Fixed a bug where the --ignition-path option to podman machine init would prevent creation of necessary files for the VM, rendering it unusable (#23544).
Fixed a bug where rootless containers using the bridge networking mode would be unable to start due to a panic caused by a nil pointer dereference (#24566).
Fixed a bug where Podman containers would try to set increased rlimits when started in a user namespace, rendering containers unable to start (#24508).
Fixed a bug where certain SSH configurations would make the remote Podman client unable to connect to the server (#24567).
Fixed a bug where the Windows installer could install WSLv2 when upgrading an existing Podman installation that used the Hyper-V virtualization backend.
v5.3.0
Features
The podman kube generate and podman kube play commands can now create and run Kubernetes Job YAML (#17011).
The podman kube generate command now includes information on the user namespaces for pods and containers in generated YAML. The podman kube play command uses this information to duplicate the user namespace configuration when creating new pods based on the YAML.
The podman kube play command now supports Kubernetes volumes of type image (#23775).
The service name of systemd units generated by Quadlet can now be set with the ServiceName key in all supported Quadlet files (#23414).
Quadlets can now disable their implicit dependency on network-online.target via a new key, DefaultDependencies, supported by all Quadlet files (#24193).
Quadlet .container and .pod files now support a new key, AddHost, to add hosts to the container or pod.
The PublishPort key in Quadlet .container and .pod files can now accept variables in its value (#24081).
Quadlet .container files now support two new keys, CgroupsMode and StartWithPod, to configure cgroups for the container and whether the container will be started with the pod it is part of (#23664 and #24401).
Quadlet .container files can now use the network of another container by specifying the .container file of the container to share with in the Network key.
Quadlet .container files can now mount images managed by .image files into the container by using the Mount=type=image key with a .image target.
Quadlet .pod files now support six new keys, DNS, DNSOption, DNSSearch, IP, IP6, and UserNS, to configure DNS, static IPs, and user namespace settings for the pod (#23692).
Quadlet .image files can now give an image multiple times by specifying the ImageTag key multiple times (#23781).
Quadlets can now be placed in the /run/containers/systemd directory as well as existing directories like $HOME/containers/systemd and /etc/containers/systemd/users.
Quadlet now properly handles subdirectories of a unit directory being a symlink (#23755).
The podman manifest inspect command now includes the manifest's annotations in its output.
The output of the podman inspect command for containers now includes a new field, HostConfig.AutoRemoveImage, which shows whether a container was created with the --rmi option set.
The output of the podman inspect command for containers now includes a new field, Config.ExposedPorts, which includes all exposed ports from the container, improving Docker compatibility.
The output of the podman inspect command for containers now includes a new field, Config.StartupHealthCheck, which shows the container's startup healthcheck configuration.
The output of the podman inspect command for containers now includes a new field in Mounts, SubPath, which contains any subpath set for image or named volumes.
The podman machine list command now supports a new option, --all-providers, which lists machines from all supported VM providers, not just the one currently in use.
VMs run by podman machine on Windows will now provide API access by exposing a Unix socket on the host filesystem which forwards into the VM (#23408).
The podman buildx prune and podman image prune commands now support a new option, --build-cache, which will also clean the build cache.
The Windows installer has a new radio button to select virtualization provider (WSLv2 or Hyper-V).
The --add-host option to podman create, podman run, and podman pod create now supports specifying multiple hostnames, semicolon-separated (e.g. podman run --add-host test1;test2:192.168.1.1) (#23770).
The podman run and podman create commands now support three new options for configuring healthcheck logging: --health-log-destination (specify where logs are stored), --health-max-log-count (specify how many healthchecks worth of logs are stored), and --health-max-log-size (specify the maximum size of the healthcheck log).
Changes
Podman now uses the Pasta --map-guest-addr option by default which is used for the host.containers.internal entry in /etc/hosts to allow containers to reach the host by default (#19213).
The names of the infra containers of pods created by Quadlet are changed to the pod name suffixed with -infra (#23665).
The podman system connection add command now respects HTTP path prefixes specified with tcp:// URLs.
Proxy environment variables (e.g. https_proxy) declared in containers.conf no longer escape special characters in their values when used with podman machine VMs (#23277).
The podman images --sort=repository command now also sorts by image tag as well, guaranteeing deterministic output ordering (#23803).
When a user has a rootless podman machine VM running and second rootful podman machine VM initialized, and the rootless VM is removed, the connection to the second, rootful machine now becomes the default as expected (#22577).
Environment variable secrets are no longer contained in the output of podman inspect on a container the secret is used in (#23788).
Podman no longer exits 0 on SIGTERM by default.
Podman no longer explicitly sets rlimits to their default value, as this could lower the actual value available to containers if it had been set higher previously.
Quadlet user units now correctly wait for the network to be ready to use via a new service, podman-user-wait-network-online.service, instead of the user session's nonfunctional network-online.target.
Exposed ports in the output of podman ps are now correctly grouped and deduplicated when they are also published (#23317).
Quadlet build units no longer use RemainAfterExit=yes by default.
Fixed a bug where the --ignition-path option to podman machine init would prevent creation of necessary files for the VM, rendering it unusable (#23544).
Fixed a bug where rootless containers using the bridge networking mode would be unable to start due to a panic caused by a nil pointer dereference (#24566).
Fixed a bug where Podman containers would try to set increased rlimits when started in a user namespace, rendering containers unable to start (#24508).
