=>n.e(87413).then(n.bind(n,16258)),"@site/blog/2022-12-07-new.md?truncated=true",16258],"826eb956":[()=>n.e(15316).then(n.t.bind(n,20305,19)),"~blog/default/blogs-tags-ebpf-d85-list.json",20305],"830fd0bf":[()=>n.e(74107).then(n.bind(n,50122)),"@site/blog/2020-04-05-new.md?truncated=true",50122],"833dfbe2":[()=>n.e(24269).then(n.t.bind(n,32188,19)),"~blog/default/blogs-tags-hpc-page-9-2ec.json",32188],"836ce71c":[()=>n.e(34093).then(n.t.bind(n,22969,19)),"~blog/default/blogs-tags-podman-page-7-5fe-list.json",22969],"83ce496e":[()=>n.e(36516).then(n.bind(n,25365)),"@site/blog/2020-08-21-rootless-separation-openscap.md",25365],"83e792f1":[()=>n.e(96075).then(n.bind(n,68822)),"@site/blog/2019-10-31-new.md",68822],"84090fe9":[()=>n.e(67581).then(n.t.bind(n,42007,19)),"~blog/default/blogs-tags-buildah-page-2-ce5-list.json",42007],84261676:[()=>n.e(9784).then(n.t.bind(n,94202,19)),"~blog/default/blogs-tags-podman-page-18-21d-list.json",94202],"843d5c9d":[()=>n.e(86983).then(n.t.bind(n,41979,19)),"~blog/default/blogs-tags-podman-page-3-c53.json",41979],"84e59631":[()=>n.e(18543).then(n.bind(n,47380)),"@site/blog/2020-04-16-new.md?truncated=true",47380],"8616380d":[()=>n.e(42936).then(n.bind(n,68941)),"@site/blog/2022-03-06-new.md?truncated=true",68941],"868b8e17":[()=>n.e(20686).then(n.t.bind(n,66511,19)),"~blog/default/blogs-tags-kube-page-5-5ba-list.json",66511],"8765036c":[()=>n.e(63376).then(n.bind(n,24506)),"@site/blog/2020-04-05-managing-podman-pods-with-pods-compose.md?truncated=true",24506],"879b8a59":[()=>n.e(15062).then(n.t.bind(n,50367,19)),"~blog/default/blogs-tags-kube-page-3-9b4.json",50367],"8834a8f4":[()=>n.e(28492).then(n.bind(n,97089)),"@site/blog/2022-09-28-updated-1.2.0.md",97089],"8855d2b7":[()=>n.e(80517).then(n.bind(n,83147)),"@site/blog/2020-08-01-new.md",83147],"88746a45":[()=>n.e(46442).then(n.t.bind(n,86014,19)),"~blog/default/blogs-tags-api-2a7-list.json",86014],"8887a228":[()=>n.e(37503).then(n.bind(n,23221)),"@site/blog/2020-09-18-multi-blog-posts.md?truncated=true",23221],"88d474ce":[()=>n.e(92130).then(n.bind(n,30341)),"@site/blog/2021-01-23-podman-posts-of-interests.md",30341],"88dfd727":[()=>n.e(3694).then(n.bind(n,33514)),"@site/blog/2020-03-31-build-pull-options.md?truncated=true",33514],"890438e0":[()=>n.e(77340).then(n.bind(n,30879)),"@site/blog/2019-04-16-cinc.md",30879],"8917ad4d":[()=>n.e(7786).then(n.bind(n,82400)),"@site/blog/2019-07-29-new.md",82400],89779929:[()=>n.e(84288).then(n.t.bind(n,38668,19)),"~blog/default/blogs-tags-buildah-0f1-list.json",38668],"89f437f7":[()=>n.e(58695).then(n.bind(n,9881)),"@site/blog/2020-12-11-new.md?truncated=true",9881],"8a2021db":[()=>n.e(89535).then(n.bind(n,7979)),"@site/blog/2019-11-13-new.md?truncated=true",7979],"8a3cf0bc":[()=>n.e(83060).then(n.t.bind(n,8236,19)),"~blog/default/blogs-tags-network-4ad-list.json",8236],"8a5c65cb":[()=>n.e(21054).then(n.t.bind(n,6215,19)),"~blog/default/blogs-tags-hpc-page-10-d6c.json",6215],"8a69729c":[()=>n.e(85989).then(n.bind(n,84685)),"@site/blog/2021-10-04-m1macs.md",84685],"8a703bd1":[()=>n.e(59825).then(n.t.bind(n,7650,19)),"~blog/default/blogs-tags-kubic-3ad.json",7650],"8a72ccb4":[()=>n.e(49277).then(n.t.bind(n,33530,19)),"~blog/default/blogs-tags-centos-962.json",33530],"8a77ded3":[()=>n.e(27495).then(n.t.bind(n,96824,19)),"~blog/default/blogs-tags-aardvark-dns-6c1.json",96824],"8a8987ef":[()=>n.e(16992).then(n.t.bind(n,31887,19)),"~blog/default/blogs-tags-runtime-c7c.json",31887],"8c335d31":[()=>n.e(30868).then(n.t.bind(n,96491,19)),"~blog/default/blogs-tags-networking-74c-list.json",96491],"8ccefe70":[()=>n.e(70527).then(n.bind(n,60314)),"@site/blog/2021-01-26-docker-compose-to-podman.md?truncated=true",60314],"8cd80816":[()=>n.e(77078).then(n.bind(n,52557)),"@site/blog/2020-11-13-gitlab-runner-and-podman.md?truncated=true",52557],"8d2190cc":[()=>n.e(70198).then(n.t.bind(n,14261,19)),"~blog/default/blogs-tags-v-2-page-2-304-list.json",14261],"8d265025":[()=>n.e(10654).then(n.bind(n,26884)),"@site/blog/2019-10-29-new.md",26884],"8d66cedd":[()=>n.e(94235).then(n.t.bind(n,51583,19)),"~blog/default/blogs-tags-hpc-page-4-d91.json",51583],"8dcf93dc":[()=>n.e(8934).then(n.t.bind(n,50237,19)),"~blog/default/blogs-tags-networking-page-2-2f5-list.json",50237],"8dd461fc":[()=>n.e(9621).then(n.bind(n,77918)),"@site/blog/2019-05-18-micro-dnf.md?truncated=true",77918],"8e3c5f08":[()=>n.e(46348).then(n.t.bind(n,31493,19)),"~blog/default/blogs-tags-hpc-page-2-804-list.json",31493],"8e9960dc":[()=>n.e(19509).then(n.t.bind(n,82788,19)),"~blog/default/blogs-tags-podman-page-8-957-list.json",82788],"8ec6e829":[()=>n.e(46651).then(n.bind(n,77527)),"@site/blog/2019-01-14-podman-machine-and-boot2podman.md?truncated=true",77527],"8ee976c2":[()=>n.e(73746).then(n.bind(n,21761)),"@site/blog/2019-08-10-podman-ibm-developer.md",21761],"8f0d52a3":[()=>n.e(77814).then(n.bind(n,70439)),"@site/blog/2022-06-08-new.md",70439],"8f876d16":[()=>n.e(46203).then(n.t.bind(n,28138,19)),"~blog/default/blogs-tags-linux-f88-list.json",28138],"8fd272bb":[()=>n.e(32699).then(n.bind(n,79909)),"@site/blog/2020-09-18-new.md?truncated=true",79909],90609308:[()=>n.e(15921).then(n.t.bind(n,62435,19)),"~blog/default/blogs-tags-video-20e.json",62435],"90925eb7":[()=>n.e(13634).then(n.t.bind(n,92542,19)),"~blog/default/blogs-tags-windows-page-5-afe.json",92542],"90e47a5b":[()=>n.e(15574).then(n.bind(n,32858)),"@site/blog/2019-08-23-new.md?truncated=true",32858],"90e6bfa4":[()=>n.e(41021).then(n.t.bind(n,32268,19)),"~blog/default/blogs-tags-podman-page-15-116-list.json",32268],"9107ea31":[()=>n.e(82329).then(n.t.bind(n,7011,19)),"~blog/default/blogs-tags-containers-page-7-c7e-list.json",7011],"912ede02":[()=>n.e(83184).then(n.bind(n,51751)),"@site/blog/2022-03-23-nvav1.0.2.md",51751],"913247ec":[()=>n.e(34970).then(n.t.bind(n,95579,19)),"~blog/default/blogs-tags-windows-page-3-e3e.json",95579],91524627:[()=>n.e(39945).then(n.t.bind(n,42597,19)),"~blog/default/blogs-tags-kubernetes-page-5-f3a-list.json",42597],"915a4fec":[()=>n.e(15651).then(n.bind(n,8189)),"@site/blog/2020-08-01-new.md?truncated=true",8189],91958274:[()=>n.e(55374).then(n.t.bind(n,15166,19)),"~blog/default/blogs-tags-python-781-list.json",15166],"91d2db81":[()=>n.e(29753).then(n.bind(n,29581)),"@site/blog/2021-01-15-managing-pods.md",29581],"91d6c0c4":[()=>n.e(77552).then(n.bind(n,4039)),"@site/blog/2020-12-14-new.md?truncated=true",4039],"92054cc8":[()=>n.e(51232).then(n.t.bind(n,42142,19)),"~blog/default/blogs-tags-varlink-245.json",42142],"92103f47":[()=>n.e(32263).then(n.bind(n,19368)),"@site/blog/2020-12-23-new.md?truncated=true",19368],"92228e60":[()=>n.e(58494).then(n.t.bind(n,50522,19)),"~blog/default/blogs-tags-buildah-page-3-a59-list.json",50522],"92b86d63":[()=>n.e(18746).then(n.bind(n,17627)),"@site/blog/2020-01-30-podman-wsl.md",17627],"92e7b68f":[()=>n.e(21511).then(n.t.bind(n,59090,19)),"~blog/default/blogs-tags-kubernetes-page-2-3a1-list.json",59090],"935f2afb":[()=>n.e(80053).then(n.t.bind(n,1109,19)),"~docs/default/version-current-metadata-prop-751.json",1109],"93946e0a":[()=>n.e(95719).then(n.t.bind(n,72490,19)),"~blog/default/blogs-tags-containers-page-9-b2b-list.json",72490],"93996e09":[()=>n.e(33313).then(n.bind(n,43589)),"@site/blog/2020-04-17-new.md",43589],"93ecf9d2":[()=>n.e(50154).then(n.t.bind(n,74142,19)),"~blog/default/blogs-tags-v-2-page-3-c4c.json",74142],"93f2b152":[()=>n.e(44689).then(n.bind(n,86404)),"@site/blog/2021-05-26-podman-3-compose.md",86404],"9482ce64":[()=>n.e(7703).then(n.bind(n,73716)),"@site/blog/2020-04-04-convert-docker-compose-to-pods.md",73716],"949f9e5c":[()=>n.e(21022).then(n.bind(n,49350)),"@site/blog/2018-11-01-talk-state_of_container_technologies.md",49350],"94dc7cfd":[()=>n.e(1087).then(n.t.bind(n,98664,19)),"~blog/default/blogs-tags-containers-page-11-514-list.json",98664],"952453f2":[()=>n.e(42908).then(n.bind(n,62697)),"@site/blog/2019-10-02-container-networking.md",62697],"95446c39":[()=>n.e(64748).then(n.t.bind(n,70610,19)),"~blog/default/blogs-tags-github-b6b-list.json",70610],"9564d070":[()=>n.e(18789).then(n.bind(n,86643)),"@site/blog/2018-07-09-podman-alpha-v0.7.1.md?truncated=true",86643],"95b4e82b":[()=>n.e(86392).then(n.bind(n,24038)),"@site/blog/2021-03-02-podman-support-for-older-distros.md?truncated=true",24038],"969fec62":[()=>n.e(41298).then(n.bind(n,59445)),"@site/blog/2020-01-22-blog-posts.md?truncated=true",59445],"9790f6d3":[()=>n.e(11426).then(n.t.bind(n,83921,19)),"~blog/default/blogs-tags-rootless-649.json",83921],"97ad7d7c":[()=>n.e(39103).then(n.bind(n,42802)),"@site/blog/2018-07-16-podman-alpha-v0.7.2.md",42802],"97bdec26":[()=>n.e(98659).then(n.bind(n,81149)),"@site/blog/2022-02-04-network-usage.md",81149],"98a7b080":[()=>n.e(94977).then(n.bind(n,71099)),"@site/blog/2021-01-15-new.md?truncated=true",71099],"98fbcf17":[()=>n.e(7069).then(n.bind(n,42875)),"@site/blog/2019-04-22-health.md",42875],"9919686c":[()=>n.e(38153).then(n.bind(n,79368)),"@site/blog/2021-01-11-podman-compose.md",79368],"991a0614":[()=>n.e(52961).then(n.bind(n,88821)),"@site/blog/2019-11-07-basic-security-principles.md",88821],"993aa953":[()=>n.e(7695).then(n.bind(n,11146)),"@site/blog/2020-04-14-podman-systemd.md",11146],"995dbe35":[()=>n.e(15709).then(n.t.bind(n,39585,19)),"~blog/default/blogs-tags-oci-page-5-268.json",39585],"9983579e":[()=>n.e(48100).then(n.t.bind(n,89853,19)),"~blog/default/blogs-tags-networking-page-5-36e-list.json",89853],"99dc4662":[()=>n.e(33514).then(n.bind(n,82159)),"@site/blog/2018-10-31-podman-buildah-relationship.md",82159],"9a147845":[()=>n.e(90647).then(n.bind(n,59010)),"@site/blog/2021-02-08-easy-development-dependency-management-with-podman-and-tent.md",59010],"9a3d5681":[()=>n.e(22498).then(n.t.bind(n,3467,19)),"~blog/default/blogs-tags-oci-page-3-7fc-list.json",3467],"9a544e45":[()=>n.e(66232).then(n.t.bind(n,88776,19)),"~blog/default/blogs-tags-oci-page-5-268-list.json",88776],"9ab9d50f":[()=>n.e(42957).then(n.t.bind(n,4337,19)),"~blog/default/blogs-tags-v-2-b4e.json",4337],"9abfca86":[()=>n.e(68959).then(n.bind(n,60327)),"@site/blog/2020-10-17-new.md",60327],"9b14b78f":[()=>n.e(27071).then(n.t.bind(n,53890,19)),"~blog/default/blogs-tags-rest-page-3-047-list.json",53890],"9b6133b9":[()=>n.e(95647).then(n.bind(n,39952)),"@site/blog/2020-04-04-new.md?truncated=true",39952],"9b9ccd3e":[()=>n.e(98807).then(n.t.bind(n,39417,19)),"~blog/default/blogs-tags-bioinformatics-0ae-list.json",39417],"9bc8facc":[()=>n.e(37861).then(n.bind(n,25042)),"@site/blog/2021-09-06-new.md?truncated=true",25042],"9c8e56d0":[()=>n.e(47611).then(n.t.bind(n,88417,19)),"~blog/default/blogs-tags-docker-page-4-19d-list.json",88417],"9c92bc77":[()=>n.e(62543).then(n.t.bind(n,97,19)),"~blog/default/blogs-tags-containers-page-12-772.json",97],"9cc26b9a":[()=>n.e(2271).then(n.bind(n,5693)),"@site/blog/2019-06-17-new.md",5693],"9cdc8175":[()=>n.e(24349).then(n.bind(n,84306)),"@site/blog/2020-11-13-gitlab-runner-and-podman.md",84306],"9ceb8545":[()=>n.e(89243).then(n.t.bind(n,55773,19)),"~blog/default/blogs-tags-mac-page-3-b7f.json",55773],"9d708593":[()=>n.e(34771).then(n.bind(n,91482)),"@site/blog/2019-09-11-new.md",91482],"9d79cf0f":[()=>n.e(62693).then(n.t.bind(n,7488,19)),"~blog/default/blogs-tags-open-source-ae7-list.json",7488],"9e4087bc":[()=>n.e(53608).then(n.bind(n,63169)),"@theme/BlogArchivePage",63169],"9e8974f2":[()=>n.e(86478).then(n.bind(n,28818)),"@site/blog/2021-05-04-star-wars-in-podman.md?truncated=true",28818],"9ec43235":[()=>n.e(83856).then(n.t.bind(n,86461,19)),"~blog/default/blogs-tags-buildah-page-4-25b-list.json",86461],"9f2791cf":[()=>n.e(64600).then(n.bind(n,45387)),"@site/blog/2019-11-26-new.md?truncated=true",45387],"9f5a94da":[()=>n.e(92180).then(n.bind(n,57783)),"@site/blog/2019-06-13-new.md?truncated=true",57783],"9f833be8":[()=>n.e(6740).then(n.t.bind(n,7687,19)),"~blog/default/blogs-tags-containers-page-18-e4b.json",7687],a05ad5a3:[()=>n.e(83532).then(n.bind(n,32795)),"@site/blog/2020-12-09-new.md",32795],a0e6b5c2:[()=>n.e(12066).then(n.t.bind(n,83769,19)),"/home/runner/work/podman.io/podman.io/.docusaurus/docusaurus-plugin-content-docs/default/plugin-route-context-module-100.json",83769],a1963bff:[()=>n.e(11938).then(n.bind(n,32943)),"@site/blog/2022-03-15-new.md",32943],a1fbca1b:[()=>n.e(78606).then(n.bind(n,97650)),"@site/blog/2021-10-27-new.md",97650],a22ed5e4:[()=>n.e(96688).then(n.t.bind(n,51966,19)),"~blog/default/blogs-page-20-bb0.json",51966],a32b9391:[()=>n.e(85872).then(n.bind(n,71676)),"@site/blog/2019-11-07-new.md?truncated=true",71676],a3937ff1:[()=>n.e(72868).then(n.t.bind(n,7291,19)),"~blog/default/blogs-page-22-b70.json",7291],a3ee450e:[()=>n.e(58886).then(n.t.bind(n,37684,19)),"~blog/default/blogs-tags-security-28a-list.json",37684],a4ae065a:[()=>n.e(50734).then(n.t.bind(n,21325,19)),"~blog/default/blogs-tags-api-page-4-aba.json",21325],a4c05209:[()=>n.e(10554).then(n.t.bind(n,27772,19)),"~blog/default/blogs-tags-pod-page-3-69d.json",27772],a4cf8478:[()=>n.e(15729).then(n.t.bind(n,85874,19)),"~blog/default/blogs-tags-docker-compose-page-2-0bf-list.json",85874],a4d3bfdf:[()=>n.e(7741).then(n.t.bind(n,89319,19)),"~blog/default/blogs-tags-windows-page-3-e3e-list.json",89319],a4e49971:[()=>n.e(33019).then(n.bind(n,98005)),"@site/blog/2020-10-17-expoloring-restful-api.md",98005],a4f23293:[()=>n.e(22502).then(n.bind(n,1424)),"@site/blog/2022-03-15-podman4.0.2brew.md?truncated=true",1424],a500dec7:[()=>n.e(2466).then(n.t.bind(n,46641,19)),"~blog/default/blogs-tags-docker-page-3-d54-list.json",46641],a530b0d2:[()=>n.e(66377).then(n.bind(n,48123)),"@site/blog/2019-10-14-docker-vs-podman-security.md?truncated=true",48123],a59e0362:[()=>n.e(66342).then(n.t.bind(n,70681,19)),"~blog/default/blogs-tags-containers-page-7-c7e.json",70681],a5b4528c:[()=>n.e(58581).then(n.bind(n,68569)),"@site/blog/2019-10-14-1-new.md?truncated=true",68569],a6016a7e:[()=>n.e(11618).then(n.bind(n,5343)),"@site/blog/2018-11-19-build_libpod-container-images.md?truncated=true",5343],a618be25:[()=>n.e(90673).then(n.bind(n,11956)),"@site/blog/2020-08-13-walk-through.md",11956],a6195e9a:[()=>n.e(7392).then(n.t.bind(n,60821,19)),"~blog/default/blogs-tags-networking-page-7-16a.json",60821],a6aa9e1f:[()=>Promise.all([n.e(40532),n.e(50840),n.e(28490),n.e(46048),n.e(93089)]).then(n.bind(n,80046)),"@theme/BlogListPage",80046],a6b4f274:[()=>n.e(83827).then(n.t.bind(n,90647,19)),"~blog/default/blogs-tags-networking-page-10-7f7-list.json",90647],a70d2e82:[()=>n.e(46406).then(n.bind(n,91354)),"@site/blog/2019-04-01-podman-crosswords.md",91354],a73e6386:[()=>n.e(28294).then(n.t.bind(n,64830,19)),"~blog/default/blogs-tags-kubernetes-page-3-36b-list.json",64830],a793e2e1:[()=>n.e(94176).then(n.t.bind(n,88370,19)),"~blog/default/blogs-tags-images-page-3-5fb.json",88370],a89101e8:[()=>n.e(89120).then(n.bind(n,1939)),"@site/blog/2022-06-08-podman-on-windows.md?truncated=true",1939],a90d1c60:[()=>n.e(67431).then(n.bind(n,3833)),"@site/blog/2022-03-15-podman4.0.2brew.md",3833],a94ee45d:[()=>n.e(13072).then(n.t.bind(n,24512,19)),"~blog/default/blogs-page-12-483.json",24512],a9af3507:[()=>n.e(21411).then(n.bind(n,55741)),"@site/blog/2022-11-11-nvav1.3.md",55741],a9e69a82:[()=>n.e(60608).then(n.bind(n,63759)),"@site/blog/2021-06-13-new.md?truncated=true",63759],aa9d4f22:[()=>n.e(36777).then(n.bind(n,53893)),"@site/blog/2020-01-15-new.md",53893],aab4c406:[()=>n.e(81084).then(n.t.bind(n,54282,19)),"~blog/default/blogs-tags-video-20e-list.json",54282],aab66baf:[()=>n.e(91577).then(n.t.bind(n,95936,19)),"~blog/default/blogs-tags-containers-page-2-ad9-list.json",95936],ab131112:[()=>n.e(18503).then(n.t.bind(n,80045,19)),"~blog/default/blogs-tags-containers-page-12-772-list.json",80045],ab8424a6:[()=>n.e(62876).then(n.bind(n,59066)),"@site/blog/2018-08-20-podman-alpha-v0.8.3.md?truncated=true",59066],ab9a051c:[()=>n.e(74296).then(n.bind(n,41435)),"@site/blog/2019-06-13-podman-cheatsheet.md?truncated=true",41435],ac1eaa32:[()=>n.e(46762).then(n.bind(n,6352)),"@site/blog/2020-04-16-podman-v2-announce.md?truncated=true",6352],ac3a39d8:[()=>n.e(64822).then(n.bind(n,15616)),"@site/blog/2020-04-14-new.md",15616],acc03d12:[()=>n.e(20898).then(n.bind(n,65287)),"@site/blog/2020-12-22-behind-container-images.md?truncated=true",65287],ad8204b4:[()=>n.e(7383).then(n.bind(n,30971)),"@site/blog/2021-10-28-build-kubernetes-pods-with-podman-play-kube.md",30971],ad85b1ef:[()=>n.e(8338).then(n.t.bind(n,42488,19)),"~blog/default/blogs-tags-compose-a24-list.json",42488],ad8e7dcc:[()=>n.e(64838).then(n.t.bind(n,98749,19)),"~blog/default/blogs-tags-mac-page-2-342-list.json",98749],ad9bab9a:[()=>n.e(9093).then(n.bind(n,90091)),"@site/blog/2020-07-01-rest-versioning.md",90091],adcbe9eb:[()=>n.e(67826).then(n.bind(n,68163)),"@site/blog/2019-11-05-new.md?truncated=true",68163],ae5766d7:[()=>n.e(54549).then(n.t.bind(n,59267,19)),"~blog/default/blogs-tags-buildah-page-5-b89.json",59267],aeaca7a3:[()=>n.e(55713).then(n.bind(n,60900)),"@site/blog/2021-03-27-new.md?truncated=true",60900],af1a53b7:[()=>n.e(98752).then(n.bind(n,92302)),"@site/blog/2019-07-06-ruby.md?truncated=true",92302],af61538a:[()=>n.e(18348).then(n.t.bind(n,73945,19)),"~blog/default/blogs-page-10-2d2.json",73945],afacbea5:[()=>n.e(97562).then(n.bind(n,42908)),"@site/blog/2020-08-31-new.md",42908],b00a96e0:[()=>n.e(25561).then(n.t.bind(n,64174,19)),"~blog/default/blogs-tags-kube-03a.json",64174],b02de59a:[()=>n.e(24464).then(n.bind(n,4085)),"@site/blog/2020-08-01-deprecate-and-remove-varlink-notice.md?truncated=true",4085],b066410d:[()=>n.e(12712).then(n.bind(n,24738)),"@site/blog/2018-06-04-podman-alpha-v0.6.1.md",24738],b0851ee2:[()=>n.e(39652).then(n.t.bind(n,16052,19)),"~blog/default/blogs-tags-security-28a.json",16052],b0998319:[()=>n.e(7328).then(n.bind(n,86387)),"@site/blog/2020-12-23-new.md",86387],b0c2e5ed:[()=>n.e(57740).then(n.bind(n,34529)),"@site/blog/2019-07-06-new.md?truncated=true",34529],b17755e4:[()=>n.e(75143).then(n.t.bind(n,71623,19)),"~blog/default/blogs-tags-pod-page-5-54f.json",71623],b1a5927e:[()=>n.e(5488).then(n.t.bind(n,24859,19)),"~blog/default/blogs-tags-aardvark-153.json",24859],b28576cd:[()=>n.e(1438).then(n.bind(n,4689)),"@site/blog/2020-07-17-new.md?truncated=true",4689],b2fe1a56:[()=>n.e(51157).then(n.bind(n,25840)),"@site/blog/2018-10-10-checkpoint-restore.md",25840],b3089a88:[()=>n.e(67579).then(n.t.bind(n,40378,19)),"~blog/default/blogs-tags-ubuntu-763-list.json",40378],b3cc103d:[()=>n.e(35223).then(n.bind(n,65823)),"@site/blog/2020-07-07-new.md",65823],b420e108:[()=>n.e(3419).then(n.bind(n,9608)),"@site/blog/2020-07-16-new.md",9608],b46e9e7c:[()=>n.e(66789).then(n.bind(n,46227)),"@site/blog/2019-06-17-new.md?truncated=true",46227],b4cdaeff:[()=>n.e(62811).then(n.bind(n,35477)),"@site/blog/2018-12-14-openstack-podman-healthchecks.md?truncated=true",35477],b4ed5649:[()=>n.e(23199).then(n.t.bind(n,31837,19)),"~blog/default/blogs-tags-pod-page-3-69d-list.json",31837],b4edc141:[()=>n.e(83555).then(n.bind(n,51295)),"@site/blog/2019-11-08-build-ctrs-with-open-tools.md",51295],b505846c:[()=>n.e(76313).then(n.bind(n,62009)),"@site/blog/2021-07-01-podman-inside-kubernets.md",62009],b52fa139:[()=>n.e(31289).then(n.t.bind(n,32357,19)),"~blog/default/blogs-page-16-ad6.json",32357],b58e0449:[()=>n.e(71964).then(n.bind(n,77547)),"@site/blog/2020-10-05-new.md?truncated=true",77547],b5c078ab:[()=>n.e(99135).then(n.t.bind(n,3885,19)),"~blog/default/blogs-tags-multiarch-0e4-list.json",3885],b5cde707:[()=>n.e(1238).then(n.t.bind(n,77940,19)),"~blog/default/blogs-tags-ebpf-d85.json",77940],b6120ea9:[()=>n.e(24212).then(n.bind(n,39656)),"@site/blog/2019-11-26-rootless-podman-and-nfs.md",39656],b6130486:[()=>n.e(58231).then(n.bind(n,27628)),"@site/blog/2019-06-26-replace-docker-with-podman.md?truncated=true",27628],b6d3d2df:[()=>n.e(10648).then(n.t.bind(n,35641,19)),"~blog/default/blogs-tags-docker-page-2-c02-list.json",35641],b768cbd4:[()=>n.e(82977).then(n.t.bind(n,17197,19)),"~blog/default/blogs-tags-api-page-8-70a-list.json",17197],b77b8c66:[()=>n.e(28755).then(n.t.bind(n,14168,19)),"~blog/default/blogs-tags-cloud-3f7.json",14168],b809a965:[()=>n.e(90069).then(n.t.bind(n,36124,19)),"~blog/default/blogs-tags-github-page-2-fd2.json",36124],b8678d1a:[()=>n.e(58253).then(n.bind(n,37158)),"@site/blog/2020-01-30-new.md?truncated=true",37158],b8763a3d:[()=>n.e(28109).then(n.bind(n,3257)),"@site/blog/2020-05-13-podman-v2-update.md?truncated=true",3257],b878c13e:[()=>n.e(59726).then(n.t.bind(n,7481,19)),"~blog/default/blogs-tags-ruby-c26.json",7481],b8ae24ba:[()=>n.e(84331).then(n.bind(n,40960)),"@site/blog/2019-12-14-new.md",40960],b8ce7dc9:[()=>n.e(70772).then(n.t.bind(n,50050,19)),"~blog/default/blogs-tags-kubernetes-page-6-8cf.json",50050],b90f1cd1:[()=>n.e(63147).then(n.bind(n,73970)),"@site/blog/2020-02-06-deploy-pod-on-centos.md?truncated=true",73970],bab8d2c4:[()=>n.e(81643).then(n.t.bind(n,97760,19)),"~blog/default/blogs-tags-podman-page-6-b22-list.json",97760],baf595e3:[()=>n.e(91835).then(n.bind(n,35376)),"@site/blog/2020-08-13-new.md?truncated=true",35376],bb002237:[()=>n.e(84841).then(n.bind(n,2184)),"@site/blog/2019-08-22-new.md",2184],bb0c4597:[()=>n.e(65362).then(n.t.bind(n,61861,19)),"~blog/default/blogs-tags-runner-248-list.json",61861],bb1699c9:[()=>n.e(93549).then(n.bind(n,34853)),"@site/blog/2020-12-11-remove-varlink-libpod-conf-notice.md?truncated=true",34853],bb28fa20:[()=>n.e(58273).then(n.bind(n,75182)),"@site/blog/2019-11-12-F31-Control-Group-v2.md",75182],bbf3cda5:[()=>n.e(58967).then(n.bind(n,52893)),"@site/blog/2021-01-26-docker-compose-to-podman.md",52893],bc300906:[()=>n.e(64964).then(n.bind(n,8769)),"@site/blog/2019-10-23-Perona-PMM.md",8769],bc4d58a4:[()=>n.e(13123).then(n.t.bind(n,15710,19)),"~blog/default/blogs-tags-automation-ad8-list.json",15710],bc7ebba5:[()=>n.e(54369).then(n.bind(n,79926)),"@site/blog/2022-04-05-new.md?truncated=true",79926],bc8b2a0c:[()=>n.e(31809).then(n.bind(n,17416)),"@site/blog/2021-07-02-new.md?truncated=true",17416],bcfd1a7d:[()=>n.e(8243).then(n.bind(n,31460)),"@site/blog/2019-11-07-basic-security-principles.md?truncated=true",31460],bd403acb:[()=>n.e(9104).then(n.bind(n,89087)),"@site/blog/2021-10-28-build-kubernetes-pods-with-podman-play-kube.md?truncated=true",89087],bd4362ca:[()=>n.e(32764).then(n.t.bind(n,74173,19)),"~blog/default/blogs-tags-boot-2-podman-39b-list.json",74173],bd753016:[()=>n.e(77492).then(n.t.bind(n,38295,19)),"~blog/default/blogs-tags-v-2-page-6-cf0-list.json",38295],bd9ea72b:[()=>n.e(28706).then(n.t.bind(n,39238,19)),"~blog/default/blogs-tags-images-page-3-5fb-list.json",39238],bdf7d44f:[()=>n.e(22035).then(n.bind(n,87649)),"@site/blog/2021-09-03-podman-posts-of-interests.md",87649],bebebfab:[()=>n.e(48527).then(n.t.bind(n,18187,19)),"~blog/default/blogs-tags-sudo-bc1.json",18187],bf00a8d0:[()=>n.e(5510).then(n.bind(n,49158)),"@site/blog/2019-10-28-podman-with-nfs.md?truncated=true",49158],bf01e4e0:[()=>n.e(91024).then(n.bind(n,96235)),"@site/docs/checkpoint.md",96235],bf0e441c:[()=>n.e(81804).then(n.bind(n,49345)),"@site/blog/2020-02-06-new.md",49345],bf342a85:[()=>n.e(63684).then(n.t.bind(n,87213,19)),"~blog/default/blogs-tags-v-2-page-3-c4c-list.json",87213],bf3f6241:[()=>n.e(46225).then(n.t.bind(n,60936,19)),"~blog/default/blogs-tags-v-2-page-4-fe4-list.json",60936],bf65740b:[()=>n.e(51893).then(n.t.bind(n,95303,19)),"~blog/default/blogs-tags-mac-page-2-342.json",95303],bf7df328:[()=>Promise.all([n.e(40532),n.e(50840),n.e(1954),n.e(64658)]).then(n.bind(n,79244)),"@site/src/pages/get-started.tsx",79244],bfb74d34:[()=>n.e(48797).then(n.bind(n,84348)),"@site/blog/2020-01-22-new.md",84348],bff9d2be:[()=>n.e(23719).then(n.t.bind(n,3360,19)),"~blog/default/blogs-tags-kubernetes-page-7-4c8-list.json",3360],c087d33b:[()=>n.e(77667).then(n.bind(n,67537)),"@site/blog/2020-07-01-new.md?truncated=true",67537],c0a645c7:[()=>n.e(56942).then(n.bind(n,27667)),"@site/blog/2021-02-08-easy-development-dependency-management-with-podman-and-tent.md?truncated=true",27667],c0ed6d96:[()=>n.e(72147).then(n.t.bind(n,67365,19)),"~blog/default/blogs-tags-v-2-page-7-134.json",67365],c0fac2c5:[()=>n.e(54868).then(n.bind(n,86336)),"@site/blog/2019-07-06-new.md",86336],c103f181:[()=>n.e(14085).then(n.bind(n,11077)),"@site/blog/2019-11-13-new.md",11077],c10b9920:[()=>n.e(65051).then(n.bind(n,36717)),"@site/blog/2020-01-15-bioinformatics-with-rootless-podman.md?truncated=true",36717],c1660528:[()=>n.e(39609).then(n.bind(n,89629)),"@site/blog/2019-10-28-new.md?truncated=true",89629],c20a5dd8:[()=>n.e(77763).then(n.bind(n,62789)),"@site/blog/2019-11-26-new.md",62789],c283ece6:[()=>n.e(23475).then(n.t.bind(n,10149,19)),"~blog/default/blogs-tags-mac-page-5-d87.json",10149],c377a04b:[()=>n.e(46971).then(n.bind(n,21269)),"@site/docs/index.md",21269],c3ab2f20:[()=>n.e(72828).then(n.t.bind(n,13354,19)),"~blog/default/blogs-tags-containers-page-8-dd0-list.json",13354],c41a9bbf:[()=>n.e(7789).then(n.bind(n,34242)),"@site/blog/2020-10-05-new.md",34242],c4428c45:[()=>n.e(19480).then(n.bind(n,35074)),"@site/blog/2020-08-11-new.md",35074],c4fd52e5:[()=>n.e(57205).then(n.t.bind(n,24469,19)),"/home/runner/work/podman.io/podman.io/.docusaurus/docusaurus-plugin-content-blog/default/plugin-route-context-module-100.json",24469],c4ffb2d2:[()=>n.e(34224).then(n.bind(n,12849)),"@site/blog/2022-02-04-network-usage.md?truncated=true",12849],c50a9231:[()=>n.e(75257).then(n.t.bind(n,69319,19)),"~blog/default/blogs-tags-containers-page-14-73c.json",69319],c50c64c1:[()=>n.e(27166).then(n.t.bind(n,67970,19)),"~blog/default/blogs-tags-containers-page-6-89f-list.json",67970],c5d622c7:[()=>n.e(69449).then(n.bind(n,1516)),"@site/blog/2018-08-20-podman-alpha-v0.8.3.md",1516],c617b3ad:[()=>n.e(47362).then(n.t.bind(n,48733,19)),"~blog/default/blogs-tags-podman-page-4-20a.json",48733],c64c8a00:[()=>n.e(21131).then(n.bind(n,74394)),"@site/blog/2020-08-11-new.md?truncated=true",74394],c6aea3f1:[()=>n.e(78673).then(n.t.bind(n,65458,19)),"~blog/default/blogs-tags-tracing-a36.json",65458],c6bc47df:[()=>n.e(97602).then(n.t.bind(n,68010,19)),"~blog/default/blogs-tags-containers-page-16-8e3.json",68010],c6ca8e82:[()=>n.e(21926).then(n.t.bind(n,48251,19)),"~blog/default/blogs-tags-networking-page-3-be3-list.json",48251],c709e528:[()=>n.e(27785).then(n.bind(n,46262)),"@site/blog/2020-12-22-new.md",46262],c7567e98:[()=>n.e(815).then(n.t.bind(n,95580,19)),"~blog/default/blogs-tags-rest-api-page-2-6f8.json",95580],c7c76429:[()=>n.e(43991).then(n.t.bind(n,92967,19)),"~blog/default/blogs-tags-podman-page-2-770-list.json",92967],c7d4ec6c:[()=>n.e(30511).then(n.bind(n,99279)),"@site/blog/2019-01-16-podman-release-v1.0.0.md?truncated=true",99279],c81b193a:[()=>n.e(12681).then(n.bind(n,11072)),"@site/blog/2018-10-05-tripleo-systemd.md",11072],c93a2b7b:[()=>n.e(71473).then(n.t.bind(n,2984,19)),"~blog/default/blogs-tags-docker-page-5-9d1-list.json",2984],c9448d9e:[()=>n.e(23486).then(n.t.bind(n,34908,19)),"~blog/default/blogs-tags-sudo-bc1-list.json",34908],c945ac6e:[()=>n.e(13825).then(n.bind(n,85822)),"@site/blog/2022-05-09-new.md",85822],c94d8736:[()=>n.e(37590).then(n.bind(n,16503)),"@site/blog/2021-01-23-new.md",16503],c968257b:[()=>n.e(36668).then(n.bind(n,35183)),"@site/blog/2020-05-06-podman-in-french.md",35183],ca13f458:[()=>n.e(46003).then(n.bind(n,19950)),"@site/blog/2020-03-02-building-with-podman-and-buildah.md",19950],ca20a8fe:[()=>n.e(57365).then(n.bind(n,27145)),"@site/blog/2021-05-26-podman-3-compose.md?truncated=true",27145],ca5cb613:[()=>n.e(80881).then(n.t.bind(n,13750,19)),"~blog/default/blogs-tags-ci-ec9-list.json",13750],cab9a096:[()=>n.e(74076).then(n.t.bind(n,55990,19)),"~blog/default/blogs-page-2-f11.json",55990],cb0f9cfc:[()=>n.e(41910).then(n.bind(n,61546)),"@site/blog/2021-02-08-new.md",61546],cb7043f0:[()=>n.e(13344).then(n.t.bind(n,41597,19)),"~blog/default/blogs-tags-api-page-5-b48.json",41597],cb97ded3:[()=>n.e(51426).then(n.bind(n,40127)),"@site/blog/2020-09-30-new.md?truncated=true",40127],cbd72529:[()=>n.e(31671).then(n.bind(n,57408)),"@site/blog/2019-11-05-docker2podman.md?truncated=true",57408],cbee0725:[()=>n.e(28027).then(n.t.bind(n,1396,19)),"~blog/default/blogs-tags-kubernetes-page-4-282.json",1396],cbf62e80:[()=>n.e(24340).then(n.bind(n,30523)),"@site/blog/2019-08-10-podman-ibm-developer.md?truncated=true",30523],cc020efe:[()=>n.e(82968).then(n.t.bind(n,36851,19)),"~blog/default/blogs-tags-oci-page-2-af1-list.json",36851],cc549ae9:[()=>n.e(34085).then(n.t.bind(n,307,19)),"~blog/default/blogs-tags-golang-8be.json",307],cc63c88a:[()=>n.e(73457).then(n.bind(n,43844)),"@site/blog/2019-06-13-podman-cheatsheet.md",43844],cca70ef7:[()=>n.e(36868).then(n.t.bind(n,61607,19)),"~blog/default/blogs-tags-community-ff5.json",61607],ccc49370:[()=>Promise.all([n.e(40532),n.e(50840),n.e(28490),n.e(46048),n.e(46103)]).then(n.bind(n,65203)),"@theme/BlogPostPage",65203],ccd53d21:[()=>n.e(7659).then(n.t.bind(n,49426,19)),"~blog/default/blogs-tags-dependency-management-085-list.json",49426],cd4bceb7:[()=>n.e(53978).then(n.bind(n,50316)),"@site/blog/2021-06-16-install-podman-on-ubuntu.md",50316],cd61fe91:[()=>n.e(38130).then(n.t.bind(n,93104,19)),"~blog/default/blogs-tags-api-page-2-f35.json",93104],ce50ea2a:[()=>n.e(12205).then(n.t.bind(n,14105,19)),"~blog/default/blogs-tags-pod-page-6-b64-list.json",14105],ce59b13f:[()=>n.e(34176).then(n.t.bind(n,7410,19)),"~blog/default/blogs-tags-test-339-list.json",7410],ce6ee837:[()=>n.e(33040).then(n.bind(n,86164)),"@site/blog/2020-06-29-podman-v2-announce.md?truncated=true",86164],ce73e545:[()=>n.e(82935).then(n.t.bind(n,34862,19)),"~blog/default/blogs-tags-buildah-page-5-b89-list.json",34862],ce7dab8e:[()=>n.e(63693).then(n.t.bind(n,73406,19)),"~blog/default/blogs-tags-windows-920.json",73406],cee81a32:[()=>n.e(43075).then(n.t.bind(n,92061,19)),"~blog/default/blogs-tags-containers-page-14-73c-list.json",92061],cefce2a2:[()=>n.e(39184).then(n.bind(n,7978)),"@site/blog/2021-09-03-new.md?truncated=true",7978],cf1ecaf1:[()=>n.e(46021).then(n.bind(n,8007)),"@site/blog/2020-09-22-security.md?truncated=true",8007],cf2b80f9:[()=>n.e(50155).then(n.t.bind(n,39603,19)),"~blog/default/blogs-tags-community-ff5-list.json",39603],cf37d923:[()=>n.e(86015).then(n.bind(n,12072)),"@site/blog/2019-01-16-podman-release-v1.0.0.md",12072],cf896737:[()=>n.e(73805).then(n.t.bind(n,99589,19)),"~blog/default/blogs-tags-podman-page-17-e1c.json",99589],cfa87347:[()=>n.e(58139).then(n.bind(n,8641)),"@site/blog/2020-09-28-devconf-ctr-tech.md?truncated=true",8641],cfbe9d8e:[()=>n.e(65731).then(n.t.bind(n,65647,19)),"~blog/default/blogs-page-6-3e8.json",65647],cfc90e78:[()=>n.e(35839).then(n.t.bind(n,65730,19)),"~blog/default/blogs-tags-aardvark-153-list.json",65730],cffa70f7:[()=>n.e(74423).then(n.t.bind(n,20547,19)),"~blog/default/blogs-tags-mac-page-6-4a9.json",20547],d01ce3bc:[()=>n.e(90874).then(n.t.bind(n,95258,19)),"~blog/default/blogs-tags-signing-425-list.json",95258],d09cacbb:[()=>n.e(52656).then(n.t.bind(n,71288,19)),"~blog/default/blogs-tags-windows-920-list.json",71288],d0a74388:[()=>n.e(7811).then(n.bind(n,76689)),"@site/blog/2022-03-15-new.md?truncated=true",76689],d0fc3039:[()=>n.e(24004).then(n.bind(n,85966)),"@site/blog/2019-09-11-new.md?truncated=true",85966],d19115d7:[()=>n.e(10409).then(n.t.bind(n,64995,19)),"~blog/default/blogs-tags-oci-page-4-477.json",64995],d1f0e4b8:[()=>n.e(78923).then(n.bind(n,87078)),"@site/blog/2022-08-17-new.md",87078],d20320e1:[()=>n.e(18654).then(n.t.bind(n,65795,19)),"~blog/default/blogs-tags-microsoft-f72.json",65795],d24baff8:[()=>n.e(40408).then(n.bind(n,22135)),"@site/blog/2021-06-13-podman-posts-of-interests.md",22135],d2eed707:[()=>n.e(38774).then(n.t.bind(n,81582,19)),"~blog/default/blogs-tags-pod-page-2-902-list.json",81582],d33dc195:[()=>n.e(25915).then(n.t.bind(n,40681,19)),"~blog/default/blogs-tags-bpf-a59.json",40681],d39f4c6a:[()=>n.e(85785).then(n.bind(n,28576)),"@site/blog/2019-08-23-new.md",28576],d3ac05e9:[()=>n.e(85765).then(n.bind(n,49104)),"@site/blog/2020-07-16-podman-and-cron.md?truncated=true",49104],d3b3891b:[()=>n.e(40363).then(n.t.bind(n,1993,19)),"~blog/default/blogs-tags-v-2-page-7-134-list.json",1993],d3bd14d4:[()=>n.e(50065).then(n.bind(n,29360)),"@site/blog/2019-08-10-new.md",29360],d3ca5c2e:[()=>n.e(983).then(n.bind(n,92447)),"@site/blog/2019-09-25-new.md",92447],d3ee8f76:[()=>n.e(41843).then(n.t.bind(n,40443,19)),"~blog/default/blogs-tags-buildah-0f1.json",40443],d4054b0c:[()=>n.e(84394).then(n.bind(n,20647)),"@site/blog/2018-10-03-podman-remove-content-homedir.md?truncated=true",20647],d409a93e:[()=>n.e(46150).then(n.bind(n,64610)),"@site/blog/2022-05-08-new.md",64610],d449dcf1:[()=>n.e(41490).then(n.bind(n,78344)),"@site/blog/2019-10-29-new.md?truncated=true",78344],d45a981c:[()=>n.e(7899).then(n.t.bind(n,49759,19)),"~blog/default/blogs-tags-podman-page-5-b8a-list.json",49759],d553c684:[()=>n.e(68540).then(n.bind(n,42081)),"@site/blog/2022-10-22-new.md?truncated=true",42081],d5af26f4:[()=>n.e(12603).then(n.bind(n,53451)),"@site/blog/2021-01-23-podman-posts-of-interests.md?truncated=true",53451],d5bfda9e:[()=>n.e(60780).then(n.bind(n,18123)),"@site/blog/2021-10-04-new.md",18123],d602a484:[()=>n.e(35406).then(n.t.bind(n,62331,19)),"~blog/default/blogs-tags-gpg-2fd-list.json",62331],d6487ff7:[()=>n.e(65548).then(n.bind(n,74549)),"@site/blog/2020-07-16-podman-and-cron.md",74549],d67039b7:[()=>n.e(19840).then(n.t.bind(n,86188,19)),"~blog/default/blogs-tags-v-2-page-9-0dd-list.json",86188],d719ccc2:[()=>n.e(72113).then(n.t.bind(n,92107,19)),"~blog/default/blogs-tags-skopeo-23a.json",92107],d7245e62:[()=>n.e(66095).then(n.t.bind(n,37103,19)),"~blog/default/blogs-tags-hpc-page-4-d91-list.json",37103],d7924564:[()=>n.e(26599).then(n.bind(n,91605)),"@site/blog/2018-10-04-selinux-libvirt.md",91605],d7be0b9b:[()=>n.e(56345).then(n.bind(n,9615)),"@site/blog/2021-09-06-podman-on-macs.md?truncated=true",9615],d7e0d0e7:[()=>n.e(98258).then(n.t.bind(n,39214,19)),"~blog/default/blogs-tags-containers-page-5-48b-list.json",39214],d7fd4a45:[()=>n.e(56294).then(n.t.bind(n,23789,19)),"~blog/default/blogs-tags-hpc-page-3-fbc.json",23789],d8256cbb:[()=>n.e(16684).then(n.bind(n,824)),"@site/blog/2020-02-07-new.md?truncated=true",824],d8ef6140:[()=>n.e(97