github containers/podman v5.3.0-rc2
v5.3.0-RC2
on GitHub

pre-release12 hours ago

This is the second release candidate for Podman v5.3.0. Preliminary release notes are below.

Features

  • The podman kube generate and podman kube play commands can now create and run Kubernetes Job YAML (#17011).
  • The podman kube generate command now includes information on the user namespaces for pods and containers in generated YAML. The podman kube play command uses this information to duplicate the user namespace configuration when creating new pods based on the YAML.
  • The podman kube play command now supports Kubernetes volumes of type image (#23775).
  • The service name of systemd units generated by Quadlet can now be set with the ServiceName key in all supported Quadlet files (#23414).
  • Quadlets can now disable their implicit dependency on network-online.target via a new key, DefaultDependencies, supported by all Quadlet files (#24193).
  • Quadlet .container and .pod files now support a new key, AddHost, to add hosts to the container or pod.
  • The PublishPort key in Quadlet .container and .pod files can now accept variables in its value (#24081).
  • Quadlet .container files now support a new key, CgroupsMode, to configure cgroups for the container (#23664).
  • Quadlet .container files can now use the network of another container by specifying the .container file of the container to share with in the Network key.
  • Quadlet .pod files now support six new keys, DNS, DNSOption, DNSSearch, IP, IP6, and UserNS, to configure DNS, static IPs, and user namespace settings for the pod (#23692).
  • Quadlet .image files can now give an image multiple times by specifying the ImageTag key multiple times (#23781).
  • Quadlets can now be placed in the /run/containers/systemd directory as well as existing directories like $HOME/containers/systemd and /etc/containers/systemd/users.
  • Quadlet now properly handles subdirectories of a unit directory being a symlink (#23755).
  • The podman manifest inspect command now includes the manifest's annotations in its output.
  • The output of the podman inspect command for containers now includes a new field, HostConfig.AutoRemoveImage, which shows whether a container was created with the --rmi option set.
  • The output of the podman inspect command for containers now includes a new field, Config.ExposedPorts, which includes all exposed ports from the container, improving Docker compatibility.
  • The output of the podman inspect command for containers now includes a new field, Config.StartupHealthCheck, which shows the container's startup healthcheck configuration.
  • The podman machine list command now supports a new option, --all-providers, which lists machines from all supported VM providers, not just the one currently in use.
  • VMs run by podman machine on Windows will now provide API access by exposing a Unix socket on the host filesystem which forwards into the VM (#23408).
  • The podman buildx prune and podman image prune commands now support a new option, --build-cache, which will also clean the build cache.
  • The Windows installer has a new radio button to select virtualization provider (WSLv2 or Hyper-V).
  • The --add-host option to podman create, podman run, and podman pod create now supports specifying multiple hostnames, semicolon-separated (e.g. podman run --add-host test1;test2:192.168.1.1) (#23770).
  • The podman run and podman create commands now support three new options for configuring healthcheck logging: --health-log-destination (specify where logs are stored), --health-max-log-count (specify how many healthchecks worth of logs are stored), and --health-max-log-size (specify the maximum size of the healthcheck log).

Changes

  • Podman now uses the Pasta --map-guest-addr option by default which is used for the host.containers.internal entry in /etc/hosts to allow containers to reach the host by default (#19213).
  • The names of the infra containers of pods created by Quadlet are changed to the pod name suffixed with -infra (#23665).
  • The podman system connection add command now respects HTTP path prefixes specified with tcp:// URLs.
  • Proxy environment variables (e.g. https_proxy) declared in containers.conf no longer escape special characters in their values when used with podman machine VMs (#23277).
  • The podman images --sort=repository command now also sorts by image tag as well, guaranteeing deterministic output ordering (#23803).
  • When a user has a rootless podman machine VM running and second rootful podman machine VM initialized, and the rootless VM is removed, the connection to the second, rootful machine now becomes the default as expected (#22577).
  • Environment variable secrets are no longer contained in the output of podman inspect on a container the secret is used in (#23788).
  • Podman no longer exits 0 on SIGTERM by default.
  • Podman no longer explicitly sets rlimits to their default value, as this could lower the actual value available to containers if it had been set higher previously.
  • Quadlet user units now correctly wait for the network to be ready to use via a new service, podman-user-wait-network-online.service, instead of the user session's nonfunctional network-online.target.
  • Exposed ports in the output of podman ps are now correctly grouped and deduplicated when they are also published (#23317).

