Podman 1.9 has been released!​

Podman 1.9.0 has been released, featuring initial support for the new containers.conf configuration file, the ability to dynamically allocate user namespaces, and many improvements to the HTTP API.

The containers.conf configuration file (documentation here) is the eventual replacement for our old configuration file, libpod.conf. It contains everything that file had, but also a large number of container-specific configuration settings, including the ability to add volume mounts, environment variables, DNS servers, and much more by default in new containers. As support is still in the early stages, we do not presently provide a default containers.conf, but expect to find one in future releases! The containers.conf file is also shared between Podman and Buildah, and sets defaults for both.

Podman continues to push the boundaries of containers and security. Podman has a new experimental feature to dynamically allocate user namespaces for containers run as root with the --userns=auto flag. This option causes Podman to allocate unique user namespaces for each container it creates, dynamically sized based on the number of UIDs in the image. With this option, it is trivial to run containers in separate user namespaces, greatly improving isolation.

We expect that Podman 1.9.0 will be the last minor release before Podman 2.0. Podman 2.0 will feature a number of major architectural changes to better support the new HTTP API, and will allow Podman to be used locally, as it is today, or remotely, against a Podman HTTP service, with the same executable. More details here.

Podman 1.7 has been released!​

Podman v1.7.0 has been released, including many new features and numerous bugfixes. It features improvements to networking, podman play kube, and systemd unit file integration. We’ve also added the podman system reset command, to remove all existing containers, pods, images, and volumes and reset the system to its initial state. Stability has not been neglected, and this release features almost 60 bugfixes, including major fixes for podman rm, podman exec, and volumes.

This new release features improved support for host networking via the CNI macvlan plugin which allows containers to connect directly to networks the host is connected to. The podman network create command can now create macvlan configs via the --macvlan flag. Containers can also set static MAC addresses. The podman play kube command has also been updated to respect security settings, including user/group, SELinux configuration, and Seccomp profiles. Podman now creates a cgroup namespace by default on systems using cgroups v2, improving container isolation. We’ve made major improvements for running Podman in a systemd service. These changes (and how to use them) are detailed elsewhere in a blog.

As always, please visit our page on GitHub to see the full changelog.

You can find instructions for installing Podman here.

Podman has gone 1.5!​

Podman 1.5.0 has been released! We’ve made major improvements to podman exec, podman generate kube, and rootless containers in this release. Stability has also been a focus, and we’ve fixed over 30 bugs and several performance issues. The new 1.5.0 release is available for Fedora and Ubuntu right now!

With this new release, Podman has picked up a number of improvements to core container functionality. The podman exec command has been completely reworked, including improved handling for attaching to containers. Expect to see more work on exec in future releases. CGroups have also seen major work, with support for CGroup namespaces via the --cgroupns flag to podman create and podman run, and support for CGroups v2 when using the crun OCI runtime - more details here. The podman generate kube command has also been improved and now includes volumes mounted into containers. Finally, we’ve addressed several memory leaks and other performance issues, and Podman should be much more responsive on systems under high load.

Rootless containers have also been improved, featuring improved handling for privileged containers and the ability to use container health checks. Podman now has experimental support for running rootless containers with a single UID and GID using the new ignore_chown_errors storage option. This allows Podman to be run without the newuidmap and newgidmap binaries, and removes the need for any elevated privileges to start rootless containers. This approach is more limited (but more secure) than normal rootless containers.

As always, please visit our release notes on GitHub to see the full changelog.

You can find instructions for installing Podman here.

Welcome to Podman 1.3.0!​

Podman 1.3.0 has been released! We've focused firmly on stability with 1.3.0, fixing over 25 bugs and making major changes to improve the stability of rootless Podman and Podman volumes. This release also includes a number of new features, including the podman generate systemd command to generate unit files to manage Podman containers, and the --restart flag for podman run and podman create to restart containers on error. We also picked up a fresh version of Buildah, 1.8.2, including numerous fixes and improvements for podman build.

The biggest new features in Podman 1.3.0 are for managing container restart. The --restart flag allows Podman to restart containers when they exit, and the podman generate systemd command makes unit files so you can leverage systemd to manage container lifecycle. These commands seem very similar, but are very different in practice. The --restart flag is much simpler, but more limited - it restarts containers when they exit, but cannot deal with a system restart or dependencies between containers. If you need access to these more advanced features, podman generate systemd will allow you to manage your containers via systemd, leveraging all of its service management capabilities.