213).then(n.t.bind(n,78950,19)),"~blog/default/blogs-tags-windows-page-6-125-list.json",78950],d8f8ea8f:[()=>n.e(76420).then(n.t.bind(n,78103,19)),"~blog/default/blogs-tags-mac-page-4-1b8-list.json",78103],d924c453:[()=>n.e(78325).then(n.bind(n,15542)),"@site/blog/2020-12-01-short-container-names.md",15542],d96ceb02:[()=>n.e(81940).then(n.t.bind(n,6133,19)),"~blog/default/blogs-tags-networking-page-4-c0d.json",6133],d9a4e4a9:[()=>n.e(68925).then(n.t.bind(n,32080,19)),"~blog/default/blogs-tags-rest-api-160-list.json",32080],d9dc158b:[()=>n.e(69853).then(n.bind(n,83194)),"@site/blog/2020-07-18-new.md?truncated=true",83194],d9ebdac2:[()=>n.e(72992).then(n.t.bind(n,58156,19)),"~blog/default/blogs-tags-networking-page-6-1cd.json",58156],d9f8802d:[()=>n.e(67570).then(n.bind(n,1201)),"@site/blog/2020-08-13-new.md",1201],da36def6:[()=>n.e(32535).then(n.t.bind(n,24797,19)),"~blog/default/blogs-tags-github-b6b.json",24797],daab0409:[()=>n.e(60821).then(n.t.bind(n,39100,19)),"~blog/default/blogs-tags-containers-page-15-bc3-list.json",39100],db189e95:[()=>n.e(61337).then(n.t.bind(n,50254,19)),"~blog/default/blogs-page-7-a87.json",50254],dc366153:[()=>n.e(18233).then(n.t.bind(n,33270,19)),"~blog/default/blogs-tags-podman-page-5-b8a.json",33270],dcb471a6:[()=>n.e(22348).then(n.bind(n,73297)),"@site/blog/2021-10-28-new.md",73297],dcd93014:[()=>n.e(2322).then(n.t.bind(n,56687,19)),"~blog/default/blogs-tags-containers-page-16-8e3-list.json",56687],dd6e498d:[()=>n.e(15736).then(n.t.bind(n,32934,19)),"~blog/default/blogs-tags-api-2a7.json",32934],dde9c6cc:[()=>n.e(15771).then(n.bind(n,54760)),"@site/blog/2020-11-13-new.md?truncated=true",54760],dec2802b:[()=>n.e(21594).then(n.bind(n,30289)),"@site/blog/2020-12-09-new.md?truncated=true",30289],df12da97:[()=>n.e(67873).then(n.bind(n,93256)),"@site/blog/2020-11-13-new.md",93256],dfb5f0c7:[()=>n.e(19720).then(n.t.bind(n,42243,19)),"~blog/default/blogs-tags-rest-6c0.json",42243],dfbccedb:[()=>n.e(5569).then(n.t.bind(n,23175,19)),"~blog/default/blogs-tags-bindings-e41-list.json",23175],dfcf29be:[()=>n.e(6182).then(n.bind(n,30497)),"@site/blog/2020-08-21-new.md",30497],dfea22ae:[()=>n.e(30853).then(n.bind(n,90430)),"@site/blog/2019-10-23-new.md?truncated=true",90430],dff31f53:[()=>n.e(61157).then(n.t.bind(n,92087,19)),"~blog/default/blogs-tags-ci-ec9.json",92087],e0085fac:[()=>n.e(43662).then(n.t.bind(n,21509,19)),"~blog/default/blogs-tags-mac-os-b6f-list.json",21509],e00fa61b:[()=>n.e(35913).then(n.t.bind(n,18238,19)),"~blog/default/blogs-tags-mac-page-4-1b8.json",18238],e02565da:[()=>n.e(38382).then(n.bind(n,14847)),"@site/blog/2019-09-11-rootless-pulling.md",14847],e05e4f28:[()=>n.e(55458).then(n.t.bind(n,10638,19)),"~blog/default/blogs-tags-containers-page-4-7a6-list.json",10638],e08ad4e2:[()=>n.e(87199).then(n.bind(n,80366)),"@site/blog/2020-01-22-blog-posts.md",80366],e0a79853:[()=>n.e(74703).then(n.t.bind(n,17563,19)),"~blog/default/blogs-tags-rest-page-3-047.json",17563],e10d246f:[()=>n.e(19599).then(n.bind(n,70915)),"@site/blog/2019-11-20-new.md?truncated=true",70915],e1bea0d2:[()=>n.e(15979).then(n.bind(n,87074)),"@site/blog/2019-08-28-buildah-in-containers.md?truncated=true",87074],e257e53c:[()=>n.e(4847).then(n.bind(n,11514)),"@site/blog/2019-04-16-cinc.md?truncated=true",11514],e2bf4803:[()=>n.e(20119).then(n.bind(n,16764)),"@site/blog/2018-10-01-talk-replace-docker-with-podman.md?truncated=true",16764],e2c6734d:[()=>n.e(80484).then(n.t.bind(n,77288,19)),"~blog/default/blogs-tags-go-8e7.json",77288],e2da1f85:[()=>n.e(10962).then(n.t.bind(n,92754,19)),"~blog/default/blogs-tags-oci-f02.json",92754],e30f1b57:[()=>n.e(6795).then(n.t.bind(n,7321,19)),"~blog/default/blogs-tags-runtime-page-2-669.json",7321],e333f46c:[()=>n.e(55791).then(n.bind(n,79026)),"@site/blog/2021-01-23-new.md?truncated=true",79026],e3c905de:[()=>n.e(34377).then(n.bind(n,25458)),"@site/blog/2022-10-12-podman-posts-of-interests.md?truncated=true",25458],e43c6f85:[()=>n.e(27103).then(n.bind(n,31001)),"@site/blog/2019-03-16-podman-install.md",31001],e4627f95:[()=>n.e(86341).then(n.t.bind(n,30503,19)),"~blog/default/blogs-tags-api-page-8-70a.json",30503],e4d0a9b4:[()=>n.e(71518).then(n.bind(n,23901)),"@site/blog/2021-07-01-new.md",23901],e5249a91:[()=>n.e(86892).then(n.bind(n,23973)),"@site/blog/2020-09-30-Oct-6-Agenda.md",23973],e527a4fd:[()=>n.e(69593).then(n.t.bind(n,61346,19)),"~blog/default/blogs-tags-kube-page-2-556.json",61346],e57902fd:[()=>n.e(42184).then(n.t.bind(n,62439,19)),"~blog/default/blogs-tags-pod-page-4-521.json",62439],e59cf075:[()=>n.e(86905).then(n.t.bind(n,16465,19)),"~blog/default/blogs-tags-runner-248.json",16465],e5c15292:[()=>n.e(28045).then(n.bind(n,15475)),"@site/blog/2018-10-04-selinux-libvirt.md?truncated=true",15475],e656dc47:[()=>n.e(80912).then(n.t.bind(n,74014,19)),"~blog/default/blogs-page-3-934.json",74014],e699d4d1:[()=>n.e(18091).then(n.t.bind(n,22103,19)),"~blog/default/blogs-tags-podman-page-13-e0f.json",22103],e6bd1150:[()=>n.e(55395).then(n.t.bind(n,70759,19)),"~blog/default/blogs-tags-kubernetes-58a.json",70759],e6dd6da5:[()=>n.e(10582).then(n.t.bind(n,93025,19)),"~blog/default/blogs-page-24-7c9.json",93025],e7e3539d:[()=>n.e(83323).then(n.t.bind(n,23670,19)),"~blog/default/blogs-tags-networking-page-8-48d-list.json",23670],e7e456ae:[()=>n.e(3007).then(n.t.bind(n,58917,19)),"~blog/default/blogs-tags-varlink-245-list.json",58917],e830f50c:[()=>n.e(52908).then(n.bind(n,54958)),"@site/blog/2019-06-17-mailinglist.md?truncated=true",54958],e8d4cdb9:[()=>n.e(33150).then(n.t.bind(n,80397,19)),"~blog/default/blogs-tags-dependency-management-085.json",80397],e8df2429:[()=>n.e(69678).then(n.bind(n,6948)),"@site/blog/2019-11-05-docker2podman.md",6948],e8f48e86:[()=>n.e(4998).then(n.t.bind(n,70550,19)),"~blog/default/blogs-tags-git-lab-ff7-list.json",70550],e93086c6:[()=>n.e(27278).then(n.bind(n,26317)),"@site/blog/2021-07-02-podman-inside-container.md?truncated=true",26317],e9b5709f:[()=>n.e(34967).then(n.bind(n,67349)),"@site/blog/2020-12-07-new.md",67349],e9e146f9:[()=>n.e(41797).then(n.t.bind(n,86284,19)),"~blog/default/blogs-tags-hpc-page-6-448-list.json",86284],ea2a8a2b:[()=>n.e(79971).then(n.bind(n,64060)),"@site/blog/2019-10-23-new.md",64060],ea480a96:[()=>n.e(93614).then(n.t.bind(n,87108,19)),"~blog/default/blogs-tags-containers-page-15-bc3.json",87108],ea5ecbc5:[()=>n.e(59525).then(n.t.bind(n,76897,19)),"~blog/default/blogs-tags-rename-ff7.json",76897],eb29bc22:[()=>n.e(22713).then(n.bind(n,46188)),"@site/blog/2021-05-04-star-wars-in-podman.md",46188],eb3dc601:[()=>n.e(23676).then(n.bind(n,37959)),"@site/blog/2020-09-02-new.md?truncated=true",37959],eb51026c:[()=>n.e(70879).then(n.bind(n,55652)),"@site/blog/2018-12-03-podman-runlabel.md?truncated=true",55652],eb5263e4:[()=>n.e(65480).then(n.bind(n,29601)),"@site/blog/2020-06-29-new.md",29601],eb9d40ec:[()=>n.e(60380).then(n.bind(n,26638)),"@site/blog/2020-08-11-migrate-from-docker-compose.md",26638],eba3cb06:[()=>n.e(85064).then(n.t.bind(n,33508,19)),"~blog/default/blogs-tags-mac-14d-list.json",33508],ec0bc416:[()=>n.e(93009).then(n.t.bind(n,23551,19)),"~blog/default/blogs-tags-podman-page-18-21d.json",23551],ec887574:[()=>n.e(78740).then(n.t.bind(n,2293,19)),"~blog/default/blogs-tags-podman-page-16-d90-list.json",2293],ec8dee43:[()=>n.e(44442).then(n.bind(n,73820)),"@site/blog/2020-09-18-new.md",73820],ec9ce0b9:[()=>n.e(82683).then(n.t.bind(n,55012,19)),"~blog/default/blogs-tags-kubernetes-page-3-36b.json",55012],eca036a7:[()=>n.e(72612).then(n.t.bind(n,43532,19)),"~blog/default/blogs-tags-docker-compose-8d7-list.json",43532],ecc58e23:[()=>n.e(15350).then(n.t.bind(n,43157,19)),"~blog/default/blogs-tags-syscall-672-list.json",43157],ecf397c5:[()=>n.e(21290).then(n.t.bind(n,86618,19)),"~blog/default/blogs-tags-docker-page-3-d54.json",86618],ed200b07:[()=>n.e(17994).then(n.t.bind(n,73929,19)),"~blog/default/blogs-tags-tent-280.json",73929],ed642a45:[()=>n.e(75360).then(n.t.bind(n,26095,19)),"~blog/default/blogs-tags-podman-page-8-957.json",26095],ed94db85:[()=>n.e(7457).then(n.bind(n,43217)),"@site/blog/2021-10-16-new.md?truncated=true",43217],edbec64d:[()=>n.e(12585).then(n.t.bind(n,61947,19)),"~blog/default/blogs-tags-networking-page-9-477-list.json",61947],edea3d23:[()=>n.e(13575).then(n.bind(n,9184)),"@site/blog/2020-08-24-container-time.md",9184],ef25bb1f:[()=>n.e(65878).then(n.t.bind(n,4615,19)),"~blog/default/blogs-tags-containers-page-11-514.json",4615],efc92035:[()=>n.e(84723).then(n.t.bind(n,52066,19)),"~blog/default/blogs-tags-go-8e7-list.json",52066],efe6b3fa:[()=>n.e(77885).then(n.bind(n,95344)),"@site/blog/2020-12-09-podman-systemd-demo.md?truncated=true",95344],f031a327:[()=>n.e(12026).then(n.bind(n,19005)),"@site/blog/2022-03-06-why_no_podman4_f35.md",19005],f083362e:[()=>n.e(39063).then(n.bind(n,44645)),"@site/blog/2019-12-14-rhel8-podman.md",44645],f0de574e:[()=>n.e(23521).then(n.t.bind(n,61001,19)),"~blog/default/blogs-tags-rails-a57.json",61001],f14b45bb:[()=>n.e(69228).then(n.t.bind(n,26277,19)),"~blog/default/blogs-tags-kube-page-6-560-list.json",26277],f167b037:[()=>n.e(22094).then(n.bind(n,22851)),"@site/blog/2021-10-27-how-podman-runs-on-macs.md?truncated=true",22851],f17a645b:[()=>n.e(70163).then(n.t.bind(n,15241,19)),"~blog/default/blogs-0c8.json",15241],f24dcdab:[()=>n.e(53834).then(n.t.bind(n,33842,19)),"~blog/default/blogs-tags-docker-page-5-9d1.json",33842],f2a4f782:[()=>n.e(77445).then(n.bind(n,45553)),"@site/blog/2018-10-10-checkpoint-restore.md?truncated=true",45553],f2b29f39:[()=>n.e(42384).then(n.bind(n,88239)),"@site/blog/2021-03-02-podman-support-for-older-distros.md",88239],f2b72252:[()=>n.e(30144).then(n.t.bind(n,64053,19)),"~blog/default/blogs-tags-podman-page-19-711.json",64053],f3740653:[()=>n.e(46705).then(n.t.bind(n,3986,19)),"~blog/default/blogs-tags-v-2-page-2-304.json",3986],f41d5350:[()=>n.e(5426).then(n.t.bind(n,70792,19)),"~blog/default/blogs-tags-containers-page-13-d34.json",70792],f42d2ef1:[()=>n.e(22159).then(n.t.bind(n,97795,19)),"~blog/default/blogs-tags-podman-page-9-72a-list.json",97795],f42f3bd8:[()=>n.e(35638).then(n.bind(n,87506)),"@site/blog/2019-09-26-podman-in-hpc.md",87506],f45be535:[()=>n.e(51770).then(n.t.bind(n,70201,19)),"~blog/default/blogs-tags-hpc-page-7-737-list.json",70201],f4774aa2:[()=>n.e(15185).then(n.bind(n,21926)),"@site/blog/2020-08-10-new.md",21926],f49d7908:[()=>n.e(75612).then(n.t.bind(n,73617,19)),"~blog/default/blogs-tags-runtime-page-2-669-list.json",73617],f4d442d5:[()=>n.e(61554).then(n.bind(n,25199)),"@site/blog/2020-06-29-podman-v2-announce.md",25199],f56cf62c:[()=>n.e(19336).then(n.t.bind(n,61310,19)),"~blog/default/blogs-tags-golang-8be-list.json",61310],f5855e91:[()=>n.e(43690).then(n.bind(n,95835)),"@site/blog/2020-05-13-new.md",95835],f5d6dd48:[()=>n.e(59559).then(n.bind(n,17298)),"@site/blog/2021-01-15-managing-pods.md?truncated=true",17298],f656ff8f:[()=>n.e(54257).then(n.bind(n,12679)),"@site/blog/2019-01-08-rhel-8-and-podman.md",12679],f6784245:[()=>n.e(33191).then(n.bind(n,47679)),"@site/blog/2019-06-26-new.md",47679],f67e3aa3:[()=>n.e(59682).then(n.t.bind(n,6433,19)),"~blog/default/blogs-tags-containers-page-10-d43-list.json",6433],f6a9426b:[()=>n.e(11177).then(n.t.bind(n,82737,19)),"~blog/default/blogs-tags-cloud-3f7-list.json",82737],f7385094:[()=>n.e(8914).then(n.t.bind(n,93962,19)),"~blog/default/blogs-tags-kubic-3ad-list.json",93962],f8085e57:[()=>n.e(54763).then(n.t.bind(n,36442,19)),"~blog/default/blogs-tags-podman-page-17-e1c-list.json",36442],f83dc955:[()=>n.e(63434).then(n.t.bind(n,53384,19)),"~blog/default/blogs-tags-kube-page-3-9b4-list.json",53384],f8990407:[()=>n.e(34316).then(n.t.bind(n,51965,19)),"~blog/default/blogs-tags-pod-page-4-521-list.json",51965],f918b75b:[()=>n.e(41808).then(n.t.bind(n,39976,19)),"~blog/default/blogs-tags-restful-913.json",39976],f92f7190:[()=>n.e(79917).then(n.bind(n,1044)),"@site/blog/2019-07-29-new.md?truncated=true",1044],f98e13e4:[()=>n.e(24720).then(n.bind(n,74494)),"@site/blog/2019-11-12-F31-Control-Group-v2.md?truncated=true",74494],f9f60325:[()=>n.e(43570).then(n.bind(n,68638)),"@site/blog/2019-02-07-hack-and-tools.md",68638],fa02121a:[()=>n.e(90414).then(n.t.bind(n,2907,19)),"~blog/default/blogs-tags-automation-ad8.json",2907],fa5a4d6d:[()=>n.e(27339).then(n.bind(n,58987)),"@site/blog/2019-11-08-new.md?truncated=true",58987],fae58180:[()=>n.e(54400).then(n.bind(n,41065)),"@site/blog/2019-11-13-lease-routable-ip-addrs.md",41065],fb22e237:[()=>n.e(59694).then(n.t.bind(n,73558,19)),"~blog/default/blogs-tags-networking-page-2-2f5.json",73558],fb52e9b8:[()=>n.e(31301).then(n.bind(n,39094)),"@site/blog/2020-12-07-new.md?truncated=true",39094],fb6543cb:[()=>n.e(41550).then(n.bind(n,24083)),"@site/blog/2018-09-10-welcome.md",24083],fb6c00a7:[()=>n.e(38429).then(n.t.bind(n,61578,19)),"~blog/default/blogs-tags-podman-8be.json",61578],fb6d9ef4:[()=>n.e(72985).then(n.t.bind(n,55349,19)),"~blog/default/blogs-tags-rest-6c0-list.json",55349],fbb59325:[()=>n.e(7402).then(n.bind(n,92217)),"@site/blog/2019-08-08-new.md",92217],fbc46c8d:[()=>n.e(28528).then(n.t.bind(n,78320,19)),"~blog/default/blogs-tags-hpc-page-3-fbc-list.json",78320],fbf5a5bc:[()=>n.e(25618).then(n.bind(n,62701)),"@site/blog/2019-04-22-health.md?truncated=true",62701],fc05bc09:[()=>n.e(73407).then(n.bind(n,59976)),"@site/blog/2020-08-24-new.md?truncated=true",59976],fc06a125:[()=>n.e(14873).then(n.bind(n,57544)),"@site/blog/2020-07-07-new.md?truncated=true",57544],fc150fa2:[()=>n.e(76311).then(n.t.bind(n,12447,19)),"~blog/default/blogs-tags-images-page-4-273.json",12447],fc1959c7:[()=>n.e(79694).then(n.bind(n,20705)),"@site/blog/2018-08-15-python-support-for-podman.md",20705],fc1fe8cd:[()=>n.e(1310).then(n.bind(n,53464)),"@site/blog/2019-08-22-podman-tech-preview.md?truncated=true",53464],fc3f47a8:[()=>n.e(63998).then(n.bind(n,4743)),"@site/blog/2020-03-02-new.md?truncated=true",4743],fce9c71b:[()=>n.e(68493).then(n.bind(n,33527)),"@site/blog/2020-04-04-new.md",33527],fd333703:[()=>n.e(76496).then(n.bind(n,20562)),"@site/blog/2019-10-15-new.md",20562],fd8b739b:[()=>n.e(81821).then(n.t.bind(n,88022,19)),"~blog/default/blogs-tags-v-2-page-10-6f9.json",88022],fda8821a:[()=>n.e(71916).then(n.bind(n,59195)),"@site/blog/2019-11-08-new.md",59195],fdfb486c:[()=>n.e(20111).then(n.bind(n,21898)),"@site/blog/2019-10-15-generate-seccomp-profiles.md?truncated=true",21898],fe92c3c8:[()=>n.e(26780).then(n.t.bind(n,61712,19)),"~blog/default/blogs-tags-api-page-5-b48-list.json",61712],feb1236d:[()=>n.e(46947).then(n.t.bind(n,59192,19)),"~blog/default/blogs-page-8-454.json",59192],fec5c7d4:[()=>n.e(21715).then(n.bind(n,41649)),"@site/blog/2020-05-06-podman-in-french.md?truncated=true",41649],ff75e0ee:[()=>n.e(69423).then(n.bind(n,85601)),"@site/blog/2018-06-04-podman-alpha-v0.6.1.md?truncated=true",85601],ff85a2bf:[()=>n.e(52182).then(n.bind(n,67941)),"@site/blog/2021-05-04-new.md?truncated=true",67941]};function l(e){let{error:t,retry:n,pastDelay:a}=e;return t?o.createElement("div",{style:{textAlign:"center",color:"#fff",backgroundColor:"#fa383e",borderColor:"#fa383e",borderStyle:"solid",borderRadius:"0.25rem",borderWidth:"1px",boxSizing:"border-box",display:"block",padding:"1rem",flex:"0 0 50%",marginLeft:"25%",marginRight:"25%",marginTop:"5rem",maxWidth:"50%",width:"100%"}},o.createElement("p",null,String(t)),o.createElement("div",null,o.createElement("button",{type:"button",onClick:n},"Retry"))):a?o.createElement("div",{style:{display:"flex",justifyContent:"center",alignItems:"center",height:"100vh"}},o.createElement("svg",{id:"loader",style:{width:128,height:110,position:"absolute",top:"calc(100vh - 64%)"},viewBox:"0 0 45 45",xmlns:"http://www.w3.org/2000/svg",stroke:"#61dafb"},o.createElement("g",{fill:"none",fillRule:"evenodd",transform:"translate(1 1)",strokeWidth:"2"},o.createElement("circle",{cx:"22",cy:"22",r:"6",strokeOpacity:"0"},o.createElement("animate",{attributeName:"r",begin:"1.5s",dur:"3s",values:"6;22",calcMode:"linear",repeatCount:"indefinite"}),o.createElement("animate",{attributeName:"stroke-opacity",begin:"1.5s",dur:"3s",values:"1;0",calcMode:"linear",repeatCount:"indefinite"}),o.createElement("animate",{attributeName:"stroke-width",begin:"1.5s",dur:"3s",values:"2;0",calcMode:"linear",repeatCount:"indefinite"})),o.createElement("circle",{cx:"22",cy:"22",r:"6",strokeOpacity:"0"},o.createElement("animate",{attributeName:"r",begin:"3s",dur:"3s",values:"6;22",calcMode:"linear",repeatCount:"indefinite"}),o.createElement("animate",{attributeName:"stroke-opacity",begin:"3s",dur:"3s",values:"1;0",calcMode:"linear",repeatCount:"indefinite"}),o.createElement("animate",{attributeName:"stroke-width",begin:"3s",dur:"3s",values:"2;0",calcMode:"linear",repeatCount:"indefinite"})),o.createElement("circle",{cx:"22",cy:"22",r:"8"},o.createElement("animate",{attributeName:"r",begin:"0s",dur:"1.5s",values:"6;1;2;3;4;5;6",calcMode:"linear",repeatCount:"indefinite"}))))):null}var d=n(99670),u=n(30226);function b(e,t){if("*"===e)return r()({loading:l,loader:()=>Promise.all([n.e(40532),n.e(20486)]).then(n.bind(n,20486)),modules:["@theme/NotFound"],webpack:()=>[20486],render(e,t){const n=e.default;return o.createElement(u.z,{value:{plugin:{name:"native",id:"default"}}},o.createElement(n,t))}});const c=i[`${e}-${t}`],b={},g=[],f=[],p=(0,d.Z)(c);return Object.entries(p).forEach((e=>{let[t,n]=e;const o=s[n];o&&(b[t]=o[0],g.push(o[1]),f.push(o[2]))})),r().Map({loading:l,loader:b,modules:g,webpack:()=>f,render(t,n){const r=JSON.parse(JSON.stringify(c));Object.entries(t).forEach((t=>{let[n,o]=t;const a=o.default;if(!a)throw new Error(`The page component at ${e} doesn't have a default export. This makes it impossible to render anything. Consider default-exporting a React component.`);"object"!=typeof a&&"function"!=typeof a||Object.keys(o).filter((e=>"default"!==e)).forEach((e=>{a[e]=o[e]}));let c=r;const i=n.split(".");i.slice(0,-1).forEach((e=>{c=c[e]})),c[i[i.length-1]]=a}));const i=r.__comp;delete r.__comp;const s=r.__context;return delete r.__context,o.createElement(u.z,{value:s},o.createElement(i,(0,a.Z)({},r,n)))}})}const g=[{path:"/blogs",component:b("/blogs","6fe"),exact:!0},{path:"/blogs/2018/06/04/podman-alpha-v0.6.1",component:b("/blogs/2018/06/04/podman-alpha-v0.6.1","fce"),exact:!0},{path:"/blogs/2018/07/02/podman-alpha-v0.6.4",component:b("/blogs/2018/07/02/podman-alpha-v0.6.4","74e"),exact:!0},{path:"/blogs/2018/07/09/podman-alpha-v0.7.1",component:b("/blogs/2018/07/09/podman-alpha-v0.7.1","046"),exact:!0},{path:"/blogs/2018/07/16/podman-alpha-v0.7.2",component:b("/blogs/2018/07/16/podman-alpha-v0.7.2","296"),exact:!0},{path:"/blogs/2018/08/08/podman-alpha-v0.8.1",component:b("/blogs/2018/08/08/podman-alpha-v0.8.1","8e8"),exact:!0},{path:"/blogs/2018/08/15/python-support-for-podman",component:b("/blogs/2018/08/15/python-support-for-podman","d61"),exact:!0},{path:"/blogs/2018/08/20/podman-alpha-v0.8.3",component:b("/blogs/2018/08/20/podman-alpha-v0.8.3","bac"),exact:!0},{path:"/blogs/2018/09/10/welcome",component:b("/blogs/2018/09/10/welcome","a68"),exact:!0},{path:"/blogs/2018/09/13/systemd",component:b("/blogs/2018/09/13/systemd","1ed"),exact:!0},{path:"/blogs/2018/09/25/pulling-images-from-docker",component:b("/blogs/2018/09/25/pulling-images-from-docker","36a"),exact:!0},{path:"/blogs/2018/10/01/talk-replace-docker-with-podman",component:b("/blogs/2018/10/01/talk-replace-docker-with-podman","4c3"),exact:!0},{path:"/blogs/2018/10/03/podman-remove-content-homedir",component:b("/blogs/2018/10/03/podman-remove-content-homedir","097"),exact:!0},{path:"/blogs/2018/10/04/selinux-libvirt",component:b("/blogs/2018/10/04/selinux-libvirt","c28"),exact:!0},{path:"/blogs/2018/10/05/tripleo-systemd",component:b("/blogs/2018/10/05/tripleo-systemd","314"),exact:!0},{path:"/blogs/2018/10/05/tripleo-undercloud",component:b("/blogs/2018/10/05/tripleo-undercloud","582"),exact:!0},{path:"/blogs/2018/10/07/tripleo-upgrade",component:b("/blogs/2018/10/07/tripleo-upgrade","cff"),exact:!0},{path:"/blogs/2018/10/10/checkpoint-restore",component:b("/blogs/2018/10/10/checkpoint-restore","bfa"),exact:!0},{path:"/blogs/2018/10/31/podman-buildah-relationship",component:b("/blogs/2018/10/31/podman-buildah-relationship","c65"),exact:!0},{path:"/blogs/2018/11/01/talk-state_of_container_technologies",component:b("/blogs/2018/11/01/talk-state_of_container_technologies","2d2"),exact:!0},{path:"/blogs/2018/11/19/build_libpod-container-images",component:b("/blogs/2018/11/19/build_libpod-container-images","e89"),exact:!0},{path:"/blogs/2018/11/27/podman-exists",component:b("/blogs/2018/11/27/podman-exists","345"),exact:!0},{path:"/blogs/2018/12/03/podman-runlabel",component:b("/blogs/2018/12/03/podman-runlabel","1a3"),exact:!0},{path:"/blogs/2018/12/12/podman-alpha-v0.12.1.1",component:b("/blogs/2018/12/12/podman-alpha-v0.12.1.1","350"),exact:!0},{path:"/blogs/2018/12/14/openstack-podman-healthchecks",component:b("/blogs/2018/12/14/openstack-podman-healthchecks","a09"),exact:!0},{path:"/blogs/2019/01/07/software-factory-podman",component:b("/blogs/2019/01/07/software-factory-podman","d26"),exact:!0},{path:"/blogs/2019/01/08/rhel-8-and-podman",component:b("/blogs/2019/01/08/rhel-8-and-podman","9ef"),exact:!0},{path:"/blogs/2019/01/14/podman-machine-and-boot2podman",component:b("/blogs/2019/01/14/podman-machine-and-boot2podman","d76"),exact:!0},{path:"/blogs/2019/01/15/podman-pods",component:b("/blogs/2019/01/15/podman-pods","593"),exact:!0},{path:"/blogs/2019/01/16/podman-release-v1.0.0",component:b("/blogs/2019/01/16/podman-release-v1.0.0","b7d"),exact:!0},{path:"/blogs/2019/01/16/podman-varlink",component:b("/blogs/2019/01/16/podman-varlink","09e"),exact:!0},{path:"/blogs/2019/02/07/hack-and-tools",component:b("/blogs/2019/02/07/hack-and-tools","e15"),exact:!0},{path:"/blogs/2019/02/21/pandb-4-users",component:b("/blogs/2019/02/21/pandb-4-users","2f7"),exact:!0},{path:"/blogs/2019/03/16/podman-install",component:b("/blogs/2019/03/16/podman-install","7c5"),exact:!0},{path:"/blogs/2019/03/18/CI3",component:b("/blogs/2019/03/18/CI3","d1b"),exact:!0},{path:"/blogs/2019/03/22/podman-made-easy",component:b("/blogs/2019/03/22/podman-made-easy","3b8"),exact:!0},{path:"/blogs/2019/04/01/podman-crosswords",component:b("/blogs/2019/04/01/podman-crosswords","3b2"),exact:!0},{path:"/blogs/2019/04/16/cinc",component:b("/blogs/2019/04/16/cinc","30f"),exact:!0},{path:"/blogs/2019/04/22/health",component:b("/blogs/2019/04/22/health","3c5"),exact:!0},{path:"/blogs/2019/05/18/micro-dnf",component:b("/blogs/2019/05/18/micro-dnf","aff"),exact:!0},{path:"/blogs/2019/05/24/podman-made-easy2",component:b("/blogs/2019/05/24/podman-made-easy2","b45"),exact:!0},{path:"/blogs/2019/06/13/new",component:b("/blogs/2019/06/13/new","730"),exact:!0},{path:"/blogs/2019/06/13/podman-cheatsheet",component:b("/blogs/2019/06/13/podman-cheatsheet","fb5"),exact:!0},{path:"/blogs/2019/06/17/mailinglist",component:b("/blogs/2019/06/17/mailinglist","17b"),exact:!0},{path:"/blogs/2019/06/17/new",component:b("/blogs/2019/06/17/new","444"),exact:!0},{path:"/blogs/2019/06/19/new",component:b("/blogs/2019/06/19/new","84b"),exact:!0},{path:"/blogs/2019/06/19/ondemand-course",component:b("/blogs/2019/06/19/ondemand-course","936"),exact:!0},{path:"/blogs/2019/06/26/new",component:b("/blogs/2019/06/26/new","91f"),exact:!0},{path:"/blogs/2019/06/26/replace-docker-with-podman",component:b("/blogs/2019/06/26/replace-docker-with-podman","860"),exact:!0},{path:"/blogs/2019/07/06/new",component:b("/blogs/2019/07/06/new","015"),exact:!0},{path:"/blogs/2019/07/06/ruby",component:b("/blogs/2019/07/06/ruby","7b1"),exact:!0},{path:"/blogs/2019/07/29/new",component:b("/blogs/2019/07/29/new","eef"),exact:!0},{path:"/blogs/2019/07/29/podman-made-easy3",component:b("/blogs/2019/07/29/podman-made-easy3","cfa"),exact:!0},{path:"/blogs/2019/08/08/new",component:b("/blogs/2019/08/08/new","c5d"),exact:!0},{path:"/blogs/2019/08/08/podman-images",component:b("/blogs/2019/08/08/podman-images","e7b"),exact:!0},{path:"/blogs/2019/08/10/new",component:b("/blogs/2019/08/10/new","df1"),exact:!0},{path:"/blogs/2019/08/10/podman-ibm-developer",component:b("/blogs/2019/08/10/podman-ibm-developer","a0a"),exact:!0},{path:"/blogs/2019/08/14/new",component:b("/blogs/2019/08/14/new","a35"),exact:!0},{path:"/blogs/2019/08/22/new",component:b("/blogs/2019/08/22/new","b44"),exact:!0},{path:"/blogs/2019/08/22/podman-tech-preview",component:b("/blogs/2019/08/22/podman-tech-preview","0f1"),exact:!0},{path:"/blogs/2019/08/23/new",component:b("/blogs/2019/08/23/new","a4b"),exact:!0},{path:"/blogs/2019/08/23/podman-en-espanol",component:b("/blogs/2019/08/23/podman-en-espanol","5f3"),exact:!0},{path:"/blogs/2019/08/28/buildah-in-containers",component:b("/blogs/2019/08/28/buildah-in-containers","e71"),exact:!0},{path:"/blogs/2019/08/28/new",component:b("/blogs/2019/08/28/new","7b7"),exact:!0},{path:"/blogs/2019/09/11/new",component:b("/blogs/2019/09/11/new","ec9"),exact:!0},{path:"/blogs/2019/09/11/rootless-pulling",component:b("/blogs/2019/09/11/rootless-pulling","532"),exact:!0},{path:"/blogs/2019/09/25/new",component:b("/blogs/2019/09/25/new","089"),exact:!0},{path:"/blogs/2019/09/26/podman-in-hpc",component:b("/blogs/2019/09/26/podman-in-hpc","787"),exact:!0},{path:"/blogs/2019/10/02/container-networking",component:b("/blogs/2019/10/02/container-networking","673"),exact:!0},{path:"/blogs/2019/10/02/new",component:b("/blogs/2019/10/02/new","e07"),exact:!0},{path:"/blogs/2019/10/14/1-new",component:b("/blogs/2019/10/14/1-new","7af"),exact:!0},{path:"/blogs/2019/10/14/2-new",component:b("/blogs/2019/10/14/2-new","32f"),exact:!0},{path:"/blogs/2019/10/14/docker-vs-podman-security",component:b("/blogs/2019/10/14/docker-vs-podman-security","2af"),exact:!0},{path:"/blogs/2019/10/14/SayHello",component:b("/blogs/2019/10/14/SayHello","5b7"),exact:!0},{path:"/blogs/2019/10/15/generate-seccomp-profiles",component:b("/blogs/2019/10/15/generate-seccomp-profiles","3ce"),exact:!0},{path:"/blogs/2019/10/15/new",component:b("/blogs/2019/10/15/new","a98"),exact:!0},{path:"/blogs/2019/10/23/new",component:b("/blogs/2019/10/23/new","ca1"),exact:!0},{path:"/blogs/2019/10/23/Perona-PMM",component:b("/blogs/2019/10/23/Perona-PMM","f2f"),exact:!0},{path:"/blogs/2019/10/28/new",component:b("/blogs/2019/10/28/new","bdd"),exact:!0},{path:"/blogs/2019/10/28/podman-with-nfs",component:b("/blogs/2019/10/28/podman-with-nfs","4bb"),exact:!0},{path:"/blogs/2019/10/29/new",component:b("/blogs/2019/10/29/new","561"),exact:!0},{path:"/blogs/2019/10/29/podman-crun-f31",component:b("/blogs/2019/10/29/podman-crun-f31","9f6"),exact:!0},{path:"/blogs/2019/10/31/cgroupv2",component:b("/blogs/2019/10/31/cgroupv2","788"),exact:!0},{path:"/blogs/2019/10/31/new",component:b("/blogs/2019/10/31/new","e1a"),exact:!0},{path:"/blogs/2019/11/05/docker2podman",component:b("/blogs/2019/11/05/docker2podman","ea8"),exact:!0},{path:"/blogs/2019/11/05/new",component:b("/blogs/2019/11/05/new","426"),exact:!0},{path:"/blogs/2019/11/07/basic-security-principles",component:b("/blogs/2019/11/07/basic-security-principles","04a"),exact:!0},{path:"/blogs/2019/11/07/new",component:b("/blogs/2019/11/07/new","797"),exact:!0},{path:"/blogs/2019/11/08/build-ctrs-with-open-tools",component:b("/blogs/2019/11/08/build-ctrs-with-open-tools","629"),exact:!0},{path:"/blogs/2019/11/08/new",component:b("/blogs/2019/11/08/new","bc5"),exact:!0},{path:"/blogs/2019/11/12/F31-Control-Group-v2",component:b("/blogs/2019/11/12/F31-Control-Group-v2","004"),exact:!0},{path:"/blogs/2019/11/12/new",component:b("/blogs/2019/11/12/new","c41"),exact:!0},{path:"/blogs/2019/11/13/lease-routable-ip-addrs",component:b("/blogs/2019/11/13/lease-routable-ip-addrs","de5"),exact:!0},{path:"/blogs/2019/11/13/new",component:b("/blogs/2019/11/13/new","cae"),exact:!0},{path:"/blogs/2019/11/20/new",component:b("/blogs/2019/11/20/new","d2b"),exact:!0},{path:"/blogs/2019/11/20/run-podman-on-debian",component:b("/blogs/2019/11/20/run-podman-on-debian","7d9"),exact:!0},{path:"/blogs/2019/11/26/new",component:b("/blogs/2019/11/26/new","8d5"),exact:!0},{path:"/blogs/2019/11/26/rootless-podman-and-nfs",component:b("/blogs/2019/11/26/rootless-podman-and-nfs","856"),exact:!0},{path:"/blogs/2019/12/11/new",component:b("/blogs/2019/12/11/new","1e9"),exact:!0},{path:"/blogs/2019/12/11/understanding-root",component:b("/blogs/2019/12/11/understanding-root","bf8"),exact:!0},{path:"/blogs/2019/12/14/new",component:b("/blogs/2019/12/14/new","ba3"),exact:!0},{path:"/blogs/2019/12/14/rhel8-podman",component:b("/blogs/2019/12/14/rhel8-podman","9cb"),exact:!0},{path:"/blogs/2019/12/17/new",component:b("/blogs/2019/12/17/new","92f"),exact:!0},{path:"/blogs/2019/12/17/podman-systemd-1-7",component:b("/blogs/2019/12/17/podman-systemd-1-7","1c8"),exact:!0},{path:"/blogs/2020/01/15/bioinformatics-with-rootless-podman",component:b("/blogs/2020/01/15/bioinformatics-with-rootless-podman","4c9"),exact:!0},{path:"/blogs/2020/01/15/new",component:b("/blogs/2020/01/15/new","ef8"),exact:!0},{path:"/blogs/2020/01/17/new",component:b("/blogs/2020/01/17/new","50e"),exact:!0},{path:"/blogs/2020/01/17/podman-new-api",component:b("/blogs/2020/01/17/podman-new-api","9bd"),exact:!0},{path:"/blogs/2020/01/22/blog-posts",component:b("/blogs/2020/01/22/blog-posts","5d3"),exact:!0},{path:"/blogs/2020/01/22/new",component:b("/blogs/2020/01/22/new","fae"),exact:!0},{path:"/blogs/2020/01/30/new",component:b("/blogs/2020/01/30/new","dce"),exact:!0},{path:"/blogs/2020/01/30/podman-wsl",component:b("/blogs/2020/01/30/podman-wsl","b12"),exact:!0},{path:"/blogs/2020/02/06/deploy-pod-on-centos",component:b("/blogs/2020/02/06/deploy-pod-on-centos","431"),exact:!0},{path:"/blogs/2020/02/06/new",component:b("/blogs/2020/02/06/new","b74"),exact:!0},{path:"/blogs/2020/02/07/new",component:b("/blogs/2020/02/07/new","0d2"),exact:!0},{path:"/blogs/2020/02/07/secure-containers",component:b("/blogs/2020/02/07/secure-containers","6e6"),exact:!0},{path:"/blogs/2020/03/02/building-with-podman-and-buildah",component:b("/blogs/2020/03/02/building-with-podman-and-buildah","c78"),exact:!0},{path:"/blogs/2020/03/02/new",component:b("/blogs/2020/03/02/new","3f5"),exact:!0},{path:"/blogs/2020/03/03/behind-the-covers",component:b("/blogs/2020/03/03/behind-the-covers","4c4"),exact:!0},{path:"/blogs/2020/03/03/new",component:b("/blogs/2020/03/03/new","66e"),exact:!0},{path:"/blogs/2020/03/13/image-signing",component:b("/blogs/2020/03/13/image-signing","633"),exact:!0},{path:"/blogs/2020/03/31/build-pull-options",component:b("/blogs/2020/03/31/build-pull-options","89b"),exact:!0},{path:"/blogs/2020/03/31/new",component:b("/blogs/2020/03/31/new","4d3"),exact:!0},{path:"/blogs/2020/04/04/convert-docker-compose-to-pods",component:b("/blogs/2020/04/04/convert-docker-compose-to-pods","554"),exact:!0},{path:"/blogs/2020/04/04/new",component:b("/blogs/2020/04/04/new","ded"),exact:!0},{path:"/blogs/2020/04/05/managing-podman-pods-with-pods-compose",component:b("/blogs/2020/04/05/managing-podman-pods-with-pods-compose","16f"),exact:!0},{path:"/blogs/2020/04/05/new",component:b("/blogs/2020/04/05/new","8aa"),exact:!0},{path:"/blogs/2020/04/14/new",component:b("/blogs/2020/04/14/new","284"),exact:!0},{path:"/blogs/2020/04/14/podman-systemd",component:b("/blogs/2020/04/14/podman-systemd","3b4"),exact:!0},{path:"/blogs/2020/04/16/new",component:b("/blogs/2020/04/16/new","11d"),exact:!0},{path:"/blogs/2020/04/16/podman-v2-announce",component:b("/blogs/2020/04/16/podman-v2-announce","b5e"),exact:!0},{path:"/blogs/2020/04/17/new",component:b("/blogs/2020/04/17/new","f94"),exact:!0},{path:"/blogs/2020/05/06/new",component:b("/blogs/2020/05/06/new","1bf"),exact:!0},{path:"/blogs/2020/05/06/podman-in-french",component:b("/blogs/2020/05/06/podman-in-french","c2a"),exact:!0},{path:"/blogs/2020/05/13/new",component:b("/blogs/2020/05/13/new","7b9"),exact:!0},{path:"/blogs/2020/05/13/podman-v2-update",component:b("/blogs/2020/05/13/podman-v2-update","c49"),exact:!0},{path:"/blogs/2020/06/29/new",component:b("/blogs/2020/06/29/new","b16"),exact:!0},{path:"/blogs/2020/06/29/podman-v2-announce",component:b("/blogs/2020/06/29/podman-v2-announce","5b5"),exact:!0},{path:"/blogs/2020/07/01/new",component:b("/blogs/2020/07/01/new","93b"),exact:!0},{path:"/blogs/2020/07/01/rest-versioning",component:b("/blogs/2020/07/01/rest-versioning","cdf"),exact:!0},{path:"/blogs/2020/07/07/new",component:b("/blogs/2020/07/07/new","654"),exact:!0},{path:"/blogs/2020/07/07/repo-rename",component:b("/blogs/2020/07/07/repo-rename","46d"),exact:!0},{path:"/blogs/2020/07/16/new",component:b("/blogs/2020/07/16/new","c2f"),exact:!0},{path:"/blogs/2020/07/16/podman-and-cron",component:b("/blogs/2020/07/16/podman-and-cron","beb"),exact:!0},{path:"/blogs/2020/07/17/additional-image-stores",component:b("/blogs/2020/07/17/additional-image-stores","d62"),exact:!0},{path:"/blogs/2020/07/17/new",component:b("/blogs/2020/07/17/new","673"),exact:!0},{path:"/blogs/2020/07/18/new",component:b("/blogs/2020/07/18/new","d09"),exact:!0},{path:"/blogs/2020/07/18/speed-up-build-with-overlayfs",component:b("/blogs/2020/07/18/speed-up-build-with-overlayfs","141"),exact:!0},{path:"/blogs/2020/08/01/deprecate-and-remove-varlink-notice",component:b("/blogs/2020/08/01/deprecate-and-remove-varlink-notice","47f"),exact:!0},{path:"/blogs/2020/08/01/new",component:b("/blogs/2020/08/01/new","320"),exact:!0},{path:"/blogs/2020/08/02/new",component:b("/blogs/2020/08/02/new","4f5"),exact:!0},{path:"/blogs/2020/08/02/systemd-integration-v2",component:b("/blogs/2020/08/02/systemd-integration-v2","110"),exact:!0},{path:"/blogs/2020/08/10/new",component:b("/blogs/2020/08/10/new","3e4"),exact:!0},{path:"/blogs/2020/08/10/podman-go-bindings",component:b("/blogs/2020/08/10/podman-go-bindings","27a"),exact:!0},{path:"/blogs/2020/08/11/migrate-from-docker-compose",component:b("/blogs/2020/08/11/migrate-from-docker-compose","8f7"),exact:!0},{path:"/blogs/2020/08/11/new",component:b("/blogs/2020/08/11/new","99e"),exact:!0},{path:"/blogs/2020/08/13/new",component:b("/blogs/2020/08/13/new","b33"),exact:!0},{path:"/blogs/2020/08/13/walk-through",component:b("/blogs/2020/08/13/walk-through