basePath: / consumes: - application/json - application/x-tar definitions: AccessMode: properties: BlockVolume: $ref: '#/definitions/TypeBlock' MountVolume: $ref: '#/definitions/TypeMount' Scope: $ref: '#/definitions/Scope' Sharing: $ref: '#/definitions/SharingMode' title: AccessMode defines the access mode of a volume. type: object x-go-package: github.com/moby/moby/api/types/volume Address: properties: Addr: type: string PrefixLength: format: int64 type: integer title: Address represents an IP address. type: object x-go-package: go.podman.io/podman/v6/libpod/define ArtifactAddReport: type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities ArtifactInspectReport: type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities ArtifactListReport: type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities ArtifactPullReport: type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities ArtifactPushReport: type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities ArtifactRemoveReport: type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities ArtifactVolume: description: |- ArtifactVolume is a volume based on a artifact. The artifact blobs will be bind mounted directly as files and must always be read only. properties: destination: description: |- Destination is the absolute path of the mount in the container. If path is a file in the container, then the artifact must consist of a single blob. Otherwise if it is a directory or does not exists all artifact blobs will be mounted into this path as files. As name the "org.opencontainers.image.title" will be used if available otherwise the digest is used as name. type: string x-go-name: Destination digest: description: |- Digest can be used to filter a single blob from a multi blob artifact by the given digest. When this option is set the file name in the container defaults to the digest even when the title annotation exist. Optional. Conflicts with Title. type: string x-go-name: Digest name: description: |- Name is the name that should be used for the path inside the container. When a single blob is mounted the name is used as is. If multiple blobs are mounted then mount them as "-x" where x is a 0 indexed integer based on the layer order. Optional. type: string x-go-name: Name source: description: Source is the name or digest of the artifact that should be mounted type: string x-go-name: Source title: description: |- Title can be used for multi blob artifacts to only mount the one specific blob that matches the "org.opencontainers.image.title" annotation. Optional. Conflicts with Digest. type: string x-go-name: Title type: object x-go-package: go.podman.io/podman/v6/pkg/specgen AttestationProperties: properties: For: $ref: '#/definitions/Digest' type: object x-go-package: github.com/moby/moby/api/types/image AuthConfig: description: AuthConfig contains authorization information for connecting to a Registry properties: auth: type: string x-go-name: Auth email: description: |- Email is an optional value associated with the username. This field is deprecated and will be removed in a later version of docker. type: string x-go-name: Email identitytoken: description: |- IdentityToken is used to authenticate the user and get an access token for the registry. type: string x-go-name: IdentityToken password: type: string x-go-name: Password registrytoken: description: RegistryToken is a bearer token to be sent to a registry type: string x-go-name: RegistryToken serveraddress: type: string x-go-name: ServerAddress username: type: string x-go-name: Username type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities/types AuthReport: type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities AutoUserNsOptions: properties: AdditionalGIDMappings: description: |- AdditionalGIDMappings specified additional GID mappings to include in the generated user namespace. items: $ref: '#/definitions/IDMap' type: array AdditionalUIDMappings: description: |- AdditionalUIDMappings specified additional UID mappings to include in the generated user namespace. items: $ref: '#/definitions/IDMap' type: array GroupFile: description: GroupFile to use if the container uses a volume. type: string InitialSize: description: |- InitialSize defines the minimum size for the user namespace. The created user namespace will have at least this size. format: uint32 type: integer PasswdFile: description: PasswdFile to use if the container uses a volume. type: string Size: description: |- Size defines the size for the user namespace. If it is set to a value bigger than 0, the user namespace will have exactly this size. If it is not set, some heuristics will be used to find its size. format: uint32 type: integer title: AutoUserNsOptions defines how to automatically create a user namespace. type: object x-go-package: go.podman.io/storage/types Availability: title: Availability specifies the availability of the volume. type: string x-go-package: github.com/moby/moby/api/types/volume BindOptions: properties: CreateMountpoint: type: boolean NonRecursive: type: boolean Propagation: $ref: '#/definitions/Propagation' ReadOnlyForceRecursive: description: ReadOnlyForceRecursive raises an error if the mount cannot be made recursively read-only. type: boolean ReadOnlyNonRecursive: description: |- ReadOnlyNonRecursive makes the mount non-recursively read-only, but still leaves the mount recursive (unless NonRecursive is set to true in conjunction). type: boolean title: BindOptions defines options specific to mounts of type "bind". type: object x-go-package: github.com/moby/moby/api/types/mount BuildIdentity: properties: CreatedAt: description: CreatedAt is the time when the build ran. format: date-time type: string Ref: description: |- Ref is the identifier for the build request. This reference can be used to look up the build details in BuildKit history API. type: string title: BuildIdentity contains build reference information if image was created via build. type: object x-go-package: github.com/moby/moby/api/types/image CPUUsage: properties: idlePercent: format: double type: number x-go-name: IdlePercent systemPercent: format: double type: number x-go-name: SystemPercent userPercent: format: double type: number x-go-name: UserPercent type: object x-go-package: go.podman.io/podman/v6/libpod/define CapacityRange: description: |- CapacityRange describes the minimum and maximum capacity a volume should be created with properties: LimitBytes: description: |- LimitBytes specifies that a volume must not be bigger than this. The value of 0 indicates an unspecified maximum format: int64 type: integer RequiredBytes: description: |- RequiredBytes specifies that a volume must be at least this big. The value of 0 indicates an unspecified minimum. format: int64 type: integer type: object x-go-package: github.com/moby/moby/api/types/volume CgroupSpec: title: CgroupSpec represents the cgroup to use for the container. type: string x-go-package: github.com/moby/moby/api/types/container CgroupnsMode: description: CgroupnsMode represents the cgroup namespace mode of the container type: string x-go-package: github.com/moby/moby/api/types/container ClusterOptions: title: ClusterOptions specifies options for a Cluster volume. type: object x-go-package: github.com/moby/moby/api/types/mount ClusterVolume: description: |- ClusterVolume contains options and information specific to, and only present on, Swarm CSI cluster volumes. properties: CreatedAt: format: date-time type: string ID: description: |- ID is the Swarm ID of the volume. Because cluster volumes are Swarm objects, they have an ID, unlike non-cluster volumes, which only have a Name. This ID can be used to refer to the cluster volume. type: string Info: $ref: '#/definitions/Info' PublishStatus: description: |- PublishStatus contains the status of the volume as it pertains to its publishing on Nodes. items: $ref: '#/definitions/PublishStatus' type: array Spec: $ref: '#/definitions/ClusterVolumeSpec' UpdatedAt: format: date-time type: string Version: $ref: '#/definitions/Version' type: object x-go-package: github.com/moby/moby/api/types/volume ClusterVolumeSpec: properties: AccessMode: $ref: '#/definitions/AccessMode' AccessibilityRequirements: $ref: '#/definitions/TopologyRequirement' Availability: $ref: '#/definitions/Availability' CapacityRange: $ref: '#/definitions/CapacityRange' Group: description: |- Group defines the volume group of this volume. Volumes belonging to the same group can be referred to by group name when creating Services. Referring to a volume by group instructs swarm to treat volumes in that group interchangeably for the purpose of scheduling. Volumes with an empty string for a group technically all belong to the same, emptystring group. type: string Secrets: description: |- Secrets defines Swarm Secrets that are passed to the CSI storage plugin when operating on this volume. items: $ref: '#/definitions/Secret' type: array title: ClusterVolumeSpec contains the spec used to create this volume. type: object x-go-package: github.com/moby/moby/api/types/volume ComponentVersion: description: ServiceOptions provides the input for starting an API and sidecar pprof services type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities Config: description: |- It should hold only portable information about the container. Here, "portable" means "independent from the host we are running on". Non-portable information *should* appear in HostConfig. All fields added to this struct must be marked `omitempty` to keep getting predictable hashes from the old `v1Compatibility` configuration. properties: ArgsEscaped: type: boolean AttachStderr: type: boolean AttachStdin: type: boolean AttachStdout: type: boolean Cmd: items: type: string type: array Domainname: type: string Entrypoint: items: type: string type: array Env: items: type: string type: array ExposedPorts: $ref: '#/definitions/PortSet' Healthcheck: $ref: '#/definitions/HealthConfig' Hostname: type: string Image: type: string Labels: additionalProperties: type: string type: object NetworkDisabled: type: boolean OnBuild: items: type: string type: array OpenStdin: type: boolean Shell: items: type: string type: array StdinOnce: type: boolean StopSignal: type: string StopTimeout: format: int64 type: integer Tty: type: boolean User: type: string Volumes: additionalProperties: type: object type: object WorkingDir: type: string title: Config contains the configuration data about a container. type: object x-go-package: github.com/moby/moby/api/types/container ConfigReference: description: |- ConfigReference The config-only network source to provide the configuration for this network. properties: Network: description: |- The name of the config-only network that provides the network's configuration. The specified network must be an existing config-only network. Only network names are allowed, not network IDs. example: config_only_network_01 type: string type: object x-go-package: github.com/moby/moby/api/types/network ConmonInfo: description: ConmonInfo describes the conmon executable being used properties: package: type: string x-go-name: Package path: type: string x-go-name: Path version: type: string x-go-name: Version type: object x-go-package: go.podman.io/podman/v6/libpod/define ConnectRequest: properties: Container: description: The ID or name of the container to connect to the network. example: 3613f73ba0e4 type: string EndpointConfig: $ref: '#/definitions/EndpointSettings' required: - Container title: ConnectRequest NetworkConnectRequest represents the data to be used to connect a container to a network. type: object x-go-package: github.com/moby/moby/api/types/network Consistency: title: Consistency represents the consistency requirements of a mount. type: string x-go-package: github.com/moby/moby/api/types/mount Container: properties: Command: type: string Config: $ref: '#/definitions/Config' Created: format: int64 type: integer DefaultReadOnlyNonRecursive: type: boolean Health: $ref: '#/definitions/HealthSummary' HostConfig: $ref: '#/definitions/HostConfig' type: object Id: type: string x-go-name: ID Image: type: string ImageID: type: string ImageManifestDescriptor: $ref: '#/definitions/Descriptor' Labels: additionalProperties: type: string type: object Mounts: items: $ref: '#/definitions/MountPoint' type: array Name: type: string Names: items: type: string type: array NetworkSettings: $ref: '#/definitions/NetworkSettingsSummary' NetworkingConfig: $ref: '#/definitions/NetworkingConfig' Platform: $ref: '#/definitions/Platform' Ports: items: $ref: '#/definitions/PortSummary' type: array SizeRootFs: format: int64 type: integer SizeRw: format: int64 type: integer State: $ref: '#/definitions/ContainerState' Status: type: string type: object x-go-package: go.podman.io/podman/v6/pkg/api/handlers ContainerBasicConfig: properties: annotations: additionalProperties: type: string description: |- Annotations are key-value options passed into the container runtime that can be used to trigger special behavior. Optional. type: object x-go-name: Annotations command: description: |- Command is the container's command. If not given and Image is specified, this will be populated by the image's configuration. Optional. items: type: string type: array x-go-name: Command conmon_pid_file: description: |- ConmonPidFile is a path at which a PID file for Conmon will be placed. If not given, a default location will be used. Optional. type: string x-go-name: ConmonPidFile containerCreateCommand: description: |- ContainerCreateCommand is the command that was used to create this container. This will be shown in the output of Inspect() on the container, and may also be used by some tools that wish to recreate the container (e.g. `podman generate systemd --new`). Optional. items: type: string type: array x-go-name: ContainerCreateCommand dependencyContainers: description: |- DependencyContainers is an array of containers this container depends on. Dependency containers must be started before this container. Dependencies can be specified by name or full/partial ID. Optional. items: type: string type: array x-go-name: DependencyContainers entrypoint: description: |- Entrypoint is the container's entrypoint. If not given and Image is specified, this will be populated by the image's configuration. Optional. items: type: string type: array x-go-name: Entrypoint env: additionalProperties: type: string description: |- Env is a set of environment variables that will be set in the container. Optional. type: object x-go-name: Env env_host: description: |- EnvHost indicates that the host environment should be added to container Optional. type: boolean x-go-name: EnvHost envmerge: description: |- EnvMerge takes the specified environment variables from image and preprocess them before injecting them into the container. Optional. items: type: string type: array x-go-name: EnvMerge group_entry: description: |- GroupEntry specifies an arbitrary string to append to the container's /etc/group file. Optional. type: string x-go-name: GroupEntry hostname: description: |- Hostname is the container's hostname. If not set, the hostname will not be modified (if UtsNS is not private) or will be set to the container ID (if UtsNS is private). Conflicts with UtsNS if UtsNS is not set to private. Optional. type: string x-go-name: Hostname hostusers: description: |- HostUsers is a list of host usernames or UIDs to add to the container etc/passwd file items: type: string type: array x-go-name: HostUsers httpproxy: description: |- EnvHTTPProxy indicates that the http host proxy environment variables should be added to container Optional. type: boolean x-go-name: HTTPProxy init_container_type: description: |- InitContainerType describes if this container is an init container and if so, what type: always or once. Optional. type: string x-go-name: InitContainerType labels: additionalProperties: type: string description: |- Labels are key-value pairs that are used to add metadata to containers. Optional. type: object x-go-name: Labels log_configuration: $ref: '#/definitions/LogConfigLibpod' manage_password: description: Passwd is a container run option that determines if we are validating users/groups before running the container type: boolean x-go-name: Passwd name: description: |- Name is the name the container will be given. If no name is provided, one will be randomly generated. Optional. type: string x-go-name: Name oci_runtime: description: |- OCIRuntime is the name of the OCI runtime that will be used to create the container. If not specified, the default will be used. Optional. type: string x-go-name: OCIRuntime passwd_entry: description: |- PasswdEntry specifies an arbitrary string to append to the container's /etc/passwd file. Optional. type: string x-go-name: PasswdEntry personality: $ref: '#/definitions/LinuxPersonality' pidns: $ref: '#/definitions/Namespace' pod: description: |- Pod is the ID of the pod the container will join. Optional. type: string x-go-name: Pod remove: description: |- Remove indicates if the container should be removed once it has been started and exits. Optional. type: boolean x-go-name: Remove removeImage: description: |- RemoveImage indicates that the container should remove the image it was created from after it exits. Only allowed if Remove is set to true and Image, not Rootfs, is in use. Optional. type: boolean x-go-name: RemoveImage restart_policy: description: |- RestartPolicy is the container's restart policy - an action which will be taken when the container exits. If not given, the default policy, which does nothing, will be used. Optional. type: string x-go-name: RestartPolicy restart_tries: description: |- RestartRetries is the number of attempts that will be made to restart the container. Only available when RestartPolicy is set to "on-failure". Optional. format: uint64 type: integer x-go-name: RestartRetries sdnotifyMode: description: |- Determine how to handle the NOTIFY_SOCKET - do we participate or pass it through "container" - let the OCI runtime deal with it, advertise conmon's MAINPID "conmon-only" - advertise conmon's MAINPID, send READY when started, don't pass to OCI "ignore" - unset NOTIFY_SOCKET Optional. type: string x-go-name: SdNotifyMode secret_env: additionalProperties: type: string description: |- EnvSecrets are secrets that will be set as environment variables Optional. type: object x-go-name: EnvSecrets stdin: description: |- Stdin is whether the container will keep its STDIN open. Optional. type: boolean x-go-name: Stdin stop_signal: $ref: '#/definitions/Signal' stop_timeout: description: |- StopTimeout is a timeout between the container's stop signal being sent and SIGKILL being sent. If not provided, the default will be used. If 0 is used, stop signal will not be sent, and SIGKILL will be sent instead. Optional. format: uint64 type: integer x-go-name: StopTimeout sysctl: additionalProperties: type: string description: Sysctl sets kernel parameters for the container type: object x-go-name: Sysctl systemd: description: |- Systemd is whether the container will be started in systemd mode. Valid options are "true", "false", and "always". "true" enables this mode only if the binary run in the container is sbin/init or systemd. "always" unconditionally enables systemd mode. "false" unconditionally disables systemd mode. If enabled, mounts and stop signal will be modified. If set to "always" or set to "true" and conditionally triggered, conflicts with StopSignal. If not specified, "false" will be assumed. Optional. type: string x-go-name: Systemd terminal: description: |- Terminal is whether the container will create a PTY. Optional. type: boolean x-go-name: Terminal timeout: description: |- Timeout is a maximum time in seconds the container will run before main process is sent SIGKILL. If 0 is used, signal will not be sent. Container can run indefinitely if they do not stop after the default termination signal. Optional. format: uint64 type: integer x-go-name: Timeout timezone: description: |- Timezone is the timezone inside the container. Local means it has the same timezone as the host machine Optional. type: string x-go-name: Timezone unsetenv: description: |- UnsetEnv unsets the specified default environment variables from the image or from built-in or containers.conf Optional. items: type: string type: array x-go-name: UnsetEnv unsetenvall: description: |- UnsetEnvAll unsetall default environment variables from the image or from built-in or containers.conf UnsetEnvAll unsets all default environment variables from the image or from built-in Optional. type: boolean x-go-name: UnsetEnvAll utsns: $ref: '#/definitions/Namespace' title: ContainerBasicConfig contains the basic parts of a container. type: object x-go-package: go.podman.io/podman/v6/pkg/specgen ContainerCgroupConfig: description: |- ContainerCgroupConfig contains configuration information about a container's cgroups. properties: cgroup_parent: description: |- CgroupParent is the container's Cgroup parent. If not set, the default for the current cgroup driver will be used. Optional. type: string x-go-name: CgroupParent cgroupns: $ref: '#/definitions/Namespace' cgroups_mode: description: |- CgroupsMode sets a policy for how cgroups will be created for the container, including the ability to disable creation entirely. Optional. type: string x-go-name: CgroupsMode type: object x-go-package: go.podman.io/podman/v6/pkg/specgen ContainerCreateResponse: description: ContainerCreateResponse is the response struct for creating a container type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities ContainerHealthCheckConfig: description: |- ContainerHealthCheckConfig describes a container healthcheck with attributes like command, retries, interval, start period, and timeout. properties: health_check_on_failure_action: $ref: '#/definitions/HealthCheckOnFailureAction' healthLogDestination: description: |- HealthLogDestination defines the destination where the log is stored. TODO (6.0): In next major release convert it to pointer and use omitempty type: string x-go-name: HealthLogDestination healthMaxLogCount: description: |- HealthMaxLogCount is maximum number of attempts in the HealthCheck log file. ('0' value means an infinite number of attempts in the log file). TODO (6.0): In next major release convert it to pointer and use omitempty format: uint64 type: integer x-go-name: HealthMaxLogCount healthMaxLogSize: description: |- HealthMaxLogSize is the maximum length in characters of stored HealthCheck log ("0" value means an infinite log length). TODO (6.0): In next major release convert it to pointer and use omitempty format: uint64 type: integer x-go-name: HealthMaxLogSize healthconfig: $ref: '#/definitions/Schema2HealthConfig' startupHealthConfig: $ref: '#/definitions/StartupHealthCheck' type: object x-go-package: go.podman.io/podman/v6/pkg/specgen ContainerNetworkConfig: description: |- ContainerNetworkConfig contains information on a container's network configuration. properties: Networks: additionalProperties: $ref: '#/definitions/PerNetworkOptions' description: |- Map of networks names or ids that the container should join. You can request additional settings for each network, you can set network aliases, static ips, static mac address and the network interface name for this container on the specific network. If the map is empty and the bridge network mode is set the container will be joined to the default network. Optional. type: object base_hosts_file: description: |- BaseHostsFile is the base file to create the `/etc/hosts` file inside the container. This must either be an absolute path to a file on the host system, or one of the special flags `image` or `none`. If it is empty it defaults to the base_hosts_file configuration in containers.conf. Optional. type: string x-go-name: BaseHostsFile dns_option: description: |- DNSOptions is a set of DNS options that will be used in the container's resolv.conf, replacing the host's DNS options which are used by default. Conflicts with UseImageResolvConf. Optional. items: type: string type: array x-go-name: DNSOptions dns_search: description: |- DNSSearch is a set of DNS search domains that will be used in the container's resolv.conf, replacing the host's DNS search domains which are used by default. Conflicts with UseImageResolvConf. Optional. items: type: string type: array x-go-name: DNSSearch dns_server: description: |- DNSServers is a set of DNS servers that will be used in the container's resolv.conf, replacing the host's DNS Servers which are used by default. Conflicts with UseImageResolvConf. Optional. items: type: string x-go-type: net.IP type: array x-go-name: DNSServers expose: description: |- Expose is a number of ports that will be forwarded to the container if PublishExposedPorts is set. Expose is a map of uint16 (port number) to a string representing protocol i.e map[uint16]string. Allowed protocols are "tcp", "udp", and "sctp", or some combination of the three separated by commas. If protocol is set to "" we will assume TCP. Only available if NetNS is set to Bridge or Pasta, and PublishExposedPorts is set. Optional. x-go-name: Expose hostadd: description: |- HostAdd is a set of hosts which will be added to the container's etc/hosts file. Conflicts with UseImageHosts. Optional. items: type: string type: array x-go-name: HostAdd netns: $ref: '#/definitions/Namespace' network_options: additionalProperties: items: type: string type: array description: |- NetworkOptions are additional options for each network Optional. type: object x-go-name: NetworkOptions networkOrder: description: |- The order that networks will be configured in. If not set, alphabetical order based on network name will be used. If set: Must be the same length as Networks and its contents must be every key in the Networks map. Optional. items: type: string type: array x-go-name: NetworkOrder portmappings: description: |- PortBindings is a set of ports to map into the container. Only available if NetNS is set to bridge or pasta. Optional. items: $ref: '#/definitions/PortMapping' type: array x-go-name: PortMappings publish_image_ports: description: |- PublishExposedPorts will publish ports specified in the image to random unused ports (guaranteed to be above 1024) on the host. This is based on ports set in Expose below, and any ports specified by the Image (if one is given). Only available if NetNS is set to Bridge or Pasta. Optional. type: boolean x-go-name: PublishExposedPorts use_image_hostname: description: |- UseImageHostname indicates that /etc/hostname should not be managed by Podman, and instead sourced from the image. Optional. type: boolean x-go-name: UseImageHostname use_image_hosts: description: |- UseImageHosts indicates that /etc/hosts should not be managed by Podman, and instead sourced from the image. Conflicts with HostAdd. Optional. type: boolean x-go-name: UseImageHosts use_image_resolve_conf: description: |- UseImageResolvConf indicates that resolv.conf should not be managed by Podman, but instead sourced from the image. Conflicts with DNSServer, DNSSearch, DNSOption. Optional. type: boolean x-go-name: UseImageResolvConf type: object x-go-package: go.podman.io/podman/v6/pkg/specgen ContainerNetworkStats: description: Statistics for an individual container network interface properties: RxBytes: format: uint64 type: integer RxDropped: format: uint64 type: integer RxErrors: format: uint64 type: integer RxPackets: format: uint64 type: integer TxBytes: format: uint64 type: integer TxDropped: format: uint64 type: integer TxErrors: format: uint64 type: integer TxPackets: format: uint64 type: integer type: object x-go-package: go.podman.io/podman/v6/libpod/define ContainerResourceConfig: properties: intelRdt: $ref: '#/definitions/LinuxIntelRdt' oom_score_adj: description: |- OOMScoreAdj adjusts the score used by the OOM killer to determine processes to kill for the container's process. Optional. format: int64 type: integer x-go-name: OOMScoreAdj r_limits: description: |- Rlimits are POSIX rlimits to apply to the container. Optional. items: $ref: '#/definitions/POSIXRlimit' type: array x-go-name: Rlimits resource_limits: $ref: '#/definitions/LinuxResources' throttleReadBpsDevice: additionalProperties: $ref: '#/definitions/LinuxThrottleDevice' description: IO read rate limit per cgroup per device, bytes per second type: object x-go-name: ThrottleReadBpsDevice throttleReadIOPSDevice: additionalProperties: $ref: '#/definitions/LinuxThrottleDevice' description: IO read rate limit per cgroup per device, IO per second type: object x-go-name: ThrottleReadIOPSDevice throttleWriteBpsDevice: additionalProperties: $ref: '#/definitions/LinuxThrottleDevice' description: IO write rate limit per cgroup per device, bytes per second type: object x-go-name: ThrottleWriteBpsDevice throttleWriteIOPSDevice: additionalProperties: $ref: '#/definitions/LinuxThrottleDevice' description: IO write rate limit per cgroup per device, IO per second type: object x-go-name: ThrottleWriteIOPSDevice unified: additionalProperties: type: string description: |- CgroupConf are key-value options passed into the container runtime that are used to configure cgroup v2. Optional. type: object x-go-name: CgroupConf weightDevice: additionalProperties: $ref: '#/definitions/LinuxWeightDevice' description: Weight per cgroup per device, can override BlkioWeight type: object x-go-name: WeightDevice title: ContainerResourceConfig contains information on container resource limits. type: object x-go-package: go.podman.io/podman/v6/pkg/specgen ContainerSecurityConfig: description: |- ContainerSecurityConfig is a container's security features, including SELinux, Apparmor, and Seccomp. properties: apparmor_profile: description: |- ApparmorProfile is the name of the Apparmor profile the container will use. Optional. type: string x-go-name: ApparmorProfile cap_add: description: |- CapAdd are capabilities which will be added to the container. Conflicts with Privileged. Optional. items: type: string type: array x-go-name: CapAdd cap_drop: description: |- CapDrop are capabilities which will be removed from the container. Conflicts with Privileged. Optional. items: type: string type: array x-go-name: CapDrop groups: description: |- Groups are a list of supplemental groups the container's user will be granted access to. Optional. items: type: string type: array x-go-name: Groups idmappings: $ref: '#/definitions/IDMappingOptions' label_nested: description: |- LabelNested indicates whether or not the container is allowed to run fully nested containers including SELinux labelling. Optional. type: boolean x-go-name: LabelNested mask: description: |- Mask is the path we want to mask in the container. This masks the paths given in addition to the default list. Optional items: type: string type: array x-go-name: Mask no_new_privileges: description: |- NoNewPrivileges is whether the container will set the no new privileges flag on create, which disables gaining additional privileges (e.g. via setuid) in the container. Optional. type: boolean x-go-name: NoNewPrivileges privileged: description: |- Privileged is whether the container is privileged. Privileged does the following: Adds all devices on the system to the container. Adds all capabilities to the container. Disables Seccomp, SELinux, and Apparmor confinement. (Though SELinux can be manually re-enabled). TODO: this conflicts with things. TODO: this does more. Optional. type: boolean x-go-name: Privileged procfs_opts: description: ProcOpts are the options used for the proc mount. items: type: string type: array x-go-name: ProcOpts read_only_filesystem: description: |- ReadOnlyFilesystem indicates that everything will be mounted as read-only. Optional. type: boolean x-go-name: ReadOnlyFilesystem read_write_tmpfs: description: |- ReadWriteTmpfs indicates that when running with a ReadOnlyFilesystem mount temporary file systems. Optional. type: boolean x-go-name: ReadWriteTmpfs seccomp_policy: description: |- SeccompPolicy determines which seccomp profile gets applied the container. valid values: empty,default,image type: string x-go-name: SeccompPolicy seccomp_profile_path: description: |- SeccompProfilePath is the path to a JSON file containing the container's Seccomp profile. If not specified, no Seccomp profile will be used. Optional. type: string x-go-name: SeccompProfilePath selinux_opts: description: |- SelinuxProcessLabel is the process label the container will use. If SELinux is enabled and this is not specified, a label will be automatically generated if not specified. Optional. items: type: string type: array x-go-name: SelinuxOpts umask: description: Umask is the umask the init process of the container will be run with. type: string x-go-name: Umask unmask: description: |- Unmask a path in the container. Some paths are masked by default, preventing them from being accessed within the container; this undoes that masking. If ALL is passed, all paths will be unmasked. Optional. items: type: string type: array x-go-name: Unmask user: description: |- User is the user the container will be run as. Can be given as a UID or a username; if a username, it will be resolved within the