Features
- VMs created by
podman machineon macOS with Apple silicon can now use Rosetta 2 (a.k.a Rosetta) for high-speed emulation of x86 code. This is enabled by default. If you wish to change this option, you can use theCONTAINERS_MACHINE_ROSETTAenvironment variable orcontainers.conf. - Changes made by the
podman updatecommand are now persistent, and will survive container restart and be reflected inpodman inspect. - The
podman updatecommand now includes a new option,--restart, to update the restart policy of existing containers. - Quadlet
.containerfiles now support a new key,GroupAdd, to add groups to the container. - Container annotations are now printed by
podman inspect. - Image-based mounts using
podman run --mount type=image,...now support a new option,subpath, to mount only part of the image into the container. - A new field,
healthcheck_events, has been added tocontainers.confunder the[engine]section to allow users to disable the generation ofhealth_statusevents to avoid spamming logs on systems with many healthchecks. - A list of images to automatically mount as volumes can now be specified in Kubernetes YAML via the
io.podman.annotations.kube.image.automount/$CTRNAMEannotation (where$CTRNAMEis the name of the container they will be mounted into). - The
podman infocommand now includes the default rootless network command (pastaorslirp4netns). - The
podman pscommand now shows ports from--exposethat have not been published with--publish-allto improve Docker compatibility. - The
podman runlabelcommand now expands$HOMEin the label being run to the user's home directory. - A new alias,
podman network list, has been added to thepodman network lscommand. - The name and shell of containers created by
podmanshcan now be set incontainers.conf. - The
podman-setup.exeWindows installer now provides 3 new CLI variables,MachineProvider(choose the provider for the machine,windowsorwsl, the default),HyperVCheckbox(can be set to1to install HyperV if it is not already installed or0, the default, to not install HyperV), andSkipConfigFileCreation(can be set to1to disable the creation of configuration files, or0, the default).
Changes
- Podman now changes volume ownership every time an empty named volume is mounted into a container, not just the first time, matching Docker's behavior.
- When running Kubernetes YAML with
podman kube playthat does not include animagePullPolicyand does not set a tag for the image, the image is now always pulled (#21211). - When running Kubernetes YAML with
podman kube play, pod-level restart policies are now passed down to individual containers within the pod (#20903). - The
--runrootglobal option can now accept paths with lengths longer than 50 characters (#22272). - Updating containers with the
podman updatecommand now emits an event.
Bugfixes
- Fixed a bug where the
--userns=keep-id:uid=0option topodman createandpodman runwould generate incorrect UID mappings and cause the container to fail to start (#22078). - Fixed a bug where
podman statscould report inaccurate percentages for very large or very small values (#22064). - Fixed a bug where bind-mount volumes defaulted to
rbindinstead ofbind, meaning recursive mounts were allowed by default (#22107). - Fixed a bug where the
podman machine rm -fcommand would fail to remove Hyper-V virtual machines if they were running. - Fixed a bug where the
podman ps --synccommand could sometimes fail to properly update the status of containers. - Fixed a bug where bind-mount volumes using the
:idmapoption would sometimes be inaccessible with rootless Podman (#22228). - Fixed a bug where bind-mount volumes using the
:Uoption would have their ownership changed to the owner of the directory in the image being mounted over (#22224). - Fixed a bug where removing multiple containers, pods, or images with the
--forceoption did not work when multiple arguments were given to the command and one of them did not exist (#21529). - Fixed a bug where Podman did not properly clean up old cached Machine images.
- Fixed a bug where rapidly-restarting containers with healthchecks could sometimes fail to start their healthchecks after restarting.
- Fixed a bug where nested Podman could create its
pause.pidfile in an incorrect directory (#22327). - Fixed a bug where Podman would panic if an OCI runtime was configured without associated paths in
containers.conf(#22561). - Fixed a bug where the
podman kube downcommand would not respect theStopTimeoutandStopSignalof containers that it stopped (#22397). - Fixed a bug where Systemd-managed containers could be stuck in the Stopping state, unable to be restarted, if systemd killed the unit before
podman stopfinished stopping the container (#19629). - Fixed a bug where the remote Podman client's
podman farm buildcommand would not updating manifests on the registry that were already pushed (#22647). - Fixed a bug where rootless Podman could fail to re-exec itself when run with a custom
argv[0]that is not a valid command path, as might happen when used inpodmansh(#22672). - Fixed a bug where
podman machineconnection URIs could be incorrect after an SSH port conflict, rendering machines inaccessible. - Fixed a bug where the
podman eventscommand would not print an error if incorrect values were passed to its--sinceand--untiloptions. - Fixed a bug where an incorrect
host.containers.internalentry could be added when running rootless containers using thebridgenetwork mode (#22653).
API
- A new Docker-compatible endpoint, Update, has been added for containers.
- The Compat Create endpoint for Containers now supports setting container annotations.
- The Libpod List endpoint for Images now includes additional information in its responses (image architecture, OS, and whether the image is a manifest list) (#22184 and #22185).
- The Build endpoint for Images no longer saves the build context as a temporary file, substantially improving performance and reducing required filesystem space on the server.
- The Inspect API for Containers now returns results compatible with Podman v4.x when a request with version v4.0.0 is made. This allows Podman 4.X remote clients work with a Podman 5.X server (#22657).
- Fixed a bug where the Build endpoint for Images would not clean up temporary files created by the build if an error occurred.
Misc
- Podman now detects unhandled system reboots and advises the user on proper mitigations.
- Improved debugging output for
podman machineon Darwin systems when--log-level=debugis used. - The Makefile now allows injecting extra build tags via the
EXTRA_BUILD_TAGSenvironment variable. - Updated Buildah to v1.36.0
- Updated the containers/common library to v0.59.0
- Updated the containers/image library to v5.31.0
- Updated the containers/storage library to v1.54.0