","a05"),exact:!0},{path:"/blogs/2020/08/17/work-the-problems",component:b("/blogs/2020/08/17/work-the-problems","11d"),exact:!0},{path:"/blogs/2020/08/21/new",component:b("/blogs/2020/08/21/new","874"),exact:!0},{path:"/blogs/2020/08/21/rootless-separation-openscap",component:b("/blogs/2020/08/21/rootless-separation-openscap","7d8"),exact:!0},{path:"/blogs/2020/08/24/container-time",component:b("/blogs/2020/08/24/container-time","3a0"),exact:!0},{path:"/blogs/2020/08/24/new",component:b("/blogs/2020/08/24/new","240"),exact:!0},{path:"/blogs/2020/08/31/new",component:b("/blogs/2020/08/31/new","c99"),exact:!0},{path:"/blogs/2020/08/31/podman-and-kubernetes",component:b("/blogs/2020/08/31/podman-and-kubernetes","2ca"),exact:!0},{path:"/blogs/2020/09/02/new",component:b("/blogs/2020/09/02/new","2eb"),exact:!0},{path:"/blogs/2020/09/02/running_windows_or_mac",component:b("/blogs/2020/09/02/running_windows_or_mac","fda"),exact:!0},{path:"/blogs/2020/09/18/multi-blog-posts",component:b("/blogs/2020/09/18/multi-blog-posts","0e9"),exact:!0},{path:"/blogs/2020/09/18/new",component:b("/blogs/2020/09/18/new","c71"),exact:!0},{path:"/blogs/2020/09/22/security",component:b("/blogs/2020/09/22/security","ff7"),exact:!0},{path:"/blogs/2020/09/28/devconf-ctr-tech",component:b("/blogs/2020/09/28/devconf-ctr-tech","741"),exact:!0},{path:"/blogs/2020/09/28/new",component:b("/blogs/2020/09/28/new","db8"),exact:!0},{path:"/blogs/2020/09/30/new",component:b("/blogs/2020/09/30/new","792"),exact:!0},{path:"/blogs/2020/09/30/Oct-6-Agenda",component:b("/blogs/2020/09/30/Oct-6-Agenda","344"),exact:!0},{path:"/blogs/2020/10/05/new",component:b("/blogs/2020/10/05/new","6af"),exact:!0},{path:"/blogs/2020/10/17/expoloring-restful-api",component:b("/blogs/2020/10/17/expoloring-restful-api","3b3"),exact:!0},{path:"/blogs/2020/10/17/new",component:b("/blogs/2020/10/17/new","321"),exact:!0},{path:"/blogs/2020/11/13/gitlab-runner-and-podman",component:b("/blogs/2020/11/13/gitlab-runner-and-podman","e7c"),exact:!0},{path:"/blogs/2020/11/13/new",component:b("/blogs/2020/11/13/new","549"),exact:!0},{path:"/blogs/2020/12/01/new",component:b("/blogs/2020/12/01/new","179"),exact:!0},{path:"/blogs/2020/12/01/short-container-names",component:b("/blogs/2020/12/01/short-container-names","1d5"),exact:!0},{path:"/blogs/2020/12/07/new",component:b("/blogs/2020/12/07/new","ff9"),exact:!0},{path:"/blogs/2020/12/07/podman-posts-of-interests",component:b("/blogs/2020/12/07/podman-posts-of-interests","680"),exact:!0},{path:"/blogs/2020/12/09/new",component:b("/blogs/2020/12/09/new","9d5"),exact:!0},{path:"/blogs/2020/12/09/podman-systemd-demo",component:b("/blogs/2020/12/09/podman-systemd-demo","a65"),exact:!0},{path:"/blogs/2020/12/11/new",component:b("/blogs/2020/12/11/new","e3b"),exact:!0},{path:"/blogs/2020/12/11/remove-varlink-libpod-conf-notice",component:b("/blogs/2020/12/11/remove-varlink-libpod-conf-notice","2c9"),exact:!0},{path:"/blogs/2020/12/14/new",component:b("/blogs/2020/12/14/new","902"),exact:!0},{path:"/blogs/2020/12/22/behind-container-images",component:b("/blogs/2020/12/22/behind-container-images","782"),exact:!0},{path:"/blogs/2020/12/22/new",component:b("/blogs/2020/12/22/new","cfa"),exact:!0},{path:"/blogs/2020/12/23/containers-com-podman",component:b("/blogs/2020/12/23/containers-com-podman","292"),exact:!0},{path:"/blogs/2020/12/23/new",component:b("/blogs/2020/12/23/new","18d"),exact:!0},{path:"/blogs/2021/01/11/new",component:b("/blogs/2021/01/11/new","c18"),exact:!0},{path:"/blogs/2021/01/11/podman-compose",component:b("/blogs/2021/01/11/podman-compose","659"),exact:!0},{path:"/blogs/2021/01/15/managing-pods",component:b("/blogs/2021/01/15/managing-pods","840"),exact:!0},{path:"/blogs/2021/01/15/new",component:b("/blogs/2021/01/15/new","39b"),exact:!0},{path:"/blogs/2021/01/23/new",component:b("/blogs/2021/01/23/new","dd3"),exact:!0},{path:"/blogs/2021/01/23/podman-posts-of-interests",component:b("/blogs/2021/01/23/podman-posts-of-interests","cd1"),exact:!0},{path:"/blogs/2021/01/26/docker-compose-to-podman",component:b("/blogs/2021/01/26/docker-compose-to-podman","d38"),exact:!0},{path:"/blogs/2021/01/26/new",component:b("/blogs/2021/01/26/new","070"),exact:!0},{path:"/blogs/2021/02/08/easy-development-dependency-management-with-podman-and-tent",component:b("/blogs/2021/02/08/easy-development-dependency-management-with-podman-and-tent","713"),exact:!0},{path:"/blogs/2021/02/08/new",component:b("/blogs/2021/02/08/new","bd9"),exact:!0},{path:"/blogs/2021/03/02/podman-support-for-older-distros",component:b("/blogs/2021/03/02/podman-support-for-older-distros","474"),exact:!0},{path:"/blogs/2021/03/27/new",component:b("/blogs/2021/03/27/new","bd9"),exact:!0},{path:"/blogs/2021/03/27/podman-posts-of-interests",component:b("/blogs/2021/03/27/podman-posts-of-interests","d83"),exact:!0},{path:"/blogs/2021/04/02/new",component:b("/blogs/2021/04/02/new","a24"),exact:!0},{path:"/blogs/2021/05/04/new",component:b("/blogs/2021/05/04/new","d26"),exact:!0},{path:"/blogs/2021/05/04/star-wars-in-podman",component:b("/blogs/2021/05/04/star-wars-in-podman","a08"),exact:!0},{path:"/blogs/2021/05/26/new",component:b("/blogs/2021/05/26/new","953"),exact:!0},{path:"/blogs/2021/05/26/podman-3-compose",component:b("/blogs/2021/05/26/podman-3-compose","e8d"),exact:!0},{path:"/blogs/2021/06/13/new",component:b("/blogs/2021/06/13/new","3f6"),exact:!0},{path:"/blogs/2021/06/13/podman-posts-of-interests",component:b("/blogs/2021/06/13/podman-posts-of-interests","2c0"),exact:!0},{path:"/blogs/2021/06/16/install-podman-on-ubuntu",component:b("/blogs/2021/06/16/install-podman-on-ubuntu","8b2"),exact:!0},{path:"/blogs/2021/06/16/new",component:b("/blogs/2021/06/16/new","7de"),exact:!0},{path:"/blogs/2021/07/01/new",component:b("/blogs/2021/07/01/new","2ae"),exact:!0},{path:"/blogs/2021/07/01/podman-inside-kubernets",component:b("/blogs/2021/07/01/podman-inside-kubernets","bdf"),exact:!0},{path:"/blogs/2021/07/02/new",component:b("/blogs/2021/07/02/new","1af"),exact:!0},{path:"/blogs/2021/07/02/podman-inside-container",component:b("/blogs/2021/07/02/podman-inside-container","eba"),exact:!0},{path:"/blogs/2021/09/03/new",component:b("/blogs/2021/09/03/new","865"),exact:!0},{path:"/blogs/2021/09/03/podman-posts-of-interests",component:b("/blogs/2021/09/03/podman-posts-of-interests","c33"),exact:!0},{path:"/blogs/2021/09/06/new",component:b("/blogs/2021/09/06/new","dc0"),exact:!0},{path:"/blogs/2021/09/06/podman-on-macs",component:b("/blogs/2021/09/06/podman-on-macs","f5c"),exact:!0},{path:"/blogs/2021/10/04/m1macs",component:b("/blogs/2021/10/04/m1macs","4bf"),exact:!0},{path:"/blogs/2021/10/04/new",component:b("/blogs/2021/10/04/new","1d8"),exact:!0},{path:"/blogs/2021/10/11/multiarch",component:b("/blogs/2021/10/11/multiarch","8d0"),exact:!0},{path:"/blogs/2021/10/11/new",component:b("/blogs/2021/10/11/new","46c"),exact:!0},{path:"/blogs/2021/10/16/new",component:b("/blogs/2021/10/16/new","a4f"),exact:!0},{path:"/blogs/2021/10/16/sudo-with-rootless-podman",component:b("/blogs/2021/10/16/sudo-with-rootless-podman","ce2"),exact:!0},{path:"/blogs/2021/10/27/how-podman-runs-on-macs",component:b("/blogs/2021/10/27/how-podman-runs-on-macs","d68"),exact:!0},{path:"/blogs/2021/10/27/new",component:b("/blogs/2021/10/27/new","f93"),exact:!0},{path:"/blogs/2021/10/28/build-kubernetes-pods-with-podman-play-kube",component:b("/blogs/2021/10/28/build-kubernetes-pods-with-podman-play-kube","b69"),exact:!0},{path:"/blogs/2021/10/28/new",component:b("/blogs/2021/10/28/new","232"),exact:!0},{path:"/blogs/2022/02/04/network-usage",component:b("/blogs/2022/02/04/network-usage","bfe"),exact:!0},{path:"/blogs/2022/02/04/new",component:b("/blogs/2022/02/04/new","2d3"),exact:!0},{path:"/blogs/2022/02/22/new",component:b("/blogs/2022/02/22/new","20c"),exact:!0},{path:"/blogs/2022/03/06/new",component:b("/blogs/2022/03/06/new","1dd"),exact:!0},{path:"/blogs/2022/03/06/why_no_podman4_f35",component:b("/blogs/2022/03/06/why_no_podman4_f35","bbe"),exact:!0},{path:"/blogs/2022/03/15/new",component:b("/blogs/2022/03/15/new","6e5"),exact:!0},{path:"/blogs/2022/03/15/podman4.0.2brew",component:b("/blogs/2022/03/15/podman4.0.2brew","23a"),exact:!0},{path:"/blogs/2022/03/23/nvav1.0.2",component:b("/blogs/2022/03/23/nvav1.0.2","9b6"),exact:!0},{path:"/blogs/2022/04/05/new",component:b("/blogs/2022/04/05/new","76d"),exact:!0},{path:"/blogs/2022/04/05/ubuntu-2204-lts-kubic",component:b("/blogs/2022/04/05/ubuntu-2204-lts-kubic","266"),exact:!0},{path:"/blogs/2022/05/08/new",component:b("/blogs/2022/05/08/new","128"),exact:!0},{path:"/blogs/2022/05/08/podman-posts-of-interests",component:b("/blogs/2022/05/08/podman-posts-of-interests","f17"),exact:!0},{path:"/blogs/2022/05/09/new",component:b("/blogs/2022/05/09/new","b8b"),exact:!0},{path:"/blogs/2022/06/08/new",component:b("/blogs/2022/06/08/new","79f"),exact:!0},{path:"/blogs/2022/06/08/podman-on-windows",component:b("/blogs/2022/06/08/podman-on-windows","21c"),exact:!0},{path:"/blogs/2022/08/17/new",component:b("/blogs/2022/08/17/new","af7"),exact:!0},{path:"/blogs/2022/09/28/updated-1.2.0",component:b("/blogs/2022/09/28/updated-1.2.0","43d"),exact:!0},{path:"/blogs/2022/10/03/debbuild",component:b("/blogs/2022/10/03/debbuild","a3f"),exact:!0},{path:"/blogs/2022/10/03/new",component:b("/blogs/2022/10/03/new","845"),exact:!0},{path:"/blogs/2022/10/12/new",component:b("/blogs/2022/10/12/new","07a"),exact:!0},{path:"/blogs/2022/10/12/podman-posts-of-interests",component:b("/blogs/2022/10/12/podman-posts-of-interests","dec"),exact:!0},{path:"/blogs/2022/10/22/new",component:b("/blogs/2022/10/22/new","7b6"),exact:!0},{path:"/blogs/2022/11/11/nvav1.3",component:b("/blogs/2022/11/11/nvav1.3","2ae"),exact:!0},{path:"/blogs/2022/12/07/new",component:b("/blogs/2022/12/07/new","b7d"),exact:!0},{path:"/blogs/archive",component:b("/blogs/archive","c77"),exact:!0},{path:"/blogs/page/10",component:b("/blogs/page/10","c34"),exact:!0},{path:"/blogs/page/11",component:b("/blogs/page/11","697"),exact:!0},{path:"/blogs/page/12",component:b("/blogs/page/12","409"),exact:!0},{path:"/blogs/page/13",component:b("/blogs/page/13","caf"),exact:!0},{path:"/blogs/page/14",component:b("/blogs/page/14","042"),exact:!0},{path:"/blogs/page/15",component:b("/blogs/page/15","e5d"),exact:!0},{path:"/blogs/page/16",component:b("/blogs/page/16","aad"),exact:!0},{path:"/blogs/page/17",component:b("/blogs/page/17","fa7"),exact:!0},{path:"/blogs/page/18",component:b("/blogs/page/18","46c"),exact:!0},{path:"/blogs/page/19",component:b("/blogs/page/19","feb"),exact:!0},{path:"/blogs/page/2",component:b("/blogs/page/2","bec"),exact:!0},{path:"/blogs/page/20",component:b("/blogs/page/20","7b2"),exact:!0},{path:"/blogs/page/21",component:b("/blogs/page/21","224"),exact:!0},{path:"/blogs/page/22",component:b("/blogs/page/22","6f4"),exact:!0},{path:"/blogs/page/23",component:b("/blogs/page/23","c9b"),exact:!0},{path:"/blogs/page/24",component:b("/blogs/page/24","cb0"),exact:!0},{path:"/blogs/page/25",component:b("/blogs/page/25","ca0"),exact:!0},{path:"/blogs/page/26",component:b("/blogs/page/26","641"),exact:!0},{path:"/blogs/page/3",component:b("/blogs/page/3","3e6"),exact:!0},{path:"/blogs/page/4",component:b("/blogs/page/4","0a8"),exact:!0},{path:"/blogs/page/5",component:b("/blogs/page/5","954"),exact:!0},{path:"/blogs/page/6",component:b("/blogs/page/6","a29"),exact:!0},{path:"/blogs/page/7",component:b("/blogs/page/7","fc1"),exact:!0},{path:"/blogs/page/8",component:b("/blogs/page/8","7ee"),exact:!0},{path:"/blogs/page/9",component:b("/blogs/page/9","27a"),exact:!0},{path:"/blogs/tags",component:b("/blogs/tags","b5a"),exact:!0},{path:"/blogs/tags/aardvark",component:b("/blogs/tags/aardvark","19a"),exact:!0},{path:"/blogs/tags/aardvark-dns",component:b("/blogs/tags/aardvark-dns","4db"),exact:!0},{path:"/blogs/tags/api",component:b("/blogs/tags/api","0f5"),exact:!0},{path:"/blogs/tags/api/page/2",component:b("/blogs/tags/api/page/2","fcf"),exact:!0},{path:"/blogs/tags/api/page/3",component:b("/blogs/tags/api/page/3","7c7"),exact:!0},{path:"/blogs/tags/api/page/4",component:b("/blogs/tags/api/page/4","cfc"),exact:!0},{path:"/blogs/tags/api/page/5",component:b("/blogs/tags/api/page/5","52c"),exact:!0},{path:"/blogs/tags/api/page/6",component:b("/blogs/tags/api/page/6","75f"),exact:!0},{path:"/blogs/tags/api/page/7",component:b("/blogs/tags/api/page/7","076"),exact:!0},{path:"/blogs/tags/api/page/8",component:b("/blogs/tags/api/page/8","c1a"),exact:!0},{path:"/blogs/tags/api/page/9",component:b("/blogs/tags/api/page/9","e84"),exact:!0},{path:"/blogs/tags/automation",component:b("/blogs/tags/automation","7bc"),exact:!0},{path:"/blogs/tags/bindings",component:b("/blogs/tags/bindings","9bd"),exact:!0},{path:"/blogs/tags/bioinformatics",component:b("/blogs/tags/bioinformatics","77c"),exact:!0},{path:"/blogs/tags/boot-2-podman",component:b("/blogs/tags/boot-2-podman","5bd"),exact:!0},{path:"/blogs/tags/bpf",component:b("/blogs/tags/bpf","ed8"),exact:!0},{path:"/blogs/tags/buildah",component:b("/blogs/tags/buildah","75c"),exact:!0},{path:"/blogs/tags/buildah/page/2",component:b("/blogs/tags/buildah/page/2","5a0"),exact:!0},{path:"/blogs/tags/buildah/page/3",component:b("/blogs/tags/buildah/page/3","238"),exact:!0},{path:"/blogs/tags/buildah/page/4",component:b("/blogs/tags/buildah/page/4","5d5"),exact:!0},{path:"/blogs/tags/buildah/page/5",component:b("/blogs/tags/buildah/page/5","439"),exact:!0},{path:"/blogs/tags/centos",component:b("/blogs/tags/centos","f9c"),exact:!0},{path:"/blogs/tags/ci",component:b("/blogs/tags/ci","cc3"),exact:!0},{path:"/blogs/tags/cloud",component:b("/blogs/tags/cloud","df3"),exact:!0},{path:"/blogs/tags/community",component:b("/blogs/tags/community","abf"),exact:!0},{path:"/blogs/tags/compose",component:b("/blogs/tags/compose","61d"),exact:!0},{path:"/blogs/tags/containers",component:b("/blogs/tags/containers","075"),exact:!0},{path:"/blogs/tags/containers/page/10",component:b("/blogs/tags/containers/page/10","0a1"),exact:!0},{path:"/blogs/tags/containers/page/11",component:b("/blogs/tags/containers/page/11","067"),exact:!0},{path:"/blogs/tags/containers/page/12",component:b("/blogs/tags/containers/page/12","30e"),exact:!0},{path:"/blogs/tags/containers/page/13",component:b("/blogs/tags/containers/page/13","0c0"),exact:!0},{path:"/blogs/tags/containers/page/14",component:b("/blogs/tags/containers/page/14","593"),exact:!0},{path:"/blogs/tags/containers/page/15",component:b("/blogs/tags/containers/page/15","b2b"),exact:!0},{path:"/blogs/tags/containers/page/16",component:b("/blogs/tags/containers/page/16","55c"),exact:!0},{path:"/blogs/tags/containers/page/17",component:b("/blogs/tags/containers/page/17","4c3"),exact:!0},{path:"/blogs/tags/containers/page/18",component:b("/blogs/tags/containers/page/18","74b"),exact:!0},{path:"/blogs/tags/containers/page/2",component:b("/blogs/tags/containers/page/2","4ba"),exact:!0},{path:"/blogs/tags/containers/page/3",component:b("/blogs/tags/containers/page/3","442"),exact:!0},{path:"/blogs/tags/containers/page/4",component:b("/blogs/tags/containers/page/4","717"),exact:!0},{path:"/blogs/tags/containers/page/5",component:b("/blogs/tags/containers/page/5","54c"),exact:!0},{path:"/blogs/tags/containers/page/6",component:b("/blogs/tags/containers/page/6","d88"),exact:!0},{path:"/blogs/tags/containers/page/7",component:b("/blogs/tags/containers/page/7","448"),exact:!0},{path:"/blogs/tags/containers/page/8",component:b("/blogs/tags/containers/page/8","aa2"),exact:!0},{path:"/blogs/tags/containers/page/9",component:b("/blogs/tags/containers/page/9","540"),exact:!0},{path:"/blogs/tags/cri-o",component:b("/blogs/tags/cri-o","366"),exact:!0},{path:"/blogs/tags/crun",component:b("/blogs/tags/crun","afd"),exact:!0},{path:"/blogs/tags/debian",component:b("/blogs/tags/debian","d78"),exact:!0},{path:"/blogs/tags/dependency-management",component:b("/blogs/tags/dependency-management","208"),exact:!0},{path:"/blogs/tags/distro",component:b("/blogs/tags/distro","e07"),exact:!0},{path:"/blogs/tags/docker",component:b("/blogs/tags/docker","b80"),exact:!0},{path:"/blogs/tags/docker-compose",component:b("/blogs/tags/docker-compose","4fc"),exact:!0},{path:"/blogs/tags/docker-compose/page/2",component:b("/blogs/tags/docker-compose/page/2","f6e"),exact:!0},{path:"/blogs/tags/docker/page/2",component:b("/blogs/tags/docker/page/2","4dd"),exact:!0},{path:"/blogs/tags/docker/page/3",component:b("/blogs/tags/docker/page/3","325"),exact:!0},{path:"/blogs/tags/docker/page/4",component:b("/blogs/tags/docker/page/4","004"),exact:!0},{path:"/blogs/tags/docker/page/5",component:b("/blogs/tags/docker/page/5","860"),exact:!0},{path:"/blogs/tags/ebpf",component:b("/blogs/tags/ebpf","9fa"),exact:!0},{path:"/blogs/tags/git-lab",component:b("/blogs/tags/git-lab","c06"),exact:!0},{path:"/blogs/tags/github",component:b("/blogs/tags/github","a5a"),exact:!0},{path:"/blogs/tags/github/page/2",component:b("/blogs/tags/github/page/2","7fa"),exact:!0},{path:"/blogs/tags/go",component:b("/blogs/tags/go","886"),exact:!0},{path:"/blogs/tags/golang",component:b("/blogs/tags/golang","8f6"),exact:!0},{path:"/blogs/tags/gpg",component:b("/blogs/tags/gpg","75f"),exact:!0},{path:"/blogs/tags/hpc",component:b("/blogs/tags/hpc","0b3"),exact:!0},{path:"/blogs/tags/hpc/page/10",component:b("/blogs/tags/hpc/page/10","b44"),exact:!0},{path:"/blogs/tags/hpc/page/2",component:b("/blogs/tags/hpc/page/2","4e2"),exact:!0},{path:"/blogs/tags/hpc/page/3",component:b("/blogs/tags/hpc/page/3","369"),exact:!0},{path:"/blogs/tags/hpc/page/4",component:b("/blogs/tags/hpc/page/4","63e"),exact:!0},{path:"/blogs/tags/hpc/page/5",component:b("/blogs/tags/hpc/page/5","1be"),exact:!0},{path:"/blogs/tags/hpc/page/6",component:b("/blogs/tags/hpc/page/6","962"),exact:!0},{path:"/blogs/tags/hpc/page/7",component:b("/blogs/tags/hpc/page/7","ee1"),exact:!0},{path:"/blogs/tags/hpc/page/8",component:b("/blogs/tags/hpc/page/8","97c"),exact:!0},{path:"/blogs/tags/hpc/page/9",component:b("/blogs/tags/hpc/page/9","812"),exact:!0},{path:"/blogs/tags/images",component:b("/blogs/tags/images","993"),exact:!0},{path:"/blogs/tags/images/page/2",component:b("/blogs/tags/images/page/2","7de"),exact:!0},{path:"/blogs/tags/images/page/3",component:b("/blogs/tags/images/page/3","c66"),exact:!0},{path:"/blogs/tags/images/page/4",component:b("/blogs/tags/images/page/4","fd1"),exact:!0},{path:"/blogs/tags/images/page/5",component:b("/blogs/tags/images/page/5","54a"),exact:!0},{path:"/blogs/tags/kube",component:b("/blogs/tags/kube","fa8"),exact:!0},{path:"/blogs/tags/kube/page/2",component:b("/blogs/tags/kube/page/2","5ea"),exact:!0},{path:"/blogs/tags/kube/page/3",component:b("/blogs/tags/kube/page/3","df7"),exact:!0},{path:"/blogs/tags/kube/page/4",component:b("/blogs/tags/kube/page/4","bad"),exact:!0},{path:"/blogs/tags/kube/page/5",component:b("/blogs/tags/kube/page/5","bd2"),exact:!0},{path:"/blogs/tags/kube/page/6",component:b("/blogs/tags/kube/page/6","f1e"),exact:!0},{path:"/blogs/tags/kube/page/7",component:b("/blogs/tags/kube/page/7","63a"),exact:!0},{path:"/blogs/tags/kubernetes",component:b("/blogs/tags/kubernetes","c88"),exact:!0},{path:"/blogs/tags/kubernetes/page/2",component:b("/blogs/tags/kubernetes/page/2","a56"),exact:!0},{path:"/blogs/tags/kubernetes/page/3",component:b("/blogs/tags/kubernetes/page/3","20a"),exact:!0},{path:"/blogs/tags/kubernetes/page/4",component:b("/blogs/tags/kubernetes/page/4","dc0"),exact:!0},{path:"/blogs/tags/kubernetes/page/5",component:b("/blogs/tags/kubernetes/page/5","bc4"),exact:!0},{path:"/blogs/tags/kubernetes/page/6",component:b("/blogs/tags/kubernetes/page/6","4dc"),exact:!0},{path:"/blogs/tags/kubernetes/page/7",component:b("/blogs/tags/kubernetes/page/7","3cd"),exact:!0},{path:"/blogs/tags/kubic",component:b("/blogs/tags/kubic","6b8"),exact:!0},{path:"/blogs/tags/linux",component:b("/blogs/tags/linux","f47"),exact:!0},{path:"/blogs/tags/mac",component:b("/blogs/tags/mac","e10"),exact:!0},{path:"/blogs/tags/mac-os",component:b("/blogs/tags/mac-os","2de"),exact:!0},{path:"/blogs/tags/mac/page/2",component:b("/blogs/tags/mac/page/2","697"),exact:!0},{path:"/blogs/tags/mac/page/3",component:b("/blogs/tags/mac/page/3","736"),exact:!0},{path:"/blogs/tags/mac/page/4",component:b("/blogs/tags/mac/page/4","3e8"),exact:!0},{path:"/blogs/tags/mac/page/5",component:b("/blogs/tags/mac/page/5","ba1"),exact:!0},{path:"/blogs/tags/mac/page/6",component:b("/blogs/tags/mac/page/6","559"),exact:!0},{path:"/blogs/tags/microsoft",component:b("/blogs/tags/microsoft","f72"),exact:!0},{path:"/blogs/tags/multiarch",component:b("/blogs/tags/multiarch","ca4"),exact:!0},{path:"/blogs/tags/netavark",component:b("/blogs/tags/netavark","112"),exact:!0},{path:"/blogs/tags/network",component:b("/blogs/tags/network","106"),exact:!0},{path:"/blogs/tags/networking",component:b("/blogs/tags/networking","eca"),exact:!0},{path:"/blogs/tags/networking/page/10",component:b("/blogs/tags/networking/page/10","9fb"),exact:!0},{path:"/blogs/tags/networking/page/2",component:b("/blogs/tags/networking/page/2","4fc"),exact:!0},{path:"/blogs/tags/networking/page/3",component:b("/blogs/tags/networking/page/3","f47"),exact:!0},{path:"/blogs/tags/networking/page/4",component:b("/blogs/tags/networking/page/4","c60"),exact:!0},{path:"/blogs/tags/networking/page/5",component:b("/blogs/tags/networking/page/5","794"),exact:!0},{path:"/blogs/tags/networking/page/6",component:b("/blogs/tags/networking/page/6","3b9"),exact:!0},{path:"/blogs/tags/networking/page/7",component:b("/blogs/tags/networking/page/7","8e8"),exact:!0},{path:"/blogs/tags/networking/page/8",component:b("/blogs/tags/networking/page/8","182"),exact:!0},{path:"/blogs/tags/networking/page/9",component:b("/blogs/tags/networking/page/9","273"),exact:!0},{path:"/blogs/tags/nfs",component:b("/blogs/tags/nfs","e91"),exact:!0},{path:"/blogs/tags/oci",component:b("/blogs/tags/oci","276"),exact:!0},{path:"/blogs/tags/oci/page/2",component:b("/blogs/tags/oci/page/2","335"),exact:!0},{path:"/blogs/tags/oci/page/3",component:b("/blogs/tags/oci/page/3","af6"),exact:!0},{path:"/blogs/tags/oci/page/4",component:b("/blogs/tags/oci/page/4","dd1"),exact:!0},{path:"/blogs/tags/oci/page/5",component:b("/blogs/tags/oci/page/5","521"),exact:!0},{path:"/blogs/tags/open-source",component:b("/blogs/tags/open-source","229"),exact:!0},{path:"/blogs/tags/openstack",component:b("/blogs/tags/openstack","ce4"),exact:!0},{path:"/blogs/tags/pod",component:b("/blogs/tags/pod","435"),exact:!0},{path:"/blogs/tags/pod/page/2",component:b("/blogs/tags/pod/page/2","eb2"),exact:!0},{path:"/blogs/tags/pod/page/3",component:b("/blogs/tags/pod/page/3","e05"),exact:!0},{path:"/blogs/tags/pod/page/4",component:b("/blogs/tags/pod/page/4","4d2"),exact:!0},{path:"/blogs/tags/pod/page/5",component:b("/blogs/tags/pod/page/5","e00"),exact:!0},{path:"/blogs/tags/pod/page/6",component:b("/blogs/tags/pod/page/6","346"),exact:!0},{path:"/blogs/tags/pod/page/7",component:b("/blogs/tags/pod/page/7","c8a"),exact:!0},{path:"/blogs/tags/pod/page/8",component:b("/blogs/tags/pod/page/8","96b"),exact:!0},{path:"/blogs/tags/pod/page/9",component:b("/blogs/tags/pod/page/9","382"),exact:!0},{path:"/blogs/tags/podman",component:b("/blogs/tags/podman","101"),exact:!0},{path:"/blogs/tags/podman-machine",component:b("/blogs/tags/podman-machine","475"),exact:!0},{path:"/blogs/tags/podman/page/10",component:b("/blogs/tags/podman/page/10","c1f"),exact:!0},{path:"/blogs/tags/podman/page/11",component:b("/blogs/tags/podman/page/11","3b8"),exact:!0},{path:"/blogs/tags/podman/page/12",component:b("/blogs/tags/podman/page/12","792"),exact:!0},{path:"/blogs/tags/podman/page/13",component:b("/blogs/tags/podman/page/13","072"),exact:!0},{path:"/blogs/tags/podman/page/14",component:b("/blogs/tags/podman/page/14","0bd"),exact:!0},{path:"/blogs/tags/podman/page/15",component:b("/blogs/tags/podman/page/15","78f"),exact:!0},{path:"/blogs/tags/podman/page/16",component:b("/blogs/tags/podman/page/16","91f"),exact:!0},{path:"/blogs/tags/podman/page/17",component:b("/blogs/tags/podman/page/17","c3c"),exact:!0},{path:"/blogs/tags/podman/page/18",component:b("/blogs/tags/podman/page/18","e6d"),exact:!0},{path:"/blogs/tags/podman/page/19",component:b("/blogs/tags/podman/page/19","7ff"),exact:!0},{path:"/blogs/tags/podman/page/2",component:b("/blogs/tags/podman/page/2","76d"),exact:!0},{path:"/blogs/tags/podman/page/3",component:b("/blogs/tags/podman/page/3","a5a"),exact:!0},{path:"/blogs/tags/podman/page/4",component:b("/blogs/tags/podman/page/4","f6a"),exact:!0},{path:"/blogs/tags/podman/page/5",component:b("/blogs/tags/podman/page/5","3e0"),exact:!0},{path:"/blogs/tags/podman/page/6",component:b("/blogs/tags/podman/page/6","0df"),exact:!0},{path:"/blogs/tags/podman/page/7",component:b("/blogs/tags/podman/page/7","39d"),exact:!0},{path:"/blogs/tags/podman/page/8",component:b("/blogs/tags/podman/page/8","25f"),exact:!0},{path:"/blogs/tags/podman/page/9",component:b("/blogs/tags/podman/page/9","58a"),exact:!0},{path:"/blogs/tags/python",component:b("/blogs/tags/python","0c5"),exact:!0},{path:"/blogs/tags/rails",component:b("/blogs/tags/rails","2ae"),exact:!0},{path:"/blogs/tags/rename",component:b("/blogs/tags/rename","13f"),exact:!0},{path:"/blogs/tags/rest",component:b("/blogs/tags/rest","6d5"),exact:!0},{path:"/blogs/tags/rest-api",component:b("/blogs/tags/rest-api","bc5"),exact:!0},{path:"/blogs/tags/rest-api/page/2",component:b("/blogs/tags/rest-api/page/2","28d"),exact:!0},{path:"/blogs/tags/rest-api/page/3",component:b("/blogs/tags/rest-api/page/3","f20"),exact:!0},{path:"/blogs/tags/rest/page/2",component:b("/blogs/tags/rest/page/2","74f"),exact:!0},{path:"/blogs/tags/rest/page/3",component:b("/blogs/tags/rest/page/3","bfc"),exact:!0},{path:"/blogs/tags/restful",component:b("/blogs/tags/restful","a54"),exact:!0},{path:"/blogs/tags/rootless",component:b("/blogs/tags/rootless","9ac"),exact:!0},{path:"/blogs/tags/ruby",component:b("/blogs/tags/ruby","71b"),exact:!0},{path:"/blogs/tags/runner",component:b("/blogs/tags/runner","b25"),exact:!0},{path:"/blogs/tags/runtime",component:b("/blogs/tags/runtime","600"),exact:!0},{path:"/blogs/tags/runtime/page/2",component:b("/blogs/tags/runtime/page/2","11b"),exact:!0},{path:"/blogs/tags/rust",component:b("/blogs/tags/rust","efb"),exact:!0},{path:"/blogs/tags/seccomp",component:b("/blogs/tags/seccomp","2eb"),exact:!0},{path:"/blogs/tags/security",component:b("/blogs/tags/security","459"),exact:!0},{path:"/blogs/tags/signing",component:b("/blogs/tags/signing","b31"),exact:!0},{path:"/blogs/tags/skopeo",component:b("/blogs/tags/skopeo","bf3"),exact:!0},{path:"/blogs/tags/sudo",component:b("/blogs/tags/sudo","987"),exact:!0},{path:"/blogs/tags/syscall",component:b("/blogs/tags/syscall","ba1"),exact:!0},{path:"/blogs/tags/systemd",component:b("/blogs/tags/systemd","64a"),exact:!0},{path:"/blogs/tags/tent",component:b("/blogs/tags/tent","001"),exact:!0},{path:"/blogs/tags/test",component:b("/blogs/tags/test","f49"),exact:!0},{path:"/blogs/tags/tracing",component:b("/blogs/tags/tracing","2e1"),exact:!0},{path:"/blogs/tags/ubuntu",component:b("/blogs/tags/ubuntu","45e"),exact:!0},{path:"/blogs/tags/v-2",component:b("/blogs/tags/v-2","812"),exact:!0},{path:"/blogs/tags/v-2/page/10",component:b("/blogs/tags/v-2/page/10","a0c"),exact:!0},{path:"/blogs/tags/v-2/page/2",component:b("/blogs/tags/v-2/page/2","ba7"),exact:!0},{path:"/blogs/tags/v-2/page/3",component:b("/blogs/tags/v-2/page/3","3d5"),exact:!0},{path:"/blogs/tags/v-2/page/4",component:b("/blogs/tags/v-2/page/4","0ed"),exact:!0},{path:"/blogs/tags/v-2/page/5",component:b("/blogs/tags/v-2/page/5","75b"),exact:!0},{path:"/blogs/tags/v-2/page/6",component:b("/blogs/tags/v-2/page/6","d8f"),exact:!0},{path:"/blogs/tags/v-2/page/7",component:b("/blogs/tags/v-2/page/7","296"),exact:!0},{path:"/blogs/tags/v-2/page/8",component:b("/blogs/tags/v-2/page/8","90c"),exact:!0},{path:"/blogs/tags/v-2/page/9",component:b("/blogs/tags/v-2/page/9","546"),exact:!0},{path:"/blogs/tags/varlink",component:b("/blogs/tags/varlink","638"),exact:!0},{path:"/blogs/tags/video",component:b("/blogs/tags/video","508"),exact:!0},{path:"/blogs/tags/windows",component:b("/blogs/tags/windows","3dc"),exact:!0},{path:"/blogs/tags/windows/page/2",component:b("/blogs/tags/windows/page/2","f97"),exact:!0},{path:"/blogs/tags/windows/page/3",component:b("/blogs/tags/windows/page/3","417"),exact:!0},{path:"/blogs/tags/windows/page/4",component:b("/blogs/tags/windows/page/4","863"),exact:!0},{path:"/blogs/tags/windows/page/5",component:b("/blogs/tags/windows/page/5","079"),exact:!0},{path:"/blogs/tags/windows/page/6",component:b("/blogs/tags/windows/page/6","b8a"),exact:!0},{path:"/blogs/tags/windows/page/7",component:b("/blogs/tags/windows/page/7","3e9"),exact:!0},{path:"/community",component:b("/community","824"),exact:!0},{path:"/features",component:b("/features","f6e"),exact:!0},{path:"/get-started",component:b("/get-started","1b5"),exact:!0},{path:"/getting-started/installation",component:b("/getting-started/installation","001"),exact:!0},{path:"/docs",component:b("/docs","3a3"),routes:[{path:"/docs",component:b("/docs","d06"),exact:!0,sidebar:"docsSidebar"},{path:"/docs/checkpoint",component:b("/docs/checkpoint","762"),exact:!0,sidebar:"docsSidebar"},{path:"/docs/documentation",component:b("/docs/documentation","442"),exact:!0},{path:"/docs/installation",component:b("/docs/installation","015"),exact:!0,sidebar:"docsSidebar"}]},{path:"/",component:b("/","042"),exact:!0},{path:"*",component:b("*")}]},98934:(e,t,n)=>{"use strict";n.d(t,{_:()=>a,t:()=>c});var o=n(67294);const a=o.createContext(!1);function c(e){let{children:t}=e;const[n,c]=(0,o.useState)(!1);return(0,o.useEffect)((()=>{c(!0)}),[]),o.createElement(a.Provider,{value:n},t)}},97221:(e,t,n)=>{"use strict";var o=n(67294),a=n(73935),c=n(73727),r=n(70405),i=n(10412);const s=[n(32497),n(3310),n(18320),n(19943)];var l=n(723),d=n(16550),u=n(18790);function b(e){let{children:t}=e;return o.createElement(o.Fragment,null,t)}var g=n(87462),f=n(35742),p=n(52263),m=n(44996),h=n(86668),_=n(1944),v=n(94711),w=n(19727),y=n(43320),x=n(18780),k=n(90197);function E(){const{i18n:{defaultLocale:e,localeConfigs:t}}=(0,p.Z)(),n=(0,v.l)();return o.createElement(f.Z,null,Object.entries(t).map((e=>{let[t,{htmlLang:a}]=e;return o.createElement("link",{key:t,rel:"alternate",href:n.createUrl({locale:t,fullyQualified:!0}),hrefLang:a})})),o.createElement("link",{rel:"alternate",href:n.createUrl({locale:e,fullyQualified:!0}),hrefLang:"x-default"}))}function S(e){let{permalink:t}=e;const{siteConfig:{url:n}}=(0,p.Z)(),a=function(){const{siteConfig:{url:e,baseUrl:t,trailingSlash:n}}=(0,p.Z)(),{pathname:o}=(0,d.TH)();return e+(0,x.applyTrailingSlash)((0,m.Z)(o),{trailingSlash:n,baseUrl:t})}(),c=t?`${n}${t}`:a;return o.createElement(f.Z,null,o.createElement("meta",{property:"og:url",content:c}),o.createElement("link",{rel:"canonical",href:c}))}function C(){const{i18n:{currentLocale:e}}=(0,p.Z)(),{metadata:t,image:n}=(0,h.L)();return o.createElement(o.Fragment,null,o.createElement(f.Z,null,o.createElement("meta",{name:"twitter:card",content:"summary_large_image"}),o.createElement("body",{className:w.h})),n&&o.createElement(_.d,{image:n}),o.createElement(S,null),o.createElement(E,null),o.createElement(k.Z,{tag:y.HX,locale:e}),o.createElement(f.Z,null,t.map(((e,t)=>o.createElement("meta",(0,g.Z)({key:t},e))))))}const T=new Map;function j(e){if(T.has(e.pathname))return{...e,pathname:T.get(e.pathname)};if((0,u.f)(l.Z,e.pathname).some((e=>{let{route:t}=e;return!0===t.exact})))return T.set(e.pathname,e.pathname),e;const t=e.pathname.trim().replace(/(?:\/index)?\.html$/,"")||"/";return T.set(e.pathname,t),{...e,pathname:t}}var A=n(98934),M=n(58940);function L(e){for(var t=arguments.length,n=new Array(t>1?t-1:0),o=1;o{const o=t.default?.[e]??t[e];return o?.(...n)}));return()=>a.forEach((e=>e?.()))}const P=function(e){let{children:t,location:n,previousLocation:a}=e;return(0,o.useLayoutEffect)((()=>{a!==n&&(!function(e){let{location:t,previousLocation:n}=e;if(!n)return;const o=t.pathname===n.pathname,a=t.hash===n.hash,c=t.search===n.search;if(o&&a&&!c)return;const{hash:r}=t;if(r){const e=decodeURIComponent(r.substring(1)),t=document.getElementById(e);t?.scrollIntoView()}else window.scrollTo(0,0)}({location:n,previousLocation:a}),L("onRouteDidUpdate",{previousLocation:a,location:n}))}),[a,n]),t};function R(e){const t=Array.from(new Set([e,decodeURI(e)])).map((e=>(0,u.f)(l.Z,e))).flat();return Promise.all(t.map((e=>e.route.component.preload?.())))}class N extends o.Component{previousLocation;routeUpdateCleanupCb;constructor(e){super(e),this.previousLocation=null,this.routeUpdateCleanupCb=i.Z.canUseDOM?L("onRouteUpdate",{previousLocation:null,location:this.props.location}):()=>{},this.state={nextRouteHasLoaded:!0}}shouldComponentUpdate(e,t){if(e.location===this.props.location)return t.nextRouteHasLoaded;const n=e.location;return this.previousLocation=this.props.location,this.setState({nextRouteHasLoaded:!1}),this.routeUpdateCleanupCb=L("onRouteUpdate",{previousLocation:this.previousLocation,location:n}),R(n.pathname).then((()=>{this.routeUpdateCleanupCb(),this.setState({nextRouteHasLoaded:!0})})).catch((e=>{console.warn(e),window.location.reload()})),!1}render(){const{children:e,location:t}=this.props;return o.createElement(P,{previousLocation:this.previousLocation,location:t},o.createElement(d.AW,{location:t,render:()=>e}))}}const O=N,I="__docusaurus-base-url-issue-banner-container",D="__docusaurus-base-url-issue-banner",F="__docusaurus-base-url-issue-banner-suggestion-container",B="__DOCUSAURUS_INSERT_BASEURL_BANNER";function z(e){return`\nwindow['${B}'] = true;\n\ndocument.addEventListener('DOMContentLoaded', maybeInsertBanner);\n\nfunction maybeInsertBanner() {\n var shouldInsert = window['${B}'];\n shouldInsert && insertBanner();\n}\n\nfunction insertBanner() {\n var bannerContainer = document.getElementById('${I}');\n if (!bannerContainer) {\n return;\n }\n var bannerHtml = ${JSON.stringify(function(e){return`\n
\n

Your Docusaurus site did not load properly.