container, using the container's /etc/passwd. If unset, the container will be run as root. Optional. type: string x-go-name: User userns: $ref: '#/definitions/Namespace' type: object x-go-package: go.podman.io/podman/v6/pkg/specgen ContainerState: title: ContainerState is a string representation of the container's current state. type: string x-go-package: github.com/moby/moby/api/types/container ContainerStats: description: ContainerStats contains the statistics information for a running container properties: AvgCPU: format: double type: number BlockInput: format: uint64 type: integer BlockOutput: format: uint64 type: integer CPU: format: double type: number CPUNano: format: uint64 type: integer CPUSystemNano: format: uint64 type: integer ContainerID: type: string Duration: format: uint64 type: integer MemLimit: format: uint64 type: integer MemPerc: format: double type: number MemUsage: format: uint64 type: integer Name: type: string Network: additionalProperties: $ref: '#/definitions/ContainerNetworkStats' description: Map of interface name to network statistics for that interface. type: object PIDs: format: uint64 type: integer SystemNano: format: uint64 type: integer UpTime: $ref: '#/definitions/Duration' type: object x-go-package: go.podman.io/podman/v6/libpod/define ContainerStorageConfig: description: |- ContainerStorageConfig contains information on the storage configuration of a container. properties: artifact_volumes: description: ArtifactVolumes volumes based on an existing artifact. items: $ref: '#/definitions/ArtifactVolume' type: array x-go-name: ArtifactVolumes chroot_directories: description: |- ChrootDirs is an additional set of directories that need to be treated as root directories. Standard bind mounts will be mounted into paths relative to these directories. Optional. items: type: string type: array x-go-name: ChrootDirs create_working_dir: description: |- Create the working directory if it doesn't exist. If unset, it doesn't create it. Optional. type: boolean x-go-name: CreateWorkingDir device_cgroup_rule: description: |- DeviceCgroupRule are device cgroup rules that allow containers to use additional types of devices. items: $ref: '#/definitions/LinuxDeviceCgroup' type: array x-go-name: DeviceCgroupRule devices: description: |- Devices are devices that will be added to the container. Optional. items: $ref: '#/definitions/LinuxDevice' type: array x-go-name: Devices devices_from: description: |- DevicesFrom specifies that this container will mount the device(s) from other container(s). Optional. items: type: string type: array x-go-name: DevicesFrom gpus: description: |- GPUs contains GPU device identifiers for CDI resolution. These will be resolved to full CDI device paths on the server side. Optional. items: type: string type: array x-go-name: GPUs host_device_list: description: HostDeviceList is used to recreate the mounted device on inherited containers items: $ref: '#/definitions/LinuxDevice' type: array x-go-name: HostDeviceList image: description: |- Image is the image the container will be based on. The image will be used as the container's root filesystem, and its environment vars, volumes, and other configuration will be applied to the container. Conflicts with Rootfs. At least one of Image or Rootfs must be specified. type: string x-go-name: Image image_arch: description: |- ImageArch is the user-specified image architecture. Used to select a different variant from a manifest list. Optional. type: string x-go-name: ImageArch image_os: description: |- ImageOS is the user-specified OS of the image. Used to select a different variant from a manifest list. Optional. type: string x-go-name: ImageOS image_variant: description: |- ImageVariant is the user-specified image variant. Used to select a different variant from a manifest list. Optional. type: string x-go-name: ImageVariant image_volume_mode: description: |- ImageVolumeMode indicates how image volumes will be created. Supported modes are "ignore" (do not create), "tmpfs" (create as tmpfs), and "anonymous" (create as anonymous volumes). The default if unset is anonymous. Optional. type: string x-go-name: ImageVolumeMode image_volumes: description: |- Image volumes bind-mount a container-image mount into the container. Optional. items: $ref: '#/definitions/ImageVolume' type: array x-go-name: ImageVolumes init: description: |- Init specifies that an init binary will be mounted into the container, and will be used as PID1. Optional. type: boolean x-go-name: Init init_path: description: |- InitPath specifies the path to the init binary that will be added if Init is specified above. If not specified, the default set in the Libpod config will be used. Ignored if Init above is not set. Optional. type: string x-go-name: InitPath ipcns: $ref: '#/definitions/Namespace' mounts: description: |- Mounts are mounts that will be added to the container. These will supersede Image Volumes and VolumesFrom volumes where there are conflicts. Optional. items: $ref: '#/definitions/Mount' type: array x-go-name: Mounts overlay_volumes: description: |- Overlay volumes are named volumes that will be added to the container. Optional. items: $ref: '#/definitions/OverlayVolume' type: array x-go-name: OverlayVolumes raw_image_name: description: |- RawImageName is the user-specified and unprocessed input referring to a local or a remote image. Optional, but strongly encouraged to be set if Image is set. type: string x-go-name: RawImageName rootfs: description: |- Rootfs is the path to a directory that will be used as the container's root filesystem. No modification will be made to the directory, it will be directly mounted into the container as root. Conflicts with Image. At least one of Image or Rootfs must be specified. type: string x-go-name: Rootfs rootfs_mapping: description: |- RootfsMapping specifies if there are UID/GID mappings to apply to the rootfs. Optional. type: string x-go-name: RootfsMapping rootfs_overlay: description: |- RootfsOverlay tells if rootfs is actually an overlay on top of base path. Optional. type: boolean x-go-name: RootfsOverlay rootfs_propagation: description: |- RootfsPropagation is the rootfs propagation mode for the container. If not set, the default of rslave will be used. Optional. type: string x-go-name: RootfsPropagation secrets: description: |- Secrets are the secrets that will be added to the container Optional. items: $ref: '#/definitions/Secret' type: array x-go-name: Secrets shm_size: description: |- ShmSize is the size of the tmpfs to mount in at /dev/shm, in bytes. Conflicts with ShmSize if IpcNS is not private. Optional. format: int64 type: integer x-go-name: ShmSize shm_size_systemd: description: |- ShmSizeSystemd is the size of systemd-specific tmpfs mounts specifically /run, /run/lock, /var/log/journal and /tmp. Optional format: int64 type: integer x-go-name: ShmSizeSystemd storage_opts: additionalProperties: type: string description: |- StorageOpts is the container's storage options Optional. type: object x-go-name: StorageOpts volatile: description: |- Volatile specifies whether the container storage can be optimized at the cost of not syncing all the dirty files in memory. Optional. type: boolean x-go-name: Volatile volumes: description: |- Volumes are named volumes that will be added to the container. These will supersede Image Volumes and VolumesFrom volumes where there are conflicts. Optional. items: $ref: '#/definitions/NamedVolume' type: array x-go-name: Volumes volumes_from: description: |- VolumesFrom is a set of containers whose volumes will be added to this container. The name or ID of the container must be provided, and may optionally be followed by a : and then one or more comma-separated options. Valid options are 'ro', 'rw', and 'z'. Options will be used for all volumes sourced from the container. Optional. items: type: string type: array x-go-name: VolumesFrom work_dir: description: |- WorkDir is the container's working directory. If unset, the default, /, will be used. Optional. type: string x-go-name: WorkDir type: object x-go-package: go.podman.io/podman/v6/pkg/specgen ContainerStore: description: |- ContainerStore describes the quantity of containers in the store by status properties: number: format: int64 type: integer x-go-name: Number paused: format: int64 type: integer x-go-name: Paused running: format: int64 type: integer x-go-name: Running stopped: format: int64 type: integer x-go-name: Stopped type: object x-go-package: go.podman.io/podman/v6/libpod/define ContainerTopOKBody: properties: Processes: description: |- Each process running in the container, where each process is an array of values corresponding to the titles. example: '{"Processes":[["root","13642","882","0","17:03","pts/0","00:00:00","/bin/bash"],["root","13735","13642","0","17:06","pts/0","00:00:00","sleep 10"]]}' items: items: type: string type: array type: array Titles: description: The ps column titles example: '{"Titles":["UID","PID","PPID","C","STIME","TTY","TIME","CMD"]}' items: type: string type: array type: object x-go-package: go.podman.io/podman/v6/pkg/api/handlers ContainersPruneReport: properties: ContainersDeleted: items: type: string type: array SpaceReclaimed: format: uint64 type: integer type: object x-go-package: go.podman.io/podman/v6/pkg/api/handlers ContainersPruneReportLibpod: properties: Err: description: |- Error which occurred during prune operation (if any). This field is optional and may be omitted if no error occurred. type: string x-go-name: PruneError x-nullable: true x-omitempty: true Id: type: string x-go-name: ID Size: format: int64 type: integer x-go-name: SpaceReclaimed type: object x-go-package: go.podman.io/podman/v6/pkg/api/handlers CreateContainerConfig: description: CreateContainerConfig used when compatible endpoint creates a container properties: ArgsEscaped: type: boolean AttachStderr: type: boolean AttachStdin: type: boolean AttachStdout: type: boolean Cmd: items: type: string type: array Domainname: type: string Entrypoint: items: type: string type: array Env: items: type: string type: array EnvMerge: items: type: string type: array ExposedPorts: $ref: '#/definitions/PortSet' Healthcheck: $ref: '#/definitions/HealthConfig' HostConfig: $ref: '#/definitions/HostConfig' Hostname: type: string Image: type: string Labels: additionalProperties: type: string type: object MacAddress: type: string Name: type: string NetworkDisabled: type: boolean NetworkingConfig: $ref: '#/definitions/NetworkingConfig' OnBuild: items: type: string type: array OpenStdin: type: boolean Shell: items: type: string type: array StdinOnce: type: boolean StopSignal: type: string StopTimeout: format: int64 type: integer Tty: type: boolean UnsetEnv: items: type: string type: array UnsetEnvAll: type: boolean User: type: string Volumes: additionalProperties: type: object type: object WorkingDir: type: string type: object x-go-package: go.podman.io/podman/v6/pkg/api/handlers CreateRequest: properties: Attachable: type: boolean ConfigFrom: $ref: '#/definitions/ConfigReference' ConfigOnly: type: boolean Driver: type: string EnableIPv4: type: boolean EnableIPv6: type: boolean IPAM: $ref: '#/definitions/IPAM' Ingress: type: boolean Internal: type: boolean Labels: additionalProperties: type: string type: object Name: type: string Options: additionalProperties: type: string type: object Scope: type: string title: CreateRequest is the request message sent to the server for network create call. type: object x-go-package: github.com/moby/moby/api/types/network DNSNetworkInfo: properties: package: type: string x-go-name: Package path: type: string x-go-name: Path version: type: string x-go-name: Version title: DNSNetworkInfo contains the DNS information. type: object x-go-package: go.podman.io/common/libnetwork/types Descriptor: description: |- This structure provides `application/vnd.oci.descriptor.v1+json` mediatype when marshalled to JSON. properties: annotations: additionalProperties: type: string description: Annotations contains arbitrary metadata relating to the targeted content. type: object x-go-name: Annotations artifactType: description: ArtifactType is the IANA media type of this artifact. type: string x-go-name: ArtifactType data: description: |- Data is an embedding of the targeted content. This is encoded as a base64 string when marshalled to JSON (automatically, by encoding/json). If present, Data can be used directly to avoid fetching the targeted content. items: format: uint8 type: integer type: array x-go-name: Data digest: $ref: '#/definitions/Digest' mediaType: description: MediaType is the media type of the object this schema refers to. type: string x-go-name: MediaType platform: $ref: '#/definitions/Platform' size: description: Size specifies the size in bytes of the blob. format: int64 type: integer x-go-name: Size urls: description: URLs specifies a list of URLs from which this object MAY be downloaded items: type: string type: array x-go-name: URLs title: Descriptor describes the disposition of targeted content. type: object x-go-package: github.com/opencontainers/image-spec/specs-go/v1 DeviceMapping: properties: CgroupPermissions: type: string PathInContainer: type: string PathOnHost: type: string title: DeviceMapping represents the device mapping between the host and the container. type: object x-go-package: github.com/moby/moby/api/types/container DeviceRequest: description: Used by GPU device drivers. properties: Capabilities: items: items: type: string type: array type: array Count: format: int64 type: integer DeviceIDs: items: type: string type: array Driver: type: string Options: additionalProperties: type: string type: object title: DeviceRequest represents a request for devices from a device driver. type: object x-go-package: github.com/moby/moby/api/types/container Digest: description: |- The following is an example of the contents of Digest types: sha256:7173b809ca12ec5dee4506cd86be934c4596dd234ee82c0662eac04a8c2c71dc This allows to abstract the digest behind this type and work only in those terms. title: |- Digest allows simple protection of hex formatted digest strings, prefixed by their algorithm. Strings of type Digest have some guarantee of being in the correct format and it provides quick access to the components of a digest string. type: string x-go-package: github.com/opencontainers/go-digest DisconnectRequest: properties: Container: description: The ID or name of the container to disconnect from the network. example: 3613f73ba0e4 type: string Force: description: Force the container to disconnect from the network. example: false type: boolean required: - Container title: DisconnectRequest NetworkDisconnectRequest represents the data to be used to disconnect a container from a network. type: object x-go-package: github.com/moby/moby/api/types/network DistributionInfo: description: DistributionInfo describes the host distribution for libpod properties: codename: type: string x-go-name: Codename distribution: type: string x-go-name: Distribution variant: type: string x-go-name: Variant version: type: string x-go-name: Version type: object x-go-package: go.podman.io/podman/v6/libpod/define DockerOCIImageConfig: properties: ArgsEscaped: description: |- ArgsEscaped Deprecated: This field is present only for legacy compatibility with Docker and should not be used by new image builders. It is used by Docker for Windows images to indicate that the `Entrypoint` or `Cmd` or both, contains only a single element array, that is a pre-escaped, and combined into a single string `CommandLine`. If `true` the value in `Entrypoint` or `Cmd` should be used as-is to avoid double escaping. https://github.com/opencontainers/image-spec/pull/892 type: boolean Cmd: description: Cmd defines the default arguments to the entrypoint of the container. items: type: string type: array Entrypoint: description: Entrypoint defines a list of arguments to use as the command to execute when the container starts. items: type: string type: array Env: description: Env is a list of environment variables to be used in a container. items: type: string type: array ExposedPorts: additionalProperties: type: object description: ExposedPorts a set of ports to expose from a container running this image. type: object Healthcheck: $ref: '#/definitions/HealthcheckConfig' Labels: additionalProperties: type: string description: Labels contains arbitrary metadata for the container. type: object OnBuild: items: type: string type: array Shell: items: type: string type: array StopSignal: description: StopSignal contains the system call signal that will be sent to the