As always, please visit our release notes on GitHub to see the full changelog.

You can find instructions for installing Podman here

Welcome to Podman 1.2.0!​

Podman 1.2.0 has been released, featuring many exciting new features and fixes for numerous bugs. With 1.2.0, Podman added support for container healthchecks, an events system, and a way to view image layers as a tree. Over 30 bugs were fixed in this new release, including numerous issues with rootless Podman. We also upgraded the version of Buildah driving podman build from v1.7 to v1.7.2, picking up numerous fixes.

Our new Podman release includes support for container healthchecks. Healthchecks provide additional information on container status, running checks defined by the image or user to verify that the application in a container is working properly. Any containers with healthchecks defined will run them automatically, and their status can be checked with podman inspect. The podman healthcheck run command can also be used to manually trigger a healthcheck.

Podman also added a new command, podman events, that can be used to view major lifecycle events for containers, pods, and images as they occur. This command and its corresponding Varlink API can be used by tools which wish to check the overall status of the system, or check when a specific container starts or exits. A few example events are shown below:

2019-04-11 15:49:45.490227772 -0400 EDT container attach 0765d56e25939f66aed5817dd10c5cbc69f177b2b4ef94ec302b8b67475e0a1a (image=quay.io/crio/alpine:latest, name=optimistic_franklin)
2019-04-11 15:49:45.58978211 -0400 EDT container start 0765d56e25939f66aed5817dd10c5cbc69f177b2b4ef94ec302b8b67475e0a1a (image=quay.io/crio/alpine:latest, name=optimistic_franklin)
2019-04-11 15:49:45.590526456 -0400 EDT container died 0765d56e25939f66aed5817dd10c5cbc69f177b2b4ef94ec302b8b67475e0a1a (image=quay.io/crio/alpine:latest, name=optimistic_franklin)
2019-04-11 15:49:46.363842802 -0400 EDT container remove 0765d56e25939f66aed5817dd10c5cbc69f177b2b4ef94ec302b8b67475e0a1a (image=quay.io/crio/alpine:latest, name=optimistic_franklin)

The podman image tree command was also added. This command will print a tree representation of an image's layers. This can be used to easily identify an image's dependencies. An example with a simple multilayer image is shown below:

Image ID: 4a3e4f2db0ac
Tags:    [localhost/buildah-ctr:latest localhost/myimage:latest]
Size:    598.1MB
Image Layers
├──  ID: a13f3c019d29 Size: 274.9MB
├──  ID: 6ae7c90cc44a Size: 323.2MB
└──  ID: 610298fe2990 Size: 1.024kB Top Layer of: [localhost/buildah-ctr:latest localhost/myimage:latest]

As always, please visit our release notes on GitHub to see the full changelog.

You can find instructions for installing Podman here

Podman has gone 1.1.2!​

After releasing Podman v1.1.1 a number of bug fixes focusing on command line options and parsing were added. All the details follow!

Changes​

Bugfixes​

• Fixed a bug where the podman image list, podman image rm, and podman container list had broken global storage options
• Fixed a bug where the --label option to podman create and podman run was missing the -l alias
• Fixed a bug where running Podman with the --config flag would not set an appropriate default value for tmp_dir #2408
• Fixed a bug where the podman logs command with the --timestamps flag produced unreadable output #2500
• Fixed a bug where the podman cp command would automatically extract .tar files copied into the container #2509

Misc​

• The podman container stop command is now usable with the Podman remote client

As always, please visit our release notes on GitHub to see the full changelog.

You can find instructions for installing Podman here

Podman has gone 1.1.1!​

After releasing Podman v1.1.0 a number of miscellaneous changes and several bug fixes focusing on command line options and parsing were added.
All the details follow!