\n

A very common reason is a wrong site baseUrl configuration.

\n

Current configured baseUrl = ${e} ${"/"===e?" (default value)":""}

\n

We suggest trying baseUrl =

\n
\n`}(e)).replace(/{window[B]=!1}),[]),o.createElement(o.Fragment,null,!i.Z.canUseDOM&&o.createElement(f.Z,null,o.createElement("script",null,z(e))),o.createElement("div",{id:I}))}function $(){const{siteConfig:{baseUrl:e,baseUrlIssueBanner:t}}=(0,p.Z)(),{pathname:n}=(0,d.TH)();return t&&n===e?o.createElement(U,null):null}function H(){const{siteConfig:{favicon:e,title:t,noIndex:n},i18n:{currentLocale:a,localeConfigs:c}}=(0,p.Z)(),r=(0,m.Z)(e),{htmlLang:i,direction:s}=c[a];return o.createElement(f.Z,null,o.createElement("html",{lang:i,dir:s}),o.createElement("title",null,t),o.createElement("meta",{property:"og:title",content:t}),o.createElement("meta",{name:"viewport",content:"width=device-width, initial-scale=1.0"}),n&&o.createElement("meta",{name:"robots",content:"noindex, nofollow"}),e&&o.createElement("link",{rel:"icon",href:r}))}var G=n(44763),q=n(72389);function Z(){const e=(0,q.Z)();return o.createElement(f.Z,null,o.createElement("html",{"data-has-hydrated":e}))}function V(){const e=(0,u.H)(l.Z),t=(0,d.TH)();return o.createElement(G.Z,null,o.createElement(M.M,null,o.createElement(A.t,null,o.createElement(b,null,o.createElement(H,null),o.createElement(C,null),o.createElement($,null),o.createElement(O,{location:j(t)},e)),o.createElement(Z,null))))}var W=n(16887);const Y=function(e){try{return document.createElement("link").relList.supports(e)}catch{return!1}}("prefetch")?function(e){return new Promise(((t,n)=>{if("undefined"==typeof document)return void n();const o=document.createElement("link");o.setAttribute("rel","prefetch"),o.setAttribute("href",e),o.onload=()=>t(),o.onerror=()=>n();const a=document.getElementsByTagName("head")[0]??document.getElementsByName("script")[0]?.parentNode;a?.appendChild(o)}))}:function(e){return new Promise(((t,n)=>{const o=new XMLHttpRequest;o.open("GET",e,!0),o.withCredentials=!0,o.onload=()=>{200===o.status?t():n()},o.send(null)}))};var K=n(99670);const Q=new Set,X=new Set,J=()=>navigator.connection?.effectiveType.includes("2g")||navigator.connection?.saveData,ee={prefetch(e){if(!(e=>!J()&&!X.has(e)&&!Q.has(e))(e))return!1;Q.add(e);const t=(0,u.f)(l.Z,e).flatMap((e=>{return t=e.route.path,Object.entries(W).filter((e=>{let[n]=e;return n.replace(/-[^-]+$/,"")===t})).flatMap((e=>{let[,t]=e;return Object.values((0,K.Z)(t))}));var t}));return Promise.all(t.map((e=>{const t=n.gca(e);return t&&!t.includes("undefined")?Y(t).catch((()=>{})):Promise.resolve()})))},preload:e=>!!(e=>!J()&&!X.has(e))(e)&&(X.add(e),R(e))},te=Object.freeze(ee);if(i.Z.canUseDOM){window.docusaurus=te;const e=a.hydrate;R(window.location.pathname).then((()=>{e(o.createElement(r.B6,null,o.createElement(c.VK,null,o.createElement(V,null))),document.getElementById("__docusaurus"))}))}},58940:(e,t,n)=>{"use strict";n.d(t,{_:()=>d,M:()=>u});var o=n(67294),a=n(36809);const c=JSON.parse('{"docusaurus-plugin-content-docs":{"default":{"path":"/docs","versions":[{"name":"current","label":"Next","isLast":true,"path":"/docs","mainDocId":"podman","docs":[{"id":"checkpoint","path":"/docs/checkpoint","sidebar":"docsSidebar"},{"id":"documentation","path":"/docs/documentation"},{"id":"installation","path":"/docs/installation","sidebar":"docsSidebar"},{"id":"podman","path":"/docs/","sidebar":"docsSidebar"}],"draftIds":[],"sidebars":{"docsSidebar":{"link":{"path":"/docs/","label":"Getting Started"}}}}],"breadcrumbs":true}}}'),r=JSON.parse('{"defaultLocale":"en","locales":["en"],"path":"i18n","currentLocale":"en","localeConfigs":{"en":{"label":"English","direction":"ltr","htmlLang":"en","calendar":"gregory","path":"en"}}}');var i=n(57529);const s=JSON.parse('{"docusaurusVersion":"2.4.3","siteVersion":"0.0.0","pluginVersions":{"docusaurus-plugin-content-docs":{"type":"package","name":"@docusaurus/plugin-content-docs","version":"2.4.3"},"docusaurus-plugin-content-blog":{"type":"package","name":"@docusaurus/plugin-content-blog","version":"2.4.3"},"docusaurus-plugin-content-pages":{"type":"package","name":"@docusaurus/plugin-content-pages","version":"2.4.3"},"docusaurus-plugin-sitemap":{"type":"package","name":"@docusaurus/plugin-sitemap","version":"2.4.3"},"docusaurus-theme-classic":{"type":"package","name":"@docusaurus/theme-classic","version":"2.4.3"},"docusaurus-theme-live-codeblock":{"type":"package","name":"@docusaurus/theme-live-codeblock","version":"2.4.3"},"docusaurus-tailwindcss":{"type":"local"}}}'),l={siteConfig:a.default,siteMetadata:s,globalData:c,i18n:r,codeTranslations:i},d=o.createContext(l);function u(e){let{children:t}=e;return o.createElement(d.Provider,{value:l},t)}},44763:(e,t,n)=>{"use strict";n.d(t,{Z:()=>b});var o=n(67294),a=n(10412),c=n(35742),r=n(18780),i=n(7961);function s(e){let{error:t,tryAgain:n}=e;return o.createElement("div",{style:{display:"flex",flexDirection:"column",justifyContent:"center",alignItems:"flex-start",minHeight:"100vh",width:"100%",maxWidth:"80ch",fontSize:"20px",margin:"0 auto",padding:"1rem"}},o.createElement("h1",{style:{fontSize:"3rem"}},"This page crashed"),o.createElement("button",{type:"button",onClick:n,style:{margin:"1rem 0",fontSize:"2rem",cursor:"pointer",borderRadius:20,padding:"1rem"}},"Try again"),o.createElement(l,{error:t}))}function l(e){let{error:t}=e;const n=(0,r.getErrorCausalChain)(t).map((e=>e.message)).join("\n\nCause:\n");return o.createElement("p",{style:{whiteSpace:"pre-wrap"}},n)}function d(e){let{error:t,tryAgain:n}=e;return o.createElement(b,{fallback:()=>o.createElement(s,{error:t,tryAgain:n})},o.createElement(c.Z,null,o.createElement("title",null,"Page Error")),o.createElement(i.Z,null,o.createElement(s,{error:t,tryAgain:n})))}const u=e=>o.createElement(d,e);class b extends o.Component{constructor(e){super(e),this.state={error:null}}componentDidCatch(e){a.Z.canUseDOM&&this.setState({error:e})}render(){const{children:e}=this.props,{error:t}=this.state;if(t){const e={error:t,tryAgain:()=>this.setState({error:null})};return(this.props.fallback??u)(e)}return e??null}}},10412:(e,t,n)=>{"use strict";n.d(t,{Z:()=>a});const o="undefined"!=typeof window&&"document"in window&&"createElement"in window.document,a={canUseDOM:o,canUseEventListeners:o&&("addEventListener"in window||"attachEvent"in window),canUseIntersectionObserver:o&&"IntersectionObserver"in window,canUseViewport:o&&"screen"in window}},35742:(e,t,n)=>{"use strict";n.d(t,{Z:()=>c});var o=n(67294),a=n(70405);function c(e){return o.createElement(a.ql,e)}},39960:(e,t,n)=>{"use strict";n.d(t,{Z:()=>g});var o=n(87462),a=n(67294),c=n(73727),r=n(18780),i=n(52263),s=n(13919),l=n(10412);const d=a.createContext({collectLink:()=>{}});var u=n(44996);function b(e,t){let{isNavLink:n,to:b,href:g,activeClassName:f,isActive:p,"data-noBrokenLinkCheck":m,autoAddBaseUrl:h=!0,..._}=e;const{siteConfig:{trailingSlash:v,baseUrl:w}}=(0,i.Z)(),{withBaseUrl:y}=(0,u.C)(),x=(0,a.useContext)(d),k=(0,a.useRef)(null);(0,a.useImperativeHandle)(t,(()=>k.current));const E=b||g;const S=(0,s.Z)(E),C=E?.replace("pathname://","");let T=void 0!==C?(j=C,h&&(e=>e.startsWith("/"))(j)?y(j):j):void 0;var j;T&&S&&(T=(0,r.applyTrailingSlash)(T,{trailingSlash:v,baseUrl:w}));const A=(0,a.useRef)(!1),M=n?c.OL:c.rU,L=l.Z.canUseIntersectionObserver,P=(0,a.useRef)(),R=()=>{A.current||null==T||(window.docusaurus.preload(T),A.current=!0)};(0,a.useEffect)((()=>(!L&&S&&null!=T&&window.docusaurus.prefetch(T),()=>{L&&P.current&&P.current.disconnect()})),[P,T,L,S]);const N=T?.startsWith("#")??!1,O=!T||!S||N;return O||m||x.collectLink(T),O?a.createElement("a",(0,o.Z)({ref:k,href:T},E&&!S&&{target:"_blank",rel:"noopener noreferrer"},_)):a.createElement(M,(0,o.Z)({},_,{onMouseEnter:R,onTouchStart:R,innerRef:e=>{k.current=e,L&&e&&S&&(P.current=new window.IntersectionObserver((t=>{t.forEach((t=>{e===t.target&&(t.isIntersecting||t.intersectionRatio>0)&&(P.current.unobserve(e),P.current.disconnect(),null!=T&&window.docusaurus.prefetch(T))}))})),P.current.observe(e))},to:T},n&&{isActive:p,activeClassName:f}))}const g=a.forwardRef(b)},11875:(e,t,n)=>{"use strict";n.d(t,{Z:()=>o});const o=()=>null},95999:(e,t,n)=>{"use strict";n.d(t,{Z:()=>s,I:()=>i});var o=n(67294);function a(e,t){const n=e.split(/(\{\w+\})/).map(((e,n)=>{if(n%2==1){const n=t?.[e.slice(1,-1)];if(void 0!==n)return n}return e}));return n.some((e=>(0,o.isValidElement)(e)))?n.map(((e,t)=>(0,o.isValidElement)(e)?o.cloneElement(e,{key:t}):e)).filter((e=>""!==e)):n.join("")}var c=n(57529);function r(e){let{id:t,message:n}=e;if(void 0===t&&void 0===n)throw new Error("Docusaurus translation declarations must have at least a translation id or a default translation message");return c[t??n]??n??t}function i(e,t){let{message:n,id:o}=e;return a(r({message:n,id:o}),t)}function s(e){let{children:t,id:n,values:c}=e;if(t&&"string"!=typeof t)throw console.warn("Illegal children",t),new Error("The Docusaurus component only accept simple string values");const i=r({message:t,id:n});return o.createElement(o.Fragment,null,a(i,c))}},29935:(e,t,n)=>{"use strict";n.d(t,{m:()=>o});const o="default"},13919:(e,t,n)=>{"use strict";function o(e){return/^(?:\w*:|\/\/)/.test(e)}function a(e){return void 0!==e&&!o(e)}n.d(t,{Z:()=>a,b:()=>o})},44996:(e,t,n)=>{"use strict";n.d(t,{C:()=>r,Z:()=>i});var o=n(67294),a=n(52263),c=n(13919);function r(){const{siteConfig:{baseUrl:e,url:t}}=(0,a.Z)(),n=(0,o.useCallback)(((n,o)=>function(e,t,n,o){let{forcePrependBaseUrl:a=!1,absolute:r=!1}=void 0===o?{}:o;if(!n||n.startsWith("#")||(0,c.b)(n))return n;if(a)return t+n.replace(/^\//,"");if(n===t.replace(/\/$/,""))return t;const i=n.startsWith(t)?n:t+n.replace(/^\//,"");return r?e+i:i}(t,e,n,o)),[t,e]);return{withBaseUrl:n}}function i(e,t){void 0===t&&(t={});const{withBaseUrl:n}=r();return n(e,t)}},52263:(e,t,n)=>{"use strict";n.d(t,{Z:()=>c});var o=n(67294),a=n(58940);function c(){return(0,o.useContext)(a._)}},72389:(e,t,n)=>{"use strict";n.d(t,{Z:()=>c});var o=n(67294),a=n(98934);function c(){return(0,o.useContext)(a._)}},99670:(e,t,n)=>{"use strict";n.d(t,{Z:()=>a});const o=e=>"object"==typeof e&&!!e&&Object.keys(e).length>0;function a(e){const t={};return function e(n,a){Object.entries(n).forEach((n=>{let[c,r]=n;const i=a?`${a}.${c}`:c;o(r)?e(r,i):t[i]=r}))}(e),t}},30226:(e,t,n)=>{"use strict";n.d(t,{_:()=>a,z:()=>c});var o=n(67294);const a=o.createContext(null);function c(e){let{children:t,value:n}=e;const c=o.useContext(a),r=(0,o.useMemo)((()=>function(e){let{parent:t,value:n}=e;if(!t){if(!n)throw new Error("Unexpected: no Docusaurus route context found");if(!("plugin"in n))throw new Error("Unexpected: Docusaurus topmost route context has no `plugin` attribute");return n}const o={...t.data,...n?.data};return{plugin:t.plugin,data:o}}({parent:c,value:n})),[c,n]);return o.createElement(a.Provider,{value:r},t)}},80143:(e,t,n)=>{"use strict";n.d(t,{Iw:()=>p,gA:()=>b,_r:()=>d,Jo:()=>m,zh:()=>u,yW:()=>f,gB:()=>g});var o=n(16550),a=n(52263),c=n(29935);function r(e,t){void 0===t&&(t={});const n=function(){const{globalData:e}=(0,a.Z)();return e}()[e];if(!n&&t.failfast)throw new Error(`Docusaurus plugin global data not found for "${e}" plugin.`);return n}const i=e=>e.versions.find((e=>e.isLast));function s(e,t){const n=function(e,t){const n=i(e);return[...e.versions.filter((e=>e!==n)),n].find((e=>!!(0,o.LX)(t,{path:e.path,exact:!1,strict:!1})))}(e,t),a=n?.docs.find((e=>!!(0,o.LX)(t,{path:e.path,exact:!0,strict:!1})));return{activeVersion:n,activeDoc:a,alternateDocVersions:a?function(t){const n={};return e.versions.forEach((e=>{e.docs.forEach((o=>{o.id===t&&(n[e.name]=o)}))})),n}(a.id):{}}}const l={},d=()=>r("docusaurus-plugin-content-docs")??l,u=e=>function(e,t,n){void 0===t&&(t=c.m),void 0===n&&(n={});const o=r(e),a=o?.[t];if(!a&&n.failfast)throw new Error(`Docusaurus plugin global data not found for "${e}" plugin with id "${t}".`);return a}("docusaurus-plugin-content-docs",e,{failfast:!0});function b(e){void 0===e&&(e={});const t=d(),{pathname:n}=(0,o.TH)();return function(e,t,n){void 0===n&&(n={});const a=Object.entries(e).sort(((e,t)=>t[1].path.localeCompare(e[1].path))).find((e=>{let[,n]=e;return!!(0,o.LX)(t,{path:n.path,exact:!1,strict:!1})})),c=a?{pluginId:a[0],pluginData:a[1]}:void 0;if(!c&&n.failfast)throw new Error(`Can't find active docs plugin for "${t}" pathname, while it was expected to be found. Maybe you tried to use a docs feature that can only be used on a docs-related page? Existing docs plugin paths are: ${Object.values(e).map((e=>e.path)).join(", ")}`);return c}(t,n,e)}function g(e){return u(e).versions}function f(e){const t=u(e);return i(t)}function p(e){const t=u(e),{pathname:n}=(0,o.TH)();return s(t,n)}function m(e){const t=u(e),{pathname:n}=(0,o.TH)();return function(e,t){const n=i(e);return{latestDocSuggestion:s(e,t).alternateDocVersions[n.name],latestVersionSuggestion:n}}(t,n)}},18320:(e,t,n)=>{"use strict";n.r(t),n.d(t,{default:()=>c});var o=n(74865),a=n.n(o);a().configure({showSpinner:!1});const c={onRouteUpdate(e){let{location:t,previousLocation:n}=e;if(n&&t.pathname!==n.pathname){const e=window.setTimeout((()=>{a().start()}),200);return()=>window.clearTimeout(e)}},onRouteDidUpdate(){a().done()}}},3310:(e,t,n)=>{"use strict";n.r(t);var o=n(87410),a=n(36809);!function(e){const{themeConfig:{prism:t}}=a.default,{additionalLanguages:o}=t;globalThis.Prism=e,o.forEach((e=>{n(6726)(`./prism-${e}`)})),delete globalThis.Prism}(o.Z)},39471:(e,t,n)=>{"use strict";n.d(t,{Z:()=>c});var o=n(67294);const a={iconExternalLink:"iconExternalLink_nPIU"};function c(e){let{width:t=13.5,height:n=13.5}=e;return o.createElement("svg",{width:t,height:n,"aria-hidden":"true",viewBox:"0 0 24 24",className:a.iconExternalLink},o.createElement("path",{fill:"currentColor",d:"M21 13v10h-21v-19h12v2h-10v15h17v-8h2zm3-12h-10.988l4.035 4-6.977 7.07 2.828 2.828 6.977-7.07 4.125 4.172v-11z"}))}},7961:(e,t,n)=>{"use strict";n.d(t,{Z:()=>ut});var o=n(67294),a=n(86010),c=n(44763),r=n(1944),i=n(87462),s=n(16550),l=n(95999),d=n(85936);const u="__docusaurus_skipToContent_fallback";function b(e){e.setAttribute("tabindex","-1"),e.focus(),e.removeAttribute("tabindex")}function g(){const e=(0,o.useRef)(null),{action:t}=(0,s.k6)(),n=(0,o.useCallback)((e=>{e.preventDefault();const t=document.querySelector("main:first-of-type")??document.getElementById(u);t&&b(t)}),[]);return(0,d.S)((n=>{let{location:o}=n;e.current&&!o.hash&&"PUSH"===t&&b(e.current)})),{containerRef:e,onClick:n}}const f=(0,l.I)({id:"theme.common.skipToMainContent",description:"The skip to content label used for accessibility, allowing to rapidly navigate to main content with keyboard tab/enter navigation",message:"Skip to main content"});function p(e){const t=e.children??f,{containerRef:n,onClick:a}=g();return o.createElement("div",{ref:n,role:"region","aria-label":f},o.createElement("a",(0,i.Z)({},e,{href:`#${u}`,onClick:a}),t))}var m=n(35281),h=n(19727);const _={skipToContent:"skipToContent_fXgn"};function v(){return o.createElement(p,{className:_.skipToContent})}var w=n(86668),y=n(59689);function x(e){let{width:t=21,height:n=21,color:a="currentColor",strokeWidth:c=1.2,className:r,...s}=e;return o.createElement("svg",(0,i.Z)({viewBox:"0 0 15 15",width:t,height:n},s),o.createElement("g",{stroke:a,strokeWidth:c},o.createElement("path",{d:"M.75.75l13.5 13.5M14.25.75L.75 14.25"})))}const k={closeButton:"closeButton_CVFx"};function E(e){return o.createElement("button",(0,i.Z)({type:"button","aria-label":(0,l.I)({id:"theme.AnnouncementBar.closeButtonAriaLabel",message:"Close",description:"The ARIA label for close button of announcement bar"})},e,{className:(0,a.Z)("clean-btn close",k.closeButton,e.className)}),o.createElement(x,{width:14,height:14,strokeWidth:3.1}))}const S={content:"content_knG7"};function C(e){const{announcementBar:t}=(0,w.L)(),{content:n}=t;return o.createElement("div",(0,i.Z)({},e,{className:(0,a.Z)(S.content,e.className),dangerouslySetInnerHTML:{__html:n}}))}const T={announcementBar:"announcementBar_mb4j",announcementBarPlaceholder:"announcementBarPlaceholder_vyr4",announcementBarClose:"announcementBarClose_gvF7",announcementBarContent:"announcementBarContent_xLdY"};function j(){const{announcementBar:e}=(0,w.L)(),{isActive:t,close:n}=(0,y.nT)();if(!t)return null;const{backgroundColor:a,textColor:c,isCloseable:r}=e;return o.createElement("div",{className:T.announcementBar,style:{backgroundColor:a,color:c},role:"banner"},r&&o.createElement("div",{className:T.announcementBarPlaceholder}),o.createElement(C,{className:T.announcementBarContent}),r&&o.createElement(E,{onClick:n,className:T.announcementBarClose}))}var A=n(72961),M=n(12466);var L=n(902),P=n(13102);const R=o.createContext(null);function N(e){let{children:t}=e;const n=function(){const e=(0,A.e)(),t=(0,P.HY)(),[n,a]=(0,o.useState)(!1),c=null!==t.component,r=(0,L.D9)(c);return(0,o.useEffect)((()=>{c&&!r&&a(!0)}),[c,r]),(0,o.useEffect)((()=>{c?e.shown||a(!0):a(!1)}),[e.shown,c]),(0,o.useMemo)((()=>[n,a]),[n])}();return o.createElement(R.Provider,{value:n},t)}function O(e){if(e.component){const t=e.component;return o.createElement(t,e.props)}}function I(){const e=(0,o.useContext)(R);if(!e)throw new L.i6("NavbarSecondaryMenuDisplayProvider");const[t,n]=e,a=(0,o.useCallback)((()=>n(!1)),[n]),c=(0,P.HY)();return(0,o.useMemo)((()=>({shown:t,hide:a,content:O(c)})),[a,c,t])}function D(e){let{header:t,primaryMenu:n,secondaryMenu:c}=e;const{shown:r}=I();return o.createElement("div",{className:"navbar-sidebar"},t,o.createElement("div",{className:(0,a.Z)("navbar-sidebar__items",{"navbar-sidebar__items--show-secondary":r})},o.createElement("div",{className:"navbar-sidebar__item menu"},n),o.createElement("div",{className:"navbar-sidebar__item menu"},c)))}var F=n(92949),B=n(72389);function z(e){return o.createElement("svg",(0,i.Z)({viewBox:"0 0 24 24",width:24,height:24},e),o.createElement("path",{fill:"currentColor",d:"M12,9c1.65,0,3,1.35,3,3s-1.35,3-3,3s-3-1.35-3-3S10.35,9,12,9 M12,7c-2.76,0-5,2.24-5,5s2.24,5,5,5s5-2.24,5-5 S14.76,7,12,7L12,7z M2,13l2,0c0.55,0,1-0.45,1-1s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S1.45,13,2,13z M20,13l2,0c0.55,0,1-0.45,1-1 s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S19.45,13,20,13z M11,2v2c0,0.55,0.45,1,1,1s1-0.45,1-1V2c0-0.55-0.45-1-1-1S11,1.45,11,2z M11,20v2c0,0.55,0.45,1,1,1s1-0.45,1-1v-2c0-0.55-0.45-1-1-1C11.45,19,11,19.45,11,20z M5.99,4.58c-0.39-0.39-1.03-0.39-1.41,0 c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0s0.39-1.03,0-1.41L5.99,4.58z M18.36,16.95 c-0.39-0.39-1.03-0.39-1.41,0c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0c0.39-0.39,0.39-1.03,0-1.41 L18.36,16.95z M19.42,5.99c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06c-0.39,0.39-0.39,1.03,0,1.41 s1.03,0.39,1.41,0L19.42,5.99z M7.05,18.36c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06 c-0.39,0.39-0.39,1.03,0,1.41s1.03,0.39,1.41,0L7.05,18.36z"}))}function U(e){return o.createElement("svg",(0,i.Z)({viewBox:"0 0 24 24",width:24,height:24},e),o.createElement("path",{fill:"currentColor",d:"M9.37,5.51C9.19,6.15,9.1,6.82,9.1,7.5c0,4.08,3.32,7.4,7.4,7.4c0.68,0,1.35-0.09,1.99-0.27C17.45,17.19,14.93,19,12,19 c-3.86,0-7-3.14-7-7C5,9.07,6.81,6.55,9.37,5.51z M12,3c-4.97,0-9,4.03-9,9s4.03,9,9,9s9-4.03,9-9c0-0.46-0.04-0.92-0.1-1.36 c-0.98,1.37-2.58,2.26-4.4,2.26c-2.98,0-5.4-2.42-5.4-5.4c0-1.81,0.89-3.42,2.26-4.4C12.92,3.04,12.46,3,12,3L12,3z"}))}const $={toggle:"toggle_vylO",toggleButton:"toggleButton_gllP",darkToggleIcon:"darkToggleIcon_wfgR",lightToggleIcon:"lightToggleIcon_pyhR",toggleButtonDisabled:"toggleButtonDisabled_aARS"};function H(e){let{className:t,buttonClassName:n,value:c,onChange:r}=e;const i=(0,B.Z)(),s=(0,l.I)({message:"Switch between dark and light mode (currently {mode})",id:"theme.colorToggle.ariaLabel",description:"The ARIA label for the navbar color mode toggle"},{mode:"dark"===c?(0,l.I)({message:"dark mode",id:"theme.colorToggle.ariaLabel.mode.dark",description:"The name for the dark color mode"}):(0,l.I)({message:"light mode",id:"theme.colorToggle.ariaLabel.mode.light",description:"The name for the light color mode"})});return o.createElement("div",{className:(0,a.Z)($.toggle,t)},o.createElement("button",{className:(0,a.Z)("clean-btn",$.toggleButton,!i&&$.toggleButtonDisabled,n),type:"button",onClick:()=>r("dark"===c?"light":"dark"),disabled:!i,title:s,"aria-label":s,"aria-live":"polite"},o.createElement(z,{className:(0,a.Z)($.toggleIcon,$.lightToggleIcon)}),o.createElement(U,{className:(0,a.Z)($.toggleIcon,$.darkToggleIcon)})))}const G=o.memo(H),q={darkNavbarColorModeToggle:"darkNavbarColorModeToggle_X3D1"};function Z(e){let{className:t}=e;const n=(0,w.L)().navbar.style,a=(0,w.L)().colorMode.disableSwitch,{colorMode:c,setColorMode:r}=(0,F.I)();return a?null:o.createElement(G,{className:t,buttonClassName:"dark"===n?q.darkNavbarColorModeToggle:void 0,value:c,onChange:r})}var V=n(21327);function W(){return o.createElement(V.Z,{className:"navbar__brand",imageClassName:"navbar__logo",titleClassName:"navbar__title text--truncate"})}function Y(){const e=(0,A.e)();return o.createElement("button",{type:"button","aria-label":(0,l.I)({id:"theme.docs.sidebar.closeSidebarButtonAriaLabel",message:"Close navigation bar",description:"The ARIA label for close button of mobile sidebar"}),className:"clean-btn navbar-sidebar__close",onClick:()=>e.toggle()},o.createElement(x,{color:"var(--ifm-color-emphasis-600)"}))}function K(){return o.createElement("div",{className:"navbar-sidebar__brand"},o.createElement(W,null),o.createElement(Z,{className:"margin-right--md"}),o.createElement(Y,null))}var Q=n(39960),X=n(44996),J=n(13919);function ee(e,t){return void 0!==e&&void 0!==t&&new RegExp(e,"gi").test(t)}var te=n(39471);function ne(e){let{activeBasePath:t,activeBaseRegex:n,to:a,href:c,label:r,html:s,isDropdownLink:l,prependBaseUrlToHref:d,...u}=e;const b=(0,X.Z)(a),g=(0,X.Z)(t),f=(0,X.Z)(c,{forcePrependBaseUrl:!0}),p=r&&c&&!(0,J.Z)(c),m=s?{dangerouslySetInnerHTML:{__html:s}}:{children:o.createElement(o.Fragment,null,r,p&&o.createElement(te.Z,l&&{width:12,height:12}))};return c?o.createElement(Q.Z,(0,i.Z)({href:d?f:c},u,m)):o.createElement(Q.Z,(0,i.Z)({to:b,isNavLink:!0},(t||n)&&{isActive:(e,t)=>n?ee(n,t.pathname):t.pathname.startsWith(g)},u,m))}function oe(e){let{className:t,isDropdownItem:n=!1,...c}=e;const r=o.createElement(ne,(0,i.Z)({className:(0,a.Z)(n?"dropdown__link":"navbar__item navbar__link",t),isDropdownLink:n},c));return n?o.createElement("li",null,r):r}function ae(e){let{className:t,isDropdownItem:n,...c}=e;return o.createElement("li",{className:"menu__list-item"},o.createElement(ne,(0,i.Z)({className:(0,a.Z)("menu__link",t)},c)))}function ce(e){let{mobile:t=!1,position:n,...a}=e;const c=t?ae:oe;return o.createElement(c,(0,i.Z)({},a,{activeClassName:a.activeClassName??(t?"menu__link--active":"navbar__link--active")}))}var re=n(86043),ie=n(48596),se=n(52263);function le(e,t){return e.some((e=>function(e,t){return!!(0,ie.Mg)(e.to,t)||!!ee(e.activeBaseRegex,t)||!(!e.activeBasePath||!t.startsWith(e.activeBasePath))}(e,t)))}function de(e){let{items:t,position:n,className:c,onClick:r,...s}=e;const l=(0,o.useRef)(null),[d,u]=(0,o.useState)(!1);return(0,o.useEffect)((()=>{const e=e=>{l.current&&!l.current.contains(e.target)&&u(!1)};return document.addEventListener("mousedown",e),document.addEventListener("touchstart",e),document.addEventListener("focusin",e),()=>{document.removeEventListener("mousedown",e),document.removeEventListener("touchstart",e),document.removeEventListener("focusin",e)}}),[l]),o.createElement("div",{ref:l,className:(0,a.Z)("navbar__item","dropdown","dropdown--hoverable",{"dropdown--right":"right"===n,"dropdown--show":d})},o.createElement(ne,(0,i.Z)({"aria-haspopup":"true","aria-expanded":d,role:"button",href:s.to?void 0:"#",className:(0,a.Z)("navbar__link",c)},s,{onClick:s.to?void 0:e=>e.preventDefault(),onKeyDown:e=>{"Enter"===e.key&&(e.preventDefault(),u(!d))}}),s.children??s.label),o.createElement("ul",{className:"dropdown__menu"},t.map(((e,t)=>o.createElement(Ee,(0,i.Z)({isDropdownItem:!0,activeClassName:"dropdown__link--active"},e,{key:t}))))))}function ue(e){let{items:t,className:n,position:c,onClick:r,...l}=e;const d=function(){const{siteConfig:{baseUrl:e}}=(0,se.Z)(),{pathname:t}=(0,s.TH)();return t.replace(e,"/")}(),u=le(t,d),{collapsed:b,toggleCollapsed:g,setCollapsed:f}=(0,re.u)({initialState:()=>!u});return(0,o.useEffect)((()=>{u&&f(!u)}),[d,u,f]),o.createElement("li",{className:(0,a.Z)("menu__list-item",{"menu__list-item--collapsed":b})},o.createElement(ne,(0,i.Z)({role:"button",className:(0,a.Z)("menu__link menu__link--sublist menu__link--sublist-caret",n)},l,{onClick:e=>{e.preventDefault(),g()}}),l.children??l.label),o.createElement(re.z,{lazy:!0,as:"ul",className:"menu__list",collapsed:b},t.map(((e,t)=>o.createElement(Ee,(0,i.Z)({mobile:!0,isDropdownItem:!0,onClick:r,activeClassName:"menu__link--active"},e,{key:t}))))))}function be(e){let{mobile:t=!1,...n}=e;const a=t?ue:de;return o.createElement(a,n)}var ge=n(94711);function fe(e){let{width:t=20,height:n=20,...a}=e;return o.createElement("svg",(0,i.Z)({viewBox:"0 0 24 24",width:t,height:n,"aria-hidden":!0},a),o.createElement("path",{fill:"currentColor",d:"M12.87 15.07l-2.54-2.51.03-.03c1.74-1.94 2.98-4.17 3.71-6.53H17V4h-7V2H8v2H1v1.99h11.17C11.5 7.92 10.44 9.75 9 11.35 8.07 10.32 7.3 9.19 6.69 8h-2c.73 1.63 1.73 3.17 2.98 4.56l-5.09 5.02L4 19l5-5 3.11 3.11.76-2.04zM18.5 10h-2L12 22h2l1.12-3h4.75L21 22h2l-4.5-12zm-2.62 7l1.62-4.33L19.12 17h-3.24z"}))}const pe="iconLanguage_nlXk";var me=n(11875);const he={searchBox:"searchBox_ZlJk"};function _e(e){let{children:t,className:n}=e;return o.createElement("div",{className:(0,a.Z)(n,he.searchBox)},t)}var ve=n(80143),we=n(52802);var ye=n(60373);const xe=e=>e.docs.find((t=>t.id===e.mainDocId));const ke={default:ce,localeDropdown:function(e){let{mobile:t,dropdownItemsBefore:n,dropdownItemsAfter:a,...c}=e;const{i18n:{currentLocale:r,locales:d,localeConfigs:u}}=(0,se.Z)(),b=(0,ge.l)(),{search:g,hash:f}=(0,s.TH)(),p=[...n,...d.map((e=>{const n=`${`pathname://${b.createUrl({locale:e,fullyQualified:!1})}`}${g}${f}`;return{label:u[e].label,lang:u[e].htmlLang,to:n,target:"_self",autoAddBaseUrl:!1,className:e===r?t?"menu__link--active":"dropdown__link--active":""}})),...a],m=t?(0,l.I)({message:"Languages",id:"theme.navbar.mobileLanguageDropdown.label",description:"The label for the mobile language switcher dropdown"}):u[r].label;return o.createElement(be,(0,i.Z)({},c,{mobile:t,label:o.createElement(o.Fragment,null,o.createElement(fe,{className:pe}),m),items:p}))},search:function(e){let{mobile:t,className:n}=e;return t?null:o.createElement(_e,{className:n},o.createElement(me.Z,null))},dropdown:be,html:function(e){let{value:t,className:n,mobile:c=!1,isDropdownItem:r=!1}=e;const i=r?"li":"div";return o.createElement(i,{className:(0,a.Z)({navbar__item:!c&&!r,"menu__list-item":c},n),dangerouslySetInnerHTML:{__html:t}})},doc:function(e){let{docId:t,label:n,docsPluginId:a,...c}=e;const{activeDoc:r}=(0,ve.Iw)(a),s=(0,we.vY)(t,a);return null===s?null:o.createElement(ce,(0,i.Z)({exact:!0},c,{isActive:()=>r?.path===s.path||!!r?.sidebar&&r.sidebar===s.sidebar,label:n??s.id,to:s.path}))},docSidebar:function(e){let{sidebarId:t,label:n,docsPluginId:a,...c}=e;const{activeDoc:r}=(0,ve.Iw)(a),s=(0,we.oz)(t,a).link;if(!s)throw new Error(`DocSidebarNavbarItem: Sidebar with ID "${t}" doesn't have anything to be linked to.`);return o.createElement(ce,(0,i.Z)({exact:!0},c,{isActive:()=>r?.sidebar===t,label:n??s.label,to:s.path}))},docsVersion:function(e){let{label:t,to:n,docsPluginId:a,...c}=e;const r=(0,we.lO)(a)[0],s=t??r.label,l=n??(e=>e.docs.find((t=>t.id===e.mainDocId)))(r).path;return o.createElement(ce,(0,i.Z)({},c,{label:s,to:l}))},docsVersionDropdown:function(e){let{mobile:t,docsPluginId:n,dropdownActiveClassDisabled:a,dropdownItemsBefore:c,dropdownItemsAfter:r,...d}=e;const{search:u,hash:b}=(0,s.TH)(),g=(0,ve.Iw)(n),f=(0,ve.gB)(n),{savePreferredVersionName:p}=(0,ye.J)(n),m=[...c,...f.map((e=>{const t=g.alternateDocVersions[e.name]??xe(e);return{label:e.label,to:`${t.path}${u}${b}`,isActive:()=>e===g.activeVersion,onClick:()=>p(e.name)}})),...r],h=(0,we.lO)(n)[0],_=t&&m.length>1?(0,l.I)({id:"theme.navbar.mobileVersionsDropdown.label",message:"Versions",description:"The label for the navbar versions dropdown on mobile view"}):h.label,v=t&&m.length>1?void 0:xe(h).path;return m.length<=1?o.createElement(ce,(0,i.Z)({},d,{mobile:t,label:_,to:v,isActive:a?()=>!1:void 0})):o.createElement(be,(0,i.Z)({},d,{mobile:t,label:_,to:v,items:m,isActive:a?()=>!1:void 0}))}};function Ee(e){let{type:t,...n}=e;const a=function(e,t){return e&&"default"!==e?e:"items"in t?"dropdown":"default"}(t,n),c=ke[a];if(!c)throw new Error(`No NavbarItem component found for type "${t}".`);return o.createElement(c,n)}function Se(){const e=(0,A.e)(),t=(0,w.L)().navbar.items;return o.createElement("ul",{className:"menu__list"},t.map(((t,n)=>o.createElement(Ee,(0,i.Z)({mobile:!0},t,{onClick:()=>e.toggle(),key:n})))))}function Ce(e){return o.createElement("button",(0,i.Z)({},e,{type:"button",className:"clean-btn navbar-sidebar__back"}),o.createElement(l.Z,{id:"theme.navbar.mobileSidebarSecondaryMenu.backButtonLabel",description:"The label of the back button to return to main menu, inside the mobile navbar sidebar secondary menu (notably used to display the docs sidebar)"},"\u2190 Back to main menu"))}function Te(){const e=0===(0,w.L)().navbar.items.length,t=I();return o.createElement(o.Fragment,null,!e&&o.createElement(Ce,{onClick:()=>t.hide()}),t.content)}function je(){const e=(0,A.e)();var t;return void 0===(t=e.shown)&&(t=!0),(0,o.useEffect)((()=>(document.body.style.overflow=t?"hidden":"visible",()=>{document.body.style.overflow="visible"})),[t]),e.shouldRender?o.createElement(D,{header:o.createElement(K,null),primaryMenu:o.createElement(Se,null),secondaryMenu:o.createElement(Te,null)}):null}const Ae={navbarHideable:"navbarHideable_m1mJ",navbarHidden:"navbarHidden_jGov"};function Me(e){return o.createElement("div",(0,i.Z)({role:"presentation"},e,{className:(0,a.Z)("navbar-sidebar__backdrop",e.className)}))}function Le(e){let{children:t}=e;const{navbar:{hideOnScroll:n,style:c}}=(0,w.L)(),r=(0,A.e)(),{navbarRef:i,isNavbarVisible:s}=function(e){const[t,n]=(0,o.useState)(e),a=(0,o.useRef)(!1),c=(0,o.useRef)(0),r=(0,o.useCallback)((e=>{null!