container to exit. type: string User: description: User defines the username or UID which the process in the container should run as. type: string Volumes: additionalProperties: type: object description: Volumes is a set of directories describing where the process is likely write data specific to a container instance. type: object WorkingDir: description: WorkingDir sets the current working directory of the entrypoint process in the container. type: string title: DockerOCIImageConfig is a ocispec.ImageConfig extended with Docker specific fields. type: object x-go-package: github.com/moby/docker-image-spec/specs-go/v1 Driver: properties: Name: type: string Options: additionalProperties: type: string type: object title: Driver represents a volume driver. type: object x-go-package: github.com/moby/moby/api/types/mount DriverData: description: DriverData handles the data for a storage driver properties: Data: additionalProperties: type: string description: |- Low-level storage metadata, provided as key/value pairs. This information is driver-specific, and depends on the storage-driver in use, and should be used for informational purposes only. example: MergedDir: /var/lib/docker/overlay2/ef749362d13333e65fc95c572eb525abbe0052e16e086cb64bc3b98ae9aa6d74/merged UpperDir: /var/lib/docker/overlay2/ef749362d13333e65fc95c572eb525abbe0052e16e086cb64bc3b98ae9aa6d74/diff WorkDir: /var/lib/docker/overlay2/ef749362d13333e65fc95c572eb525abbe0052e16e086cb64bc3b98ae9aa6d74/work type: object Name: description: Name of the storage driver. example: overlay2 type: string required: - Data - Name type: object x-go-package: go.podman.io/podman/v6/libpod/define Duration: description: |- A Duration represents the elapsed time between two instants as an int64 nanosecond count. The representation limits the largest representable duration to approximately 290 years. format: int64 type: integer x-go-package: time EndpointIPAMConfig: description: EndpointIPAMConfig represents IPAM configurations for the endpoint properties: IPv4Address: type: string x-go-type: net/netip.Addr IPv6Address: type: string x-go-type: net/netip.Addr LinkLocalIPs: items: type: string x-go-type: net/netip.Addr type: array type: object x-go-package: github.com/moby/moby/api/types/network EndpointResource: properties: EndpointID: description: endpoint ID example: 628cadb8bcb92de107b2a1e516cbffe463e321f548feb37697cce00ad694f21a type: string IPv4Address: description: IPv4 address example: 172.19.0.2/16 type: string x-go-type: net/netip.Prefix IPv6Address: description: IPv6 address type: string x-go-type: net/netip.Prefix MacAddress: description: mac address example: 02:42:ac:13:00:02 type: string x-go-type: github.com/moby/moby/api/types/network.HardwareAddr Name: description: name example: container_1 type: string title: EndpointResource contains network resources allocated and used for a container in a network. type: object x-go-package: github.com/moby/moby/api/types/network EndpointSettings: description: EndpointSettings stores the network endpoint details properties: Aliases: items: type: string type: array DNSNames: description: |- DNSNames holds all the (non fully qualified) DNS names associated to this endpoint. The first entry is used to generate PTR records. items: type: string type: array DriverOpts: additionalProperties: type: string type: object EndpointID: type: string Gateway: type: string x-go-type: net/netip.Addr GlobalIPv6Address: type: string x-go-type: net/netip.Addr GlobalIPv6PrefixLen: format: int64 type: integer GwPriority: description: |- GwPriority determines which endpoint will provide the default gateway for the container. The endpoint with the highest priority will be used. If multiple endpoints have the same priority, they are lexicographically sorted based on their network name, and the one that sorts first is picked. format: int64 type: integer IPAMConfig: $ref: '#/definitions/EndpointIPAMConfig' IPAddress: type: string x-go-type: net/netip.Addr IPPrefixLen: format: int64 type: integer IPv6Gateway: type: string x-go-type: net/netip.Addr Links: items: type: string type: array MacAddress: description: |- MacAddress may be used to specify a MAC address when the container is created. Once the container is running, it becomes operational data (it may contain a generated address). type: string x-go-type: github.com/moby/moby/api/types/network.HardwareAddr NetworkID: type: string type: object x-go-package: github.com/moby/moby/api/types/network ErrorModel: description: ErrorModel is used in remote connections with podman properties: cause: description: API root cause formatted for automated parsing example: API root cause type: string x-go-name: Because message: description: human error message, formatted for a human to read example: human error message type: string x-go-name: Message response: description: HTTP response code format: int64 minimum: 400 type: integer x-go-name: ResponseCode type: object x-go-package: go.podman.io/podman/v6/pkg/errorhandling FileMode: description: |- The bits have the same definition on all systems, so that information about files can be moved from one system to another portably. Not all bits apply to all systems. The only required bit is [ModeDir] for directories. format: uint32 title: A FileMode represents a file's mode and permission bits. type: integer x-go-package: os Health: description: Health stores information about the container's healthcheck results properties: FailingStreak: format: int64 type: integer Log: items: $ref: '#/definitions/HealthcheckResult' type: array Status: $ref: '#/definitions/HealthStatus' type: object x-go-package: github.com/moby/moby/api/types/container HealthCheckLog: description: HealthCheckLog describes the results of a single healthcheck properties: End: description: End time as a string type: string ExitCode: description: Exitcode is 0 or 1 format: int64 type: integer Output: description: Output is the stdout/stderr from the healthcheck command type: string Start: description: Start time as string type: string type: object x-go-package: go.podman.io/podman/v6/libpod/define HealthCheckOnFailureAction: description: |- HealthCheckOnFailureAction defines how Podman reacts when a container's health status turns unhealthy. format: int64 type: integer x-go-package: go.podman.io/podman/v6/libpod/define HealthCheckResults: description: HealthCheckResults describes the results/logs from a healthcheck properties: FailingStreak: description: FailingStreak is the number of consecutive failed healthchecks format: int64 type: integer Log: description: Log describes healthcheck attempts and results items: $ref: '#/definitions/HealthCheckLog' type: array Status: description: Status starting, healthy or unhealthy type: string type: object x-go-package: go.podman.io/podman/v6/libpod/define HealthConfig: title: HealthConfig holds configuration settings for the HEALTHCHECK feature. type: object x-go-package: github.com/moby/moby/api/types/container HealthStatus: title: HealthStatus is a string representation of the container's health. type: string x-go-package: github.com/moby/moby/api/types/container HealthSummary: properties: FailingStreak: format: int64 type: integer Status: $ref: '#/definitions/HealthStatus' title: HealthSummary stores a summary of the container's healthcheck results. type: object x-go-package: github.com/moby/moby/api/types/container HealthcheckConfig: properties: Interval: $ref: '#/definitions/Duration' Retries: description: |- Retries is the number of consecutive failures needed to consider a container as unhealthy. Zero means inherit. format: int64 type: integer StartInterval: $ref: '#/definitions/Duration' StartPeriod: $ref: '#/definitions/Duration' Test: description: |- Test is the test to perform to check that the container is healthy. An empty slice means to inherit the default. The options are: {} : inherit healthcheck {"NONE"} : disable healthcheck {"CMD", args...} : exec arguments directly {"CMD-SHELL", command} : run command with system's default shell items: type: string type: array Timeout: $ref: '#/definitions/Duration' title: HealthcheckConfig holds configuration settings for the HEALTHCHECK feature. type: object x-go-package: github.com/moby/docker-image-spec/specs-go/v1 HealthcheckResult: description: HealthcheckResult stores information about a single run of a healthcheck probe properties: End: format: date-time type: string ExitCode: format: int64 type: integer Output: type: string Start: format: date-time type: string type: object x-go-package: github.com/moby/moby/api/types/container History: properties: author: description: Author is the author of the build point. type: string x-go-name: Author comment: description: Comment is a custom message set when creating the layer. type: string x-go-name: Comment created: description: Created is the combined date and time at which the layer was created, formatted as defined by RFC 3339, section 5.6. format: date-time type: string x-go-name: Created created_by: description: CreatedBy is the command which created the layer. type: string x-go-name: CreatedBy empty_layer: description: EmptyLayer is used to mark if the history item created a filesystem diff. type: boolean x-go-name: EmptyLayer title: History describes the history of a layer. type: object x-go-package: github.com/opencontainers/image-spec/specs-go/v1 HistoryResponse: description: HistoryResponse provides details on image layers properties: Comment: type: string Created: format: int64 type: integer CreatedBy: type: string Id: type: string x-go-name: ID Size: format: int64 type: integer Tags: items: type: string type: array type: object x-go-package: go.podman.io/podman/v6/pkg/api/handlers HostConfig: description: |- Here, "non-portable" means "dependent of the host we are running on". Portable information *should* appear in Config. properties: Annotations: additionalProperties: type: string type: object AutoRemove: type: boolean Binds: description: Applicable to all platforms items: type: string type: array BlkioDeviceReadBps: items: $ref: '#/definitions/ThrottleDevice' type: array BlkioDeviceReadIOps: items: $ref: '#/definitions/ThrottleDevice' type: array BlkioDeviceWriteBps: items: $ref: '#/definitions/ThrottleDevice' type: array BlkioDeviceWriteIOps: items: $ref: '#/definitions/ThrottleDevice' type: array BlkioWeight: format: uint16 type: integer BlkioWeightDevice: items: $ref: '#/definitions/WeightDevice' type: array CapAdd: description: Applicable to UNIX platforms items: type: string type: array CapDrop: items: type: string type: array Cgroup: $ref: '#/definitions/CgroupSpec' CgroupParent: description: Applicable to UNIX platforms type: string CgroupnsMode: $ref: '#/definitions/CgroupnsMode' ConsoleSize: items: format: uint64 type: integer type: array ContainerIDFile: type: string CpuCount: description: Applicable to Windows format: int64 type: integer x-go-name: CPUCount CpuPercent: format: int64 type: integer x-go-name: CPUPercent CpuPeriod: format: int64 type: integer x-go-name: CPUPeriod CpuQuota: format: int64 type: integer x-go-name: CPUQuota CpuRealtimePeriod: format: int64 type: integer x-go-name: CPURealtimePeriod CpuRealtimeRuntime: format: int64 type: integer x-go-name: CPURealtimeRuntime CpuShares: description: Applicable to all platforms format: int64 type: integer x-go-name: CPUShares CpusetCpus: type: string CpusetMems: type: string DeviceCgroupRules: items: type: string type: array DeviceRequests: items: $ref: '#/definitions/DeviceRequest' type: array Devices: items: $ref: '#/definitions/DeviceMapping' type: array Dns: items: type: string x-go-type: net/netip.Addr type: array x-go-name: DNS DnsOptions: items: type: string type: array x-go-name: DNSOptions DnsSearch: items: type: string type: array x-go-name: DNSSearch ExtraHosts: items: type: string type: array GroupAdd: items: type: string type: array IOMaximumBandwidth: format: uint64 type: integer IOMaximumIOps: format: uint64 type: integer Init: description: Run a custom init inside the container, if null, use the daemon's configured settings type: boolean IpcMode: $ref: '#/definitions/IpcMode' Isolation: $ref: '#/definitions/Isolation' Links: items: type: string type: array LogConfig: $ref: '#/definitions/LogConfig' MaskedPaths: description: MaskedPaths is the list of paths to be masked inside the container (this overrides the default set of paths) items: type: string type: array Memory: format: int64 type: integer MemoryReservation: format: int64 type: integer MemorySwap: format: int64 type: integer MemorySwappiness: format: int64 type: integer Mounts: description: Mounts specs used by the container items: $ref: '#/definitions/Mount' type: array NanoCpus: format: int64 type: integer x-go-name: NanoCPUs NetworkMode: $ref: '#/definitions/NetworkMode' OomKillDisable: type: boolean OomScoreAdj: format: int64 type: integer PidMode: $ref: '#/definitions/PidMode' PidsLimit: format: int64 type: integer PortBindings: $ref: '#/definitions/PortMap' Privileged: type: boolean PublishAllPorts: type: boolean ReadonlyPaths: description: ReadonlyPaths is the list of paths to be set as read-only inside the container (this overrides the default set of paths) items: type: string type: array ReadonlyRootfs: type: boolean RestartPolicy: $ref: '#/definitions/RestartPolicy' Runtime: type: string SecurityOpt: items: type: string type: array ShmSize: format: int64 type: integer StorageOpt: additionalProperties: type: string type: object Sysctls: additionalProperties: type: string type: object Tmpfs: additionalProperties: type: string type: object UTSMode: $ref: '#/definitions/UTSMode' Ulimits: items: $ref: '#/definitions/Ulimit' type: array UsernsMode: $ref: '#/definitions/UsernsMode' VolumeDriver: type: string VolumesFrom: items: type: string type: array title: HostConfig the non-portable Config structure of a container. type: object x-go-package: github.com/moby/moby/api/types/container HostInfo: description: HostInfo describes the libpod host properties: arch: type: string x-go-name: Arch buildahVersion: type: string x-go-name: BuildahVersion cgroupControllers: items: type: string type: array x-go-name: CgroupControllers cgroupManager: type: string x-go-name: CgroupManager cgroupVersion: type: string x-go-name: CgroupsVersion conmon: $ref: '#/definitions/ConmonInfo' cpuUtilization: $ref: '#/definitions/CPUUsage' cpus: format: int64 type: integer x-go-name: CPUs databaseBackend: type: string x-go-name: DatabaseBackend distribution: $ref: '#/definitions/DistributionInfo' emulatedArchitectures: items: type: string type: array x-go-name: EmulatedArchitectures eventLogger: type: string x-go-name: EventLogger freeLocks: format: uint32 type: integer x-go-name: FreeLocks hostname: type: string x-go-name: Hostname idMappings: $ref: '#/definitions/IDMappings' kernel: type: string x-go-name: Kernel linkmode: type: string x-go-name: Linkmode logDriver: type: string x-go-name: LogDriver memFree: format: int64 type: integer x-go-name: MemFree memTotal: format: int64 type: integer x-go-name: MemTotal networkBackend: type: string x-go-name: NetworkBackend networkBackendInfo: $ref: '#/definitions/NetworkInfo' ociRuntime: $ref: '#/definitions/OCIRuntimeInfo' os: type: string x-go-name: OS pasta: $ref: '#/definitions/PastaInfo' remoteSocket: $ref: '#/definitions/RemoteSocket' rootlessNetworkCmd: description: RootlessNetworkCmd returns the default rootless network command (pasta) type: string x-go-name: RootlessNetworkCmd runtimeInfo: additionalProperties: {} type: object x-go-name: RuntimeInfo security: $ref: '#/definitions/SecurityInfo' serviceIsRemote: description: ServiceIsRemote is true when the podman/libpod service is remote to the client type: boolean x-go-name: ServiceIsRemote swapFree: format: int64 type: integer x-go-name: SwapFree swapTotal: format: int64 type: integer x-go-name: SwapTotal uptime: type: string x-go-name: Uptime variant: type: string x-go-name: Variant type: object x-go-package: go.podman.io/podman/v6/libpod/define IDMap: description: |- IDMap contains a single entry for user namespace range remapping. An array of IDMap entries represents the structure that will be provided to the Linux kernel for creating a user namespace. properties: container_id: format: int64 type: integer x-go-name: ContainerID host_id: format: int64 type: integer x-go-name: HostID size: format: int64 type: integer x-go-name: Size type: object x-go-package: go.podman.io/storage/pkg/idtools IDMappingOptions: description: |- IDMappingOptions are used for specifying how ID mapping should be set up for a layer or container. properties: AutoUserNs: type: boolean AutoUserNsOpts: $ref: '#/definitions/AutoUserNsOptions' GIDMap: items: $ref: '#/definitions/IDMap' type: array HostGIDMapping: type: boolean HostUIDMapping: description: |- UIDMap and GIDMap are used for setting up a layer's root filesystem for use inside of a user namespace where ID mapping is being used. If HostUIDMapping/HostGIDMapping is true, no mapping of the respective type will be used. Otherwise, if UIDMap and/or GIDMap contain at least one mapping, one or both will be used. By default, if neither of those conditions apply, if the layer has a parent layer, the parent layer's mapping will be used, and if it does not have a parent layer, the mapping which was passed to the Store object when it was initialized will be used. type: boolean UIDMap: items: $ref: '#/definitions/IDMap' type: array type: object x-go-package: go.podman.io/storage/types IDMappings: description: IDMappings describe the GID and UID mappings properties: gidmap: items: $ref: '#/definitions/IDMap' type: array x-go-name: GIDMap uidmap: items: $ref: '#/definitions/IDMap' type: array x-go-name: UIDMap type: object x-go-package: go.podman.io/podman/v6/libpod/define IDResponse: properties: Id: description: The id of the newly created object. type: string x-go-name: ID required: - Id type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities/types IPAM: description: IPAM represents IP Address Management properties: Config: items: $ref: '#/definitions/IPAMConfig' type: array Driver: type: string Options: additionalProperties: type: string type: object type: object x-go-package: github.com/moby/moby/api/types/network IPAMConfig: description: IPAMConfig represents IPAM configurations properties: AuxiliaryAddresses: additionalProperties: type: string x-go-type: net/netip.Addr type: object x-go-name: AuxAddress Gateway: type: string x-go-type: net/netip.Addr IPRange: type: string x-go-type: net/netip.Prefix Subnet: type: string x-go-type: net/netip.Prefix type: object x-go-package: github.com/moby/moby/api/types/network IPAMStatus: description: IPAMStatus IPAM status properties: Subnets: $ref: '#/definitions/SubnetStatuses' type: object x-go-package: github.com/moby/moby/api/types/network IPMask: description: See type [IPNet] and func [ParseCIDR] for details. items: format: uint8 type: integer title: |- An IPMask is a bitmask that can be used to manipulate IP addresses for IP addressing and routing. type: array x-go-package: net IPNet: properties: IP: type: string x-go-type: net.IP Mask: $ref: '#/definitions/IPMask' title: An IPNet represents an IP network. type: object x-go-package: net Identity: description: |- This is trusted information verified by the daemon and cannot be modified by tagging an image to a different name. properties: Build: description: Build contains build reference information if image was created via build. items: $ref: '#/definitions/BuildIdentity' type: array Pull: description: |- Pull contains remote location information if image was created via pull. If image was pulled via mirror, this contains the original repository location. After successful push this images also contains the pushed repository location. items: $ref: '#/definitions/PullIdentity' type: array Signature: description: Signature contains the properties of verified signatures for the image. items: $ref: '#/definitions/SignatureIdentity' type: array title: Identity holds information about the identity and origin of the image. type: object x-go-package: github.com/moby/moby/api/types/image ImageConfig: properties: ArgsEscaped: description: |- ArgsEscaped Deprecated: This field is present only for legacy compatibility with Docker and should not be used by new image builders. It is used by Docker for Windows images to indicate that the `Entrypoint` or `Cmd` or both, contains only a single element array, that is a pre-escaped, and combined into a single string `CommandLine`. If `true` the value in `Entrypoint` or `Cmd` should be used as-is to avoid double escaping. https://github.com/opencontainers/image-spec/pull/892 type: boolean Cmd: description: Cmd defines the default arguments to the entrypoint of the container. items: type: string type: array Entrypoint: description: Entrypoint defines a list of arguments to use as the command to execute when the container starts. items: type: string type: array Env: description: Env is a list of environment variables to be used in a container. items: type: string type: array ExposedPorts: additionalProperties: type: object description: ExposedPorts a set of ports to expose from a container running this image. type: object Labels: additionalProperties: type: string description: Labels contains arbitrary metadata for the container. type: object StopSignal: description: StopSignal contains the system call signal that will be sent to the container to exit. type: string User: description: User defines the username or UID which the process in the container should run as. type: string Volumes: additionalProperties: type: object description: Volumes is a set of directories describing where the process is likely write data specific to a container instance. type: object WorkingDir: description: WorkingDir sets the current working directory of the entrypoint process in the container. type: string title: ImageConfig defines the execution parameters which should be used as a base when running a container using an image. type: object x-go-package: github.com/opencontainers/image-spec/specs-go/v1 ImageData: properties: Annotations: additionalProperties: type: string type: object Architecture: type: string Author: type: string Comment: type: string Config: $ref: '#/definitions/ImageConfig' Created: format: date-time type: string Digest: $ref: '#/definitions/Digest' GraphDriver: $ref: '#/definitions/DriverData' Healthcheck: $ref: '#/definitions/Schema2HealthConfig' History: items: $ref: '#/definitions/History' type: array Id: type: string x-go-name: ID Labels: additionalProperties: type: string type: object ManifestType: type: string NamesHistory: items: type: string type: array Os: type: string Parent: type: string RepoDigests: items: type: string type: array RepoTags: items: type: string type: array RootFS: $ref: '#/definitions/RootFS' Size: format: int64 type: integer User: type: string Version: type: string VirtualSize: format: int64 type: integer title: ImageData holds the inspect information of an image. type: object x-go-package: go.podman.io/podman/v6/pkg/inspect ImageImportReport: type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities ImageInspect: properties: Architecture: description: Architecture is the hardware CPU architecture that the image runs on. type: string Author: description: |- Author is the name of the author that was specified when committing the image, or as specified through MAINTAINER (deprecated) in the Dockerfile. This field is omitted if not set. type: string Comment: description: |- Comment is an optional message that can be set when committing or importing the image. This field is omitted if not set. type: string Config: $ref: '#/definitions/DockerOCIImageConfig' Container: description: |- When you embed a struct, the fields of the embedded struct are "promoted" to the outer struct. If a field in the outer struct has the same name as a field in the embedded struct, the outer struct's field will shadow or override the embedded one allowing for a clean way to hide fields from the swagger spec that still exist in the libraries struct. type: string ContainerConfig: $ref: '#/definitions/Config' Created: description: |- Created is the date and time at which the image was created, formatted in RFC 3339 nano-seconds (time.RFC3339Nano). This information is only available if present in the image, and omitted otherwise. type: string Descriptor: $ref: '#/definitions/Descriptor' DockerVersion: type: string GraphDriver: $ref: '#/definitions/DriverData' Id: description: |- ID is the content-addressable ID of an image. This identifier is a content-addressable digest calculated from the image's configuration (which includes the digests of layers used by the image). Note that this digest differs from the `RepoDigests` below, which holds digests of image manifests that reference the image. type: string x-go-name: ID Identity: $ref: '#/definitions/Identity' Manifests: description: |- Manifests is a list of image manifests available in this image. It provides a more detailed view of the platform-specific image manifests or other image-attached data like build attestations. Only available if the daemon provides a multi-platform image store, the client requests manifests AND does not request a specific platform. WARNING: This is experimental and may change at any time without any backward compatibility. items: $ref: '#/definitions/ManifestSummary' type: array Metadata: $ref: '#/definitions/Metadata' Os: description: OS is the Operating System the image is built to run on. type: string OsVersion: description: |- OsVersion is the version of the Operating System the image is built to run on (especially for Windows). type: string Parent: type: string RepoDigests: description: |- RepoDigests is a list of content-addressable digests of locally available image manifests that the image is referenced from. Multiple manifests can refer to the same image. These digests are usually only available if the image was either pulled from a registry, or if the image was pushed to a registry, which is when the manifest is generated and its digest calculated. items: type: string type: array RepoTags: description: |- RepoTags is a list of image names/tags in the local image cache that reference this image. Multiple image tags can refer to the same image, and this list may be empty if no tags reference the image, in which case the image is "untagged", in which case it can still be referenced by its ID. items: type: string type: array RootFS: $ref: '#/definitions/RootFS' Size: description: Size is the total size of the image including all layers it is composed of. format: int64 type: integer Variant: description: Variant is the CPU architecture variant (presently ARM-only). type: string VirtualSize: format: int64 type: integer type: object x-go-package: go.podman.io/podman/v6/pkg/api/handlers ImageLoadReport: type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities ImageOptions: properties: Subpath: type: string type: object x-go-package: github.com/moby/moby/api/types/mount ImageProperties: properties: Containers: description: |- Containers is an array containing the IDs of the containers that are using this image. items: type: string type: array Identity: $ref: '#/definitions/Identity' Platform: $ref: '#/definitions/Platform' Size: properties: Unpacked: description: |- Unpacked is the size (in bytes) of the locally unpacked (uncompressed) image content that's directly usable by the containers running this image. It's independent of the distributable content - e.g. the image might still have an unpacked data that's still used by some container even when the distributable/compressed content is already gone. format: int64 type: integer required: - Unpacked type: object required: - Platform - Containers type: object x-go-package: github.com/moby/moby/api/types/image ImagePullReport: title: ImagePullReport is the response from pulling one or more images. type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities ImageRemoveReport: description: |- ImageRemoveReport is the response for removing one or more image(s) from storage and images what was untagged vs actually removed. type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities ImageStore: description: |- ImageStore describes the image store. Right now only the number of images present properties: number: format: int64 type: integer x-go-name: Number type: object x-go-package: go.podman.io/podman/v6/libpod/define ImageSummary: type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities ImageTreeReport: description: ImageTreeReport provides results from ImageEngine.Tree() type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities ImageVolume: description: |- ImageVolume is a volume based on a container image. The container image is first mounted on the host and is then bind-mounted into the container. An ImageVolume is always mounted read-only. properties: Destination: description: Destination is the absolute path of the mount in the container. type: string ReadWrite: description: ReadWrite sets the volume writable. type: boolean Source: description: |- Source is the source of the image volume. The image can be referred to by name and by ID. type: string subPath: description: |- SubPath mounts a particular path within the image. If empty, the whole image is mounted. type: string x-go-name: SubPath type: object x-go-package: go.podman.io/podman/v6/pkg/specgen Info: description: |- Info contains information about the Volume as a whole as provided by the CSI storage plugin. properties: AccessibleTopology: description: |- AccessibleTopology is the topology this volume is actually accessible from. items: $ref: '#/definitions/Topology' type: array CapacityBytes: description: |- CapacityBytes is the capacity of the volume in bytes. A value of 0 indicates that the capacity is unknown. format: int64 type: integer VolumeContext: additionalProperties: type: string description: |- VolumeContext is the context originating from the CSI storage plugin when the Volume is created. type: object VolumeID: description: |- VolumeID is the ID of the Volume as seen by the CSI storage plugin. This is distinct from the Volume's Swarm ID, which is the ID used by all of the Docker Engine to refer to the Volume. If this field is blank, then the Volume has not been successfully created yet. type: string type: object x-go-package: github.com/moby/moby/api/types/volume Inspect: properties: Attachable: description: |- Whether a global / swarm scope network is manually attachable by regular containers from workers in swarm mode. example: false type: boolean ConfigFrom: $ref: '#/definitions/ConfigReference' ConfigOnly: description: |- Whether the network is a config-only network. Config-only networks are placeholder networks for network configurations to be used by other networks. Config-only networks cannot be used directly to run containers or services. type: boolean Containers: additionalProperties: $ref: '#/definitions/EndpointResource' description: Contains endpoints attached to the network. example: 19a4d5d687db25203351ed79d478946f861258f018fe384f229f2efa4b23513c: EndpointID: 628cadb8bcb92de107b2a1e516cbffe463e321f548feb37697cce00ad694f21a IPv4Address: 172.19.0.2/16 IPv6Address: "" MacAddress: 02:42:ac:13:00:02 Name: test type: object Created: description: |- Date and time at which the network was created in [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format with nano-seconds. example: "2016-10-19T04:33:30.360899459Z" format: date-time type: string Driver: description: |- The name of the driver used to create the network (e.g. `bridge`, `overlay`). example: overlay type: string EnableIPv4: description: Whether the network was created with IPv4 enabled. example: true type: boolean EnableIPv6: description: Whether the network was created with IPv6 enabled. example: false type: boolean IPAM: $ref: '#/definitions/IPAM' Id: description: ID that uniquely identifies a network on a single machine. example: 7d86d31b1478e7cca9ebed7e73aa0fdeec46c5ca29497431d3007d2d9e15ed99 type: string x-go-name: ID Ingress: description: Whether the network is providing the routing-mesh for the swarm cluster. example: false type: boolean Internal: description: |- Whether the network is created to only allow internal networking connectivity. example: false type: boolean Labels: additionalProperties: type: string description: Metadata specific to the network being created. example: com.example.some-label: some-value com.example.some-other-label: some-other-value type: object Name: description: Name of the network. example: my_network type: string Options: additionalProperties: type: string description: Network-specific options uses when creating the network. example: com.docker.network.bridge.default_bridge: "true" com.docker.network.bridge.enable_icc: "true" com.docker.network.bridge.enable_ip_masquerade: "true" com.docker.network.bridge.host_binding_ipv4: 0.0.0.0 com.docker.network.bridge.name: docker0 com.docker.network.driver.mtu: "1500" type: object Peers: description: |- List of peer nodes for an overlay network. This field is only present for overlay networks, and omitted for other network types. items: $ref: '#/definitions/PeerInfo' type: array Scope: description: |- The level at which the network exists (e.g. `swarm` for cluster-wide or `local` for machine level) example: local type: string Services: additionalProperties: $ref: '#/definitions/ServiceInfo' description: |- List of services using the network. This field is only present for swarm scope networks, and omitted for local scope networks. type: object Status: $ref: '#/definitions/Status' title: Inspect The body of the "get network" http response message. type: object x-go-package: github.com/moby/moby/api/types/network InspectAdditionalNetwork: description: |- InspectAdditionalNetwork holds information about non-default networks the container has been connected to. As with InspectNetworkSettings, many fields are unused and maintained only for compatibility with Docker. properties: AdditionalMACAddresses: description: |- AdditionalMacAddresses is a set of additional MAC Addresses beyond the first. The network backend may configure more than one interface for a single network, which can cause this. items: type: string type: array x-go-name: AdditionalMacAddresses Aliases: description: Aliases are any network aliases the container has in this network. items: type: string type: array DriverOpts: additionalProperties: type: string description: |- DriverOpts is presently unused and maintained exclusively for compatibility. type: object EndpointID: description: EndpointID is unused, maintained exclusively for compatibility. type: string Gateway: description: Gateway is the IP address of the gateway this network will use. type: string GlobalIPv6Address: description: GlobalIPv6Address is the global-scope IPv6 Address for this network. type: string GlobalIPv6PrefixLen: description: GlobalIPv6PrefixLen is the length of the subnet mask of this network. format: int64 type: integer IPAMConfig: additionalProperties: type: string description: |- IPAMConfig is presently unused and maintained exclusively for compatibility. type: object IPAddress: description: IPAddress is the IP address for this network. type: string IPPrefixLen: description: IPPrefixLen is the length of the subnet mask of this network. format: int64 type: integer IPv6Gateway: description: IPv6Gateway is the IPv6 gateway this network will use. type: string Links: description: |- Links is presently unused and maintained exclusively for compatibility. items: type: string type: array MacAddress: description: MacAddress is the MAC address for the interface in this network. type: string NetworkID: description: Name of the network we're connecting to. type: string SecondaryIPAddresses: description: |- SecondaryIPAddresses is a list of extra IP Addresses that the container has been assigned in this network. items: $ref: '#/definitions/Address' type: array SecondaryIPv6Addresses: description: |- SecondaryIPv6Addresses is a list of extra IPv6 Addresses that the container has been assigned in this network. items: $ref: '#/definitions/Address' type: array type: object x-go-package: go.podman.io/podman/v6/libpod/define InspectBlkioThrottleDevice: description: |- InspectBlkioThrottleDevice holds information about a speed cap for a device node. This cap applies to a specific operation (read, write, etc) on the given node. properties: Path: description: Path is the path to the device this applies to. type: string Rate: description: |- Rate is the maximum rate. It is in either bytes per second or iops per second, determined by where it is used - documentation will indicate which is appropriate. format: uint64 type: integer type: object x-go-package: go.podman.io/podman/v6/libpod/define InspectBlkioWeightDevice: description: |- InspectBlkioWeightDevice holds information about the relative weight of an individual device node. Weights are used in the I/O scheduler to give relative priority to some accesses. properties: Path: description: Path is the path to the device this applies to. type: string Weight: description: |- Weight is the relative weight the scheduler will use when scheduling I/O. format: uint16 type: integer type: object x-go-package: go.podman.io/podman/v6/libpod/define InspectContainerConfig: description: |- InspectContainerConfig holds further data about how a container was initially configured. properties: Annotations: additionalProperties: type: string description: Container annotations type: object AttachStderr: description: Unused, at present type: boolean AttachStdin: description: Unused, at present type: boolean AttachStdout: description: Unused, at present type: boolean ChrootDirs: description: |- ChrootDirs is an additional set of directories that need to be treated as root directories. Standard bind mounts will be mounted into paths relative to these directories. items: type: string type: array Cmd: description: Container command items: type: string type: array CreateCommand: description: |- CreateCommand is the full command plus arguments of the process the container has been created with. items: type: string type: array Domainname: description: Container domain name - unused at present type: string x-go-name: DomainName Entrypoint: description: Container entrypoint items: type: string type: array Env: description: Container environment variables items: type: string type: array ExposedPorts: additionalProperties: type: object description: ExposedPorts includes ports the container has exposed. type: object HealthLogDestination: description: HealthLogDestination defines the destination where the log is stored type: string Healthcheck: $ref: '#/definitions/Schema2HealthConfig' HealthcheckMaxLogCount: description: |- HealthMaxLogCount is maximum number of attempts in the HealthCheck log file. ('0' value means an infinite number of attempts in the log file) format: uint64 type: integer x-go-name: HealthMaxLogCount HealthcheckMaxLogSize: description: |- HealthMaxLogSize is the maximum length in characters of stored HealthCheck log ("0" value means an infinite log length) format: uint64 type: integer x-go-name: HealthMaxLogSize HealthcheckOnFailureAction: description: HealthcheckOnFailureAction defines an action to take once the container turns unhealthy. type: string Hostname: description: Container hostname type: string Image: description: Container image type: string Labels: additionalProperties: type: string description: Container labels type: object OnBuild: description: On-build arguments - presently unused. More of Buildah's domain. type: string OpenStdin: description: Whether the container leaves STDIN open type: boolean Passwd: description: Passwd determines whether or not podman can add entries to /etc/passwd and /etc/group type: boolean Secrets: description: Secrets are the secrets mounted in the container items: $ref: '#/definitions/InspectSecret' type: array StartupHealthCheck: $ref: '#/definitions/StartupHealthCheck' StdinOnce: description: |- Whether STDIN is only left open once. Presently not supported by Podman, unused. type: boolean StopSignal: description: Container stop signal type: string StopTimeout: description: StopTimeout is time before container is stopped when calling stop format: uint64 type: integer SystemdMode: description: |- SystemdMode is whether the container is running in systemd mode. In systemd mode, the container configuration is customized to optimize running systemd in the container. type: boolean Timeout: description: Timeout is time before container is killed by conmon format: uint64 type: integer Timezone: description: |- Timezone is the timezone inside the container. Local means it has the same timezone as the host machine type: string Tty: description: Whether the container creates a TTY type: boolean Umask: description: Umask is the umask inside the container. type: string User: description: User the container was launched with type: string Volumes: additionalProperties: type: object description: Unused, at present. I've never seen this field populated. type: object WorkingDir: description: Container working directory type: string sdNotifyMode: description: SdNotifyMode is the sd-notify mode of the container. type: string x-go-name: SdNotifyMode sdNotifySocket: description: SdNotifySocket is the NOTIFY_SOCKET in use by/configured for the container. type: string x-go-name: SdNotifySocket type: object x-go-package: go.podman.io/podman/v6/libpod/define InspectContainerData: description: |- InspectContainerData provides a detailed record of a container's configuration and state as viewed by Libpod. Large portions of this structure are defined such that the output is compatible with `docker inspect` JSON, but additional fields have been added as required to share information not in the original output. properties: AppArmorProfile: type: string Args: items: type: string type: array BoundingCaps: items: type: string type: array Config: $ref: '#/definitions/InspectContainerConfig' ConmonPidFile: type: string Created: format: date-time type: string Dependencies: items: type: string type: array Driver: type: string EffectiveCaps: items: type: string type: array ExecIDs: items: type: string type: array GraphDriver: $ref: '#/definitions/DriverData' HostConfig: $ref: '#/definitions/InspectContainerHostConfig' HostnamePath: type: string HostsPath: type: string Id: type: string x-go-name: ID Image: type: string ImageDigest: type: string ImageName: type: string IsInfra: type: boolean IsService: type: boolean KubeExitCodePropagation: type: string MountLabel: type: string Mounts: items: $ref: '#/definitions/InspectMount' type: array Name: type: string Namespace: type: string NetworkSettings: $ref: '#/definitions/InspectNetworkSettings' OCIConfigPath: type: string OCIRuntime: type: string Path: type: string PidFile: type: string Pod: type: string ProcessLabel: type: string ResolvConfPath: type: string RestartCount: format: int32 type: integer Rootfs: type: string SizeRootFs: format: int64 type: integer SizeRw: format: int64 type: integer State: $ref: '#/definitions/InspectContainerState' StaticDir: type: string UseImageHostname: type: boolean UseImageHosts: type: boolean lockNumber: format: uint32 type: integer x-go-name: LockNumber type: object x-go-package: go.podman.io/podman/v6/libpod/define InspectContainerHostConfig: description: |- InspectContainerHostConfig holds information used when the container was created. It's very much a Docker-specific struct, retained (mostly) as-is for compatibility. We fill individual fields as best as we can, inferring as much as possible from the spec and container config. Some things cannot be inferred. These will be populated by spec annotations (if available). properties: Annotations: additionalProperties: type: string description: |- Annotations are provided to the runtime when the container is started. type: object AutoRemove: description: |- AutoRemove is whether the container will be automatically removed on exiting. It is not handled directly within libpod and is stored in an annotation. type: boolean AutoRemoveImage: description: |- AutoRemoveImage is whether the container's image will be automatically removed on exiting. It is not handled directly within libpod and is stored in an annotation. type: boolean Binds: description: |- Binds contains an array of user-added mounts. Both volume mounts and named volumes are included. Tmpfs mounts are NOT included. In 'docker inspect' this is separated into 'Binds' and 'Mounts' based on how a mount was added. We do not make this distinction and do not include a Mounts field in inspect. Format: :[:] items: type: string type: array BlkioDeviceReadBps: description: |- BlkioDeviceReadBps is an array of I/O throttle parameters for individual device nodes. This specifically sets read rate cap in bytes per second for device nodes. As with BlkioWeightDevice, we pull the path from /sys/dev, and we don't guarantee the path will be identical to the original (though the node will be). items: $ref: '#/definitions/InspectBlkioThrottleDevice' type: array BlkioDeviceReadIOps: description: |- BlkioDeviceReadIOps is an array of I/O throttle parameters for individual device nodes. This specifically sets the read rate cap in iops per second for device nodes. As with BlkioWeightDevice, we pull the path from /sys/dev, and we don't guarantee the path will be identical to the original (though the node will be). items: $ref: '#/definitions/InspectBlkioThrottleDevice' type: array BlkioDeviceWriteBps: description: |- BlkioDeviceWriteBps is an array of I/O throttle parameters for individual device nodes. this specifically sets write rate cap in bytes per second for device nodes. as with BlkioWeightDevice, we pull the path from /sys/dev, and we don't guarantee the path will be identical to the original (though the node will be). items: $ref: '#/definitions/InspectBlkioThrottleDevice' type: array BlkioDeviceWriteIOps: description: |- BlkioDeviceWriteIOps is an array of I/O throttle parameters for individual device nodes. This specifically sets the write rate cap in iops per second for device nodes. As with BlkioWeightDevice, we pull the path from /sys/dev, and we don't guarantee the path will be identical to the original (though the node will be). items: $ref: '#/definitions/InspectBlkioThrottleDevice' type: array BlkioWeight: description: |- BlkioWeight indicates the I/O resources allocated to the container. It is a relative weight in the scheduler for assigning I/O time versus other Cgroups. format: uint16 type: integer BlkioWeightDevice: description: |- BlkioWeightDevice is an array of I/O resource priorities for individual device nodes. Unfortunately, the spec only stores the device's Major/Minor numbers and not the path, which is used here. Fortunately, the kernel provides an interface for retrieving the path of a given node by major:minor at /sys/dev/. However, the exact path in use may not be what was used in the original CLI invocation - though it is guaranteed that the device node will be the same, and using the given path will be functionally identical. items: $ref: '#/definitions/InspectBlkioWeightDevice' type: array CapAdd: description: |- CapAdd is a list of capabilities added to the container. It is not directly stored by Libpod, and instead computed from the capabilities listed in the container's spec, compared against a set of default capabilities. items: type: string type: array CapDrop: description: |- CapDrop is a list of capabilities removed from the container. It is not directly stored by libpod, and instead computed from the capabilities listed in the container's spec, compared against a set of default capabilities. items: type: string type: array Cgroup: description: |- Cgroup contains the container's cgroup. It is presently not populated. TODO. type: string CgroupConf: additionalProperties: type: string description: CgroupConf is the configuration for cgroup v2. type: object CgroupManager: description: |- CgroupManager is the cgroup manager used by the container. At present, allowed values are either "cgroupfs" or "systemd". type: string CgroupMode: description: |- CgroupMode is the configuration of the container's cgroup namespace. Populated as follows: private - a cgroup namespace has been created host - No cgroup namespace created container: - Using another container's cgroup namespace ns: - A path to a cgroup namespace has been specified type: string CgroupParent: description: |- CgroupParent is the Cgroup parent of the container. Only set if not default. type: string Cgroups: description: |- Cgroups contains the container's Cgroup mode. Allowed values are "default" (container is creating Cgroups) and "disabled" (container is not creating Cgroups). This is Libpod-specific and not included in `docker inspect`. type: string ConsoleSize: description: |- ConsoleSize is an array of 2 integers showing the size of the container's console. It is only set if the container is creating a terminal. TODO. items: format: uint64 type: integer type: array ContainerIDFile: description: |- ContainerIDFile is a file created during container creation to hold the ID of the created container. This is not handled within libpod and is stored in an annotation. type: string CpuCount: description: CpuCount is Windows-only and not presently implemented. format: uint64 type: integer CpuPercent: description: CpuPercent is Windows-only and not presently implemented. format: uint64 type: integer CpuPeriod: description: |- CpuPeriod is the length of a CPU period in microseconds. It relates directly to CpuQuota. format: uint64 type: integer CpuQuota: description: |- CpuPeriod is the amount of time (in microseconds) that a container can use the CPU in every