Changes​

Bugfixes​

• Fixed a bug where podman container restore was erroneously available as podman restore #2191
• Fixed a bug where the volume_path option in libpod.conf was not being respected
• Fixed a bug where Podman failed to build when the varlink tag was not present #2459
• Fixed a bug where the podman image load command was listed twice in help text
• Fixed a bug where the podman image sign command was also listed as podman sign
• Fixed a bug where the podman image list command incorrectly had an image alias
• Fixed a bug where the podman images command incorrectly had ls and list aliases
• Fixed a bug where the podman image rm command was being displayed as podman image rmi
• Fixed a bug where the podman create command would attempt to parse arguments meant for the container
• Fixed a bug where the combination of FIPS mode and user namespaces resulted in permissions errors
• Fixed a bug where the --time alias for --timeout for the podman restart and podman stop commands did not function
• Fixed a bug where the default stop timeout for newly-created containers was being set to 0 seconds (resulting in an immediate SIGKILL on running podman stop)
• Fixed a bug where the output format of podman port was incorrect, printing full container ID instead of truncated ID
• Fixed a bug where the podman container list command did not exist
• Fixed a bug where podman build could not build a container from images tagged locally that did not exist in a registry #2469
• Fixed a bug where some Podman commands that accept no arguments would not error when provided arguments
• Fixed a bug where podman play kube could not handle cases where a pod and a container shared a name

Misc​

• Usage text for many commands was greatly improved
• Major cleanups were made to Podman manpages, ensuring that command lists are accurate
• Greatly improved debugging output when the newuidmap and newgidmap binaries fail when using rootless Podman
• The -s alias for the global --storage-driver option has been removed
• The podman container refresh command has been deprecated, as its intended use case is no longer relevant. The command has been hidden and manpages deleted. It will be removed in a future release
• The podman container runlabel command will now pull images not available locally even without the --pull option. The --pull option has been deprecated
• The podman container checkpoint and podman container restore commands are now only available on OCI runtimes where they are supported (e.g. runc)

As always, please visit our release notes on GitHub to see the full changelog.

You can find instructions for installing Podman here

Podman has gone 1.1!​

After releasing Podman v1.0 a number of new features were added and several bug fixes have been added. Some of the new features include the ability to forward ports as rootless Podman, adding short options to some of the existing command options, added --all-tags to the the pull command, further changes for rootless containers and more. All the details follow!

Changes​

Features​

• Added --latest and --all flags to podman mount and podman umount
• Rootless Podman can now forward ports into containers (using the same -p and -P flags as root Podman)
• Rootless Podman will now pull some configuration options (for example, OCI runtime path) from the default root libpod.conf if they are not explicitly set in the user's own libpod.conf #2174
• Added an alias -f for the --format flag of the podman info and podman version commands
• Added an alias -s for the --size flag of the podman inspect command
• Added the podman system info and podman system prune commands
• Added the podman cp command to copy files between containers and the host #613
• Added the --password-stdin flag to podman login
• Added the --all-tags flag to podman pull
• The --rm and --detach flags can now be used together with podman run
• The podman start and podman run commands for containers in pods will now start dependency containers if they are stopped
• Added the podman system renumber command to handle lock changes
• The --net=host and --dns flags for podman run and podman create no longer conflict
• Podman now handles mounting the shared /etc/resolv.conf from network namespaces created by ip netns add when they are passed in via podman run --net=ns:

Bugfixes​

• Fixed a bug with podman inspect where different information would be returned when the container was running versus when it was stopped
• Fixed a bug where errors in Go templates passed to podman inspect were silently ignored instead of reported to the user #2159
• Fixed a bug where rootless Podman with --pid=host containers was incorrectly masking paths in /proc
• Fixed a bug where full errors starting rootless Podman were not reported when a refresh was requested
• Fixed a bug where Podman would override the config file-specified storage driver with the driver the backing database was created with without warning users
• Fixed a bug where podman prune would prune all images not in use by a container, as opposed to only untagged images, by default #2192
• Fixed a bug where podman create --quiet and podman run --quiet were not properly suppressing output
• Fixed a bug where the table keyword in Go template output of podman ps was not working #2221
• Fixed a bug where podman inspect on images pulled by digest would double-print @sha256 in output when printing digests #2086
• Fixed a bug where podman container runlabel will return a non-0 exit code if the label does not exist
• Fixed a bug where container state was always reset to Created after a reboot #1703
• Fixed a bug where /dev/pts was unconditionally overridden in rootless Podman, which was unnecessary except in very specific cases
• Fixed a bug where Podman run as root was ignoring some options in /etc/containers/storage.conf #2217
• Fixed a bug where Podman cleanup processes were not being given the proper OCI runtime path if a custom one was specified
• Fixed a bug where podman images --filter dangling=true would crash if no dangling images were present #2246
• Fixed a bug where podman ps --format {% raw %}"{{.Mounts}}"{% endraw %} would not display a container's mounts #2238
• Fixed a bug where podman pod stats was ignoring Go templates specified by --format #2258
• Fixed a bug where podman generate kube would fail on containers with --user specified #2304
• Fixed a bug where podman images displayed incorrect output for images pulled by digest #2175
• Fixed a bug where podman port and podman ps did not properly display ports if the container joined a network namespace from a pod or another container #846
• Fixed a bug where detaching from a container using the detach keys would cause Podman to hang until the container exited
• Fixed a bug where podman create --rm did not work with podman start --attach
• Fixed a bug where invalid named volumes specified in podman create and podman run could cause segfaults #2301
• Fixed a bug where the runtime field in libpod.conf was being ignored. runtime is legacy and deprecated, but will continue to be respected for the foreseeable future
• Fixed a bug where podman login would sometimes report it logged in successfully when it did not
• Fixed a bug where podman pod create would not error on receiving unused CLI argument
• Fixed a bug where rootless podman run with the --pod argument would fail if the pod was stopped
• Fixed a bug where podman images did not print a trailing newline when not invoked on a TTY #2388
• Fixed a bug where the --runtime option was sometimes not overriding libpod.conf
• Fixed a bug where podman pull and podman runlabel would sometimes exit with 0 when they should have exited with an error #2405
• Fixed a bug where rootless podman export -o would fail #2381
• Fixed a bug where read-only volumes would fail in rootless Podman when the volume originated on a filesystem mounted nosuid, nodev, or noexec #2312
• Fixed a bug where some files used by checkpoint and restore received improper SELinux labels #2334
• Fixed a bug where Podman's volume path was not properly changed when containers/storage changed location #2395

Misc​

• Podman migrated to a new, shared memory locking model in this release. As part of this, if you are running Podman with pods or dependency containers (e.g. --net=container:), you should run the podman system renumber command to migrate your containers to the new model - please reference the podman-system-renumber(1) man page for further details
• Podman migrated to a new command-line parsing library, and the output format of help and usage text has somewhat changed as a result
• Updated Buildah to v1.7, picking up a number of bugfixes
• Updated containers/image library to v1.5, picking up a number of bugfixes and performance improvements to pushing images
• Updated containers/storage library to v1.10, picking up a number of bugfixes
• Work on the remote Podman client for interacting with Podman remotely over Varlink is progressing steadily, and many image and pod commands are supported
• Added path masking to mounts with the :z and :Z options, preventing users from accidentally performing an SELinux relabel of their entire home directory
• The podman container runlabel command will not pull an image if it does not contain the requested label
• Many commands' usage information now includes examples
• podman rm can now delete containers in containers/storage, which can be used to resolve some situations where Podman fails to remove a container
• The podman search command now searches multiple registries in parallel for improved performance
• The podman build command now defaults --pull-always to true
• Containers which share a network namespace (for example, when in a pod) will now share /etc/hosts and /etc/resolv.conf between all containers in the pod, causing changes in one container to propagate to all containers sharing their networks
• The podman rm and podman rmi commands now return 1 (instead of 127) when all specified container or images are missing

As always, please visit our release notes on GitHub to see the full changelog.

You can find instructions for installing Podman here

Podman has gone 1.0!​

Our original goal with Podman was to provide a fully-featured debugging experience for CRI-O, but it has become so much more. Podman 1.0.0 is a fully-featured container engine. It provides a Docker-compatible command line to ease the transition from other container engines. Most Podman commands can be run as a regular user, without requiring additional privileges. Furthermore, all of this is accomplished without a daemon!

Podman Release 0.12.1.1

We're happy to announce the availability of Podman 0.12.1.1, our latest version. We've been very busy over the last month, and it shows! We've merged over 150 new commits since our 0.11 releases, including major new functionality and several critical bugfixes. Pods, Kubernetes compatibility, and container volumes all saw major improvements.

We hope everyone enjoys the release, and stays with us in the future as Podman gets closer to 1.0. As always, many thanks to everyone who contributed to this release!