==e&&(c.current=e.getBoundingClientRect().height)}),[]);return(0,M.RF)(((t,o)=>{let{scrollY:r}=t;if(!e)return;if(r=i?n(!1):r+l{if(!e)return;const o=t.location.hash;if(o?document.getElementById(o.substring(1)):void 0)return a.current=!0,void n(!1);n(!0)})),{navbarRef:r,isNavbarVisible:t}}(n);return o.createElement("nav",{ref:i,"aria-label":(0,l.I)({id:"theme.NavBar.navAriaLabel",message:"Main",description:"The ARIA label for the main navigation"}),className:(0,a.Z)("navbar","navbar--fixed-top",n&&[Ae.navbarHideable,!s&&Ae.navbarHidden],{"navbar--dark":"dark"===c,"navbar--primary":"primary"===c,"navbar-sidebar--show":r.shown})},t,o.createElement(Me,{onClick:r.toggle}),o.createElement(je,null))}var Pe=n(18780);const Re={errorBoundaryError:"errorBoundaryError_a6uf"};function Ne(e){return o.createElement("button",(0,i.Z)({type:"button"},e),o.createElement(l.Z,{id:"theme.ErrorPageContent.tryAgain",description:"The label of the button to try again rendering when the React error boundary captures an error"},"Try again"))}function Oe(e){let{error:t}=e;const n=(0,Pe.getErrorCausalChain)(t).map((e=>e.message)).join("\n\nCause:\n");return o.createElement("p",{className:Re.errorBoundaryError},n)}class Ie extends o.Component{componentDidCatch(e,t){throw this.props.onError(e,t)}render(){return this.props.children}}const De="right";function Fe(e){let{width:t=30,height:n=30,className:a,...c}=e;return o.createElement("svg",(0,i.Z)({className:a,width:t,height:n,viewBox:"0 0 30 30","aria-hidden":"true"},c),o.createElement("path",{stroke:"currentColor",strokeLinecap:"round",strokeMiterlimit:"10",strokeWidth:"2",d:"M4 7h22M4 15h22M4 23h22"}))}function Be(){const{toggle:e,shown:t}=(0,A.e)();return o.createElement("button",{onClick:e,"aria-label":(0,l.I)({id:"theme.docs.sidebar.toggleSidebarButtonAriaLabel",message:"Toggle navigation bar",description:"The ARIA label for hamburger menu button of mobile navigation"}),"aria-expanded":t,className:"navbar__toggle clean-btn",type:"button"},o.createElement(Fe,null))}const ze={colorModeToggle:"colorModeToggle_DEke"};function Ue(e){let{items:t}=e;return o.createElement(o.Fragment,null,t.map(((e,t)=>o.createElement(Ie,{key:t,onError:t=>new Error(`A theme navbar item failed to render.\nPlease double-check the following navbar item (themeConfig.navbar.items) of your Docusaurus config:\n${JSON.stringify(e,null,2)}`,{cause:t})},o.createElement(Ee,e)))))}function $e(e){let{left:t,right:n}=e;return o.createElement("div",{className:"navbar__inner"},o.createElement("div",{className:"navbar__items"},t),o.createElement("div",{className:"navbar__items navbar__items--right"},n))}function He(){const e=(0,A.e)(),t=(0,w.L)().navbar.items,[n,a]=function(e){function t(e){return"left"===(e.position??De)}return[e.filter(t),e.filter((e=>!t(e)))]}(t),c=t.find((e=>"search"===e.type));return o.createElement($e,{left:o.createElement(o.Fragment,null,!e.disabled&&o.createElement(Be,null),o.createElement(W,null),o.createElement(Ue,{items:n})),right:o.createElement(o.Fragment,null,o.createElement(Ue,{items:a}),o.createElement(Z,{className:ze.colorModeToggle}),!c&&o.createElement(_e,null,o.createElement(me.Z,null)))})}function Ge(){return o.createElement(Le,null,o.createElement(He,null))}function qe(e){let{item:t}=e;const{to:n,href:a,label:c,prependBaseUrlToHref:r,...s}=t,l=(0,X.Z)(n),d=(0,X.Z)(a,{forcePrependBaseUrl:!0});return o.createElement(Q.Z,(0,i.Z)({className:"footer__link-item"},a?{href:r?d:a}:{to:l},s),c,a&&!(0,J.Z)(a)&&o.createElement(te.Z,null))}function Ze(e){let{item:t}=e;return t.html?o.createElement("li",{className:"footer__item",dangerouslySetInnerHTML:{__html:t.html}}):o.createElement("li",{key:t.href??t.to,className:"footer__item"},o.createElement(qe,{item:t}))}function Ve(e){let{column:t}=e;return o.createElement("div",{className:"col footer__col"},o.createElement("div",{className:"footer__title"},t.title),o.createElement("ul",{className:"footer__items clean-list"},t.items.map(((e,t)=>o.createElement(Ze,{key:t,item:e})))))}function We(e){let{columns:t}=e;return o.createElement("div",{className:"row footer__links"},t.map(((e,t)=>o.createElement(Ve,{key:t,column:e}))))}function Ye(){return o.createElement("span",{className:"footer__link-separator"},"\xb7")}function Ke(e){let{item:t}=e;return t.html?o.createElement("span",{className:"footer__link-item",dangerouslySetInnerHTML:{__html:t.html}}):o.createElement(qe,{item:t})}function Qe(e){let{links:t}=e;return o.createElement("div",{className:"footer__links text--center"},o.createElement("div",{className:"footer__links"},t.map(((e,n)=>o.createElement(o.Fragment,{key:n},o.createElement(Ke,{item:e}),t.length!==n+1&&o.createElement(Ye,null))))))}function Xe(e){let{links:t}=e;return function(e){return"title"in e[0]}(t)?o.createElement(We,{columns:t}):o.createElement(Qe,{links:t})}var Je=n(50941);const et={footerLogoLink:"footerLogoLink_BH7S"};function tt(e){let{logo:t}=e;const{withBaseUrl:n}=(0,X.C)(),c={light:n(t.src),dark:n(t.srcDark??t.src)};return o.createElement(Je.Z,{className:(0,a.Z)("footer__logo",t.className),alt:t.alt,sources:c,width:t.width,height:t.height,style:t.style})}function nt(e){let{logo:t}=e;return t.href?o.createElement(Q.Z,{href:t.href,className:et.footerLogoLink,target:t.target},o.createElement(tt,{logo:t})):o.createElement(tt,{logo:t})}function ot(e){let{copyright:t}=e;return o.createElement("div",{className:"footer__copyright",dangerouslySetInnerHTML:{__html:t}})}function at(e){let{style:t,links:n,logo:c,copyright:r}=e;return o.createElement("footer",{className:(0,a.Z)("footer",{"footer--dark":"dark"===t})},o.createElement("div",{className:"container container-fluid"},n,(c||r)&&o.createElement("div",{className:"footer__bottom text--center"},c&&o.createElement("div",{className:"margin-bottom--sm"},c),r)))}function ct(){const{footer:e}=(0,w.L)();if(!e)return null;const{copyright:t,links:n,logo:a,style:c}=e;return o.createElement(at,{style:c,links:n&&n.length>0&&o.createElement(Xe,{links:n}),logo:a&&o.createElement(nt,{logo:a}),copyright:t&&o.createElement(ot,{copyright:t})})}const rt=o.memo(ct),it=(0,L.Qc)([F.S,y.pl,M.OC,ye.L5,r.VC,function(e){let{children:t}=e;return o.createElement(P.n2,null,o.createElement(A.M,null,o.createElement(N,null,t)))}]);function st(e){let{children:t}=e;return o.createElement(it,null,t)}function lt(e){let{error:t,tryAgain:n}=e;return o.createElement("main",{className:"container margin-vert--xl"},o.createElement("div",{className:"row"},o.createElement("div",{className:"col col--6 col--offset-3"},o.createElement("h1",{className:"hero__title"},o.createElement(l.Z,{id:"theme.ErrorPageContent.title",description:"The title of the fallback page when the page crashed"},"This page crashed.")),o.createElement("div",{className:"margin-vert--lg"},o.createElement(Ne,{onClick:n,className:"button button--primary shadow--lw"})),o.createElement("hr",null),o.createElement("div",{className:"margin-vert--md"},o.createElement(Oe,{error:t})))))}const dt={mainWrapper:"mainWrapper_z2l0"};function ut(e){const{children:t,noFooter:n,wrapperClassName:i,title:s,description:l}=e;return(0,h.t)(),o.createElement(st,null,o.createElement(r.d,{title:s,description:l}),o.createElement(v,null),o.createElement(j,null),o.createElement(Ge,null),o.createElement("div",{id:u,className:(0,a.Z)(m.k.wrapper.main,dt.mainWrapper,i)},o.createElement(c.Z,{fallback:e=>o.createElement(lt,e)},t)),!n&&o.createElement(rt,null))}},21327:(e,t,n)=>{"use strict";n.d(t,{Z:()=>u});var o=n(87462),a=n(67294),c=n(39960),r=n(44996),i=n(52263),s=n(86668),l=n(50941);function d(e){let{logo:t,alt:n,imageClassName:o}=e;const c={light:(0,r.Z)(t.src),dark:(0,r.Z)(t.srcDark||t.src)},i=a.createElement(l.Z,{className:t.className,sources:c,height:t.height,width:t.width,alt:n,style:t.style});return o?a.createElement("div",{className:o},i):i}function u(e){const{siteConfig:{title:t}}=(0,i.Z)(),{navbar:{title:n,logo:l}}=(0,s.L)(),{imageClassName:u,titleClassName:b,...g}=e,f=(0,r.Z)(l?.href||"/"),p=n?"":t,m=l?.alt??p;return a.createElement(c.Z,(0,o.Z)({to:f},g,l?.target&&{target:l.target}),l&&a.createElement(d,{logo:l,alt:m,imageClassName:u}),null!=n&&a.createElement("b",{className:b},n))}},90197:(e,t,n)=>{"use strict";n.d(t,{Z:()=>c});var o=n(67294),a=n(35742);function c(e){let{locale:t,version:n,tag:c}=e;const r=t;return o.createElement(a.Z,null,t&&o.createElement("meta",{name:"docusaurus_locale",content:t}),n&&o.createElement("meta",{name:"docusaurus_version",content:n}),c&&o.createElement("meta",{name:"docusaurus_tag",content:c}),r&&o.createElement("meta",{name:"docsearch:language",content:r}),n&&o.createElement("meta",{name:"docsearch:version",content:n}),c&&o.createElement("meta",{name:"docsearch:docusaurus_tag",content:c}))}},50941:(e,t,n)=>{"use strict";n.d(t,{Z:()=>l});var o=n(87462),a=n(67294),c=n(86010),r=n(72389),i=n(92949);const s={themedImage:"themedImage_ToTc","themedImage--light":"themedImage--light_HNdA","themedImage--dark":"themedImage--dark_i4oU"};function l(e){const t=(0,r.Z)(),{colorMode:n}=(0,i.I)(),{sources:l,className:d,alt:u,...b}=e,g=t?"dark"===n?["dark"]:["light"]:["light","dark"];return a.createElement(a.Fragment,null,g.map((e=>a.createElement("img",(0,o.Z)({key:e,src:l[e],alt:u,className:(0,c.Z)(s.themedImage,s[`themedImage--${e}`],d)},b)))))}},86043:(e,t,n)=>{"use strict";n.d(t,{u:()=>s,z:()=>m});var o=n(87462),a=n(67294),c=n(10412),r=n(91442);const i="ease-in-out";function s(e){let{initialState:t}=e;const[n,o]=(0,a.useState)(t??!1),c=(0,a.useCallback)((()=>{o((e=>!e))}),[]);return{collapsed:n,setCollapsed:o,toggleCollapsed:c}}const l={display:"none",overflow:"hidden",height:"0px"},d={display:"block",overflow:"visible",height:"auto"};function u(e,t){const n=t?l:d;e.style.display=n.display,e.style.overflow=n.overflow,e.style.height=n.height}function b(e){let{collapsibleRef:t,collapsed:n,animation:o}=e;const c=(0,a.useRef)(!1);(0,a.useEffect)((()=>{const e=t.current;function a(){const t=e.scrollHeight,n=o?.duration??function(e){if((0,r.n)())return 1;const t=e/36;return Math.round(10*(4+15*t**.25+t/5))}(t);return{transition:`height ${n}ms ${o?.easing??i}`,height:`${t}px`}}function s(){const t=a();e.style.transition=t.transition,e.style.height=t.height}if(!c.current)return u(e,n),void(c.current=!0);return e.style.willChange="height",function(){const t=requestAnimationFrame((()=>{n?(s(),requestAnimationFrame((()=>{e.style.height=l.height,e.style.overflow=l.overflow}))):(e.style.display="block",requestAnimationFrame((()=>{s()})))}));return()=>cancelAnimationFrame(t)}()}),[t,n,o])}function g(e){if(!c.Z.canUseDOM)return e?l:d}function f(e){let{as:t="div",collapsed:n,children:o,animation:c,onCollapseTransitionEnd:r,className:i,disableSSRStyle:s}=e;const l=(0,a.useRef)(null);return b({collapsibleRef:l,collapsed:n,animation:c}),a.createElement(t,{ref:l,style:s?void 0:g(n),onTransitionEnd:e=>{"height"===e.propertyName&&(u(l.current,n),r?.(n))},className:i},o)}function p(e){let{collapsed:t,...n}=e;const[c,r]=(0,a.useState)(!t),[i,s]=(0,a.useState)(t);return(0,a.useLayoutEffect)((()=>{t||r(!0)}),[t]),(0,a.useLayoutEffect)((()=>{c&&s(t)}),[c,t]),c?a.createElement(f,(0,o.Z)({},n,{collapsed:i})):null}function m(e){let{lazy:t,...n}=e;const o=t?p:f;return a.createElement(o,n)}},59689:(e,t,n)=>{"use strict";n.d(t,{nT:()=>f,pl:()=>g});var o=n(67294),a=n(72389),c=n(50012),r=n(902),i=n(86668);const s=(0,c.WA)("docusaurus.announcement.dismiss"),l=(0,c.WA)("docusaurus.announcement.id"),d=()=>"true"===s.get(),u=e=>s.set(String(e)),b=o.createContext(null);function g(e){let{children:t}=e;const n=function(){const{announcementBar:e}=(0,i.L)(),t=(0,a.Z)(),[n,c]=(0,o.useState)((()=>!!t&&d()));(0,o.useEffect)((()=>{c(d())}),[]);const r=(0,o.useCallback)((()=>{u(!0),c(!0)}),[]);return(0,o.useEffect)((()=>{if(!e)return;const{id:t}=e;let n=l.get();"annoucement-bar"===n&&(n="announcement-bar");const o=t!==n;l.set(t),o&&u(!1),!o&&d()||c(!1)}),[e]),(0,o.useMemo)((()=>({isActive:!!e&&!n,close:r})),[e,n,r])}();return o.createElement(b.Provider,{value:n},t)}function f(){const e=(0,o.useContext)(b);if(!e)throw new r.i6("AnnouncementBarProvider");return e}},92949:(e,t,n)=>{"use strict";n.d(t,{I:()=>m,S:()=>p});var o=n(67294),a=n(10412),c=n(902),r=n(50012),i=n(86668);const s=o.createContext(void 0),l="theme",d=(0,r.WA)(l),u={light:"light",dark:"dark"},b=e=>e===u.dark?u.dark:u.light,g=e=>a.Z.canUseDOM?b(document.documentElement.getAttribute("data-theme")):b(e),f=e=>{d.set(b(e))};function p(e){let{children:t}=e;const n=function(){const{colorMode:{defaultMode:e,disableSwitch:t,respectPrefersColorScheme:n}}=(0,i.L)(),[a,c]=(0,o.useState)(g(e));(0,o.useEffect)((()=>{t&&d.del()}),[t]);const r=(0,o.useCallback)((function(t,o){void 0===o&&(o={});const{persist:a=!0}=o;t?(c(t),a&&f(t)):(c(n?window.matchMedia("(prefers-color-scheme: dark)").matches?u.dark:u.light:e),d.del())}),[n,e]);(0,o.useEffect)((()=>{document.documentElement.setAttribute("data-theme",b(a))}),[a]),(0,o.useEffect)((()=>{if(t)return;const e=e=>{if(e.key!==l)return;const t=d.get();null!==t&&r(b(t))};return window.addEventListener("storage",e),()=>window.removeEventListener("storage",e)}),[t,r]);const s=(0,o.useRef)(!1);return(0,o.useEffect)((()=>{if(t&&!n)return;const e=window.matchMedia("(prefers-color-scheme: dark)"),o=()=>{window.matchMedia("print").matches||s.current?s.current=window.matchMedia("print").matches:r(null)};return e.addListener(o),()=>e.removeListener(o)}),[r,t,n]),(0,o.useMemo)((()=>({colorMode:a,setColorMode:r,get isDarkTheme(){return a===u.dark},setLightTheme(){r(u.light)},setDarkTheme(){r(u.dark)}})),[a,r])}();return o.createElement(s.Provider,{value:n},t)}function m(){const e=(0,o.useContext)(s);if(null==e)throw new c.i6("ColorModeProvider","Please see https://docusaurus.io/docs/api/themes/configuration#use-color-mode.");return e}},60373:(e,t,n)=>{"use strict";n.d(t,{J:()=>_,L5:()=>m});var o=n(67294),a=n(80143),c=n(29935),r=n(86668),i=n(52802),s=n(902),l=n(50012);const d=e=>`docs-preferred-version-${e}`,u={save:(e,t,n)=>{(0,l.WA)(d(e),{persistence:t}).set(n)},read:(e,t)=>(0,l.WA)(d(e),{persistence:t}).get(),clear:(e,t)=>{(0,l.WA)(d(e),{persistence:t}).del()}},b=e=>Object.fromEntries(e.map((e=>[e,{preferredVersionName:null}])));const g=o.createContext(null);function f(){const e=(0,a._r)(),t=(0,r.L)().docs.versionPersistence,n=(0,o.useMemo)((()=>Object.keys(e)),[e]),[c,i]=(0,o.useState)((()=>b(n)));(0,o.useEffect)((()=>{i(function(e){let{pluginIds:t,versionPersistence:n,allDocsData:o}=e;function a(e){const t=u.read(e,n);return o[e].versions.some((e=>e.name===t))?{preferredVersionName:t}:(u.clear(e,n),{preferredVersionName:null})}return Object.fromEntries(t.map((e=>[e,a(e)])))}({allDocsData:e,versionPersistence:t,pluginIds:n}))}),[e,t,n]);return[c,(0,o.useMemo)((()=>({savePreferredVersion:function(e,n){u.save(e,t,n),i((t=>({...t,[e]:{preferredVersionName:n}})))}})),[t])]}function p(e){let{children:t}=e;const n=f();return o.createElement(g.Provider,{value:n},t)}function m(e){let{children:t}=e;return i.cE?o.createElement(p,null,t):o.createElement(o.Fragment,null,t)}function h(){const e=(0,o.useContext)(g);if(!e)throw new s.i6("DocsPreferredVersionContextProvider");return e}function _(e){void 0===e&&(e=c.m);const t=(0,a.zh)(e),[n,r]=h(),{preferredVersionName:i}=n[e];return{preferredVersion:t.versions.find((e=>e.name===i))??null,savePreferredVersionName:(0,o.useCallback)((t=>{r.savePreferredVersion(e,t)}),[r,e])}}},1116:(e,t,n)=>{"use strict";n.d(t,{V:()=>s,b:()=>i});var o=n(67294),a=n(902);const c=Symbol("EmptyContext"),r=o.createContext(c);function i(e){let{children:t,name:n,items:a}=e;const c=(0,o.useMemo)((()=>n&&a?{name:n,items:a}:null),[n,a]);return o.createElement(r.Provider,{value:c},t)}function s(){const e=(0,o.useContext)(r);if(e===c)throw new a.i6("DocsSidebarProvider");return e}},72961:(e,t,n)=>{"use strict";n.d(t,{M:()=>b,e:()=>g});var o=n(67294),a=n(13102),c=n(87524),r=n(16550),i=(n(61688),n(902));function s(e){!function(e){const t=(0,r.k6)(),n=(0,i.zX)(e);(0,o.useEffect)((()=>t.block(((e,t)=>n(e,t)))),[t,n])}(((t,n)=>{if("POP"===n)return e(t,n)}))}var l=n(86668);const d=o.createContext(void 0);function u(){const e=function(){const e=(0,a.HY)(),{items:t}=(0,l.L)().navbar;return 0===t.length&&!e.component}(),t=(0,c.i)(),n=!e&&"mobile"===t,[r,i]=(0,o.useState)(!1);s((()=>{if(r)return i(!1),!1}));const d=(0,o.useCallback)((()=>{i((e=>!e))}),[]);return(0,o.useEffect)((()=>{"desktop"===t&&i(!1)}),[t]),(0,o.useMemo)((()=>({disabled:e,shouldRender:n,toggle:d,shown:r})),[e,n,d,r])}function b(e){let{children:t}=e;const n=u();return o.createElement(d.Provider,{value:n},t)}function g(){const e=o.useContext(d);if(void 0===e)throw new i.i6("NavbarMobileSidebarProvider");return e}},13102:(e,t,n)=>{"use strict";n.d(t,{HY:()=>i,Zo:()=>s,n2:()=>r});var o=n(67294),a=n(902);const c=o.createContext(null);function r(e){let{children:t}=e;const n=(0,o.useState)({component:null,props:null});return o.createElement(c.Provider,{value:n},t)}function i(){const e=(0,o.useContext)(c);if(!e)throw new a.i6("NavbarSecondaryMenuContentProvider");return e[0]}function s(e){let{component:t,props:n}=e;const r=(0,o.useContext)(c);if(!r)throw new a.i6("NavbarSecondaryMenuContentProvider");const[,i]=r,s=(0,a.Ql)(n);return(0,o.useEffect)((()=>{i({component:t,props:s})}),[i,t,s]),(0,o.useEffect)((()=>()=>i({component:null,props:null})),[i]),null}},19727:(e,t,n)=>{"use strict";n.d(t,{h:()=>a,t:()=>c});var o=n(67294);const a="navigation-with-keyboard";function c(){(0,o.useEffect)((()=>{function e(e){"keydown"===e.type&&"Tab"===e.key&&document.body.classList.add(a),"mousedown"===e.type&&document.body.classList.remove(a)}return document.addEventListener("keydown",e),document.addEventListener("mousedown",e),()=>{document.body.classList.remove(a),document.removeEventListener("keydown",e),document.removeEventListener("mousedown",e)}}),[])}},87524:(e,t,n)=>{"use strict";n.d(t,{i:()=>l});var o=n(67294),a=n(10412);const c={desktop:"desktop",mobile:"mobile",ssr:"ssr"},r=996;function i(){return a.Z.canUseDOM?window.innerWidth>r?c.desktop:c.mobile:c.ssr}const s=!1;function l(){const[e,t]=(0,o.useState)((()=>s?"ssr":i()));return(0,o.useEffect)((()=>{function e(){t(i())}const n=s?window.setTimeout(e,1e3):void 0;return window.addEventListener("resize",e),()=>{window.removeEventListener("resize",e),clearTimeout(n)}}),[]),e}},35281:(e,t,n)=>{"use strict";n.d(t,{k:()=>o});const o={page:{blogListPage:"blog-list-page",blogPostPage:"blog-post-page",blogTagsListPage:"blog-tags-list-page",blogTagPostListPage:"blog-tags-post-list-page",docsDocPage:"docs-doc-page",docsTagsListPage:"docs-tags-list-page",docsTagDocListPage:"docs-tags-doc-list-page",mdxPage:"mdx-page"},wrapper:{main:"main-wrapper",blogPages:"blog-wrapper",docsPages:"docs-wrapper",mdxPages:"mdx-wrapper"},common:{editThisPage:"theme-edit-this-page",lastUpdated:"theme-last-updated",backToTopButton:"theme-back-to-top-button",codeBlock:"theme-code-block",admonition:"theme-admonition",admonitionType:e=>`theme-admonition-${e}`},layout:{},docs:{docVersionBanner:"theme-doc-version-banner",docVersionBadge:"theme-doc-version-badge",docBreadcrumbs:"theme-doc-breadcrumbs",docMarkdown:"theme-doc-markdown",docTocMobile:"theme-doc-toc-mobile",docTocDesktop:"theme-doc-toc-desktop",docFooter:"theme-doc-footer",docFooterTagsRow:"theme-doc-footer-tags-row",docFooterEditMetaRow:"theme-doc-footer-edit-meta-row",docSidebarContainer:"theme-doc-sidebar-container",docSidebarMenu:"theme-doc-sidebar-menu",docSidebarItemCategory:"theme-doc-sidebar-item-category",docSidebarItemLink:"theme-doc-sidebar-item-link",docSidebarItemCategoryLevel:e=>`theme-doc-sidebar-item-category-level-${e}`,docSidebarItemLinkLevel:e=>`theme-doc-sidebar-item-link-level-${e}`},blog:{}}},91442:(e,t,n)=>{"use strict";function o(){return window.matchMedia("(prefers-reduced-motion: reduce)").matches}n.d(t,{n:()=>o})},52802:(e,t,n)=>{"use strict";n.d(t,{Wl:()=>b,_F:()=>p,cE:()=>u,hI:()=>y,lO:()=>_,vY:()=>w,oz:()=>v,s1:()=>h});var o=n(67294),a=n(16550),c=n(18790),r=n(80143),i=n(60373),s=n(1116);function l(e){return Array.from(new Set(e))}var d=n(48596);const u=!!r._r;function b(e){if(e.href)return e.href;for(const t of e.items){if("link"===t.type)return t.href;if("category"===t.type){const e=b(t);if(e)return e}}}const g=(e,t)=>void 0!==e&&(0,d.Mg)(e,t),f=(e,t)=>e.some((e=>p(e,t)));function p(e,t){return"link"===e.type?g(e.href,t):"category"===e.type&&(g(e.href,t)||f(e.items,t))}function m(e){let{sidebarItems:t,pathname:n,onlyCategories:o=!1}=e;const a=[];return function e(t){for(const c of t)if("category"===c.type&&((0,d.Mg)(c.href,n)||e(c.items))||"link"===c.type&&(0,d.Mg)(c.href,n)){return o&&"category"!==c.type||a.unshift(c),!0}return!1}(t),a}function h(){const e=(0,s.V)(),{pathname:t}=(0,a.TH)(),n=(0,r.gA)()?.pluginData.breadcrumbs;return!1!==n&&e?m({sidebarItems:e.items,pathname:t}):null}function _(e){const{activeVersion:t}=(0,r.Iw)(e),{preferredVersion:n}=(0,i.J)(e),a=(0,r.yW)(e);return(0,o.useMemo)((()=>l([t,n,a].filter(Boolean))),[t,n,a])}function v(e,t){const n=_(t);return(0,o.useMemo)((()=>{const t=n.flatMap((e=>e.sidebars?Object.entries(e.sidebars):[])),o=t.find((t=>t[0]===e));if(!o)throw new Error(`Can't find any sidebar with id "${e}" in version${n.length>1?"s":""} ${n.map((e=>e.name)).join(", ")}".\nAvailable sidebar ids are:\n- ${t.map((e=>e[0])).join("\n- ")}`);return o[1]}),[e,n])}function w(e,t){const n=_(t);return(0,o.useMemo)((()=>{const t=n.flatMap((e=>e.docs)),o=t.find((t=>t.id===e));if(!o){if(n.flatMap((e=>e.draftIds)).includes(e))return null;throw new Error(`Couldn't find any doc with id "${e}" in version${n.length>1?"s":""} "${n.map((e=>e.name)).join(", ")}".\nAvailable doc ids are:\n- ${l(t.map((e=>e.id))).join("\n- ")}`)}return o}),[e,n])}function y(e){let{route:t,versionMetadata:n}=e;const o=(0,a.TH)(),r=t.routes,i=r.find((e=>(0,a.LX)(o.pathname,e)));if(!i)return null;const s=i.sidebar,l=s?n.docsSidebars[s]:void 0;return{docElement:(0,c.H)(r),sidebarName:s,sidebarItems:l}}},1944:(e,t,n)=>{"use strict";n.d(t,{FG:()=>b,d:()=>d,VC:()=>g});var o=n(67294),a=n(86010),c=n(35742),r=n(30226);function i(){const e=o.useContext(r._);if(!e)throw new Error("Unexpected: no Docusaurus route context found");return e}var s=n(44996),l=n(52263);function d(e){let{title:t,description:n,keywords:a,image:r,children:i}=e;const d=function(e){const{siteConfig:t}=(0,l.Z)(),{title:n,titleDelimiter:o}=t;return e?.trim().length?`${e.trim()} ${o} ${n}`:n}(t),{withBaseUrl:u}=(0,s.C)(),b=r?u(r,{absolute:!0}):void 0;return o.createElement(c.Z,null,t&&o.createElement("title",null,d),t&&o.createElement("meta",{property:"og:title",content:d}),n&&o.createElement("meta",{name:"description",content:n}),n&&o.createElement("meta",{property:"og:description",content:n}),a&&o.createElement("meta",{name:"keywords",content:Array.isArray(a)?a.join(","):a}),b&&o.createElement("meta",{property:"og:image",content:b}),b&&o.createElement("meta",{name:"twitter:image",content:b}),i)}const u=o.createContext(void 0);function b(e){let{className:t,children:n}=e;const r=o.useContext(u),i=(0,a.Z)(r,t);return o.createElement(u.Provider,{value:i},o.createElement(c.Z,null,o.createElement("html",{className:i})),n)}function g(e){let{children:t}=e;const n=i(),c=`plugin-${n.plugin.name.replace(/docusaurus-(?:plugin|theme)-(?:content-)?/gi,"")}`;const r=`plugin-id-${n.plugin.id}`;return o.createElement(b,{className:(0,a.Z)(c,r)},t)}},902:(e,t,n)=>{"use strict";n.d(t,{D9:()=>r,Qc:()=>l,Ql:()=>s,i6:()=>i,zX:()=>c});var o=n(67294);const a=n(10412).Z.canUseDOM?o.useLayoutEffect:o.useEffect;function c(e){const t=(0,o.useRef)(e);return a((()=>{t.current=e}),[e]),(0,o.useCallback)((function(){return t.current(...arguments)}),[])}function r(e){const t=(0,o.useRef)();return a((()=>{t.current=e})),t.current}class i extends Error{constructor(e,t){super(),this.name="ReactContextError",this.message=`Hook ${this.stack?.split("\n")[1]?.match(/at (?:\w+\.)?(?\w+)/)?.groups.name??""} is called outside the <${e}>. ${t??""}`}}function s(e){const t=Object.entries(e);return t.sort(((e,t)=>e[0].localeCompare(t[0]))),(0,o.useMemo)((()=>e),t.flat())}function l(e){return t=>{let{children:n}=t;return o.createElement(o.Fragment,null,e.reduceRight(((e,t)=>o.createElement(t,null,e)),n))}}},48596:(e,t,n)=>{"use strict";n.d(t,{Mg:()=>r,Ns:()=>i});var o=n(67294),a=n(723),c=n(52263);function r(e,t){const n=e=>(!e||e.endsWith("/")?e:`${e}/`)?.toLowerCase();return n(e)===n(t)}function i(){const{baseUrl:e}=(0,c.Z)().siteConfig;return(0,o.useMemo)((()=>function(e){let{baseUrl:t,routes:n}=e;function o(e){return e.path===t&&!0===e.exact}function a(e){return e.path===t&&!e.exact}return function e(t){if(0===t.length)return;return t.find(o)||e(t.filter(a).flatMap((e=>e.routes??[])))}(n)}({routes:a.Z,baseUrl:e})),[e])}},12466:(e,t,n)=>{"use strict";n.d(t,{Ct:()=>b,OC:()=>s,RF:()=>u});var o=n(67294),a=n(10412),c=n(72389),r=n(902);const i=o.createContext(void 0);function s(e){let{children:t}=e;const n=function(){const e=(0,o.useRef)(!0);return(0,o.useMemo)((()=>({scrollEventsEnabledRef:e,enableScrollEvents:()=>{e.current=!0},disableScrollEvents:()=>{e.current=!1}})),[])}();return o.createElement(i.Provider,{value:n},t)}function l(){const e=(0,o.useContext)(i);if(null==e)throw new r.i6("ScrollControllerProvider");return e}const d=()=>a.Z.canUseDOM?{scrollX:window.pageXOffset,scrollY:window.pageYOffset}:null;function u(e,t){void 0===t&&(t=[]);const{scrollEventsEnabledRef:n}=l(),a=(0,o.useRef)(d()),c=(0,r.zX)(e);(0,o.useEffect)((()=>{const e=()=>{if(!n.current)return;const e=d();c(e,a.current),a.current=e},t={passive:!0};return e(),window.addEventListener("scroll",e,t),()=>window.removeEventListener("scroll",e,t)}),[c,n,...t])}function b(){const e=(0,o.useRef)(null),t=(0,c.Z)()&&"smooth"===getComputedStyle(document.documentElement).scrollBehavior;return{startScroll:n=>{e.current=t?function(e){return window.scrollTo({top:e,behavior:"smooth"}),()=>{}}(n):function(e){let t=null;const n=document.documentElement.scrollTop>e;return function o(){const a=document.documentElement.scrollTop;(n&&a>e||!n&&at&&cancelAnimationFrame(t)}(n)},cancelScroll:()=>e.current?.()}}},43320:(e,t,n)=>{"use strict";n.d(t,{HX:()=>o,os:()=>a});n(52263);const o="default";function a(e,t){return`docs-${e}-${t}`}},50012:(e,t,n)=>{"use strict";n.d(t,{WA:()=>s});n(67294),n(61688);const o="localStorage";function a(e){let{key:t,oldValue:n,newValue:o,storage:a}=e;if(n===o)return;const c=document.createEvent("StorageEvent");c.initStorageEvent("storage",!1,!1,t,n,o,window.location.href,a),window.dispatchEvent(c)}function c(e){if(void 0===e&&(e=o),"undefined"==typeof window)throw new Error("Browser storage is not available on Node.js/Docusaurus SSR process.");if("none"===e)return null;try{return window[e]}catch(n){return t=n,r||(console.warn("Docusaurus browser storage is not available.\nPossible reasons: running Docusaurus in an iframe, in an incognito browser session, or using too strict browser privacy settings.",t),r=!0),null}var t}let r=!1;const i={get:()=>null,set:()=>{},del:()=>{},listen:()=>()=>{}};function s(e,t){if("undefined"==typeof window)return function(e){function t(){throw new Error(`Illegal storage API usage for storage key "${e}".\nDocusaurus storage APIs are not supposed to be called on the server-rendering process.\nPlease only call storage APIs in effects and event handlers.`)}return{get:t,set:t,del:t,listen:t}}(e);const n=c(t?.persistence);return null===n?i:{get:()=>{try{return n.getItem(e)}catch(t){return console.error(`Docusaurus storage error, can't get key=${e}`,t),null}},set:t=>{try{const o=n.getItem(e);n.setItem(e,t),a({key:e,oldValue:o,newValue:t,storage:n})}catch(o){console.error(`Docusaurus storage error, can't set ${e}=${t}`,o)}},del:()=>{try{const t=n.getItem(e);n.removeItem(e),a({key:e,oldValue:t,newValue:null,storage:n})}catch(t){console.error(`Docusaurus storage error, can't delete key=${e}`,t)}},listen:t=>{try{const o=o=>{o.storageArea===n&&o.key===e&&t(o)};return window.addEventListener("storage",o),()=>window.removeEventListener("storage",o)}catch(o){return console.error(`Docusaurus storage error, can't listen for changes of key=${e}`,o),()=>{}}}}}},94711:(e,t,n)=>{"use strict";n.d(t,{l:()=>r});var o=n(52263),a=n(16550),c=n(18780);function r(){const{siteConfig:{baseUrl:e,url:t,trailingSlash:n},i18n:{defaultLocale:r,currentLocale:i}}=(0,o.Z)(),{pathname:s}=(0,a.TH)(),l=(0,c.applyTrailingSlash)(s,{trailingSlash:n,baseUrl:e}),d=i===r?e:e.replace(`/${i}/`,"/"),u=l.replace(e,"");return{createUrl:function(e){let{locale:n,fullyQualified:o}=e;return`${o?t:""}${function(e){return e===r?`${d}`:`${d}${e}/`}(n)}${u}`}}}},85936:(e,t,n)=>{"use strict";n.d(t,{S:()=>r});var o=n(67294),a=n(16550),c=n(902);function r(e){const t=(0,a.TH)(),n=(0,c.D9)(t),r=(0,c.zX)(e);(0,o.useEffect)((()=>{n&&t!==n&&r({location:t,previousLocation:n})}),[r,t,n])}},86668:(e,t,n)=>{"use strict";n.d(t,{L:()=>a});var o=n(52263);function a(){return(0,o.Z)().siteConfig.themeConfig}},8802:(e,t)=>{"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=function(e,t){const{trailingSlash:n,baseUrl:o}=t;if(e.startsWith("#"))return e;if(void 0===n)return e;const[a]=e.split(/[#?]/),c="/"===a||a===o?a:(r=a,n?function(e){return e.endsWith("/")?e:`${e}/`}(r):function(e){return e.endsWith("/")?e.slice(0,-1):e}(r));var r;return e.replace(a,c)}},54143:(e,t)=>{"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.getErrorCausalChain=void 0,t.getErrorCausalChain=function e(t){return t.cause?[t,...e(t.cause)]:[t]}},18780:function(e,t,n){"use strict";var o=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),t.getErrorCausalChain=t.applyTrailingSlash=t.blogPostContainerID=void 0,t.blogPostContainerID="__blog-post-container";var a=n(8802);Object.defineProperty(t,"applyTrailingSlash",{enumerable:!0,get:function(){return o(a).default}});var c=n(54143);Object.defineProperty(t,"getErrorCausalChain",{enumerable:!0,get:function(){return c.getErrorCausalChain}})},86010:(e,t,n)=>{"use strict";function o(e){var t,n,a="";if("string"==typeof e||"number"==typeof e)a+=e;else if("object"==typeof e)if(Array.isArray(e))for(t=0;ta});const a=function(){for(var e,t,n=0,a="";n{"use strict";n.d(t,{lX:()=>w,q_:()=>C,ob:()=>g,PP:()=>j,Ep:()=>b});var o=n(87462);function a(e){return"/"===e.charAt(0)}function c(e,t){for(var n=t,o=n+1,a=e.length;o=0;b--){var g=r[b];"."===g?c(r,b):".."===g?(c(r,b),u++):u&&(c(r,b),u--)}if(!l)for(;u--;u)r.unshift("..");!l||""===r[0]||r[0]&&a(r[0])||r.unshift("");var f=r.join("/");return n&&"/"!==f.substr(-1)&&(f+="/"),f};var i=n(38776);function s(e){return"/"===e.charAt(0)?e:"/"+e}function l(e){return"/"===e.charAt(0)?e.substr(1):e}function d(e,t){return function(e,t){return 0===e.toLowerCase().indexOf(t.toLowerCase())&&-1!=="/?#".indexOf(e.charAt(t.length))}(e,t)?e.substr(t.length):e}function u(e){return"/"===e.charAt(e.length-1)?e.slice(0,-1):e}function b(e){var t=e.pathname,n=e.search,o=e.hash,a=t||"/";return n&&"?"!==n&&(a+="?"===n.charAt(0)?n:"?"+n),o&&"#"!==o&&(a+="#"===o.charAt(0)?o:"#"+o),a}function g(e,t,n,a){var c;"string"==typeof e?(c=function(e){var t=e||"/",n="",o="",a=t.indexOf("#");-1!==a&&(o=t.substr(a),t=t.substr(0,a));var c=t.indexOf("?");return-1!==c&&(n=t.substr(c),t=t.substr(0,c)),{pathname:t,search:"?"===n?"":n,hash:"#"===o?"":o}}(e),c.state=t):(void 0===(c=(0,o.Z)({},e)).pathname&&(c.pathname=""),c.search?"?"!==c.search.charAt(0)&&(c.search="?"+c.search):c.search="",c.hash?"#"!==c.hash.charAt(0)&&(c.hash="#"+c.hash):c.hash="",void 0!==t&&void 0===c.state&&(c.state=t));try{c.pathname=decodeURI(c.pathname)}catch(i){throw i instanceof URIError?new URIError('Pathname "'+c.pathname+'" could not be decoded. This is likely caused by an invalid percent-encoding.'):i}return n&&(c.key=n),a?c.pathname?"/"!==c.pathname.charAt(0)&&(c.pathname=r(c.pathname,a.pathname)):c.pathname=a.pathname:c.pathname||(c.pathname="/"),c}function f(){var e=null;var t=[];return{setPrompt:function(t){return e=t,function(){e===t&&(e=null)}},confirmTransitionTo:function(t,n,o,a){if(null!=e){var c="function"==typeof e?e(t,n):e;"string"==typeof c?"function"==typeof o?o(c,a):a(!0):a(!1!==c)}else a(!0)},appendListener:function(e){var n=!0;function o(){n&&e.apply(void 0,arguments)}return t.push(o),function(){n=!1,t=t.filter((function(e){return e!==o}))}},notifyListeners:function(){for(var e=arguments.length,n=new Array(e),o=0;ot?n.splice(t,n.length-t,a):n.push(a),u({action:o,location:a,index:t,entries:n})}}))},replace:function(e,t){var o="REPLACE",a=g(e,t,p(),w.location);d.confirmTransitionTo(a,o,n,(function(e){e&&(w.entries[w.index]=a,u({action:o,location:a}))}))},go:v,goBack:function(){v(-1)},goForward:function(){v(1)},canGo:function(e){var t=w.index+e;return t>=0&&t{"use strict";var o=n(59864),a={childContextTypes:!0,contextType:!0,contextTypes:!0,defaultProps:!0,displayName:!0,getDefaultProps:!0,getDerivedStateFromError:!0,getDerivedStateFromProps:!0,mixins:!0,propTypes:!0,type:!0},c={name:!0,length:!0,prototype:!0,caller:!0,callee:!0,arguments:!0,arity:!0},r={$$typeof:!0,compare:!0,defaultProps:!0,displayName:!0,propTypes:!0,type:!0},i={};function s(e){return o.isMemo(e)?r:i[e.$$typeof]||a}i[o.ForwardRef]={$$typeof:!0,render:!0,defaultProps:!0,displayName:!0,propTypes:!0},i[o.Memo]=r;var l=Object.defineProperty,d=Object.getOwnPropertyNames,u=Object.getOwnPropertySymbols,b=Object.getOwnPropertyDescriptor,g=Object.getPrototypeOf,f=Object.prototype;e.exports=function e(t,n,o){if("string"!=typeof n){if(f){var a=g(n);a&&a!==f&&e(t,a,o)}var r=d(n);u&&(r=r.concat(u(n)));for(var i=s(t),p=s(n),m=0;m{"use strict";e.exports=function(e,t,n,o,a,c,r,i){if(!e){var s;if(void 0===t)s=new Error("Minified exception occurred; use the non-minified dev environment for the full error message and additional helpful warnings.");else{var l=[n,o,a,c,r,i],d=0;(s=new Error(t.replace(/%s/g,(function(){return l[d++]})))).name="Invariant Violation"}throw s.framesToPop=1,s}}},5826:e=>{e.exports=Array.isArray||function(e){return"[object Array]"==Object.prototype.toString.call(e)}},32497:(e,t,n)=>{"use strict";n.r(t)},19943:(e,t,n)=>{"use strict";n.r(t)},74865:function(e,t,n){var o,a;o=function(){var e,t,n={version:"0.2.0"},o=n.settings={minimum:.08,easing:"ease",positionUsing:"",speed:200,trickle:!0,trickleRate:.02,trickleSpeed:800,showSpinner:!0,barSelector:'[role="bar"]',spinnerSelector:'[role="spinner"]',parent:"body",template:'