CpuPeriod. format: int64 type: integer CpuRealtimePeriod: description: |- CpuRealtimePeriod is the length of time (in microseconds) of the CPU realtime period. If set to 0, no time will be allocated to realtime tasks. format: uint64 type: integer CpuRealtimeRuntime: description: |- CpuRealtimeRuntime is the length of time (in microseconds) allocated for realtime tasks within every CpuRealtimePeriod. format: int64 type: integer CpuShares: description: |- CpuShares indicates the CPU resources allocated to the container. It is a relative weight in the scheduler for assigning CPU time versus other Cgroups. format: uint64 type: integer CpusetCpus: description: |- CpusetCpus is the set of CPUs that the container will execute on. Formatted as `0-3` or `0,2`. Default (if unset) is all CPUs. type: string CpusetMems: description: |- CpusetMems is the set of memory nodes the container will use. Formatted as `0-3` or `0,2`. Default (if unset) is all memory nodes. type: string Devices: description: |- Devices is a list of device nodes that will be added to the container. These are stored in the OCI spec only as type, major, minor while we display the host path. We convert this with /sys/dev, but we cannot guarantee that the host path will be identical - only that the actual device will be. items: $ref: '#/definitions/InspectDevice' type: array DiskQuota: description: |- DiskQuota is the maximum amount of disk space the container may use (in bytes). Presently not populated. TODO. format: uint64 type: integer Dns: description: |- Dns is a list of DNS nameservers that will be added to the container's resolv.conf items: type: string type: array DnsOptions: description: |- DnsOptions is a list of DNS options that will be set in the container's resolv.conf items: type: string type: array DnsSearch: description: |- DnsSearch is a list of DNS search domains that will be set in the container's resolv.conf items: type: string type: array ExtraHosts: description: |- ExtraHosts contains hosts that will be added to the container's etc/hosts. items: type: string type: array GroupAdd: description: |- GroupAdd contains groups that the user inside the container will be added to. items: type: string type: array HostsFile: description: HostsFile is the base file to create the `/etc/hosts` file inside the container. type: string IDMappings: $ref: '#/definitions/InspectIDMappings' IOMaximumBandwidth: description: IOMaximumBandwidth is Windows-only and not presently implemented. format: uint64 type: integer IOMaximumIOps: description: IOMaximumIOps is Windows-only and not presently implemented. format: uint64 type: integer Init: description: Init indicates whether the container has an init mounted into it. type: boolean IntelRdtClosID: description: |- IntelRdtClosID defines the Intel RDT CAT Class Of Service (COS) that all processes of the container should run in. type: string IpcMode: description: |- IpcMode represents the configuration of the container's IPC namespace. Populated as follows: "" (empty string) - Default, an IPC namespace will be created host - No IPC namespace created container: - Using another container's IPC namespace ns: - A path to an IPC namespace has been specified type: string Isolation: description: |- Isolation is presently unused and provided solely for Docker compatibility. type: string KernelMemory: description: |- KernelMemory is the maximum amount of memory the kernel will devote to the container. format: int64 type: integer Links: description: Links is unused, and provided purely for Docker compatibility. items: type: string type: array LogConfig: $ref: '#/definitions/InspectLogConfig' Memory: description: |- Memory indicates the memory resources allocated to the container. This is the limit (in bytes) of RAM the container may use. format: int64 type: integer MemoryReservation: description: |- MemoryReservation is the reservation (soft limit) of memory available to the container. Soft limits are warnings only and can be exceeded. format: int64 type: integer MemorySwap: description: |- MemorySwap is the total limit for all memory available to the container, including swap. 0 indicates that there is no limit to the amount of memory available. format: int64 type: integer MemorySwappiness: description: |- MemorySwappiness is the willingness of the kernel to page container memory to swap. It is an integer from 0 to 100, with low numbers being more likely to be put into swap. nil means swappiness is unset and the system default is used. format: int64 type: integer NanoCpus: description: |- NanoCpus indicates number of CPUs allocated to the container. It is an integer where one full CPU is indicated by 1000000000 (one billion). Thus, 2.5 CPUs (fractional portions of CPUs are allowed) would be 2500000000 (2.5 billion). In 'docker inspect' this is set exclusively of two further options in the output (CpuPeriod and CpuQuota) which are both used to implement this functionality. We can't distinguish here, so if CpuQuota is set to the default of 100000, we will set both CpuQuota, CpuPeriod, and NanoCpus. If CpuQuota is not the default, we will not set NanoCpus. format: int64 type: integer NetworkMode: description: |- NetworkMode is the configuration of the container's network namespace. Populated as follows: default - A network namespace is being created and configured none - A network namespace is being created, not configured host - No network namespace created container: - Using another container's network namespace ns: - A path to a network namespace has been specified type: string OomKillDisable: description: |- OomKillDisable indicates whether the kernel OOM killer is disabled for the container. type: boolean OomScoreAdj: description: |- OOMScoreAdj is an adjustment that will be made to the container's OOM score. format: int64 type: integer PidMode: description: |- PidMode represents the configuration of the container's PID namespace. Populated as follows: "" (empty string) - Default, a PID namespace will be created host - No PID namespace created container: - Using another container's PID namespace ns: - A path to a PID namespace has been specified type: string PidsLimit: description: |- PidsLimit is the maximum number of PIDs that may be created within the container. 0, the default, indicates no limit. format: int64 type: integer PortBindings: additionalProperties: items: $ref: '#/definitions/InspectHostPort' type: array description: |- PortBindings contains the container's port bindings. It is formatted as map[string][]InspectHostPort. The string key here is formatted as / and represents the container port. A single container port may be bound to multiple host ports (on different IPs). type: object Privileged: description: |- Privileged indicates whether the container is running with elevated privileges. This has a very specific meaning in the Docker sense, so it's very difficult to decode from the spec and config, and so is stored as an annotation. type: boolean PublishAllPorts: description: |- PublishAllPorts indicates whether image ports are being published. This is not directly stored in libpod and is saved as an annotation. type: boolean ReadonlyRootfs: description: ReadonlyRootfs is whether the container will be mounted read-only. type: boolean RestartPolicy: $ref: '#/definitions/InspectRestartPolicy' Runtime: description: |- Runtime is provided purely for Docker compatibility. It is set unconditionally to "oci" as Podman does not presently support non-OCI runtimes. type: string SecurityOpt: description: |- SecurityOpt is a list of security-related options that are set in the container. items: type: string type: array ShmSize: format: int64 type: integer Tmpfs: additionalProperties: type: string description: |- Tmpfs is a list of tmpfs filesystems that will be mounted into the container. It is a map of destination path to options for the mount. type: object UTSMode: description: |- UTSMode represents the configuration of the container's UID namespace. Populated as follows: "" (empty string) - Default, a UTS namespace will be created host - no UTS namespace created container: - Using another container's UTS namespace ns: - A path to a UTS namespace has been specified type: string Ulimits: description: Ulimits is a set of ulimits that will be set within the container. items: $ref: '#/definitions/InspectUlimit' type: array UsernsMode: description: |- UsernsMode represents the configuration of the container's user namespace. When running rootless, a user namespace is created outside of libpod to allow some privileged operations. This will not be reflected here. Populated as follows: "" (empty string) - No user namespace will be created private - The container will be run in a user namespace container: - Using another container's user namespace ns: - A path to a user namespace has been specified TODO Rootless has an additional 'keep-id' option, presently not reflected here. type: string VolumeDriver: description: |- VolumeDriver is presently unused and is retained for Docker compatibility. type: string VolumesFrom: description: |- VolumesFrom is a list of containers which this container uses volumes from. This is not handled directly within libpod and is stored in an annotation. It is formatted as an array of container names and IDs. items: type: string type: array type: object x-go-package: go.podman.io/podman/v6/libpod/define InspectContainerState: description: |- InspectContainerState provides a detailed record of a container's current state. It is returned as part of InspectContainerData. As with InspectContainerData, many portions of this struct are matched to Docker, but here we see more fields that are unused (nonsensical in the context of Libpod). properties: CgroupPath: type: string CheckpointLog: type: string CheckpointPath: type: string Checkpointed: type: boolean CheckpointedAt: format: date-time type: string ConmonPid: format: int64 type: integer Dead: type: boolean Error: type: string ExitCode: format: int32 type: integer FinishedAt: format: date-time type: string Health: $ref: '#/definitions/HealthCheckResults' OOMKilled: type: boolean OciVersion: type: string Paused: type: boolean Pid: format: int64 type: integer Restarting: type: boolean RestoreLog: type: string Restored: type: boolean RestoredAt: format: date-time type: string Running: type: boolean StartedAt: format: date-time type: string Status: type: string StoppedByUser: type: boolean type: object x-go-package: go.podman.io/podman/v6/libpod/define InspectDevice: properties: CgroupPermissions: description: |- CgroupPermissions is the permissions of the mounted device. Presently not populated. TODO. type: string PathInContainer: description: PathInContainer is the path of the device within the container. type: string PathOnHost: description: PathOnHost is the path of the device on the host. type: string title: InspectDevice is a single device that will be mounted into the container. type: object x-go-package: go.podman.io/podman/v6/libpod/define InspectExecProcess: description: |- InspectExecProcess contains information about the process in a given exec session. properties: arguments: description: |- Arguments are the arguments to the entrypoint command of the exec session. items: type: string type: array x-go-name: Arguments entrypoint: description: |- Entrypoint is the entrypoint for the exec session (the command that will be executed in the container). type: string x-go-name: Entrypoint privileged: description: |- Privileged is whether the exec session will be started with elevated privileges. type: boolean x-go-name: Privileged tty: description: Tty is whether the exec session created a terminal. type: boolean x-go-name: Tty user: description: User is the user the exec session was started as. type: string x-go-name: User type: object x-go-package: go.podman.io/podman/v6/libpod/define InspectExecSession: properties: CanRemove: description: |- CanRemove is legacy and used purely for compatibility reasons. Will always be set to true, unless the exec session is running. type: boolean ContainerID: description: |- ContainerID is the ID of the container this exec session is attached to. type: string DetachKeys: description: |- DetachKeys are the detach keys used by the exec session. If set to "" the default keys are being used. Will show "" if no detach keys are set. type: string ExitCode: description: |- ExitCode is the exit code of the exec session. Will be set to 0 if the exec session has not yet exited. format: int64 type: integer ID: description: ID is the ID of the exec session. type: string OpenStderr: description: |- OpenStderr is whether the container's STDERR stream will be attached. Always set to true if the exec session created a TTY. type: boolean OpenStdin: description: |- OpenStdin is whether the container's STDIN stream will be attached to. type: boolean OpenStdout: description: |- OpenStdout is whether the container's STDOUT stream will be attached. Always set to true if the exec session created a TTY. type: boolean Pid: description: |- Pid is the PID of the exec session's process. Will be set to 0 if the exec session is not running. format: int64 type: integer ProcessConfig: $ref: '#/definitions/InspectExecProcess' Running: description: Running is whether the exec session is running. type: boolean title: InspectExecSession contains information about a given exec session. type: object x-go-package: go.podman.io/podman/v6/libpod/define InspectHostPort: description: |- InspectHostPort provides information on a port on the host that a container's port is bound to. properties: HostIp: description: |- IP on the host we are bound to. "" if not specified (binding to all IPs). type: string x-go-name: HostIP HostPort: description: |- Port on the host we are bound to. No special formatting - just an integer stuffed into a string. type: string type: object x-go-package: go.podman.io/podman/v6/libpod/define InspectIDMappings: properties: GidMap: items: type: string type: array x-go-name: GIDMap UidMap: items: type: string type: array x-go-name: UIDMap type: object x-go-package: go.podman.io/podman/v6/libpod/define InspectLogConfig: description: InspectLogConfig holds information about a container's configured log driver properties: Config: additionalProperties: type: string type: object Path: description: Path specifies a path to the log file type: string Size: description: Size specifies a maximum size of the container log type: string Tag: description: Tag specifies a custom log tag for the container type: string Type: type: string type: object x-go-package: go.podman.io/podman/v6/libpod/define InspectMount: description: |- InspectMount provides a record of a single mount in a container. It contains fields for both named and normal volumes. Only user-specified volumes will be included, and tmpfs volumes are not included even if the user specified them. properties: Destination: description: |- The destination directory for the volume. Specified as a path within the container, as it would be passed into the OCI runtime. type: string Driver: description: The driver used for the named volume. Empty for bind mounts. type: string Mode: description: |- Contains SELinux :z/:Z mount options. Unclear what, if anything, else goes in here. type: string Name: description: The name of the volume. Empty for bind mounts. type: string Options: description: |- All remaining mount options. Additional data, not present in the original output. items: type: string type: array Propagation: description: |- Mount propagation for the mount. Can be empty if not specified, but is always printed - no omitempty. type: string RW: description: Whether the volume is read-write type: boolean Source: description: The source directory for the volume. type: string SubPath: description: |- SubPath object from the volume. Specified as a path within the source volume to be mounted at the Destination. type: string Type: description: |- Whether the mount is a volume or bind mount. Allowed values are "volume" and "bind". type: string type: object x-go-package: go.podman.io/podman/v6/libpod/define InspectNetworkSettings: description: |- InspectNetworkSettings holds information about the network settings of the container. Many fields are maintained only for compatibility with `docker inspect` and are unused within Libpod. properties: AdditionalMACAddresses: description: |- AdditionalMacAddresses is a set of additional MAC Addresses beyond the first. The network backend may configure more than one interface for a single network, which can cause this. items: type: string type: array x-go-name: AdditionalMacAddresses