Fixed a bug where certain SSH configurations would make the remote Podman client unable to connect to the server (#24567).
Fixed a bug where the Windows installer could install WSLv2 when upgrading an existing Podman installation that used the Hyper-V virtualization backend.
5.3.0
Features
The podman kube generate and podman kube play commands can now create and run Kubernetes Job YAML (#17011).
The podman kube generate command now includes information on the user namespaces for pods and containers in generated YAML. The podman kube play command uses this information to duplicate the user namespace configuration when creating new pods based on the YAML.
The podman kube play command now supports Kubernetes volumes of type image (#23775).
The service name of systemd units generated by Quadlet can now be set with the ServiceName key in all supported Quadlet files (#23414).
Quadlets can now disable their implicit dependency on network-online.target via a new key, DefaultDependencies, supported by all Quadlet files (#24193).
Quadlet .container and .pod files now support a new key, AddHost, to add hosts to the container or pod.
The PublishPort key in Quadlet .container and .pod files can now accept variables in its value (#24081).
Quadlet .container files now support two new keys, CgroupsMode and StartWithPod, to configure cgroups for the container and whether the container will be started with the pod it is part of (#23664 and #24401).
Quadlet .container files can now use the network of another container by specifying the .container file of the container to share with in the Network key.
Quadlet .container files can now mount images managed by .image files into the container by using the Mount=type=image key with a .image target.
Quadlet .pod files now support six new keys, DNS, DNSOption, DNSSearch, IP, IP6, and UserNS, to configure DNS, static IPs, and user namespace settings for the pod (#23692).
Quadlet .image files can now give an image multiple times by specifying the ImageTag key multiple times (#23781).
Quadlets can now be placed in the /run/containers/systemd directory as well as existing directories like $HOME/containers/systemd and /etc/containers/systemd/users.
Quadlet now properly handles subdirectories of a unit directory being a symlink (#23755).
The podman manifest inspect command now includes the manifest's annotations in its output.
The output of the podman inspect command for containers now includes a new field, HostConfig.AutoRemoveImage, which shows whether a container was created with the --rmi option set.
The output of the podman inspect command for containers now includes a new field, Config.ExposedPorts, which includes all exposed ports from the container, improving Docker compatibility.
The output of the podman inspect command for containers now includes a new field, Config.StartupHealthCheck, which shows the container's startup healthcheck configuration.
The output of the podman inspect command for containers now includes a new field in Mounts, SubPath, which contains any subpath set for image or named volumes.
The podman machine list command now supports a new option, --all-providers, which lists machines from all supported VM providers, not just the one currently in use.
VMs run by podman machine on Windows will now provide API access by exposing a Unix socket on the host filesystem which forwards into the VM (#23408).
The podman buildx prune and podman image prune commands now support a new option, --build-cache, which will also clean the build cache.
The Windows installer has a new radio button to select virtualization provider (WSLv2 or Hyper-V).
The --add-host option to podman create, podman run, and podman pod create now supports specifying multiple hostnames, semicolon-separated (e.g. podman run --add-host test1;test2:192.168.1.1) (#23770).
The podman run and podman create commands now support three new options for configuring healthcheck logging: --health-log-destination (specify where logs are stored), --health-max-log-count (specify how many healthchecks worth of logs are stored), and --health-max-log-size (specify the maximum size of the healthcheck log).
Changes
Podman now uses the Pasta --map-guest-addr option by default which is used for the host.containers.internal entry in /etc/hosts to allow containers to reach the host by default (#19213).
The names of the infra containers of pods created by Quadlet are changed to the pod name suffixed with -infra (#23665).
The podman system connection add command now respects HTTP path prefixes specified with tcp:// URLs.
Proxy environment variables (e.g. https_proxy) declared in containers.conf no longer escape special characters in their values when used with podman machine VMs (#23277).
The podman images --sort=repository command now also sorts by image tag as well, guaranteeing deterministic output ordering (#23803).
When a user has a rootless podman machine VM running and second rootful podman machine VM initialized, and the rootless VM is removed, the connection to the second, rootful machine now becomes the default as expected (#22577).
Environment variable secrets are no longer contained in the output of podman inspect on a container the secret is used in (#23788).
Podman no longer exits 0 on SIGTERM by default.
Podman no longer explicitly sets rlimits to their default value, as this could lower the actual value available to containers if it had been set higher previously.
Quadlet user units now correctly wait for the network to be ready to use via a new service, podman-user-wait-network-online.service, instead of the user session's nonfunctional network-online.target.
Exposed ports in the output of podman ps are now correctly grouped and deduplicated when they are also published (#23317).
Quadlet build units no longer use RemainAfterExit=yes by default.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps github.com/containers/podman/v5 from 5.2.5 to 5.3.1.
Release notes
Sourced from github.com/containers/podman/v5's releases.
... (truncated)
Changelog
Sourced from github.com/containers/podman/v5's changelog.
... (truncated)
Commits
4cbdfdeBump to v5.3.150960afUpdate release notes for v5.3.1f918c35Merge pull request #24627 from openshift-cherrypick-robot/cherry-pick-24624-t...d269907Update windows installer tests2739822Windows: don't install WSL/HyperV on updatea8d61c0Switch to non-installing WSL by defaultefbe4e9Merge pull request #24608 from Luap99/v5.398353f2docs: add 5.3 as Reference version4886a0bonly read ssh_config for non machine connections93562b4ssh_config: allow IdentityFile file with tildeDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show