Bugfixes

  • Fixed a bug where the --build-context option to podman build did not function properly on Windows, breaking compatibility with Visual Studio Dev Containers (#17313).
  • Fixed a bug where Quadlet would generate bad arguments to Podman if the SecurityLabelDisable or SecurityLabelNested keys were used (#23432).
  • Fixed a bug where the PODMAN_COMPOSE_WARNING_LOGS environment variable did not suppress warnings printed by podman compose that it was redirecting to an external provider.
  • Fixed a bug where, if the podman container cleanup command was run on a container in the process of being removed, an error could be printed.
  • Fixed a bug where rootless Quadlet units placed in /etc/containers/systemd/users/ would be loaded for root as well when /etc/containers/systemd was a symlink (#23483).
  • Fixed a bug where the remote Podman client's podman stop command would, if called with --cidfile pointing to a non-existent file and the --ignore option set, stop all containers (#23554).
  • Fixed a bug where the podman wait would only exit only after 20 second when run on a container which rapidly exits and is then restarted by the on-failure restart policy.
  • Fixed a bug where podman volume rm and podman run -v could deadlock when run simultaneously on the same volume (#23613).
  • Fixed a bug where running podman mount on a container in the process of being created could cause a nonsensical error indicating the container already existed (#23637).
  • Fixed a bug where the podman stop command could deadlock when run on containers with very large annotations (#22246).
  • Fixed a bug where the podman machine stop command could segfault on Mac when a VM failed to stop gracefully (#23654).
  • Fixed a bug where the podman stop command would not ensure containers created with --rm were removed when it exited (#22852).
  • Fixed a bug where the --rmi option to podman run did not function correctly with detached containers.
  • Fixed a bug where running podman inspect on a container on FreeBSD would emit an incorrect value for the HostConfig.Device field, breaking compatibility with the Ansible Podman module.
  • Fixed a bug where rootless Podman could fail to start containers using the --cgroup-parent option (#23780).
  • Fixed a bug where the podman build -v command did not properly handle Windows paths passed as the host directory.
  • Fixed a bug where Podman could leak network namespace files if it was interrupted while creating a network namespace (#24044).
  • Fixed a bug where the remote Podman client's podman run command could sometimes fail to retrieve a container's exit code for containers run with the --rm option.
  • Fixed a bug where podman machine on Windows could fail to run VMs for certain usernames containing special characters.
  • Fixed a bug where Quadlet would reject RemapUsers=keep-id when run as root.
  • Fixed a bug where XFS quotas on volumes were not unique, meaning that all volumes using a quota shared the same maximum size and inodes (set by the most recent volume with a quota to be created).

API

  • The Play API for Kubernetes YAML now supports application/x-tar compressed context directories (#24015).
  • Fixed a bug in the Attach API for Containers (for both Compat and Libpod endpoints) which could cause inconsistent failures due to a race condition (#23757).
  • Fixed a bug where the output for the Compat Top API for Containers did not properly split the output into an array (#23981).
  • Fixed a bug where the Info API could fail when running podman system service via a socket-activated systemd service (#24152).

Misc

  • Podman now requires Golang 1.22 or higher to build.
  • The output of podman machine start has been improved when trying to start a machine when another is already running (#23436).
  • Quadlet will no longer log spurious ENOENT errors when resolving unit directories (#23620).
  • The Docker alias shell script will now also honor the presence of $XDG_CONFIG_HOME/containers/nodocker when considering whether it should print its warning message that Podman is in use.
  • The podman-auto-update systemd unit files have been moved into the contrib/systemd/system directory in the repo for consistency with our other unit files.
Check out latest releases or
releases around containers/podman v5.3.0-rc2

Don't miss a new podman release

NewReleases is sending notifications on new releases.

Get notifications