'};function a(e,t,n){return en?n:e}function c(e){return 100*(-1+e)}function r(e,t,n){var a;return(a="translate3d"===o.positionUsing?{transform:"translate3d("+c(e)+"%,0,0)"}:"translate"===o.positionUsing?{transform:"translate("+c(e)+"%,0)"}:{"margin-left":c(e)+"%"}).transition="all "+t+"ms "+n,a}n.configure=function(e){var t,n;for(t in e)void 0!==(n=e[t])&&e.hasOwnProperty(t)&&(o[t]=n);return this},n.status=null,n.set=function(e){var t=n.isStarted();e=a(e,o.minimum,1),n.status=1===e?null:e;var c=n.render(!t),l=c.querySelector(o.barSelector),d=o.speed,u=o.easing;return c.offsetWidth,i((function(t){""===o.positionUsing&&(o.positionUsing=n.getPositioningCSS()),s(l,r(e,d,u)),1===e?(s(c,{transition:"none",opacity:1}),c.offsetWidth,setTimeout((function(){s(c,{transition:"all "+d+"ms linear",opacity:0}),setTimeout((function(){n.remove(),t()}),d)}),d)):setTimeout(t,d)})),this},n.isStarted=function(){return"number"==typeof n.status},n.start=function(){n.status||n.set(0);var e=function(){setTimeout((function(){n.status&&(n.trickle(),e())}),o.trickleSpeed)};return o.trickle&&e(),this},n.done=function(e){return e||n.status?n.inc(.3+.5*Math.random()).set(1):this},n.inc=function(e){var t=n.status;return t?("number"!=typeof e&&(e=(1-t)*a(Math.random()*t,.1,.95)),t=a(t+e,0,.994),n.set(t)):n.start()},n.trickle=function(){return n.inc(Math.random()*o.trickleRate)},e=0,t=0,n.promise=function(o){return o&&"resolved"!==o.state()?(0===t&&n.start(),e++,t++,o.always((function(){0==--t?(e=0,n.done()):n.set((e-t)/e)})),this):this},n.render=function(e){if(n.isRendered())return document.getElementById("nprogress");d(document.documentElement,"nprogress-busy");var t=document.createElement("div");t.id="nprogress",t.innerHTML=o.template;var a,r=t.querySelector(o.barSelector),i=e?"-100":c(n.status||0),l=document.querySelector(o.parent);return s(r,{transition:"all 0 linear",transform:"translate3d("+i+"%,0,0)"}),o.showSpinner||(a=t.querySelector(o.spinnerSelector))&&g(a),l!=document.body&&d(l,"nprogress-custom-parent"),l.appendChild(t),t},n.remove=function(){u(document.documentElement,"nprogress-busy"),u(document.querySelector(o.parent),"nprogress-custom-parent");var e=document.getElementById("nprogress");e&&g(e)},n.isRendered=function(){return!!document.getElementById("nprogress")},n.getPositioningCSS=function(){var e=document.body.style,t="WebkitTransform"in e?"Webkit":"MozTransform"in e?"Moz":"msTransform"in e?"ms":"OTransform"in e?"O":"";return t+"Perspective"in e?"translate3d":t+"Transform"in e?"translate":"margin"};var i=function(){var e=[];function t(){var n=e.shift();n&&n(t)}return function(n){e.push(n),1==e.length&&t()}}(),s=function(){var e=["Webkit","O","Moz","ms"],t={};function n(e){return e.replace(/^-ms-/,"ms-").replace(/-([\da-z])/gi,(function(e,t){return t.toUpperCase()}))}function o(t){var n=document.body.style;if(t in n)return t;for(var o,a=e.length,c=t.charAt(0).toUpperCase()+t.slice(1);a--;)if((o=e[a]+c)in n)return o;return t}function a(e){return e=n(e),t[e]||(t[e]=o(e))}function c(e,t,n){t=a(t),e.style[t]=n}return function(e,t){var n,o,a=arguments;if(2==a.length)for(n in t)void 0!==(o=t[n])&&t.hasOwnProperty(n)&&c(e,n,o);else c(e,a[1],a[2])}}();function l(e,t){return("string"==typeof e?e:b(e)).indexOf(" "+t+" ")>=0}function d(e,t){var n=b(e),o=n+t;l(n,t)||(e.className=o.substring(1))}function u(e,t){var n,o=b(e);l(e,t)&&(n=o.replace(" "+t+" "," "),e.className=n.substring(1,n.length-1))}function b(e){return(" "+(e.className||"")+" ").replace(/\s+/gi," ")}function g(e){e&&e.parentNode&&e.parentNode.removeChild(e)}return n},void 0===(a="function"==typeof o?o.call(t,n,t,e):o)||(e.exports=a)},27418:e=>{"use strict";var t=Object.getOwnPropertySymbols,n=Object.prototype.hasOwnProperty,o=Object.prototype.propertyIsEnumerable;e.exports=function(){try{if(!Object.assign)return!1;var e=new String("abc");if(e[5]="de","5"===Object.getOwnPropertyNames(e)[0])return!1;for(var t={},n=0;n<10;n++)t["_"+String.fromCharCode(n)]=n;if("0123456789"!==Object.getOwnPropertyNames(t).map((function(e){return t[e]})).join(""))return!1;var o={};return"abcdefghijklmnopqrst".split("").forEach((function(e){o[e]=e})),"abcdefghijklmnopqrst"===Object.keys(Object.assign({},o)).join("")}catch(a){return!1}}()?Object.assign:function(e,a){for(var c,r,i=function(e){if(null==e)throw new TypeError("Object.assign cannot be called with null or undefined");return Object(e)}(e),s=1;s{"use strict";n.d(t,{Z:()=>c});var o=function(){var e=/(?:^|\s)lang(?:uage)?-([\w-]+)(?=\s|$)/i,t=0,n={},o={util:{encode:function e(t){return t instanceof a?new a(t.type,e(t.content),t.alias):Array.isArray(t)?t.map(e):t.replace(/&/g,"&").replace(/=u.reach);k+=x.value.length,x=x.next){var E=x.value;if(t.length>e.length)return;if(!(E instanceof a)){var S,C=1;if(_){if(!(S=c(y,k,e,h))||S.index>=e.length)break;var T=S.index,j=S.index+S[0].length,A=k;for(A+=x.value.length;T>=A;)A+=(x=x.next).value.length;if(k=A-=x.value.length,x.value instanceof a)continue;for(var M=x;M!==t.tail&&(Au.reach&&(u.reach=N);var O=x.prev;if(P&&(O=s(t,O,P),k+=P.length),l(t,O,C),x=s(t,O,new a(b,m?o.tokenize(L,m):L,v,L)),R&&s(t,x,R),C>1){var I={cause:b+","+f,reach:N};r(e,t,n,x.prev,k,I),u&&I.reach>u.reach&&(u.reach=I.reach)}}}}}}function i(){var e={value:null,prev:null,next:null},t={value:null,prev:e,next:null};e.next=t,this.head=e,this.tail=t,this.length=0}function s(e,t,n){var o=t.next,a={value:n,prev:t,next:o};return t.next=a,o.prev=a,e.length++,a}function l(e,t,n){for(var o=t.next,a=0;a"+c.content+""},o}(),a=o;o.default=o,a.languages.markup={comment:{pattern://,greedy:!0},prolog:{pattern:/<\?[\s\S]+?\?>/,greedy:!0},doctype:{pattern:/"'[\]]|"[^"]*"|'[^']*')+(?:\[(?:[^<"'\]]|"[^"]*"|'[^']*'|<(?!!--)|)*\]\s*)?>/i,greedy:!0,inside:{"internal-subset":{pattern:/(^[^\[]*\[)[\s\S]+(?=\]>$)/,lookbehind:!0,greedy:!0,inside:null},string:{pattern:/"[^"]*"|'[^']*'/,greedy:!0},punctuation:/^$|[[\]]/,"doctype-tag":/^DOCTYPE/i,name:/[^\s<>'"]+/}},cdata:{pattern://i,greedy:!0},tag:{pattern:/<\/?(?!\d)[^\s>\/=$<%]+(?:\s(?:\s*[^\s>\/=]+(?:\s*=\s*(?:"[^"]*"|'[^']*'|[^\s'">=]+(?=[\s>]))|(?=[\s/>])))+)?\s*\/?>/,greedy:!0,inside:{tag:{pattern:/^<\/?[^\s>\/]+/,inside:{punctuation:/^<\/?/,namespace:/^[^\s>\/:]+:/}},"special-attr":[],"attr-value":{pattern:/=\s*(?:"[^"]*"|'[^']*'|[^\s'">=]+)/,inside:{punctuation:[{pattern:/^=/,alias:"attr-equals"},/"|'/]}},punctuation:/\/?>/,"attr-name":{pattern:/[^\s>\/]+/,inside:{namespace:/^[^\s>\/:]+:/}}}},entity:[{pattern:/&[\da-z]{1,8};/i,alias:"named-entity"},/&#x?[\da-f]{1,8};/i]},a.languages.markup.tag.inside["attr-value"].inside.entity=a.languages.markup.entity,a.languages.markup.doctype.inside["internal-subset"].inside=a.languages.markup,a.hooks.add("wrap",(function(e){"entity"===e.type&&(e.attributes.title=e.content.replace(/&/,"&"))})),Object.defineProperty(a.languages.markup.tag,"addInlined",{value:function(e,t){var n={};n["language-"+t]={pattern:/(^$)/i,lookbehind:!0,inside:a.languages[t]},n.cdata=/^$/i;var o={"included-cdata":{pattern://i,inside:n}};o["language-"+t]={pattern:/[\s\S]+/,inside:a.languages[t]};var c={};c[e]={pattern:RegExp(/(<__[^>]*>)(?:))*\]\]>|(?!)/.source.replace(/__/g,(function(){return e})),"i"),lookbehind:!0,greedy:!0,inside:o},a.languages.insertBefore("markup","cdata",c)}}),Object.defineProperty(a.languages.markup.tag,"addAttribute",{value:function(e,t){a.languages.markup.tag.inside["special-attr"].push({pattern:RegExp(/(^|["'\s])/.source+"(?:"+e+")"+/\s*=\s*(?:"[^"]*"|'[^']*'|[^\s'">=]+(?=[\s>]))/.source,"i"),lookbehind:!0,inside:{"attr-name":/^[^\s=]+/,"attr-value":{pattern:/=[\s\S]+/,inside:{value:{pattern:/(^=\s*(["']|(?!["'])))\S[\s\S]*(?=\2$)/,lookbehind:!0,alias:[t,"language-"+t],inside:a.languages[t]},punctuation:[{pattern:/^=/,alias:"attr-equals"},/"|'/]}}}})}}),a.languages.html=a.languages.markup,a.languages.mathml=a.languages.markup,a.languages.svg=a.languages.markup,a.languages.xml=a.languages.extend("markup",{}),a.languages.ssml=a.languages.xml,a.languages.atom=a.languages.xml,a.languages.rss=a.languages.xml,function(e){var t="\\b(?:BASH|BASHOPTS|BASH_ALIASES|BASH_ARGC|BASH_ARGV|BASH_CMDS|BASH_COMPLETION_COMPAT_DIR|BASH_LINENO|BASH_REMATCH|BASH_SOURCE|BASH_VERSINFO|BASH_VERSION|COLORTERM|COLUMNS|COMP_WORDBREAKS|DBUS_SESSION_BUS_ADDRESS|DEFAULTS_PATH|DESKTOP_SESSION|DIRSTACK|DISPLAY|EUID|GDMSESSION|GDM_LANG|GNOME_KEYRING_CONTROL|GNOME_KEYRING_PID|GPG_AGENT_INFO|GROUPS|HISTCONTROL|HISTFILE|HISTFILESIZE|HISTSIZE|HOME|HOSTNAME|HOSTTYPE|IFS|INSTANCE|JOB|LANG|LANGUAGE|LC_ADDRESS|LC_ALL|LC_IDENTIFICATION|LC_MEASUREMENT|LC_MONETARY|LC_NAME|LC_NUMERIC|LC_PAPER|LC_TELEPHONE|LC_TIME|LESSCLOSE|LESSOPEN|LINES|LOGNAME|LS_COLORS|MACHTYPE|MAILCHECK|MANDATORY_PATH|NO_AT_BRIDGE|OLDPWD|OPTERR|OPTIND|ORBIT_SOCKETDIR|OSTYPE|PAPERSIZE|PATH|PIPESTATUS|PPID|PS1|PS2|PS3|PS4|PWD|RANDOM|REPLY|SECONDS|SELINUX_INIT|SESSION|SESSIONTYPE|SESSION_MANAGER|SHELL|SHELLOPTS|SHLVL|SSH_AUTH_SOCK|TERM|UID|UPSTART_EVENTS|UPSTART_INSTANCE|UPSTART_JOB|UPSTART_SESSION|USER|WINDOWID|XAUTHORITY|XDG_CONFIG_DIRS|XDG_CURRENT_DESKTOP|XDG_DATA_DIRS|XDG_GREETER_DATA_DIR|XDG_MENU_PREFIX|XDG_RUNTIME_DIR|XDG_SEAT|XDG_SEAT_PATH|XDG_SESSION_DESKTOP|XDG_SESSION_ID|XDG_SESSION_PATH|XDG_SESSION_TYPE|XDG_VTNR|XMODIFIERS)\\b",n={pattern:/(^(["']?)\w+\2)[ \t]+\S.*/,lookbehind:!0,alias:"punctuation",inside:null},o={bash:n,environment:{pattern:RegExp("\\$"+t),alias:"constant"},variable:[{pattern:/\$?\(\([\s\S]+?\)\)/,greedy:!0,inside:{variable:[{pattern:/(^\$\(\([\s\S]+)\)\)/,lookbehind:!0},/^\$\(\(/],number:/\b0x[\dA-Fa-f]+\b|(?:\b\d+(?:\.\d*)?|\B\.\d+)(?:[Ee]-?\d+)?/,operator:/--|\+\+|\*\*=?|<<=?|>>=?|&&|\|\||[=!+\-*/%<>^&|]=?|[?~:]/,punctuation:/\(\(?|\)\)?|,|;/}},{pattern:/\$\((?:\([^)]+\)|[^()])+\)|`[^`]+`/,greedy:!0,inside:{variable:/^\$\(|^`|\)$|`$/}},{pattern:/\$\{[^}]+\}/,greedy:!0,inside:{operator:/:[-=?+]?|[!\/]|##?|%%?|\^\^?|,,?/,punctuation:/[\[\]]/,environment:{pattern:RegExp("(\\{)"+t),lookbehind:!0,alias:"constant"}}},/\$(?:\w+|[#?*!@$])/],entity:/\\(?:[abceEfnrtv\\"]|O?[0-7]{1,3}|U[0-9a-fA-F]{8}|u[0-9a-fA-F]{4}|x[0-9a-fA-F]{1,2})/};e.languages.bash={shebang:{pattern:/^#!\s*\/.*/,alias:"important"},comment:{pattern:/(^|[^"{\\$])#.*/,lookbehind:!0},"function-name":[{pattern:/(\bfunction\s+)[\w-]+(?=(?:\s*\(?:\s*\))?\s*\{)/,lookbehind:!0,alias:"function"},{pattern:/\b[\w-]+(?=\s*\(\s*\)\s*\{)/,alias:"function"}],"for-or-select":{pattern:/(\b(?:for|select)\s+)\w+(?=\s+in\s)/,alias:"variable",lookbehind:!0},"assign-left":{pattern:/(^|[\s;|&]|[<>]\()\w+(?=\+?=)/,inside:{environment:{pattern:RegExp("(^|[\\s;|&]|[<>]\\()"+t),lookbehind:!0,alias:"constant"}},alias:"variable",lookbehind:!0},string:[{pattern:/((?:^|[^<])<<-?\s*)(\w+)\s[\s\S]*?(?:\r?\n|\r)\2/,lookbehind:!0,greedy:!0,inside:o},{pattern:/((?:^|[^<])<<-?\s*)(["'])(\w+)\2\s[\s\S]*?(?:\r?\n|\r)\3/,lookbehind:!0,greedy:!0,inside:{bash:n}},{pattern:/(^|[^\\](?:\\\\)*)"(?:\\[\s\S]|\$\([^)]+\)|\$(?!\()|`[^`]+`|[^"\\`$])*"/,lookbehind:!0,greedy:!0,inside:o},{pattern:/(^|[^$\\])'[^']*'/,lookbehind:!0,greedy:!0},{pattern:/\$'(?:[^'\\]|\\[\s\S])*'/,greedy:!0,inside:{entity:o.entity}}],environment:{pattern:RegExp("\\$?"+t),alias:"constant"},variable:o.variable,function:{pattern:/(^|[\s;|&]|[<>]\()(?:add|apropos|apt|apt-cache|apt-get|aptitude|aspell|automysqlbackup|awk|basename|bash|bc|bconsole|bg|bzip2|cal|cat|cfdisk|chgrp|chkconfig|chmod|chown|chroot|cksum|clear|cmp|column|comm|composer|cp|cron|crontab|csplit|curl|cut|date|dc|dd|ddrescue|debootstrap|df|diff|diff3|dig|dir|dircolors|dirname|dirs|dmesg|docker|docker-compose|du|egrep|eject|env|ethtool|expand|expect|expr|fdformat|fdisk|fg|fgrep|file|find|fmt|fold|format|free|fsck|ftp|fuser|gawk|git|gparted|grep|groupadd|groupdel|groupmod|groups|grub-mkconfig|gzip|halt|head|hg|history|host|hostname|htop|iconv|id|ifconfig|ifdown|ifup|import|install|ip|jobs|join|kill|killall|less|link|ln|locate|logname|logrotate|look|lpc|lpr|lprint|lprintd|lprintq|lprm|ls|lsof|lynx|make|man|mc|mdadm|mkconfig|mkdir|mke2fs|mkfifo|mkfs|mkisofs|mknod|mkswap|mmv|more|most|mount|mtools|mtr|mutt|mv|nano|nc|netstat|nice|nl|node|nohup|notify-send|npm|nslookup|op|open|parted|passwd|paste|pathchk|ping|pkill|pnpm|podman|podman-compose|popd|pr|printcap|printenv|ps|pushd|pv|quota|quotacheck|quotactl|ram|rar|rcp|reboot|remsync|rename|renice|rev|rm|rmdir|rpm|rsync|scp|screen|sdiff|sed|sendmail|seq|service|sftp|sh|shellcheck|shuf|shutdown|sleep|slocate|sort|split|ssh|stat|strace|su|sudo|sum|suspend|swapon|sync|tac|tail|tar|tee|time|timeout|top|touch|tr|traceroute|tsort|tty|umount|uname|unexpand|uniq|units|unrar|unshar|unzip|update-grub|uptime|useradd|userdel|usermod|users|uudecode|uuencode|v|vcpkg|vdir|vi|vim|virsh|vmstat|wait|watch|wc|wget|whereis|which|who|whoami|write|xargs|xdg-open|yarn|yes|zenity|zip|zsh|zypper)(?=$|[)\s;|&])/,lookbehind:!0},keyword:{pattern:/(^|[\s;|&]|[<>]\()(?:case|do|done|elif|else|esac|fi|for|function|if|in|select|then|until|while)(?=$|[)\s;|&])/,lookbehind:!0},builtin:{pattern:/(^|[\s;|&]|[<>]\()(?:\.|:|alias|bind|break|builtin|caller|cd|command|continue|declare|echo|enable|eval|exec|exit|export|getopts|hash|help|let|local|logout|mapfile|printf|pwd|read|readarray|readonly|return|set|shift|shopt|source|test|times|trap|type|typeset|ulimit|umask|unalias|unset)(?=$|[)\s;|&])/,lookbehind:!0,alias:"class-name"},boolean:{pattern:/(^|[\s;|&]|[<>]\()(?:false|true)(?=$|[)\s;|&])/,lookbehind:!0},"file-descriptor":{pattern:/\B&\d\b/,alias:"important"},operator:{pattern:/\d?<>|>\||\+=|=[=~]?|!=?|<<[<-]?|[&\d]?>>|\d[<>]&?|[<>][&=]?|&[>&]?|\|[&|]?/,inside:{"file-descriptor":{pattern:/^\d/,alias:"important"}}},punctuation:/\$?\(\(?|\)\)?|\.\.|[{}[\];\\]/,number:{pattern:/(^|\s)(?:[1-9]\d*|0)(?:[.,]\d+)?\b/,lookbehind:!0}},n.inside=e.languages.bash;for(var a=["comment","function-name","for-or-select","assign-left","string","environment","function","keyword","builtin","boolean","file-descriptor","operator","punctuation","number"],c=o.variable[1].inside,r=0;r]=?|[!=]=?=?|--?|\+\+?|&&?|\|\|?|[?*/~^%]/,punctuation:/[{}[\];(),.:]/},a.languages.c=a.languages.extend("clike",{comment:{pattern:/\/\/(?:[^\r\n\\]|\\(?:\r\n?|\n|(?![\r\n])))*|\/\*[\s\S]*?(?:\*\/|$)/,greedy:!0},string:{pattern:/"(?:\\(?:\r\n|[\s\S])|[^"\\\r\n])*"/,greedy:!0},"class-name":{pattern:/(\b(?:enum|struct)\s+(?:__attribute__\s*\(\([\s\S]*?\)\)\s*)?)\w+|\b[a-z]\w*_t\b/,lookbehind:!0},keyword:/\b(?:_Alignas|_Alignof|_Atomic|_Bool|_Complex|_Generic|_Imaginary|_Noreturn|_Static_assert|_Thread_local|__attribute__|asm|auto|break|case|char|const|continue|default|do|double|else|enum|extern|float|for|goto|if|inline|int|long|register|return|short|signed|sizeof|static|struct|switch|typedef|typeof|union|unsigned|void|volatile|while)\b/,function:/\b[a-z_]\w*(?=\s*\()/i,number:/(?:\b0x(?:[\da-f]+(?:\.[\da-f]*)?|\.[\da-f]+)(?:p[+-]?\d+)?|(?:\b\d+(?:\.\d*)?|\B\.\d+)(?:e[+-]?\d+)?)[ful]{0,4}/i,operator:/>>=?|<<=?|->|([-+&|:])\1|[?:~]|[-+*/%&|^!=<>]=?/}),a.languages.insertBefore("c","string",{char:{pattern:/'(?:\\(?:\r\n|[\s\S])|[^'\\\r\n]){0,32}'/,greedy:!0}}),a.languages.insertBefore("c","string",{macro:{pattern:/(^[\t ]*)#\s*[a-z](?:[^\r\n\\/]|\/(?!\*)|\/\*(?:[^*]|\*(?!\/))*\*\/|\\(?:\r\n|[\s\S]))*/im,lookbehind:!0,greedy:!0,alias:"property",inside:{string:[{pattern:/^(#\s*include\s*)<[^>]+>/,lookbehind:!0},a.languages.c.string],char:a.languages.c.char,comment:a.languages.c.comment,"macro-name":[{pattern:/(^#\s*define\s+)\w+\b(?!\()/i,lookbehind:!0},{pattern:/(^#\s*define\s+)\w+\b(?=\()/i,lookbehind:!0,alias:"function"}],directive:{pattern:/^(#\s*)[a-z]+/,lookbehind:!0,alias:"keyword"},"directive-hash":/^#/,punctuation:/##|\\(?=[\r\n])/,expression:{pattern:/\S[\s\S]*/,inside:a.languages.c}}}}),a.languages.insertBefore("c","function",{constant:/\b(?:EOF|NULL|SEEK_CUR|SEEK_END|SEEK_SET|__DATE__|__FILE__|__LINE__|__TIMESTAMP__|__TIME__|__func__|stderr|stdin|stdout)\b/}),delete a.languages.c.boolean,function(e){var t=/\b(?:alignas|alignof|asm|auto|bool|break|case|catch|char|char16_t|char32_t|char8_t|class|co_await|co_return|co_yield|compl|concept|const|const_cast|consteval|constexpr|constinit|continue|decltype|default|delete|do|double|dynamic_cast|else|enum|explicit|export|extern|final|float|for|friend|goto|if|import|inline|int|int16_t|int32_t|int64_t|int8_t|long|module|mutable|namespace|new|noexcept|nullptr|operator|override|private|protected|public|register|reinterpret_cast|requires|return|short|signed|sizeof|static|static_assert|static_cast|struct|switch|template|this|thread_local|throw|try|typedef|typeid|typename|uint16_t|uint32_t|uint64_t|uint8_t|union|unsigned|using|virtual|void|volatile|wchar_t|while)\b/,n=/\b(?!)\w+(?:\s*\.\s*\w+)*\b/.source.replace(//g,(function(){return t.source}));e.languages.cpp=e.languages.extend("c",{"class-name":[{pattern:RegExp(/(\b(?:class|concept|enum|struct|typename)\s+)(?!)\w+/.source.replace(//g,(function(){return t.source}))),lookbehind:!0},/\b[A-Z]\w*(?=\s*::\s*\w+\s*\()/,/\b[A-Z_]\w*(?=\s*::\s*~\w+\s*\()/i,/\b\w+(?=\s*<(?:[^<>]|<(?:[^<>]|<[^<>]*>)*>)*>\s*::\s*\w+\s*\()/],keyword:t,number:{pattern:/(?:\b0b[01']+|\b0x(?:[\da-f']+(?:\.[\da-f']*)?|\.[\da-f']+)(?:p[+-]?[\d']+)?|(?:\b[\d']+(?:\.[\d']*)?|\B\.[\d']+)(?:e[+-]?[\d']+)?)[ful]{0,4}/i,greedy:!0},operator:/>>=?|<<=?|->|--|\+\+|&&|\|\||[?:~]|<=>|[-+*/%&|^!=<>]=?|\b(?:and|and_eq|bitand|bitor|not|not_eq|or|or_eq|xor|xor_eq)\b/,boolean:/\b(?:false|true)\b/}),e.languages.insertBefore("cpp","string",{module:{pattern:RegExp(/(\b(?:import|module)\s+)/.source+"(?:"+/"(?:\\(?:\r\n|[\s\S])|[^"\\\r\n])*"|<[^<>\r\n]*>/.source+"|"+/(?:\s*:\s*)?|:\s*/.source.replace(//g,(function(){return n}))+")"),lookbehind:!0,greedy:!0,inside:{string:/^[<"][\s\S]+/,operator:/:/,punctuation:/\./}},"raw-string":{pattern:/R"([^()\\ ]{0,16})\([\s\S]*?\)\1"/,alias:"string",greedy:!0}}),e.languages.insertBefore("cpp","keyword",{"generic-function":{pattern:/\b(?!operator\b)[a-z_]\w*\s*<(?:[^<>]|<[^<>]*>)*>(?=\s*\()/i,inside:{function:/^\w+/,generic:{pattern:/<[\s\S]+/,alias:"class-name",inside:e.languages.cpp}}}}),e.languages.insertBefore("cpp","operator",{"double-colon":{pattern:/::/,alias:"punctuation"}}),e.languages.insertBefore("cpp","class-name",{"base-clause":{pattern:/(\b(?:class|struct)\s+\w+\s*:\s*)[^;{}"'\s]+(?:\s+[^;{}"'\s]+)*(?=\s*[;{])/,lookbehind:!0,greedy:!0,inside:e.languages.extend("cpp",{})}}),e.languages.insertBefore("inside","double-colon",{"class-name":/\b[a-z_]\w*\b(?!\s*::)/i},e.languages.cpp["base-clause"])}(a),function(e){var t=/(?:"(?:\\(?:\r\n|[\s\S])|[^"\\\r\n])*"|'(?:\\(?:\r\n|[\s\S])|[^'\\\r\n])*')/;e.languages.css={comment:/\/\*[\s\S]*?\*\//,atrule:{pattern:/@[\w-](?:[^;{\s]|\s+(?![\s{]))*(?:;|(?=\s*\{))/,inside:{rule:/^@[\w-]+/,"selector-function-argument":{pattern:/(\bselector\s*\(\s*(?![\s)]))(?:[^()\s]|\s+(?![\s)])|\((?:[^()]|\([^()]*\))*\))+(?=\s*\))/,lookbehind:!0,alias:"selector"},keyword:{pattern:/(^|[^\w-])(?:and|not|only|or)(?![\w-])/,lookbehind:!0}}},url:{pattern:RegExp("\\burl\\((?:"+t.source+"|"+/(?:[^\\\r\n()"']|\\[\s\S])*/.source+")\\)","i"),greedy:!0,inside:{function:/^url/i,punctuation:/^\(|\)$/,string:{pattern:RegExp("^"+t.source+"$"),alias:"url"}}},selector:{pattern:RegExp("(^|[{}\\s])[^{}\\s](?:[^{};\"'\\s]|\\s+(?![\\s{])|"+t.source+")*(?=\\s*\\{)"),lookbehind:!0},string:{pattern:t,greedy:!0},property:{pattern:/(^|[^-\w\xA0-\uFFFF])(?!\s)[-_a-z\xA0-\uFFFF](?:(?!\s)[-\w\xA0-\uFFFF])*(?=\s*:)/i,lookbehind:!0},important:/!important\b/i,function:{pattern:/(^|[^-a-z0-9])[-a-z0-9]+(?=\()/i,lookbehind:!0},punctuation:/[(){};:,]/},e.languages.css.atrule.inside.rest=e.languages.css;var n=e.languages.markup;n&&(n.tag.addInlined("style","css"),n.tag.addAttribute("style","css"))}(a),function(e){var t,n=/("|')(?:\\(?:\r\n|[\s\S])|(?!\1)[^\\\r\n])*\1/;e.languages.css.selector={pattern:e.languages.css.selector.pattern,lookbehind:!0,inside:t={"pseudo-element":/:(?:after|before|first-letter|first-line|selection)|::[-\w]+/,"pseudo-class":/:[-\w]+/,class:/\.[-\w]+/,id:/#[-\w]+/,attribute:{pattern:RegExp("\\[(?:[^[\\]\"']|"+n.source+")*\\]"),greedy:!0,inside:{punctuation:/^\[|\]$/,"case-sensitivity":{pattern:/(\s)[si]$/i,lookbehind:!0,alias:"keyword"},namespace:{pattern:/^(\s*)(?:(?!\s)[-*\w\xA0-\uFFFF])*\|(?!=)/,lookbehind:!0,inside:{punctuation:/\|$/}},"attr-name":{pattern:/^(\s*)(?:(?!\s)[-\w\xA0-\uFFFF])+/,lookbehind:!0},"attr-value":[n,{pattern:/(=\s*)(?:(?!\s)[-\w\xA0-\uFFFF])+(?=\s*$)/,lookbehind:!0}],operator:/[|~*^$]?=/}},"n-th":[{pattern:/(\(\s*)[+-]?\d*[\dn](?:\s*[+-]\s*\d+)?(?=\s*\))/,lookbehind:!0,inside:{number:/[\dn]+/,operator:/[+-]/}},{pattern:/(\(\s*)(?:even|odd)(?=\s*\))/i,lookbehind:!0}],combinator:/>|\+|~|\|\|/,punctuation:/[(),]/}},e.languages.css.atrule.inside["selector-function-argument"].inside=t,e.languages.insertBefore("css","property",{variable:{pattern:/(^|[^-\w\xA0-\uFFFF])--(?!\s)[-_a-z\xA0-\uFFFF](?:(?!\s)[-\w\xA0-\uFFFF])*/i,lookbehind:!0}});var o={pattern:/(\b\d+)(?:%|[a-z]+(?![\w-]))/,lookbehind:!0},a={pattern:/(^|[^\w.-])-?(?:\d+(?:\.\d+)?|\.\d+)/,lookbehind:!0};e.languages.insertBefore("css","function",{operator:{pattern:/(\s)[+\-*\/](?=\s)/,lookbehind:!0},hexcode:{pattern:/\B#[\da-f]{3,8}\b/i,alias:"color"},color:[{pattern:/(^|[^\w-])(?:AliceBlue|AntiqueWhite|Aqua|Aquamarine|Azure|Beige|Bisque|Black|BlanchedAlmond|Blue|BlueViolet|Brown|BurlyWood|CadetBlue|Chartreuse|Chocolate|Coral|CornflowerBlue|Cornsilk|Crimson|Cyan|DarkBlue|DarkCyan|DarkGoldenRod|DarkGr[ae]y|DarkGreen|DarkKhaki|DarkMagenta|DarkOliveGreen|DarkOrange|DarkOrchid|DarkRed|DarkSalmon|DarkSeaGreen|DarkSlateBlue|DarkSlateGr[ae]y|DarkTurquoise|DarkViolet|DeepPink|DeepSkyBlue|DimGr[ae]y|DodgerBlue|FireBrick|FloralWhite|ForestGreen|Fuchsia|Gainsboro|GhostWhite|Gold|GoldenRod|Gr[ae]y|Green|GreenYellow|HoneyDew|HotPink|IndianRed|Indigo|Ivory|Khaki|Lavender|LavenderBlush|LawnGreen|LemonChiffon|LightBlue|LightCoral|LightCyan|LightGoldenRodYellow|LightGr[ae]y|LightGreen|LightPink|LightSalmon|LightSeaGreen|LightSkyBlue|LightSlateGr[ae]y|LightSteelBlue|LightYellow|Lime|LimeGreen|Linen|Magenta|Maroon|MediumAquaMarine|MediumBlue|MediumOrchid|MediumPurple|MediumSeaGreen|MediumSlateBlue|MediumSpringGreen|MediumTurquoise|MediumVioletRed|MidnightBlue|MintCream|MistyRose|Moccasin|NavajoWhite|Navy|OldLace|Olive|OliveDrab|Orange|OrangeRed|Orchid|PaleGoldenRod|PaleGreen|PaleTurquoise|PaleVioletRed|PapayaWhip|PeachPuff|Peru|Pink|Plum|PowderBlue|Purple|Red|RosyBrown|RoyalBlue|SaddleBrown|Salmon|SandyBrown|SeaGreen|SeaShell|Sienna|Silver|SkyBlue|SlateBlue|SlateGr[ae]y|Snow|SpringGreen|SteelBlue|Tan|Teal|Thistle|Tomato|Transparent|Turquoise|Violet|Wheat|White|WhiteSmoke|Yellow|YellowGreen)(?![\w-])/i,lookbehind:!0},{pattern:/\b(?:hsl|rgb)\(\s*\d{1,3}\s*,\s*\d{1,3}%?\s*,\s*\d{1,3}%?\s*\)\B|\b(?:hsl|rgb)a\(\s*\d{1,3}\s*,\s*\d{1,3}%?\s*,\s*\d{1,3}%?\s*,\s*(?:0|0?\.\d+|1)\s*\)\B/i,inside:{unit:o,number:a,function:/[\w-]+(?=\()/,punctuation:/[(),]/}}],entity:/\\[\da-f]{1,8}/i,unit:o,number:a})}(a),a.languages.javascript=a.languages.extend("clike",{"class-name":[a.languages.clike["class-name"],{pattern:/(^|[^$\w\xA0-\uFFFF])(?!\s)[_$A-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*(?=\.(?:constructor|prototype))/,lookbehind:!0}],keyword:[{pattern:/((?:^|\})\s*)catch\b/,lookbehind:!0},{pattern:/(^|[^.]|\.\.\.\s*)\b(?:as|assert(?=\s*\{)|async(?=\s*(?:function\b|\(|[$\w\xA0-\uFFFF]|$))|await|break|case|class|const|continue|debugger|default|delete|do|else|enum|export|extends|finally(?=\s*(?:\{|$))|for|from(?=\s*(?:['"]|$))|function|(?:get|set)(?=\s*(?:[#\[$\w\xA0-\uFFFF]|$))|if|implements|import|in|instanceof|interface|let|new|null|of|package|private|protected|public|return|static|super|switch|this|throw|try|typeof|undefined|var|void|while|with|yield)\b/,lookbehind:!0}],function:/#?(?!\s)[_$a-zA-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*(?=\s*(?:\.\s*(?:apply|bind|call)\s*)?\()/,number:{pattern:RegExp(/(^|[^\w$])/.source+"(?:"+/NaN|Infinity/.source+"|"+/0[bB][01]+(?:_[01]+)*n?/.source+"|"+/0[oO][0-7]+(?:_[0-7]+)*n?/.source+"|"+/0[xX][\dA-Fa-f]+(?:_[\dA-Fa-f]+)*n?/.source+"|"+/\d+(?:_\d+)*n/.source+"|"+/(?:\d+(?:_\d+)*(?:\.(?:\d+(?:_\d+)*)?)?|\.\d+(?:_\d+)*)(?:[Ee][+-]?\d+(?:_\d+)*)?/.source+")"+/(?![\w$])/.source),lookbehind:!0},operator:/--|\+\+|\*\*=?|=>|&&=?|\|\|=?|[!=]==|<<=?|>>>?=?|[-+*/%&|^!=<>]=?|\.{3}|\?\?=?|\?\.?|[~:]/}),a.languages.javascript["class-name"][0].pattern=/(\b(?:class|extends|implements|instanceof|interface|new)\s+)[\w.\\]+/,a.languages.insertBefore("javascript","keyword",{regex:{pattern:/((?:^|[^$\w\xA0-\uFFFF."'\])\s]|\b(?:return|yield))\s*)\/(?:\[(?:[^\]\\\r\n]|\\.)*\]|\\.|[^/\\\[\r\n])+\/[dgimyus]{0,7}(?=(?:\s|\/\*(?:[^*]|\*(?!\/))*\*\/)*(?:$|[\r\n,.;:})\]]|\/\/))/,lookbehind:!0,greedy:!0,inside:{"regex-source":{pattern:/^(\/)[\s\S]+(?=\/[a-z]*$)/,lookbehind:!0,alias:"language-regex",inside:a.languages.regex},"regex-delimiter":/^\/|\/$/,"regex-flags":/^[a-z]+$/}},"function-variable":{pattern:/#?(?!\s)[_$a-zA-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*(?=\s*[=:]\s*(?:async\s*)?(?:\bfunction\b|(?:\((?:[^()]|\([^()]*\))*\)|(?!\s)[_$a-zA-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*)\s*=>))/,alias:"function"},parameter:[{pattern:/(function(?:\s+(?!\s)[_$a-zA-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*)?\s*\(\s*)(?!\s)(?:[^()\s]|\s+(?![\s)])|\([^()]*\))+(?=\s*\))/,lookbehind:!0,inside:a.languages.javascript},{pattern:/(^|[^$\w\xA0-\uFFFF])(?!\s)[_$a-z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*(?=\s*=>)/i,lookbehind:!0,inside:a.languages.javascript},{pattern:/(\(\s*)(?!\s)(?:[^()\s]|\s+(?![\s)])|\([^()]*\))+(?=\s*\)\s*=>)/,lookbehind:!0,inside:a.languages.javascript},{pattern:/((?:\b|\s|^)(?!(?:as|async|await|break|case|catch|class|const|continue|debugger|default|delete|do|else|enum|export|extends|finally|for|from|function|get|if|implements|import|in|instanceof|interface|let|new|null|of|package|private|protected|public|return|set|static|super|switch|this|throw|try|typeof|undefined|var|void|while|with|yield)(?![$\w\xA0-\uFFFF]))(?:(?!\s)[_$a-zA-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*\s*)\(\s*|\]\s*\(\s*)(?!\s)(?:[^()\s]|\s+(?![\s)])|\([^()]*\))+(?=\s*\)\s*\{)/,lookbehind:!0,inside:a.languages.javascript}],constant:/\b[A-Z](?:[A-Z_]|\dx?)*\b/}),a.languages.insertBefore("javascript","string",{hashbang:{pattern:/^#!.*/,greedy:!0,alias:"comment"},"template-string":{pattern:/`(?:\\[\s\S]|\$\{(?:[^{}]|\{(?:[^{}]|\{[^}]*\})*\})+\}|(?!\$\{)[^\\`])*`/,greedy:!0,inside:{"template-punctuation":{pattern:/^`|`$/,alias:"string"},interpolation:{pattern:/((?:^|[^\\])(?:\\{2})*)\$\{(?:[^{}]|\{(?:[^{}]|\{[^}]*\})*\})+\}/,lookbehind:!0,inside:{"interpolation-punctuation":{pattern:/^\$\{|\}$/,alias:"punctuation"},rest:a.languages.javascript}},string:/[\s\S]+/}},"string-property":{pattern:/((?:^|[,{])[ \t]*)(["'])(?:\\(?:\r\n|[\s\S])|(?!\2)[^\\\r\n])*\2(?=\s*:)/m,lookbehind:!0,greedy:!0,alias:"property"}}),a.languages.insertBefore("javascript","operator",{"literal-property":{pattern:/((?:^|[,{])[ \t]*)(?!\s)[_$a-zA-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*(?=\s*:)/m,lookbehind:!0,alias:"property"}}),a.languages.markup&&(a.languages.markup.tag.addInlined("script","javascript"),a.languages.markup.tag.addAttribute(/on(?:abort|blur|change|click|composition(?:end|start|update)|dblclick|error|focus(?:in|out)?|key(?:down|up)|load|mouse(?:down|enter|leave|move|out|over|up)|reset|resize|scroll|select|slotchange|submit|unload|wheel)/.source,"javascript")),a.languages.js=a.languages.javascript,function(e){var t=/#(?!\{).+/,n={pattern:/#\{[^}]+\}/,alias:"variable"};e.languages.coffeescript=e.languages.extend("javascript",{comment:t,string:[{pattern:/'(?:\\[\s\S]|[^\\'])*'/,greedy:!0},{pattern:/"(?:\\[\s\S]|[^\\"])*"/,greedy:!0,inside:{interpolation:n}}],keyword:/\b(?:and|break|by|catch|class|continue|debugger|delete|do|each|else|extend|extends|false|finally|for|if|in|instanceof|is|isnt|let|loop|namespace|new|no|not|null|of|off|on|or|own|return|super|switch|then|this|throw|true|try|typeof|undefined|unless|until|when|while|window|with|yes|yield)\b/,"class-member":{pattern:/@(?!\d)\w+/,alias:"variable"}}),e.languages.insertBefore("coffeescript","comment",{"multiline-comment":{pattern:/###[\s\S]+?###/,alias:"comment"},"block-regex":{pattern:/\/{3}[\s\S]*?\/{3}/,alias:"regex",inside:{comment:t,interpolation:n}}}),e.languages.insertBefore("coffeescript","string",{"inline-javascript":{pattern:/`(?:\\[\s\S]|[^\\`])*`/,inside:{delimiter:{pattern:/^`|`$/,alias:"punctuation"},script:{pattern:/[\s\S]+/,alias:"language-javascript",inside:e.languages.javascript}}},"multiline-string":[{pattern:/'''[\s\S]*?'''/,greedy:!0,alias:"string"},{pattern:/"""[\s\S]*?"""/,greedy:!0,alias:"string",inside:{interpolation:n}}]}),e.languages.insertBefore("coffeescript","keyword",{property:/(?!\d)\w+(?=\s*:(?!:))/}),delete e.languages.coffeescript["template-string"],e.languages.coffee=e.languages.coffeescript}(a),function(e){var t=/[*&][^\s[\]{},]+/,n=/!(?:<[\w\-%#;/?:@&=+$,.!~*'()[\]]+>|(?:[a-zA-Z\d-]*!)?[\w\-%#;/?:@&=+$.~*'()]+)?/,o="(?:"+n.source+"(?:[ \t]+"+t.source+")?|"+t.source+"(?:[ \t]+"+n.source+")?)",a=/(?:[^\s\x00-\x08\x0e-\x1f!"#%&'*,\-:>?@[\]`{|}\x7f-\x84\x86-\x9f\ud800-\udfff\ufffe\uffff]|[?:-])(?:[ \t]*(?:(?![#:])|:))*/.source.replace(//g,(function(){return/[^\s\x00-\x08\x0e-\x1f,[\]{}\x7f-\x84\x86-\x9f\ud800-\udfff\ufffe\uffff]/.source})),c=/"(?:[^"\\\r\n]|\\.)*"|'(?:[^'\\\r\n]|\\.)*'/.source;function r(e,t){t=(t||"").replace(/m/g,"")+"m";var n=/([:\-,[{]\s*(?:\s<>[ \t]+)?)(?:<>)(?=[ \t]*(?:$|,|\]|\}|(?:[\r\n]\s*)?#))/.source.replace(/<>/g,(function(){return o})).replace(/<>/g,(function(){return e}));return RegExp(n,t)}e.languages.yaml={scalar:{pattern:RegExp(/([\-:]\s*(?:\s<>[ \t]+)?[|>])[ \t]*(?:((?:\r?\n|\r)[ \t]+)\S[^\r\n]*(?:\2[^\r\n]+)*)/.source.replace(/<>/g,(function(){return o}))),lookbehind:!0,alias:"string"},comment:/#.*/,key:{pattern:RegExp(/((?:^|[:\-,[{\r\n?])[ \t]*(?:<>[ \t]+)?)<>(?=\s*:\s)/.source.replace(/<>/g,(function(){return o})).replace(/<>/g,(function(){return"(?:"+a+"|"+c+")"}))),lookbehind:!0,greedy:!0,alias:"atrule"},directive:{pattern:/(^[ \t]*)%.+/m,lookbehind:!0,alias:"important"},datetime:{pattern:r(/\d{4}-\d\d?-\d\d?(?:[tT]|[ \t]+)\d\d?:\d{2}:\d{2}(?:\.\d*)?(?:[ \t]*(?:Z|[-+]\d\d?(?::\d{2})?))?|\d{4}-\d{2}-\d{2}|\d\d?:\d{2}(?::\d{2}(?:\.\d*)?)?/.source),lookbehind:!0,alias:"number"},boolean:{pattern:r(/false|true/.source,"i"),lookbehind:!0,alias:"important"},null:{pattern:r(/null|~/.source,"i"),lookbehind:!0,alias:"important"},string:{pattern:r(c),lookbehind:!0,greedy:!0},number:{pattern:r(/[+-]?(?:0x[\da-f]+|0o[0-7]+|(?:\d+(?:\.\d*)?|\.\d+)(?:e[+-]?\d+)?|\.inf|\.nan)/.source,"i"),lookbehind:!0},tag:n,important:t,punctuation:/---|[:[\]{}\-,|>?]|\.\.\./},e.languages.yml=e.languages.yaml}(a),function(e){var t=/(?:\\.|[^\\\n\r]|(?:\n|\r\n?)(?![\r\n]))/.source;function n(e){return e=e.replace(//g,(function(){return t})),RegExp(/((?:^|[^\\])(?:\\{2})*)/.source+"(?:"+e+")")}var o=/(?:\\.|``(?:[^`\r\n]|`(?!`))+``|`[^`\r\n]+`|[^\\|\r\n`])+/.source,a=/\|?__(?:\|__)+\|?(?:(?:\n|\r\n?)|(?![\s\S]))/.source.replace(/__/g,(function(){return o})),c=/\|?[ \t]*:?-{3,}:?[ \t]*(?:\|[ \t]*:?-{3,}:?[ \t]*)+\|?(?:\n|\r\n?)/.source;e.languages.markdown=e.languages.extend("markup",{}),e.languages.insertBefore("markdown","prolog",{"front-matter-block":{pattern:/(^(?:\s*[\r\n])?)---(?!.)[\s\S]*?[\r\n]---(?!.)/,lookbehind:!0,greedy:!0,inside:{punctuation:/^---|---$/,"front-matter":{pattern:/\S+(?:\s+\S+)*/,alias:["yaml","language-yaml"],inside:e.languages.yaml}}},blockquote:{pattern:/^>(?:[\t ]*>)*/m,alias:"punctuation"},table:{pattern:RegExp("^"+a+c+"(?:"+a+")*","m"),inside:{"table-data-rows":{pattern:RegExp("^("+a+c+")(?:"+a+")*$"),lookbehind:!0,inside:{"table-data":{pattern:RegExp(o),inside:e.languages.markdown},punctuation:/\|/}},"table-line":{pattern:RegExp("^("+a+")"+c+"$"),lookbehind:!0,inside:{punctuation:/\||:?-{3,}:?/}},"table-header-row":{pattern:RegExp("^"+a+"$"),inside:{"table-header":{pattern:RegExp(o),alias:"important",inside:e.languages.markdown},punctuation:/\|/}}}},code:[{pattern:/((?:^|\n)[ \t]*\n|(?:^|\r\n?)[ \t]*\r\n?)(?: {4}|\t).+(?:(?:\n|\r\n?)(?: {4}|\t).+)*/,lookbehind:!0,alias:"keyword"},{pattern:/^```[\s\S]*?^```$/m,greedy:!0,inside:{"code-block":{pattern:/^(```.*(?:\n|\r\n?))[\s\S]+?(?=(?:\n|\r\n?)^```$)/m,lookbehind:!0},"code-language":{pattern:/^(```).+/,lookbehind:!0},punctuation:/```/}}],title:[{pattern:/\S.*(?:\n|\r\n?)(?:==+|--+)(?=[ \t]*$)/m,alias:"important",inside:{punctuation:/==+$|--+$/}},{pattern:/(^\s*)#.+/m,lookbehind:!0,alias:"important",inside:{punctuation:/^#+|#+$/}}],hr:{pattern:/(^\s*)([*-])(?:[\t ]*\2){2,}(?=\s*$)/m,lookbehind:!0,alias:"punctuation"},list:{pattern:/(^\s*)(?:[*+-]|\d+\.)(?=[\t ].)/m,lookbehind:!0,alias:"punctuation"},"url-reference":{pattern:/!?\[[^\]]+\]:[\t ]+(?:\S+|<(?:\\.|[^>\\])+>)(?:[\t ]+(?:"(?:\\.|[^"\\])*"|'(?:\\.|[^'\\])*'|\((?:\\.|[^)\\])*\)))?/,inside:{variable:{pattern:/^(!?\[)[^\]]+/,lookbehind:!0},string:/(?:"(?:\\.|[^"\\])*"|'(?:\\.|[^'\\])*'|\((?:\\.|[^)\\])*\))$/,punctuation:/^[\[\]!:]|[<>]/},alias:"url"},bold:{pattern:n(/\b__(?:(?!_)|_(?:(?!_))+_)+__\b|\*\*(?:(?!\*)|\*(?:(?!\*))+\*)+\*\*/.source),lookbehind:!0,greedy:!0,inside:{content:{pattern:/(^..)[\s\S]+(?=..$)/,lookbehind:!0,inside:{}},punctuation:/\*\*|__/}},italic:{pattern:n(/\b_(?:(?!_)|__(?:(?!_))+__)+_\b|\*(?:(?!\*)|\*\*(?:(?!\*))+\*\*)+\*/.source),lookbehind:!0,greedy:!0,inside:{content:{pattern:/(^.)[\s\S]+(?=.$)/,lookbehind:!0,inside:{}},punctuation:/[*_]/}},strike:{pattern:n(/(~~?)(?:(?!~))+\2/.source),lookbehind:!0,greedy:!0,inside:{content:{pattern:/(^~~?)[\s\S]+(?=\1$)/,lookbehind:!0,inside:{}},punctuation:/~~?/}},"code-snippet":{pattern:/(^|[^\\`])(?:``[^`\r\n]+(?:`[^`\r\n]+)*``(?!`)|`[^`\r\n]+`(?!`))/,lookbehind:!0,greedy:!0,alias:["code","keyword"]},url:{pattern:n(/!?\[(?:(?!\]))+\](?:\([^\s)]+(?:[\t ]+"(?:\\.|[^"\\])*")?\)|[ \t]?\[(?:(?!\]))+\])/.source),lookbehind:!0,greedy:!0,inside:{operator:/^!/,content:{pattern:/(^\[)[^\]]+(?=\])/,lookbehind:!0,inside:{}},variable:{pattern:/(^\][ \t]?\[)[^\]]+(?=\]$)/,lookbehind:!0},url:{pattern:/(^\]\()[^\s)]+/,lookbehind:!0},string:{pattern:/(^[ \t]+)"(?:\\.|[^"\\])*"(?=\)$)/,lookbehind:!0}}}}),["url","bold","italic","strike"].forEach((function(t){["url","bold","italic","strike","code-snippet"].forEach((function(n){t!==n&&(e.languages.markdown[t].inside.content.inside[n]=e.languages.markdown[n])}))})),e.hooks.add("after-tokenize",(function(e){"markdown"!==e.language&&"md"!==e.language||function e(t){if(t&&"string"!=typeof t)for(var n=0,o=t.length;n",quot:'"'},s=String.fromCodePoint||String.fromCharCode;e.languages.md=e.languages.markdown}(a),a.languages.graphql={comment:/#.*/,description:{pattern:/(?:"""(?:[^"]|(?!""")")*"""|"(?:\\.|[^\\"\r\n])*")(?=\s*[a-z_])/i,greedy:!0,alias:"string",inside:{"language-markdown":{pattern:/(^"(?:"")?)(?!\1)[\s\S]+(?=\1$)/,lookbehind:!0,inside:a.languages.markdown}}},string:{pattern:/"""(?:[^"]|(?!""")")*"""|"(?:\\.|[^\\"\r\n])*"/,greedy:!0},number:/(?:\B-|\b)\d+(?:\.\d+)?(?:e[+-]?\d+)?\b/i,boolean:/\b(?:false|true)\b/,variable:/\$[a-z_]\w*/i,directive:{pattern:/@[a-z_]\w*/i,alias:"function"},"attr-name":{pattern:/\b[a-z_]\w*(?=\s*(?:\((?:[^()"]|"(?:\\.|[^\\"\r\n])*")*\))?:)/i,greedy:!0},"atom-input":{pattern:/\b[A-Z]\w*Input\b/,alias:"class-name"},scalar:/\b(?:Boolean|Float|ID|Int|String)\b/,constant:/\b[A-Z][A-Z_\d]*\b/,"class-name":{pattern:/(\b(?:enum|implements|interface|on|scalar|type|union)\s+|&\s*|:\s*|\[)[A-Z_]\w*/,lookbehind:!0},fragment:{pattern:/(\bfragment\s+|\.{3}\s*(?!on\b))[a-zA-Z_]\w*/,lookbehind:!0,alias:"function"},"definition-mutation":{pattern:/(\bmutation\s+)[a-zA-Z_]\w*/,lookbehind:!0,alias:"function"},"definition-query":{pattern:/(\bquery\s+)[a-zA-Z_]\w*/,lookbehind:!0,alias:"function"},keyword:/\b(?:directive|enum|extend|fragment|implements|input|interface|mutation|on|query|repeatable|scalar|schema|subscription|type|union)\b/,operator:/[!=|&]|\.{3}/,"property-query":/\w+(?=\s*\()/,object:/\w+(?=\s*\{)/,punctuation:/[!(){}\[\]:=,]/,property:/\w+/},a.hooks.add("after-tokenize",(function(e){if("graphql"===e.language)for(var t=e.tokens.filter((function(e){return"string"!=typeof e&&"comment"!==e.type&&"scalar"!==e.type})),n=0;n0)){var i=b(/^\{$/,/^\}$/);if(-1===i)continue;for(var s=n;s=0&&g(l,"variable-input")}}}}function d(e){return t[n+e]}function u(e,t){t=t||0;for(var n=0;n?|<|>)?|>[>=]?|\b(?:AND|BETWEEN|DIV|ILIKE|IN|IS|LIKE|NOT|OR|REGEXP|RLIKE|SOUNDS LIKE|XOR)\b/i,punctuation:/[;[\]()`,.]/},function(e){var t=e.languages.javascript["template-string"],n=t.pattern.source,o=t.inside.interpolation,a=o.inside["interpolation-punctuation"],c=o.pattern.source;function r(t,o){if(e.languages[t])return{pattern:RegExp("((?:"+o+")\\s*)"+n),lookbehind:!0,greedy:!0,inside:{"template-punctuation":{pattern:/^`|`$/,alias:"string"},"embedded-code":{pattern:/[\s\S]+/,alias:t}}}}function i(e,t){return"___"+t.toUpperCase()+"_"+e+"___"}function s(t,n,o){var a={code:t,grammar:n,language:o};return e.hooks.run("before-tokenize",a),a.tokens=e.tokenize(a.code,a.grammar),e.hooks.run("after-tokenize",a),a.tokens}function l(t){var n={};n["interpolation-punctuation"]=a;var c=e.tokenize(t,n);if(3===c.length){var r=[1,1];r.push.apply(r,s(c[1],e.languages.javascript,"javascript")),c.splice.apply(c,r)}return new e.Token("interpolation",c,o.alias,t)}function d(t,n,o){var a=e.tokenize(t,{interpolation:{pattern:RegExp(c),lookbehind:!0}}),r=0,d={},u=s(a.map((function(e){if("string"==typeof e)return e;for(var n,a=e.content;-1!==t.indexOf(n=i(r++,o)););return d[n]=a,n})).join(""),n,o),b=Object.keys(d);return r=0,function e(t){for(var n=0;n=b.length)return;var o=t[n];if("string"==typeof o||"string"==typeof o.content){var a=b[r],c="string"==typeof o?o:o.content,i=c.indexOf(a);if(-1!==i){++r;var s=c.substring(0,i),u=l(d[a]),g=c.substring(i+a.length),f=[];if(s&&f.push(s),f.push(u),g){var p=[g];e(p),f.push.apply(f,p)}"string"==typeof o?(t.splice.apply(t,[n,1].concat(f)),n+=f.length-1):o.content=f}}else{var m=o.content;Array.isArray(m)?e(m):e([m])}}}(u),new e.Token(o,u,"language-"+o,t)}e.languages.javascript["template-string"]=[r("css",/\b(?:styled(?:\([^)]*\))?(?:\s*\.\s*\w+(?:\([^)]*\))*)*|css(?:\s*\.\s*(?:global|resolve))?|createGlobalStyle|keyframes)/.source),r("html",/\bhtml|\.\s*(?:inner|outer)HTML\s*\+?=/.source),r("svg",/\bsvg/.source),r("markdown",/\b(?:markdown|md)/.source),r("graphql",/\b(?:gql|graphql(?:\s*\.\s*experimental)?)/.source),r("sql",/\bsql/.source),t].filter(Boolean);var u={javascript:!0,js:!0,typescript:!0,ts:!0,jsx:!0,tsx:!0};function b(e){return"string"==typeof e?e:Array.isArray(e)?e.map(b).join(""):b(e.content)}e.hooks.add("after-tokenize",(function(t){t.language in u&&function t(n){for(var o=0,a=n.length;o]|<(?:[^<>]|<[^<>]*>)*>)*>)?/,lookbehind:!0,greedy:!0,inside:null},builtin:/\b(?:Array|Function|Promise|any|boolean|console|never|number|string|symbol|unknown)\b/}),e.languages.typescript.keyword.push(/\b(?:abstract|declare|is|keyof|readonly|require)\b/,/\b(?:asserts|infer|interface|module|namespace|type)\b(?=\s*(?:[{_$a-zA-Z\xA0-\uFFFF]|$))/,/\btype\b(?=\s*(?:[\{*]|$))/),delete e.languages.typescript.parameter,delete e.languages.typescript["literal-property"];var t=e.languages.extend("typescript",{});delete t["class-name"],e.languages.typescript["class-name"].inside=t,e.languages.insertBefore("typescript","function",{decorator:{pattern:/@[$\w\xA0-\uFFFF]+/,inside:{at:{pattern:/^@/,alias:"operator"},function:/^[\s\S]+/}},"generic-function":{pattern:/#?(?!\s)[_$a-zA-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*\s*<(?:[^<>]|<(?:[^<>]|<[^<>]*>)*>)*>(?=\s*\()/,greedy:!0,inside:{function:/^#?(?!\s)[_$a-zA-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*/,generic:{pattern:/<[\s\S]+/,alias:"class-name",inside:t}}}}),e.languages.ts=e.languages.typescript}(a),function(e){function t(e,t){return RegExp(e.replace(//g,(function(){return/(?!\s)[_$a-zA-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*/.source})),t)}e.languages.insertBefore("javascript","function-variable",{"method-variable":{pattern:RegExp("(\\.\\s*)"+e.languages.javascript["function-variable"].pattern.source),lookbehind:!0,alias:["function-variable","method","function","property-access"]}}),e.languages.insertBefore("javascript","function",{method:{pattern:RegExp("(\\.\\s*)"+e.languages.javascript.function.source),lookbehind:!0,alias:["function","property-access"]}}),e.languages.insertBefore("javascript","constant",{"known-class-name":[{pattern:/\b(?:(?:Float(?:32|64)|(?:Int|Uint)(?:8|16|32)|Uint8Clamped)?Array|ArrayBuffer|BigInt|Boolean|DataView|Date|Error|Function|Intl|JSON|(?:Weak)?(?:Map|Set)|Math|Number|Object|Promise|Proxy|Reflect|RegExp|String|Symbol|WebAssembly)\b/,alias:"class-name"},{pattern:/\b(?:[A-Z]\w*)Error\b/,alias:"class-name"}]}),e.languages.insertBefore("javascript","keyword",{imports:{pattern:t(/(\bimport\b\s*)(?:(?:\s*,\s*(?:\*\s*as\s+|\{[^{}]*\}))?|\*\s*as\s+|\{[^{}]*\})(?=\s*\bfrom\b)/.source),lookbehind:!0,inside:e.languages.javascript},exports:{pattern:t(/(\bexport\b\s*)(?:\*(?:\s*as\s+)?(?=\s*\bfrom\b)|\{[^{}]*\})/.source),lookbehind:!0,inside:e.languages.javascript}}),e.languages.javascript.keyword.unshift({pattern:/\b(?:as|default|export|from|import)\b/,alias:"module"},{pattern:/\b(?:await|break|catch|continue|do|else|finally|for|if|return|switch|throw|try|while|yield)\b/,alias:"control-flow"},{pattern:/\bnull\b/,alias:["null","nil"]},{pattern:/\bundefined\b/,alias:"nil"}),e.languages.insertBefore("javascript","operator",{spread:{pattern:/\.{3}/,alias:"operator"},arrow:{pattern:/=>/,alias:"operator"}}),e.languages.insertBefore("javascript","punctuation",{"property-access":{pattern:t(/(\.\s*)#?/.source),lookbehind:!0},"maybe-class-name":{pattern:/(^|[^$\w\xA0-\uFFFF])[A-Z][$\w\xA0-\uFFFF]+/,lookbehind:!0},dom:{pattern:/\b(?:document|(?:local|session)Storage|location|navigator|performance|window)\b/,alias:"variable"},console:{pattern:/\bconsole(?=\s*\.)/,alias:"class-name"}});for(var n=["function","function-variable","method","method-variable","property-access"],o=0;o*\.{3}(?:[^{}]|)*\})/.source;function c(e,t){return e=e.replace(//g,(function(){return n})).replace(//g,(function(){return o})).replace(//g,(function(){return a})),RegExp(e,t)}a=c(a).source,e.languages.jsx=e.languages.extend("markup",t),e.languages.jsx.tag.pattern=c(/<\/?(?:[\w.:-]+(?:+(?:[\w.:$-]+(?:=(?:"(?:\\[\s\S]|[^\\"])*"|'(?:\\[\s\S]|[^\\'])*'|[^\s{'"/>=]+|))?|))**\/?)?>/.source),e.languages.jsx.tag.inside.tag.pattern=/^<\/?[^\s>\/]*/,e.languages.jsx.tag.inside["attr-value"].pattern=/=(?!\{)(?:"(?:\\[\s\S]|[^\\"])*"|'(?:\\[\s\S]|[^\\'])*'|[^\s'">]+)/,e.languages.jsx.tag.inside.tag.inside["class-name"]=/^[A-Z]\w*(?:\.[A-Z]\w*)*$/,e.languages.jsx.tag.inside.comment=t.comment,e.languages.insertBefore("inside","attr-name",{spread:{pattern:c(//.source),inside:e.languages.jsx}},e.languages.jsx.tag),e.languages.insertBefore("inside","special-attr",{script:{pattern:c(/=/.source),alias:"language-javascript",inside:{"script-punctuation":{pattern:/^=(?=\{)/,alias:"punctuation"},rest:e.languages.jsx}}},e.languages.jsx.tag);var r=function(e){return e?"string"==typeof e?e:"string"==typeof e.content?e.content:e.content.map(r).join(""):""},i=function(t){for(var n=[],o=0;o0&&n[n.length-1].tagName===r(a.content[0].content[1])&&n.pop():"/>"===a.content[a.content.length-1].content||n.push({tagName:r(a.content[0].content[1]),openedBraces:0}):n.length>0&&"punctuation"===a.type&&"{"===a.content?n[n.length-1].openedBraces++:n.length>0&&n[n.length-1].openedBraces>0&&"punctuation"===a.type&&"}"===a.content?n[n.length-1].openedBraces--:c=!0),(c||"string"==typeof a)&&n.length>0&&0===n[n.length-1].openedBraces){var s=r(a);o0&&("string"==typeof t[o-1]||"plain-text"===t[o-1].type)&&(s=r(t[o-1])+s,t.splice(o-1,1),o--),t[o]=new e.Token("plain-text",s,null,s)}a.content&&"string"!=typeof a.content&&i(a.content)}};e.hooks.add("after-tokenize",(function(e){"jsx"!==e.language&&"tsx"!==e.language||i(e.tokens)}))}(a),function(e){e.languages.diff={coord:[/^(?:\*{3}|-{3}|\+{3}).*$/m,/^@@.*@@$/m,/^\d.*$/m]};var t={"deleted-sign":"-","deleted-arrow":"<","inserted-sign":"+","inserted-arrow":">",unchanged:" ",diff:"!"};Object.keys(t).forEach((function(n){var o=t[n],a=[];/^\w+$/.test(n)||a.push(/\w+/.exec(n)[0]),"diff"===n&&a.push("bold"),e.languages.diff[n]={pattern:RegExp("^(?:["+o+"].*(?:\r\n?|\n|(?![\\s\\S])))+","m"),alias:a,inside:{line:{pattern:/(.)(?=[\s\S]).*(?:\r\n?|\n)?/,lookbehind:!0},prefix:{pattern:/[\s\S]/,alias:/\w+/.exec(n)[0]}}}})),Object.defineProperty(e.languages.diff,"PREFIXES",{value:t})}(a),a.languages.git={comment:/^#.*/m,deleted:/^[-\u2013].*/m,inserted:/^\+.*/m,string:/("|')(?:\\.|(?!\1)[^\\\r\n])*\1/,command:{pattern:/^.*\$ git .*$/m,inside:{parameter:/\s--?\w+/}},coord:/^@@.*@@$/m,"commit-sha1":/^commit \w{40}$/m},a.languages.go=a.languages.extend("clike",{string:{pattern:/(^|[^\\])"(?:\\.|[^"\\\r\n])*"|`[^`]*`/,lookbehind:!0,greedy:!0},keyword:/\b(?:break|case|chan|const|continue|default|defer|else|fallthrough|for|func|go(?:to)?|if|import|interface|map|package|range|return|select|struct|switch|type|var)\b/,boolean:/\b(?:_|false|iota|nil|true)\b/,number:[/\b0(?:b[01_]+|o[0-7_]+)i?\b/i,/\b0x(?:[a-f\d_]+(?:\.[a-f\d_]*)?|\.[a-f\d_]+)(?:p[+-]?\d+(?:_\d+)*)?i?(?!\w)/i,/(?:\b\d[\d_]*(?:\.[\d_]*)?|\B\.\d[\d_]*)(?:e[+-]?[\d_]+)?i?(?!\w)/i],operator:/[*\/%^!=]=?|\+[=+]?|-[=-]?|\|[=|]?|&(?:=|&|\^=?)?|>(?:>=?|=)?|<(?:<=?|=|-)?|:=|\.\.\./,builtin:/\b(?:append|bool|byte|cap|close|complex|complex(?:64|128)|copy|delete|error|float(?:32|64)|u?int(?:8|16|32|64)?|imag|len|make|new|panic|print(?:ln)?|real|recover|rune|string|uintptr)\b/}),a.languages.insertBefore("go","string",{char:{pattern:/'(?:\\.|[^'\\\r\n]){0,10}'/,greedy:!0}}),delete a.languages.go["class-name"],function(e){function t(e,t){return"___"+e.toUpperCase()+t+"___"}Object.defineProperties(e.languages["markup-templating"]={},{buildPlaceholders:{value:function(n,o,a,c){if(n.language===o){var r=n.tokenStack=[];n.code=n.code.replace(a,(function(e){if("function"==typeof c&&!c(e))return e;for(var a,i=r.length;-1!==n.code.indexOf(a=t(o,i));)++i;return r[i]=e,a})),n.grammar=e.languages.markup}}},tokenizePlaceholders:{value:function(n,o){if(n.language===o&&n.tokenStack){n.grammar=e.languages[o];var a=0,c=Object.keys(n.tokenStack);!function r(i){for(var s=0;s=c.length);s++){var l=i[s];if("string"==typeof l||l.content&&"string"==typeof l.content){var d=c[a],u=n.tokenStack[d],b="string"==typeof l?l:l.content,g=t(o,d),f=b.indexOf(g);if(f>-1){++a;var p=b.substring(0,f),m=new e.Token(o,e.tokenize(u,n.grammar),"language-"+o,u),h=b.substring(f+g.length),_=[];p&&_.push.apply(_,r([p])),_.push(m),h&&_.push.apply(_,r([h])),"string"==typeof l?i.splice.apply(i,[s,1].concat(_)):l.content=_}}else l.content&&r(l.content)}return i}(n.tokens)}}}})}(a),function(e){e.languages.handlebars={comment:/\{\{![\s\S]*?\}\}/,delimiter:{pattern:/^\{\{\{?|\}\}\}?$/,alias:"punctuation"},string:/(["'])(?:\\.|(?!\1)[^\\\r\n])*\1/,number:/\b0x[\dA-Fa-f]+\b|(?:\b\d+(?:\.\d*)?|\B\.\d+)(?:[Ee][+-]?\d+)?/,boolean:/\b(?:false|true)\b/,block:{pattern:/^(\s*(?:~\s*)?)[#\/]\S+?(?=\s*(?:~\s*)?$|\s)/,lookbehind:!0,alias:"keyword"},brackets:{pattern:/\[[^\]]+\]/,inside:{punctuation:/\[|\]/,variable:/[\s\S]+/}},punctuation:/[!"#%&':()*+,.\/;<=>@\[\\\]^`{|}~]/,variable:/[^!"#%&'()*+,\/;<=>@\[\\\]^`{|}~\s]+/},e.hooks.add("before-tokenize",(function(t){e.languages["markup-templating"].buildPlaceholders(t,"handlebars",/\{\{\{[\s\S]+?\}\}\}|\{\{[\s\S]+?\}\}/g)})),e.hooks.add("after-tokenize",(function(t){e.languages["markup-templating"].tokenizePlaceholders(t,"handlebars")})),e.languages.hbs=e.languages.handlebars}(a),a.languages.json={property:{pattern:/(^|[^\\])"(?:\\.|[^\\"\r\n])*"(?=\s*:)/,lookbehind:!0,greedy:!0},string:{pattern:/(^|[^\\])"(?:\\.|[^\\"\r\n])*"(?!\s*:)/,lookbehind:!0,greedy:!0},comment:{pattern:/\/\/.*|\/\*[\s\S]*?(?:\*\/|$)/,greedy:!0},number:/-?\b\d+(?:\.\d+)?(?:e[+-]?\d+)?\b/i,punctuation:/[{}[\],]/,operator:/:/,boolean:/\b(?:false|true)\b/,null:{pattern:/\bnull\b/,alias:"keyword"}},a.languages.webmanifest=a.languages.json,a.languages.less=a.languages.extend("css",{comment:[/\/\*[\s\S]*?\*\//,{pattern:/(^|[^\\])\/\/.*/,lookbehind:!0}],atrule:{pattern:/@[\w-](?:\((?:[^(){}]|\([^(){}]*\))*\)|[^(){};\s]|\s+(?!\s))*?(?=\s*\{)/,inside:{punctuation:/[:()]/}},selector:{pattern:/(?:@\{[\w-]+\}|[^{};\s@])(?:@\{[\w-]+\}|\((?:[^(){}]|\([^(){}]*\))*\)|[^(){};@\s]|\s+(?!\s))*?(?=\s*\{)/,inside:{variable:/@+[\w-]+/}},property:/(?:@\{[\w-]+\}|[\w-])+(?:\+_?)?(?=\s*:)/,operator:/[+\-*\/]/}),a.languages.insertBefore("less","property",{variable:[{pattern:/@[\w-]+\s*:/,inside:{punctuation:/:/}},/@@?[\w-]+/],"mixin-usage":{pattern:/([{;]\s*)[.#](?!\d)[\w-].*?(?=[(;])/,lookbehind:!0,alias:"function"}}),a.languages.makefile={comment:{pattern:/(^|[^\\])#(?:\\(?:\r\n|[\s\S])|[^\\\r\n])*/,lookbehind:!0},string:{pattern:/(["'])(?:\\(?:\r\n|[\s\S])|(?!\1)[^\\\r\n])*\1/,greedy:!0},"builtin-target":{pattern:/\.[A-Z][^:#=\s]+(?=\s*:(?!=))/,alias:"builtin"},target:{pattern:/^(?:[^:=\s]|[ \t]+(?![\s:]))+(?=\s*:(?!=))/m,alias:"symbol",inside:{variable:/\$+(?:(?!\$)[^(){}:#=\s]+|(?=[({]))/}},variable:/\$+(?:(?!\$)[^(){}:#=\s]+|\([@*%<^+?][DF]\)|(?=[({]))/,keyword:/-include\b|\b(?:define|else|endef|endif|export|ifn?def|ifn?eq|include|override|private|sinclude|undefine|unexport|vpath)\b/,function:{pattern:/(\()(?:abspath|addsuffix|and|basename|call|dir|error|eval|file|filter(?:-out)?|findstring|firstword|flavor|foreach|guile|if|info|join|lastword|load|notdir|or|origin|patsubst|realpath|shell|sort|strip|subst|suffix|value|warning|wildcard|word(?:list|s)?)(?=[ \t])/,lookbehind:!0},operator:/(?:::|[?:+!])?=|[|@]/,punctuation:/[:;(){}]/},a.languages.objectivec=a.languages.extend("c",{string:{pattern:/@?"(?:\\(?:\r\n|[\s\S])|[^"\\\r\n])*"/,greedy:!0},keyword:/\b(?:asm|auto|break|case|char|const|continue|default|do|double|else|enum|extern|float|for|goto|if|in|inline|int|long|register|return|self|short|signed|sizeof|static|struct|super|switch|typedef|typeof|union|unsigned|void|volatile|while)\b|(?:@interface|@end|@implementation|@protocol|@class|@public|@protected|@private|@property|@try|@catch|@finally|@throw|@synthesize|@dynamic|@selector)\b/,operator:/-[->]?|\+\+?|!=?|<>?=?|==?|&&?|\|\|?|[~^%?*\/@]/}),delete a.languages.objectivec["class-name"],a.languages.objc=a.languages.objectivec,a.languages.ocaml={comment:{pattern:/\(\*[\s\S]*?\*\)/,greedy:!0},char:{pattern:/'(?:[^\\\r\n']|\\(?:.|[ox]?[0-9a-f]{1,3}))'/i,greedy:!0},string:[{pattern:/"(?:\\(?:[\s\S]|\r\n)|[^\\\r\n"])*"/,greedy:!0},{pattern:/\{([a-z_]*)\|[\s\S]*?\|\1\}/,greedy:!0}],number:[/\b(?:0b[01][01_]*|0o[0-7][0-7_]*)\b/i,/\b0x[a-f0-9][a-f0-9_]*(?:\.[a-f0-9_]*)?(?:p[+-]?\d[\d_]*)?(?!\w)/i,/\b\d[\d_]*(?:\.[\d_]*)?(?:e[+-]?\d[\d_]*)?(?!\w)/i],directive:{pattern:/\B#\w+/,alias:"property"},label:{pattern:/\B~\w+/,alias:"property"},"type-variable":{pattern:/\B'\w+/,alias:"function"},variant:{pattern:/`\w+/,alias:"symbol"},keyword:/\b(?:as|assert|begin|class|constraint|do|done|downto|else|end|exception|external|for|fun|function|functor|if|in|include|inherit|initializer|lazy|let|match|method|module|mutable|new|nonrec|object|of|open|private|rec|sig|struct|then|to|try|type|val|value|virtual|when|where|while|with)\b/,boolean:/\b(?:false|true)\b/,"operator-like-punctuation":{pattern:/\[[<>|]|[>|]\]|\{<|>\}/,alias:"punctuation"},operator:/\.[.~]|:[=>]|[=<>@^|&+\-*\/$%!?~][!$%&*+\-.\/:<=>?@^|~]*|\b(?:and|asr|land|lor|lsl|lsr|lxor|mod|or)\b/,punctuation:/;;|::|[(){}\[\].,:;#]|\b_\b/},a.languages.python={comment:{pattern:/(^|[^\\])#.*/,lookbehind:!0,greedy:!0},"string-interpolation":{pattern:/(?:f|fr|rf)(?:("""|''')[\s\S]*?\1|("|')(?:\\.|(?!\2)[^\\\r\n])*\2)/i,greedy:!0,inside:{interpolation:{pattern:/((?:^|[^{])(?:\{\{)*)\{(?!\{)(?:[^{}]|\{(?!\{)(?:[^{}]|\{(?!\{)(?:[^{}])+\})+\})+\}/,lookbehind:!0,inside:{"format-spec":{pattern:/(:)[^:(){}]+(?=\}$)/,lookbehind:!0},"conversion-option":{pattern:/![sra](?=[:}]$)/,alias:"punctuation"},rest:null}},string:/[\s\S]+/}},"triple-quoted-string":{pattern:/(?:[rub]|br|rb)?("""|''')[\s\S]*?\1/i,greedy:!0,alias:"string"},string:{pattern:/(?:[rub]|br|rb)?("|')(?:\\.|(?!\1)[^\\\r\n])*\1/i,greedy:!0},function:{pattern:/((?:^|\s)def[ \t]+)[a-zA-Z_]\w*(?=\s*\()/g,lookbehind:!0},"class-name":{pattern:/(\bclass\s+)\w+/i,lookbehind:!0},decorator:{pattern:/(^[\t ]*)@\w+(?:\.\w+)*/m,lookbehind:!0,alias:["annotation","punctuation"],inside:{punctuation:/\./}},keyword:/\b(?:_(?=\s*:)|and|as|assert|async|await|break|case|class|continue|def|del|elif|else|except|exec|finally|for|from|global|if|import|in|is|lambda|match|nonlocal|not|or|pass|print|raise|return|try|while|with|yield)\b/,builtin:/\b(?:__import__|abs|all|any|apply|ascii|basestring|bin|bool|buffer|bytearray|bytes|callable|chr|classmethod|cmp|coerce|compile|complex|delattr|dict|dir|divmod|enumerate|eval|execfile|file|filter|float|format|frozenset|getattr|globals|hasattr|hash|help|hex|id|input|int|intern|isinstance|issubclass|iter|len|list|locals|long|map|max|memoryview|min|next|object|oct|open|ord|pow|property|range|raw_input|reduce|reload|repr|reversed|round|set|setattr|slice|sorted|staticmethod|str|sum|super|tuple|type|unichr|unicode|vars|xrange|zip)\b/,boolean:/\b(?:False|None|True)\b/,number:/\b0(?:b(?:_?[01])+|o(?:_?[0-7])+|x(?:_?[a-f0-9])+)\b|(?:\b\d+(?:_\d+)*(?:\.(?:\d+(?:_\d+)*)?)?|\B\.\d+(?:_\d+)*)(?:e[+-]?\d+(?:_\d+)*)?j?(?!\w)/i,operator:/[-+%=]=?|!=|:=|\*\*?=?|\/\/?=?|<[<=>]?|>[=>]?|[&|^~]/,punctuation:/[{}[\];(),.:]/},a.languages.python["string-interpolation"].inside.interpolation.inside.rest=a.languages.python,a.languages.py=a.languages.python,a.languages.reason=a.languages.extend("clike",{string:{pattern:/"(?:\\(?:\r\n|[\s\S])|[^\\\r\n"])*"/,greedy:!0},"class-name":/\b[A-Z]\w*/,keyword:/\b(?:and|as|assert|begin|class|constraint|do|done|downto|else|end|exception|external|for|fun|function|functor|if|in|include|inherit|initializer|lazy|let|method|module|mutable|new|nonrec|object|of|open|or|private|rec|sig|struct|switch|then|to|try|type|val|virtual|when|while|with)\b/,operator:/\.{3}|:[:=]|\|>|->|=(?:==?|>)?|<=?|>=?|[|^?'#!~`]|[+\-*\/]\.?|\b(?:asr|land|lor|lsl|lsr|lxor|mod)\b/}),a.languages.insertBefore("reason","class-name",{char:{pattern:/'(?:\\x[\da-f]{2}|\\o[0-3][0-7][0-7]|\\\d{3}|\\.|[^'\\\r\n])'/,greedy:!0},constructor:/\b[A-Z]\w*\b(?!\s*\.)/,label:{pattern:/\b[a-z]\w*(?=::)/,alias:"symbol"}}),delete a.languages.reason.function,function(e){e.languages.sass=e.languages.extend("css",{comment:{pattern:/^([ \t]*)\/[\/*].*(?:(?:\r?\n|\r)\1[ \t].+)*/m,lookbehind:!0,greedy:!0}}),e.languages.insertBefore("sass","atrule",{"atrule-line":{pattern:/^(?:[ \t]*)[@+=].+/m,greedy:!0,inside:{atrule:/(?:@[\w-]+|[+=])/}}}),delete e.languages.sass.atrule;var t=/\$[-\w]+|#\{\$[-\w]+\}/,n=[/[+*\/%]|[=!]=|<=?|>=?|\b(?:and|not|or)\b/,{pattern:/(\s)-(?=\s)/,lookbehind:!0}];e.languages.insertBefore("sass","property",{"variable-line":{pattern:/^[ \t]*\$.+/m,greedy:!0,inside:{punctuation:/:/,variable:t,operator:n}},"property-line":{pattern:/^[ \t]*(?:[^:\s]+ *:.*|:[^:\s].*)/m,greedy:!0,inside:{property:[/[^:\s]+(?=\s*:)/,{pattern:/(:)[^:\s]+/,lookbehind:!0}],punctuation:/:/,variable:t,operator:n,important:e.languages.sass.important}}}),delete e.languages.sass.property,delete e.languages.sass.important,e.languages.insertBefore("sass","punctuation",{selector:{pattern:/^([ \t]*)\S(?:,[^,\r\n]+|[^,\r\n]*)(?:,[^,\r\n]+)*(?:,(?:\r?\n|\r)\1[ \t]+\S(?:,[^,\r\n]+|[^,\r\n]*)(?:,[^,\r\n]+)*)*/m,lookbehind:!0,greedy:!0}})}(a),a.languages.scss=a.languages.extend("css",{comment:{pattern:/(^|[^\\])(?:\/\*[\s\S]*?\*\/|\/\/.*)/,lookbehind:!0},atrule:{pattern:/@[\w-](?:\([^()]+\)|[^()\s]|\s+(?!\s))*?(?=\s+[{;])/,inside:{rule:/@[\w-]+/}},url:/(?:[-a-z]+-)?url(?=\()/i,selector:{pattern:/(?=\S)[^@;{}()]?(?:[^@;{}()\s]|\s+(?!\s)|#\{\$[-\w]+\})+(?=\s*\{(?:\}|\s|[^}][^:{}]*[:{][^}]))/,inside:{parent:{pattern:/&/,alias:"important"},placeholder:/%[-\w]+/,variable:/\$[-\w]+|#\{\$[-\w]+\}/}},property:{pattern:/(?:[-\w]|\$[-\w]|#\{\$[-\w]+\})+(?=\s*:)/,inside:{variable:/\$[-\w]+|#\{\$[-\w]+\}/}}}),a.languages.insertBefore("scss","atrule",{keyword:[/@(?:content|debug|each|else(?: if)?|extend|for|forward|function|if|import|include|mixin|return|use|warn|while)\b/i,{pattern:/( )(?:from|through)(?= )/,lookbehind:!0}]}),a.languages.insertBefore("scss","important",{variable:/\$[-\w]+|#\{\$[-\w]+\}/}),a.languages.insertBefore("scss","function",{"module-modifier":{pattern:/\b(?:as|hide|show|with)\b/i,alias:"keyword"},placeholder:{pattern:/%[-\w]+/,alias:"selector"},statement:{pattern:/\B!(?:default|optional)\b/i,alias:"keyword"},boolean:/\b(?:false|true)\b/,null:{pattern:/\bnull\b/,alias:"keyword"},operator:{pattern:/(\s)(?:[-+*\/%]|[=!]=|<=?|>=?|and|not|or)(?=\s)/,lookbehind:!0}}),a.languages.scss.atrule.inside.rest=a.languages.scss,function(e){var t={pattern:/(\b\d+)(?:%|[a-z]+)/,lookbehind:!0},n={pattern:/(^|[^\w.-])-?(?:\d+(?:\.\d+)?|\.\d+)/,lookbehind:!0},o={comment:{pattern:/(^|[^\\])(?:\/\*[\s\S]*?\*\/|\/\/.*)/,lookbehind:!0},url:{pattern:/\burl\((["']?).*?\1\)/i,greedy:!0},string:{pattern:/("|')(?:(?!\1)[^\\\r\n]|\\(?:\r\n|[\s\S]))*\1/,greedy:!0},interpolation:null,func:null,important:/\B!(?:important|optional)\b/i,keyword:{pattern:/(^|\s+)(?:(?:else|for|if|return|unless)(?=\s|$)|@[\w-]+)/,lookbehind:!0},hexcode:/#[\da-f]{3,6}/i,color:[/\b(?:AliceBlue|AntiqueWhite|Aqua|Aquamarine|Azure|Beige|Bisque|Black|BlanchedAlmond|Blue|BlueViolet|Brown|BurlyWood|CadetBlue|Chartreuse|Chocolate|Coral|CornflowerBlue|Cornsilk|Crimson|Cyan|DarkBlue|DarkCyan|DarkGoldenRod|DarkGr[ae]y|DarkGreen|DarkKhaki|DarkMagenta|DarkOliveGreen|DarkOrange|DarkOrchid|DarkRed|DarkSalmon|DarkSeaGreen|DarkSlateBlue|DarkSlateGr[ae]y|DarkTurquoise|DarkViolet|DeepPink|DeepSkyBlue|DimGr[ae]y|DodgerBlue|FireBrick|FloralWhite|ForestGreen|Fuchsia|Gainsboro|GhostWhite|Gold|GoldenRod|Gr[ae]y|Green|GreenYellow|HoneyDew|HotPink|IndianRed|Indigo|Ivory|Khaki|Lavender|LavenderBlush|LawnGreen|LemonChiffon|LightBlue|LightCoral|LightCyan|LightGoldenRodYellow|LightGr[ae]y|LightGreen|LightPink|LightSalmon|LightSeaGreen|LightSkyBlue|LightSlateGr[ae]y|LightSteelBlue|LightYellow|Lime|LimeGreen|Linen|Magenta|Maroon|MediumAquaMarine|MediumBlue|MediumOrchid|MediumPurple|MediumSeaGreen|MediumSlateBlue|MediumSpringGreen|MediumTurquoise|MediumVioletRed|MidnightBlue|MintCream|MistyRose|Moccasin|NavajoWhite|Navy|OldLace|Olive|OliveDrab|Orange|OrangeRed|Orchid|PaleGoldenRod|PaleGreen|PaleTurquoise|PaleVioletRed|PapayaWhip|PeachPuff|Peru|Pink|Plum|PowderBlue|Purple|Red|RosyBrown|RoyalBlue|SaddleBrown|Salmon|SandyBrown|SeaGreen|SeaShell|Sienna|Silver|SkyBlue|SlateBlue|SlateGr[ae]y|Snow|SpringGreen|SteelBlue|Tan|Teal|Thistle|Tomato|Transparent|Turquoise|Violet|Wheat|White|WhiteSmoke|Yellow|YellowGreen)\b/i,{pattern:/\b(?:hsl|rgb)\(\s*\d{1,3}\s*,\s*\d{1,3}%?\s*,\s*\d{1,3}%?\s*\)\B|\b(?:hsl|rgb)a\(\s*\d{1,3}\s*,\s*\d{1,3}%?\s*,\s*\d{1,3}%?\s*,\s*(?:0|0?\.\d+|1)\s*\)\B/i,inside:{unit:t,number:n,function:/[\w-]+(?=\()/,punctuation:/[(),]/}}],entity:/\\[\da-f]{1,8}/i,unit:t,boolean:/\b(?:false|true)\b/,operator:[/~|[+!\/%<>?=]=?|[-:]=|\*[*=]?|\.{2,3}|&&|\|\||\B-\B|\b(?:and|in|is(?: a| defined| not|nt)?|not|or)\b/],number:n,punctuation:/[{}()\[\];:,]/};o.interpolation={pattern:/\{[^\r\n}:]+\}/,alias:"variable",inside:{delimiter:{pattern:/^\{|\}$/,alias:"punctuation"},rest:o}},o.func={pattern:/[\w-]+\([^)]*\).*/,inside:{function:/^[^(]+/,rest:o}},e.languages.stylus={"atrule-declaration":{pattern:/(^[ \t]*)@.+/m,lookbehind:!0,inside:{atrule:/^@[\w-]+/,rest:o}},"variable-declaration":{pattern:/(^[ \t]*)[\w$-]+\s*.?=[ \t]*(?:\{[^{}]*\}|\S.*|$)/m,lookbehind:!0,inside:{variable:/^\S+/,rest:o}},statement:{pattern:/(^[ \t]*)(?:else|for|if|return|unless)[ \t].+/m,lookbehind:!0,inside:{keyword:/^\S+/,rest:o}},"property-declaration":{pattern:/((?:^|\{)([ \t]*))(?:[\w-]|\{[^}\r\n]+\})+(?:\s*:\s*|[ \t]+)(?!\s)[^{\r\n]*(?:;|[^{\r\n,]$(?!(?:\r?\n|\r)(?:\{|\2[ \t])))/m,lookbehind:!0,inside:{property:{pattern:/^[^\s:]+/,inside:{interpolation:o.interpolation}},rest:o}},selector:{pattern:/(^[ \t]*)(?:(?=\S)(?:[^{}\r\n:()]|::?[\w-]+(?:\([^)\r\n]*\)|(?![\w-]))|\{[^}\r\n]+\})+)(?:(?:\r?\n|\r)(?:\1(?:(?=\S)(?:[^{}\r\n:()]|::?[\w-]+(?:\([^)\r\n]*\)|(?![\w-]))|\{[^}\r\n]+\})+)))*(?:,$|\{|(?=(?:\r?\n|\r)(?:\{|\1[ \t])))/m,lookbehind:!0,inside:{interpolation:o.interpolation,comment:o.comment,punctuation:/[{},]/}},func:o.func,string:o.string,comment:{pattern:/(^|[^\\])(?:\/\*[\s\S]*?\*\/|\/\/.*)/,lookbehind:!0,greedy:!0},interpolation:o.interpolation,punctuation:/[{}()\[\];:.]/}}(a),function(e){var t=e.util.clone(e.languages.typescript);e.languages.tsx=e.languages.extend("jsx",t),delete e.languages.tsx.parameter,delete e.languages.tsx["literal-property"];var n=e.languages.tsx.tag;n.pattern=RegExp(/(^|[^\w$]|(?=<\/))/.source+"(?:"+n.pattern.source+")",n.pattern.flags),n.lookbehind=!0}(a),a.languages.wasm={comment:[/\(;[\s\S]*?;\)/,{pattern:/;;.*/,greedy:!0}],string:{pattern:/"(?:\\[\s\S]|[^"\\])*"/,greedy:!0},keyword:[{pattern:/\b(?:align|offset)=/,inside:{operator:/=/}},{pattern:/\b(?:(?:f32|f64|i32|i64)(?:\.(?:abs|add|and|ceil|clz|const|convert_[su]\/i(?:32|64)|copysign|ctz|demote\/f64|div(?:_[su])?|eqz?|extend_[su]\/i32|floor|ge(?:_[su])?|gt(?:_[su])?|le(?:_[su])?|load(?:(?:8|16|32)_[su])?|lt(?:_[su])?|max|min|mul|neg?|nearest|or|popcnt|promote\/f32|reinterpret\/[fi](?:32|64)|rem_[su]|rot[lr]|shl|shr_[su]|sqrt|store(?:8|16|32)?|sub|trunc(?:_[su]\/f(?:32|64))?|wrap\/i64|xor))?|memory\.(?:grow|size))\b/,inside:{punctuation:/\./}},/\b(?:anyfunc|block|br(?:_if|_table)?|call(?:_indirect)?|data|drop|elem|else|end|export|func|get_(?:global|local)|global|if|import|local|loop|memory|module|mut|nop|offset|param|result|return|select|set_(?:global|local)|start|table|tee_local|then|type|unreachable)\b/],variable:/\$[\w!#$%&'*+\-./:<=>?@\\^`|~]+/,number:/[+-]?\b(?:\d(?:_?\d)*(?:\.\d(?:_?\d)*)?(?:[eE][+-]?\d(?:_?\d)*)?|0x[\da-fA-F](?:_?[\da-fA-F])*(?:\.[\da-fA-F](?:_?[\da-fA-D])*)?(?:[pP][+-]?\d(?:_?\d)*)?)\b|\binf\b|\bnan(?::0x[\da-fA-F](?:_?[\da-fA-D])*)?\b/,punctuation:/[()]/};const c=a},29901:e=>{e.exports&&(e.exports={core:{meta:{path:"components/prism-core.js",option:"mandatory"},core:"Core"},themes:{meta:{path:"themes/{id}.css",link:"index.html?theme={id}",exclusive:!0},prism:{title:"Default",option:"default"},"prism-dark":"Dark","prism-funky":"Funky","prism-okaidia":{title:"Okaidia",owner:"ocodia"},"prism-twilight":{title:"Twilight",owner:"remybach"},"prism-coy":{title:"Coy",owner:"tshedor"},"prism-solarizedlight":{title:"Solarized Light",owner:"hectormatos2011 "},"prism-tomorrow":{title:"Tomorrow Night",owner:"Rosey"}},languages:{meta:{path:"components/prism-{id}",noCSS:!0,examplesPath:"examples/prism-{id}",addCheckAll:!0},markup:{title:"Markup",alias:["html","xml","svg","mathml","ssml","atom","rss"],aliasTitles:{html:"HTML",xml:"XML",svg:"SVG",mathml:"MathML",ssml:"SSML",atom:"Atom",rss:"RSS"},option:"default"},css:{title:"CSS",option:"default",modify:"markup"},clike:{title:"C-like",option:"default"},javascript:{title:"JavaScript",require:"clike",modify:"markup",optional:"regex",alias:"js",option:"default"},abap:{title:"ABAP",owner:"dellagustin"},abnf:{title:"ABNF",owner:"RunDevelopment"},actionscript:{title:"ActionScript",require:"javascript",modify:"markup",owner:"Golmote"},ada:{title:"Ada",owner:"Lucretia"},agda:{title:"Agda",owner:"xy-ren"},al:{title:"AL",owner:"RunDevelopment"},antlr4:{title:"ANTLR4",alias:"g4",owner:"RunDevelopment"},apacheconf:{title:"Apache Configuration",owner:"GuiTeK"},apex:{title:"Apex",require:["clike","sql"],owner:"RunDevelopment"},apl:{title:"APL",owner:"ngn"},applescript:{title:"AppleScript",owner:"Golmote"},aql:{title:"AQL",owner:"RunDevelopment"},arduino:{title:"Arduino",require:"cpp",alias:"ino",owner:"dkern"},arff:{title:"ARFF",owner:"Golmote"},armasm:{title:"ARM Assembly",alias:"arm-asm",owner:"RunDevelopment"},arturo:{title:"Arturo",alias:"art",optional:["bash","css","javascript","markup","markdown","sql"],owner:"drkameleon"},asciidoc:{alias:"adoc",title:"AsciiDoc",owner:"Golmote"},aspnet:{title:"ASP.NET (C#)",require:["markup","csharp"],owner:"nauzilus"},asm6502:{title:"6502 Assembly",owner:"kzurawel"},asmatmel:{title:"Atmel AVR Assembly",owner:"cerkit"},autohotkey:{title:"AutoHotkey",owner:"aviaryan"},autoit:{title:"AutoIt",owner:"Golmote"},avisynth:{title:"AviSynth",alias:"avs",owner:"Zinfidel"},"avro-idl":{title:"Avro IDL",alias:"avdl",owner:"RunDevelopment"},awk:{title:"AWK",alias:"gawk",aliasTitles:{gawk:"GAWK"},owner:"RunDevelopment"},bash:{title:"Bash",alias:["sh","shell"],aliasTitles:{sh:"Shell",shell:"Shell"},owner:"zeitgeist87"},basic:{title:"BASIC",owner:"Golmote"},batch:{title:"Batch",owner:"Golmote"},bbcode:{title:"BBcode",alias:"shortcode",aliasTitles:{shortcode:"Shortcode"},owner:"RunDevelopment"},bbj:{title:"BBj",owner:"hyyan"},bicep:{title:"Bicep",owner:"johnnyreilly"},birb:{title:"Birb",require:"clike",owner:"Calamity210"},bison:{title:"Bison",require:"c",owner:"Golmote"},bnf:{title:"BNF",alias:"rbnf",aliasTitles:{rbnf:"RBNF"},owner:"RunDevelopment"},bqn:{title:"BQN",owner:"yewscion"},brainfuck:{title:"Brainfuck",owner:"Golmote"},brightscript:{title:"BrightScript",owner:"RunDevelopment"},bro:{title:"Bro",owner:"wayward710"},bsl:{title:"BSL (1C:Enterprise)",alias:"oscript",aliasTitles:{oscript:"OneScript"},owner:"Diversus23"},c:{title:"C",require:"clike",owner:"zeitgeist87"},csharp:{title:"C#",require:"clike",alias:["cs","dotnet"],owner:"mvalipour"},cpp:{title:"C++",require:"c",owner:"zeitgeist87"},cfscript:{title:"CFScript",require:"clike",alias:"cfc",owner:"mjclemente"},chaiscript:{title:"ChaiScript",require:["clike","cpp"],owner:"RunDevelopment"},cil:{title:"CIL",owner:"sbrl"},cilkc:{title:"Cilk/C",require:"c",alias:"cilk-c",owner:"OpenCilk"},cilkcpp:{title:"Cilk/C++",require:"cpp",alias:["cilk-cpp","cilk"],owner:"OpenCilk"},clojure:{title:"Clojure",owner:"troglotit"},cmake:{title:"CMake",owner:"mjrogozinski"},cobol:{title:"COBOL",owner:"RunDevelopment"},coffeescript:{title:"CoffeeScript",require:"javascript",alias:"coffee",owner:"R-osey"},concurnas:{title:"Concurnas",alias:"conc",owner:"jasontatton"},csp:{title:"Content-Security-Policy",owner:"ScottHelme"},cooklang:{title:"Cooklang",owner:"ahue"},coq:{title:"Coq",owner:"RunDevelopment"},crystal:{title:"Crystal",require:"ruby",owner:"MakeNowJust"},"css-extras":{title:"CSS Extras",require:"css",modify:"css",owner:"milesj"},csv:{title:"CSV",owner:"RunDevelopment"},cue:{title:"CUE",owner:"RunDevelopment"},cypher:{title:"Cypher",owner:"RunDevelopment"},d:{title:"D",require:"clike",owner:"Golmote"},dart:{title:"Dart",require:"clike",owner:"Golmote"},dataweave:{title:"DataWeave",owner:"machaval"},dax:{title:"DAX",owner:"peterbud"},dhall:{title:"Dhall",owner:"RunDevelopment"},diff:{title:"Diff",owner:"uranusjr"},django:{title:"Django/Jinja2",require:"markup-templating",alias:"jinja2",owner:"romanvm"},"dns-zone-file":{title:"DNS zone file",owner:"RunDevelopment",alias:"dns-zone"},docker:{title:"Docker",alias:"dockerfile",owner:"JustinBeckwith"},dot:{title:"DOT (Graphviz)",alias:"gv",optional:"markup",owner:"RunDevelopment"},ebnf:{title:"EBNF",owner:"RunDevelopment"},editorconfig:{title:"EditorConfig",owner:"osipxd"},eiffel:{title:"Eiffel",owner:"Conaclos"},ejs:{title:"EJS",require:["javascript","markup-templating"],owner:"RunDevelopment",alias:"eta",aliasTitles:{eta:"Eta"}},elixir:{title:"Elixir",owner:"Golmote"},elm:{title:"Elm",owner:"zwilias"},etlua:{title:"Embedded Lua templating",require:["lua","markup-templating"],owner:"RunDevelopment"},erb:{title:"ERB",require:["ruby","markup-templating"],owner:"Golmote"},erlang:{title:"Erlang",owner:"Golmote"},"excel-formula":{title:"Excel Formula",alias:["xlsx","xls"],owner:"RunDevelopment"},fsharp:{title:"F#",require:"clike",owner:"simonreynolds7"},factor:{title:"Factor",owner:"catb0t"},false:{title:"False",owner:"edukisto"},"firestore-security-rules":{title:"Firestore security rules",require:"clike",owner:"RunDevelopment"},flow:{title:"Flow",require:"javascript",owner:"Golmote"},fortran:{title:"Fortran",owner:"Golmote"},ftl:{title:"FreeMarker Template Language",require:"markup-templating",owner:"RunDevelopment"},gml:{title:"GameMaker Language",alias:"gamemakerlanguage",require:"clike",owner:"LiarOnce"},gap:{title:"GAP (CAS)",owner:"RunDevelopment"},gcode:{title:"G-code",owner:"RunDevelopment"},gdscript:{title:"GDScript",owner:"RunDevelopment"},gedcom:{title:"GEDCOM",owner:"Golmote"},gettext:{title:"gettext",alias:"po",owner:"RunDevelopment"},gherkin:{title:"Gherkin",owner:"hason"},git:{title:"Git",owner:"lgiraudel"},glsl:{title:"GLSL",require:"c",owner:"Golmote"},gn:{title:"GN",alias:"gni",owner:"RunDevelopment"},"linker-script":{title:"GNU Linker Script",alias:"ld",owner:"RunDevelopment"},go:{title:"Go",require:"clike",owner:"arnehormann"},"go-module":{title:"Go module",alias:"go-mod",owner:"RunDevelopment"},gradle:{title:"Gradle",require:"clike",owner:"zeabdelkhalek-badido18"},graphql:{title:"GraphQL",optional:"markdown",owner:"Golmote"},groovy:{title:"Groovy",require:"clike",owner:"robfletcher"},haml:{title:"Haml",require:"ruby",optional:["css","css-extras","coffeescript","erb","javascript","less","markdown","scss","textile"],owner:"Golmote"},handlebars:{title:"Handlebars",require:"markup-templating",alias:["hbs","mustache"],aliasTitles:{mustache:"Mustache"},owner:"Golmote"},haskell:{title:"Haskell",alias:"hs",owner:"bholst"},haxe:{title:"Haxe",require:"clike",optional:"regex",owner:"Golmote"},hcl:{title:"HCL",owner:"outsideris"},hlsl:{title:"HLSL",require:"c",owner:"RunDevelopment"},hoon:{title:"Hoon",owner:"matildepark"},http:{title:"HTTP",optional:["csp","css","hpkp","hsts","javascript","json","markup","uri"],owner:"danielgtaylor"},hpkp:{title:"HTTP Public-Key-Pins",owner:"ScottHelme"},hsts:{title:"HTTP Strict-Transport-Security",owner:"ScottHelme"},ichigojam:{title:"IchigoJam",owner:"BlueCocoa"},icon:{title:"Icon",owner:"Golmote"},"icu-message-format":{title:"ICU Message Format",owner:"RunDevelopment"},idris:{title:"Idris",alias:"idr",owner:"KeenS",require:"haskell"},ignore:{title:".ignore",owner:"osipxd",alias:["gitignore","hgignore","npmignore"],aliasTitles:{gitignore:".gitignore",hgignore:".hgignore",npmignore:".npmignore"}},inform7:{title:"Inform 7",owner:"Golmote"},ini:{title:"Ini",owner:"aviaryan"},io:{title:"Io",owner:"AlesTsurko"},j:{title:"J",owner:"Golmote"},java:{title:"Java",require:"clike",owner:"sherblot"},javadoc:{title:"JavaDoc",require:["markup","java","javadoclike"],modify:"java",optional:"scala",owner:"RunDevelopment"},javadoclike:{title:"JavaDoc-like",modify:["java","javascript","php"],owner:"RunDevelopment"},javastacktrace:{title:"Java stack trace",owner:"RunDevelopment"},jexl:{title:"Jexl",owner:"czosel"},jolie:{title:"Jolie",require:"clike",owner:"thesave"},jq:{title:"JQ",owner:"RunDevelopment"},jsdoc:{title:"JSDoc",require:["javascript","javadoclike","typescript"],modify:"javascript",optional:["actionscript","coffeescript"],owner:"RunDevelopment"},"js-extras":{title:"JS Extras",require:"javascript",modify:"javascript",optional:["actionscript","coffeescript","flow","n4js","typescript"],owner:"RunDevelopment"},json:{title:"JSON",alias:"webmanifest",aliasTitles:{webmanifest:"Web App Manifest"},owner:"CupOfTea696"},json5:{title:"JSON5",require:"json",owner:"RunDevelopment"},jsonp:{title:"JSONP",require:"json",owner:"RunDevelopment"},jsstacktrace:{title:"JS stack trace",owner:"sbrl"},"js-templates":{title:"JS Templates",require:"javascript",modify:"javascript",optional:["css","css-extras","graphql","markdown","markup","sql"],owner:"RunDevelopment"},julia:{title:"Julia",owner:"cdagnino"},keepalived:{title:"Keepalived Configure",owner:"dev-itsheng"},keyman:{title:"Keyman",owner:"mcdurdin"},kotlin:{title:"Kotlin",alias:["kt","kts"],aliasTitles:{kts:"Kotlin Script"},require:"clike",owner:"Golmote"},kumir:{title:"KuMir (\u041a\u0443\u041c\u0438\u0440)",alias:"kum",owner:"edukisto"},kusto:{title:"Kusto",owner:"RunDevelopment"},latex:{title:"LaTeX",alias:["tex","context"],aliasTitles:{tex:"TeX",context:"ConTeXt"},owner:"japborst"},latte:{title:"Latte",require:["clike","markup-templating","php"],owner:"nette"},less:{title:"Less",require:"css",optional:"css-extras",owner:"Golmote"},lilypond:{title:"LilyPond",require:"scheme",alias:"ly",owner:"RunDevelopment"},liquid:{title:"Liquid",require:"markup-templating",owner:"cinhtau"},lisp:{title:"Lisp",alias:["emacs","elisp","emacs-lisp"],owner:"JuanCaicedo"},livescript:{title:"LiveScript",owner:"Golmote"},llvm:{title:"LLVM IR",owner:"porglezomp"},log:{title:"Log file",optional:"javastacktrace",owner:"RunDevelopment"},lolcode:{title:"LOLCODE",owner:"Golmote"},lua:{title:"Lua",owner:"Golmote"},magma:{title:"Magma (CAS)",owner:"RunDevelopment"},makefile:{title:"Makefile",owner:"Golmote"},markdown:{title:"Markdown",require:"markup",optional:"yaml",alias:"md",owner:"Golmote"},"markup-templating":{title:"Markup templating",require:"markup",owner:"Golmote"},mata:{title:"Mata",owner:"RunDevelopment"},matlab:{title:"MATLAB",owner:"Golmote"},maxscript:{title:"MAXScript",owner:"RunDevelopment"},mel:{title:"MEL",owner:"Golmote"},mermaid:{title:"Mermaid",owner:"RunDevelopment"},metafont:{title:"METAFONT",owner:"LaeriExNihilo"},mizar:{title:"Mizar",owner:"Golmote"},mongodb:{title:"MongoDB",owner:"airs0urce",require:"javascript"},monkey:{title:"Monkey",owner:"Golmote"},moonscript:{title:"MoonScript",alias:"moon",owner:"RunDevelopment"},n1ql:{title:"N1QL",owner:"TMWilds"},n4js:{title:"N4JS",require:"javascript",optional:"jsdoc",alias:"n4jsd",owner:"bsmith-n4"},"nand2tetris-hdl":{title:"Nand To Tetris HDL",owner:"stephanmax"},naniscript:{title:"Naninovel Script",owner:"Elringus",alias:"nani"},nasm:{title:"NASM",owner:"rbmj"},neon:{title:"NEON",owner:"nette"},nevod:{title:"Nevod",owner:"nezaboodka"},nginx:{title:"nginx",owner:"volado"},nim:{title:"Nim",owner:"Golmote"},nix:{title:"Nix",owner:"Golmote"},nsis:{title:"NSIS",owner:"idleberg"},objectivec:{title:"Objective-C",require:"c",alias:"objc",owner:"uranusjr"},ocaml:{title:"OCaml",owner:"Golmote"},odin:{title:"Odin",owner:"edukisto"},opencl:{title:"OpenCL",require:"c",modify:["c","cpp"],owner:"Milania1"},openqasm:{title:"OpenQasm",alias:"qasm",owner:"RunDevelopment"},oz:{title:"Oz",owner:"Golmote"},parigp:{title:"PARI/GP",owner:"Golmote"},parser:{title:"Parser",require:"markup",owner:"Golmote"},pascal:{title:"Pascal",alias:"objectpascal",aliasTitles:{objectpascal:"Object Pascal"},owner:"Golmote"},pascaligo:{title:"Pascaligo",owner:"DefinitelyNotAGoat"},psl:{title:"PATROL Scripting Language",owner:"bertysentry"},pcaxis:{title:"PC-Axis",alias:"px",owner:"RunDevelopment"},peoplecode:{title:"PeopleCode",alias:"pcode",owner:"RunDevelopment"},perl:{title:"Perl",owner:"Golmote"},php:{title:"PHP",require:"markup-templating",owner:"milesj"},phpdoc:{title:"PHPDoc",require:["php","javadoclike"],modify:"php",owner:"RunDevelopment"},"php-extras":{title:"PHP Extras",require:"php",modify:"php",owner:"milesj"},"plant-uml":{title:"PlantUML",alias:"plantuml",owner:"RunDevelopment"},plsql:{title:"PL/SQL",require:"sql",owner:"Golmote"},powerquery:{title:"PowerQuery",alias:["pq","mscript"],owner:"peterbud"},powershell:{title:"PowerShell",owner:"nauzilus"},processing:{title:"Processing",require:"clike",owner:"Golmote"},prolog:{title:"Prolog",owner:"Golmote"},promql:{title:"PromQL",owner:"arendjr"},properties:{title:".properties",owner:"Golmote"},protobuf:{title:"Protocol Buffers",require:"clike",owner:"just-boris"},pug:{title:"Pug",require:["markup","javascript"],optional:["coffeescript","ejs","handlebars","less","livescript","markdown","scss","stylus","twig"],owner:"Golmote"},puppet:{title:"Puppet",owner:"Golmote"},pure:{title:"Pure",optional:["c","cpp","fortran"],owner:"Golmote"},purebasic:{title:"PureBasic",require:"clike",alias:"pbfasm",owner:"HeX0R101"},purescript:{title:"PureScript",require:"haskell",alias:"purs",owner:"sriharshachilakapati"},python:{title:"Python",alias:"py",owner:"multipetros"},qsharp:{title:"Q#",require:"clike",alias:"qs",owner:"fedonman"},q:{title:"Q (kdb+ database)",owner:"Golmote"},qml:{title:"QML",require:"javascript",owner:"RunDevelopment"},qore:{title:"Qore",require:"clike",owner:"temnroegg"},r:{title:"R",owner:"Golmote"},racket:{title:"Racket",require:"scheme",alias:"rkt",owner:"RunDevelopment"},cshtml:{title:"Razor C#",alias:"razor",require:["markup","csharp"],optional:["css","css-extras","javascript","js-extras"],owner:"RunDevelopment"},jsx:{title:"React JSX",require:["markup","javascript"],optional:["jsdoc","js-extras","js-templates"],owner:"vkbansal"},tsx:{title:"React TSX",require:["jsx","typescript"]},reason:{title:"Reason",require:"clike",owner:"Golmote"},regex:{title:"Regex",owner:"RunDevelopment"},rego:{title:"Rego",owner:"JordanSh"},renpy:{title:"Ren'py",alias:"rpy",owner:"HyuchiaDiego"},rescript:{title:"ReScript",alias:"res",owner:"vmarcosp"},rest:{title:"reST (reStructuredText)",owner:"Golmote"},rip:{title:"Rip",owner:"ravinggenius"},roboconf:{title:"Roboconf",owner:"Golmote"},robotframework:{title:"Robot Framework",alias:"robot",owner:"RunDevelopment"},ruby:{title:"Ruby",require:"clike",alias:"rb",owner:"samflores"},rust:{title:"Rust",owner:"Golmote"},sas:{title:"SAS",optional:["groovy","lua","sql"],owner:"Golmote"},sass:{title:"Sass (Sass)",require:"css",optional:"css-extras",owner:"Golmote"},scss:{title:"Sass (SCSS)",require:"css",optional:"css-extras",owner:"MoOx"},scala:{title:"Scala",require:"java",owner:"jozic"},scheme:{title:"Scheme",owner:"bacchus123"},"shell-session":{title:"Shell session",require:"bash",alias:["sh-session","shellsession"],owner:"RunDevelopment"},smali:{title:"Smali",owner:"RunDevelopment"},smalltalk:{title:"Smalltalk",owner:"Golmote"},smarty:{title:"Smarty",require:"markup-templating",optional:"php",owner:"Golmote"},sml:{title:"SML",alias:"smlnj",aliasTitles:{smlnj:"SML/NJ"},owner:"RunDevelopment"},solidity:{title:"Solidity (Ethereum)",alias:"sol",require:"clike",owner:"glachaud"},"solution-file":{title:"Solution file",alias:"sln",owner:"RunDevelopment"},soy:{title:"Soy (Closure Template)",require:"markup-templating",owner:"Golmote"},sparql:{title:"SPARQL",require:"turtle",owner:"Triply-Dev",alias:"rq"},"splunk-spl":{title:"Splunk SPL",owner:"RunDevelopment"},sqf:{title:"SQF: Status Quo Function (Arma 3)",require:"clike",owner:"RunDevelopment"},sql:{title:"SQL",owner:"multipetros"},squirrel:{title:"Squirrel",require:"clike",owner:"RunDevelopment"},stan:{title:"Stan",owner:"RunDevelopment"},stata:{title:"Stata Ado",require:["mata","java","python"],owner:"RunDevelopment"},iecst:{title:"Structured Text (IEC 61131-3)",owner:"serhioromano"},stylus:{title:"Stylus",owner:"vkbansal"},supercollider:{title:"SuperCollider",alias:"sclang",owner:"RunDevelopment"},swift:{title:"Swift",owner:"chrischares"},systemd:{title:"Systemd configuration file",owner:"RunDevelopment"},"t4-templating":{title:"T4 templating",owner:"RunDevelopment"},"t4-cs":{title:"T4 Text Templates (C#)",require:["t4-templating","csharp"],alias:"t4",owner:"RunDevelopment"},"t4-vb":{title:"T4 Text Templates (VB)",require:["t4-templating","vbnet"],owner:"RunDevelopment"},tap:{title:"TAP",owner:"isaacs",require:"yaml"},tcl:{title:"Tcl",owner:"PeterChaplin"},tt2:{title:"Template Toolkit 2",require:["clike","markup-templating"],owner:"gflohr"},textile:{title:"Textile",require:"markup",optional:"css",owner:"Golmote"},toml:{title:"TOML",owner:"RunDevelopment"},tremor:{title:"Tremor",alias:["trickle","troy"],owner:"darach",aliasTitles:{trickle:"trickle",troy:"troy"}},turtle:{title:"Turtle",alias:"trig",aliasTitles:{trig:"TriG"},owner:"jakubklimek"},twig:{title:"Twig",require:"markup-templating",owner:"brandonkelly"},typescript:{title:"TypeScript",require:"javascript",optional:"js-templates",alias:"ts",owner:"vkbansal"},typoscript:{title:"TypoScript",alias:"tsconfig",aliasTitles:{tsconfig:"TSConfig"},owner:"dkern"},unrealscript:{title:"UnrealScript",alias:["uscript","uc"],owner:"RunDevelopment"},uorazor:{title:"UO Razor Script",owner:"jaseowns"},uri:{title:"URI",alias:"url",aliasTitles:{url:"URL"},owner:"RunDevelopment"},v:{title:"V",require:"clike",owner:"taggon"},vala:{title:"Vala",require:"clike",optional:"regex",owner:"TemplarVolk"},vbnet:{title:"VB.Net",require:"basic",owner:"Bigsby"},velocity:{title:"Velocity",require:"markup",owner:"Golmote"},verilog:{title:"Verilog",owner:"a-rey"},vhdl:{title:"VHDL",owner:"a-rey"},vim:{title:"vim",owner:"westonganger"},"visual-basic":{title:"Visual Basic",alias:["vb","vba"],aliasTitles:{vba:"VBA"},owner:"Golmote"},warpscript:{title:"WarpScript",owner:"RunDevelopment"},wasm:{title:"WebAssembly",owner:"Golmote"},"web-idl":{title:"Web IDL",alias:"webidl",owner:"RunDevelopment"},wgsl:{title:"WGSL",owner:"Dr4gonthree"},wiki:{title:"Wiki markup",require:"markup",owner:"Golmote"},wolfram:{title:"Wolfram language",alias:["mathematica","nb","wl"],aliasTitles:{mathematica:"Mathematica",nb:"Mathematica Notebook"},owner:"msollami"},wren:{title:"Wren",owner:"clsource"},xeora:{title:"Xeora",require:"markup",alias:"xeoracube",aliasTitles:{xeoracube:"XeoraCube"},owner:"freakmaxi"},"xml-doc":{title:"XML doc (.net)",require:"markup",modify:["csharp","fsharp","vbnet"],owner:"RunDevelopment"},xojo:{title:"Xojo (REALbasic)",owner:"Golmote"},xquery:{title:"XQuery",require:"markup",owner:"Golmote"},yaml:{title:"YAML",alias:"yml",owner:"hason"},yang:{title:"YANG",owner:"RunDevelopment"},zig:{title:"Zig",owner:"RunDevelopment"}},plugins:{meta:{path:"plugins/{id}/prism-{id}",link:"plugins/{id}/"},"line-highlight":{title:"Line Highlight",description:"Highlights specific lines and/or line ranges."},"line-numbers":{title:"Line Numbers",description:"Line number at the beginning of code lines.",owner:"kuba-kubula"},"show-invisibles":{title:"Show Invisibles",description:"Show hidden characters such as tabs and line breaks.",optional:["autolinker","data-uri-highlight"]},autolinker:{title:"Autolinker",description:"Converts URLs and emails in code to clickable links. Parses Markdown links in comments."},wpd:{title:"WebPlatform Docs",description:'Makes tokens link to WebPlatform.org documentation. The links open in a new tab.'},"custom-class":{title:"Custom Class",description:"This plugin allows you to prefix Prism's default classes (.comment can become .namespace--comment) or replace them with your defined ones (like .editor__comment). You can even add new classes.",owner:"dvkndn",noCSS:!0},"file-highlight":{title:"File Highlight",description:"Fetch external files and highlight them with Prism. Used on the Prism website itself.",noCSS:!0},"show-language":{title:"Show Language",description:"Display the highlighted language in code blocks (inline code does not show the label).",owner:"nauzilus",noCSS:!0,require:"toolbar"},"jsonp-highlight":{title:"JSONP Highlight",description:"Fetch content with JSONP and highlight some interesting content (e.g. GitHub/Gists or Bitbucket API).",noCSS:!0,owner:"nauzilus"},"highlight-keywords":{title:"Highlight Keywords",description:"Adds special CSS classes for each keyword for fine-grained highlighting.",owner:"vkbansal",noCSS:!0},"remove-initial-line-feed":{title:"Remove initial line feed",description:"Removes the initial line feed in code blocks.",owner:"Golmote",noCSS:!0},"inline-color":{title:"Inline color",description:"Adds a small inline preview for colors in style sheets.",require:"css-extras",owner:"RunDevelopment"},previewers:{title:"Previewers",description:"Previewers for angles, colors, gradients, easing and time.",require:"css-extras",owner:"Golmote"},autoloader:{title:"Autoloader",description:"Automatically loads the needed languages to highlight the code blocks.",owner:"Golmote",noCSS:!0},"keep-markup":{title:"Keep Markup",description:"Prevents custom markup from being dropped out during highlighting.",owner:"Golmote",optional:"normalize-whitespace",noCSS:!0},"command-line":{title:"Command Line",description:"Display a command line with a prompt and, optionally, the output/response from the commands.",owner:"chriswells0"},"unescaped-markup":{title:"Unescaped Markup",description:"Write markup without having to escape anything."},"normalize-whitespace":{title:"Normalize Whitespace",description:"Supports multiple operations to normalize whitespace in code blocks.",owner:"zeitgeist87",optional:"unescaped-markup",noCSS:!0},"data-uri-highlight":{title:"Data-URI Highlight",description:"Highlights data-URI contents.",owner:"Golmote",noCSS:!0},toolbar:{title:"Toolbar",description:"Attach a toolbar for plugins to easily register buttons on the top of a code block.",owner:"mAAdhaTTah"},"copy-to-clipboard":{title:"Copy to Clipboard Button",description:"Add a button that copies the code block to the clipboard when clicked.",owner:"mAAdhaTTah",require:"toolbar",noCSS:!0},"download-button":{title:"Download Button",description:"A button in the toolbar of a code block adding a convenient way to download a code file.",owner:"Golmote",require:"toolbar",noCSS:!0},"match-braces":{title:"Match braces",description:"Highlights matching braces.",owner:"RunDevelopment"},"diff-highlight":{title:"Diff Highlight",description:"Highlights the code inside diff blocks.",owner:"RunDevelopment",require:"diff"},"filter-highlight-all":{title:"Filter highlightAll",description:"Filters the elements the highlightAll and highlightAllUnder methods actually highlight.",owner:"RunDevelopment",noCSS:!0},treeview:{title:"Treeview",description:"A language with special styles to highlight file system tree structures.",owner:"Golmote"}}})},2885:(e,t,n)=>{const o=n(29901),a=n(39642),c=new Set;function r(e){void 0===e?e=Object.keys(o.languages).filter((e=>"meta"!=e)):Array.isArray(e)||(e=[e]);const t=[...c,...Object.keys(Prism.languages)];a(o,e,t).load((e=>{if(!(e in o.languages))return void(r.silent||console.warn("Language does not exist: "+e));const t="./prism-"+e;delete n.c[n(16500).resolve(t)],delete Prism.languages[e],n(16500)(t),c.add(e)}))}r.silent=!1,e.exports=r},6726:(e,t,n)=>{var o={"./":2885};function a(e){var t=c(e);return n(t)}function c(e){if(!n.o(o,e)){var t=new Error("Cannot find module '"+e+"'");throw t.code="MODULE_NOT_FOUND",t}return o[e]}a.keys=function(){return Object.keys(o)},a.resolve=c,e.exports=a,a.id=6726},16500:(e,t,n)=>{var o={"./":2885};function a(e){var t=c(e);return n(t)}function c(e){if(!n.o(o,e)){var t=new Error("Cannot find module '"+e+"'");throw t.code="MODULE_NOT_FOUND",t}return o[e]}a.keys=function(){return Object.keys(o)},a.resolve=c,e.exports=a,a.id=16500},39642:e=>{"use strict";var t=function(){var e=function(){};function t(e,t){Array.isArray(e)?e.forEach(t):null!=e&&t(e,0)}function n(e){for(var t={},n=0,o=e.length;n "));var i={},s=e[o];if(s){function l(t){if(!(t in e))throw new Error(o+" depends on an unknown component "+t);if(!(t in i))for(var r in a(t,c),i[t]=!0,n[t])i[r]=!0}t(s.require,l),t(s.optional,l),t(s.modify,l)}n[o]=i,c.pop()}}return function(e){var t=n[e];return t||(a(e,o),t=n[e]),t}}function a(e){for(var t in e)return!0;return!1}return function(c,r,i){var s=function(e){var t={};for(var n in e){var o=e[n];for(var a in o)if("meta"!=a){var c=o[a];t[a]="string"==typeof c?{title:c}:c}}return t}(c),l=function(e){var n;return function(o){if(o in e)return o;if(!n)for(var a in n={},e){var c=e[a];t(c&&c.alias,(function(t){if(t in n)throw new Error(t+" cannot be alias for both "+a+" and "+n[t]);if(t in e)throw new Error(t+" cannot be alias of "+a+" because it is a component.");n[t]=a}))}return n[o]||o}}(s);r=r.map(l),i=(i||[]).map(l);var d=n(r),u=n(i);r.forEach((function e(n){var o=s[n];t(o&&o.require,(function(t){t in u||(d[t]=!0,e(t))}))}));for(var b,g=o(s),f=d;a(f);){for(var p in b={},f){var m=s[p];t(m&&m.modify,(function(e){e in u&&(b[e]=!0)}))}for(var h in u)if(!(h in d))for(var _ in g(h))if(_ in d){b[h]=!0;break}for(var v in f=b)d[v]=!0}var w={getIds:function(){var e=[];return w.load((function(t){e.push(t)})),e},load:function(t,n){return function(t,n,o,a){var c=a?a.series:void 0,r=a?a.parallel:e,i={},s={};function l(e){if(e in i)return i[e];s[e]=!0;var a,d=[];for(var u in t(e))u in n&&d.push(u);if(0===d.length)a=o(e);else{var b=r(d.map((function(e){var t=l(e);return delete s[e],t})));c?a=c(b,(function(){return o(e)})):o(e)}return i[e]=a}for(var d in n)l(d);var u=[];for(var b in s)u.push(i[b]);return r(u)}(g,d,t,n)}};return w}}();e.exports=t},92703:(e,t,n)=>{"use strict";var o=n(50414);function a(){}function c(){}c.resetWarningCache=a,e.exports=function(){function e(e,t,n,a,c,r){if(r!==o){var i=new Error("Calling PropTypes validators directly is not supported by the `prop-types` package. Use PropTypes.checkPropTypes() to call them. Read more at http://fb.me/use-check-prop-types");throw i.name="Invariant Violation",i}}function t(){return e}e.isRequired=e;var n={array:e,bigint:e,bool:e,func:e,number:e,object:e,string:e,symbol:e,any:e,arrayOf:t,element:e,elementType:e,instanceOf:t,node:e,objectOf:t,oneOf:t,oneOfType:t,shape:t,exact:t,checkPropTypes:c,resetWarningCache:a};return n.PropTypes=n,n}},45697:(e,t,n)=>{e.exports=n(92703)()},50414:e=>{"use strict";e.exports="SECRET_DO_NOT_PASS_THIS_OR_YOU_WILL_BE_FIRED"},64448:(e,t,n)=>{"use strict";var o=n(67294),a=n(27418),c=n(63840);function r(e){for(var t="https://reactjs.org/docs/error-decoder.html?invariant="+e,n=1;n