Bridge: type: string EndpointID: description: EndpointID is unused, maintained exclusively for compatibility. type: string Gateway: description: Gateway is the IP address of the gateway this network will use. type: string GlobalIPv6Address: description: GlobalIPv6Address is the global-scope IPv6 Address for this network. type: string GlobalIPv6PrefixLen: description: GlobalIPv6PrefixLen is the length of the subnet mask of this network. format: int64 type: integer HairpinMode: type: boolean IPAddress: description: IPAddress is the IP address for this network. type: string IPPrefixLen: description: IPPrefixLen is the length of the subnet mask of this network. format: int64 type: integer IPv6Gateway: description: IPv6Gateway is the IPv6 gateway this network will use. type: string LinkLocalIPv6Address: type: string LinkLocalIPv6PrefixLen: format: int64 type: integer MacAddress: description: MacAddress is the MAC address for the interface in this network. type: string Networks: additionalProperties: $ref: '#/definitions/InspectAdditionalNetwork' description: |- Networks contains information on non-default networks this container has joined. It is a map of network name to network information. type: object Ports: additionalProperties: items: $ref: '#/definitions/InspectHostPort' type: array type: object SandboxID: type: string SandboxKey: type: string SecondaryIPAddresses: description: |- SecondaryIPAddresses is a list of extra IP Addresses that the container has been assigned in this network. items: $ref: '#/definitions/Address' type: array SecondaryIPv6Addresses: description: |- SecondaryIPv6Addresses is a list of extra IPv6 Addresses that the container has been assigned in this network. items: $ref: '#/definitions/Address' type: array type: object x-go-package: go.podman.io/podman/v6/libpod/define InspectPodContainerInfo: properties: Id: description: ID is the ID of the container. type: string x-go-name: ID Name: description: Name is the name of the container. type: string State: description: State is the current status of the container. type: string title: InspectPodContainerInfo contains information on a container in a pod. type: object x-go-package: go.podman.io/podman/v6/libpod/define InspectPodData: description: |- InspectPodData contains detailed information on a pod's configuration and state. It is used as the output of Inspect on pods. properties: CgroupParent: description: CgroupParent is the parent of the pod's Cgroup. type: string CgroupPath: description: CgroupPath is the path to the pod's Cgroup. type: string Containers: description: |- Containers gives a brief summary of all containers in the pod and their current status. items: $ref: '#/definitions/InspectPodContainerInfo' type: array CreateCgroup: description: |- CreateCgroup is whether this pod will create its own Cgroup to group containers under. type: boolean CreateCommand: description: |- CreateCommand is the full command plus arguments of the process the container has been created with. items: type: string type: array CreateInfra: description: |- CreateInfra is whether this pod will create an infra container to share namespaces. type: boolean Created: description: Created is the time when the pod was created. format: date-time type: string ExitPolicy: description: ExitPolicy of the pod. type: string Hostname: description: Hostname is the hostname that the pod will set. type: string Id: description: ID is the ID of the pod. type: string x-go-name: ID InfraConfig: $ref: '#/definitions/InspectPodInfraConfig' InfraContainerID: description: |- InfraContainerID is the ID of the pod's infra container, if one is present. type: string Labels: additionalProperties: type: string description: |- Labels is a set of key-value labels that have been applied to the pod. type: object LockNumber: description: Number of the pod's Libpod lock. format: uint32 type: integer Name: description: Name is the name of the pod. type: string Namespace: description: Namespace is the Libpod namespace the pod is placed in. type: string NumContainers: description: |- NumContainers is the number of containers in the pod, including the infra container. format: uint64 type: integer RestartPolicy: description: RestartPolicy of the pod. type: string SharedNamespaces: description: |- SharedNamespaces contains a list of namespaces that will be shared by containers within the pod. Can only be set if CreateInfra is true. items: type: string type: array State: description: State represents the current state of the pod. type: string blkio_weight: description: BlkioWeight contains the blkio weight limit for the pod format: uint64 type: integer x-go-name: BlkioWeight blkio_weight_device: description: BlkioWeightDevice contains the blkio weight device limits for the pod items: $ref: '#/definitions/InspectBlkioWeightDevice' type: array x-go-name: BlkioWeightDevice cpu_period: description: CPUPeriod contains the CPU period of the pod format: uint64 type: integer x-go-name: CPUPeriod cpu_quota: description: CPUQuota contains the CPU quota of the pod format: int64 type: integer x-go-name: CPUQuota cpu_shares: description: CPUShares contains the cpu shares for the pod format: uint64 type: integer x-go-name: CPUShares cpuset_cpus: description: CPUSetCPUs contains linux specific CPU data for the pod type: string x-go-name: CPUSetCPUs cpuset_mems: description: CPUSetMems contains linux specific CPU data for the pod type: string x-go-name: CPUSetMems device_read_bps: description: BlkioDeviceReadBps contains the Read/Access limit for the pod's devices items: $ref: '#/definitions/InspectBlkioThrottleDevice' type: array x-go-name: BlkioDeviceReadBps device_write_bps: description: BlkioDeviceReadBps contains the Read/Access limit for the pod's devices items: $ref: '#/definitions/InspectBlkioThrottleDevice' type: array x-go-name: BlkioDeviceWriteBps devices: description: Devices contains the specified host devices items: $ref: '#/definitions/InspectDevice' type: array x-go-name: Devices memory_limit: description: MemoryLimit contains the specified cgroup memory limit for the pod format: uint64 type: integer x-go-name: MemoryLimit memory_swap: description: MemorySwap contains the specified memory swap limit for the pod format: uint64 type: integer x-go-name: MemorySwap mounts: description: Mounts contains volume related information for the pod items: $ref: '#/definitions/InspectMount' type: array x-go-name: Mounts security_opt: description: SecurityOpt contains the specified security labels and related SELinux information items: type: string type: array x-go-name: SecurityOpts volumes_from: description: VolumesFrom contains the containers that the pod inherits mounts from items: type: string type: array x-go-name: VolumesFrom type: object x-go-package: go.podman.io/podman/v6/libpod/define InspectPodInfraConfig: description: |- InspectPodInfraConfig contains the configuration of the pod's infra container. properties: DNSOption: description: |- DNSOption is a set of DNS options that will be used by the infra container's resolv.conf and shared with the remainder of the pod. items: type: string type: array DNSSearch: description: |- DNSSearch is a set of DNS search domains that will be used by the infra container's resolv.conf and shared with the remainder of the pod. items: type: string type: array DNSServer: description: |- DNSServer is a set of DNS Servers that will be used by the infra container's resolv.conf and shared with the remainder of the pod. items: type: string type: array HostAdd: description: |- HostAdd adds a number of hosts to the infra container's resolv.conf which will be shared with the rest of the pod. items: type: string type: array HostNetwork: description: |- HostNetwork is whether the infra container (and thus the whole pod) will use the host's network and not create a network namespace. type: boolean HostsFile: description: |- HostsFile is the base file to create the `/etc/hosts` file inside the infra container which will be shared with the rest of the pod. type: string NetworkOptions: additionalProperties: items: type: string type: array description: NetworkOptions are additional options for each network type: object Networks: description: Networks is a list of networks the pod will join. items: type: string type: array NoManageHostname: description: |- NoManageHostname indicates that the pod will not manage /etc/hostname and instead each container will handle their own. type: boolean NoManageHosts: description: |- NoManageHosts indicates that the pod will not manage /etc/hosts and instead each container will handle their own. type: boolean NoManageResolvConf: description: |- NoManageResolvConf indicates that the pod will not manage resolv.conf and instead each container will handle their own. type: boolean PortBindings: additionalProperties: items: $ref: '#/definitions/InspectHostPort' type: array description: |- PortBindings are ports that will be forwarded to the infra container and then shared with the pod. type: object StaticIP: description: |- StaticIP is a static IPv4 that will be assigned to the infra container and then used by the pod. format: ipv4 type: string x-go-type: net.IP StaticMAC: description: |- StaticMAC is a static MAC address that will be assigned to the infra container and then used by the pod. type: string cpu_period: description: CPUPeriod contains the CPU period of the pod format: uint64 type: integer x-go-name: CPUPeriod cpu_quota: description: CPUQuota contains the CPU quota of the pod format: int64 type: integer x-go-name: CPUQuota cpuset_cpus: description: CPUSetCPUs contains linux specific CPU data for the container type: string x-go-name: CPUSetCPUs pid_ns: description: Pid is the PID namespace mode of the pod's infra container type: string x-go-name: PidNS userns: description: UserNS is the usernamespace that all the containers in the pod will join. type: string x-go-name: UserNS uts_ns: description: UtsNS is the uts namespace that all containers in the pod will join type: string x-go-name: UtsNS type: object x-go-package: go.podman.io/podman/v6/libpod/define InspectResponse: description: endpoint. properties: AppArmorProfile: type: string Args: items: type: string type: array Config: $ref: '#/definitions/Config' Created: type: string Driver: type: string ExecIDs: items: type: string type: array GraphDriver: $ref: '#/definitions/DriverData' HostConfig: $ref: '#/definitions/HostConfig' HostnamePath: type: string HostsPath: type: string Id: type: string x-go-name: ID Image: type: string ImageManifestDescriptor: $ref: '#/definitions/Descriptor' LogPath: type: string MountLabel: type: string Mounts: items: $ref: '#/definitions/MountPoint' type: array Name: type: string NetworkSettings: $ref: '#/definitions/NetworkSettings' Path: type: string Platform: type: string ProcessLabel: type: string ResolvConfPath: type: string RestartCount: format: int64 type: integer SizeRootFs: format: int64 type: integer SizeRw: format: int64 type: integer State: $ref: '#/definitions/State' Storage: $ref: '#/definitions/Storage' title: InspectResponse is the response for the GET "/containers/{name:.*}/json" type: object x-go-package: github.com/moby/moby/api/types/container InspectRestartPolicy: properties: MaximumRetryCount: description: |- MaximumRetryCount is the maximum number of retries allowed if the "on-failure" restart policy is in use. Not used if "on-failure" is not set. format: uint64 type: integer Name: description: |- Name contains the container's restart policy. Allowable values are "no" or "" (take no action), "on-failure" (restart on non-zero exit code, with an optional max retry count), and "always" (always restart on container stop, unless explicitly requested by API). Note that this is NOT actually a name of any sort - the poor naming is for Docker compatibility. type: string title: InspectRestartPolicy holds information about the container's restart policy. type: object x-go-package: go.podman.io/podman/v6/libpod/define InspectSecret: description: InspectSecret contains information on secrets mounted inside the container properties: GID: description: ID is the GID of the mounted secret file format: uint32 type: integer ID: description: ID is the ID of the secret type: string Mode: description: ID is the ID of the mode of the mounted secret file format: uint32 type: integer Name: description: Name is the name of the secret type: string UID: description: ID is the UID of the mounted secret file format: uint32 type: integer type: object x-go-package: go.podman.io/podman/v6/libpod/define InspectUlimit: properties: Hard: description: Hard is the hard limit that will be applied. format: int64 type: integer Name: description: Name is the name (type) of the ulimit. type: string Soft: description: Soft is the soft limit that will be applied. format: int64 type: integer title: InspectUlimit is a ulimit that will be applied to the container. type: object x-go-package: go.podman.io/podman/v6/libpod/define IpcMode: title: IpcMode represents the container ipc stack. type: string x-go-package: github.com/moby/moby/api/types/container Isolation: description: |- Isolation represents the isolation technology of a container. The supported values are platform specific type: string x-go-package: github.com/moby/moby/api/types/container KnownSignerIdentity: title: KnownSignerIdentity is an identifier for a special signer identity that is known to the implementation. type: string x-go-package: github.com/moby/moby/api/types/image LeaseRange: properties: end_ip: description: EndIP last IP in the subnet which should be used to assign ips. format: string type: string x-go-name: EndIP x-go-type: net.IP start_ip: description: StartIP first IP in the subnet which should be used to assign ips. format: string type: string x-go-name: StartIP x-go-type: net.IP title: LeaseRange contains the range where IP are leased. type: object x-go-package: go.podman.io/common/libnetwork/types LegacyImageSummary: properties: Containers: description: |- Number of containers using this image. Includes both stopped and running containers. This size is not calculated by default, and depends on which API endpoint is used. `-1` indicates that the value has not been set / calculated. format: int64 type: integer Created: description: |- Date and time at which the image was created as a Unix timestamp (number of seconds since EPOCH). format: int64 type: integer Descriptor: $ref: '#/definitions/Descriptor' Id: description: |- ID is the content-addressable ID of an image. This identifier is a content-addressable digest calculated from the image's configuration (which includes the digests of layers used by the image). Note that this digest differs from the `RepoDigests` below, which holds digests of image manifests that reference the image. type: string x-go-name: ID Labels: additionalProperties: type: string description: User-defined key/value metadata. type: object Manifests: description: |- Manifests is a list of image manifests available in this image. It provides a more detailed view of the platform-specific image manifests or other image-attached data like build attestations. WARNING: This is experimental and may change at any time without any backward compatibility. items: $ref: '#/definitions/ManifestSummary' type: array ParentId: description: |- ID of the parent image. Depending on how the image was created, this field may be empty and is only set for images that were built/created locally. This field is empty if the image was pulled from an image registry. type: string x-go-name: ParentID RepoDigests: description: |- List of content-addressable digests of locally available image manifests that the image is referenced from. Multiple manifests can refer to the same image. These digests are usually only available if the image was either pulled from a registry, or if the image was pushed to a registry, which is when the manifest is generated and its digest calculated. items: type: string type: array RepoTags: description: |- List of image names/tags in the local image cache that reference this image. Multiple image tags can refer to the same image, and this list may be empty if no tags reference the image, in which case the image is "untagged", in which case it can still be referenced by its ID. items: type: string type: array SharedSize: description: |- Total size of image layers that are shared between this image and other images. This size is not calculated by default. `-1` indicates that the value has not been set / calculated. format: int64 type: integer Size: description: Total size of the image including all layers it is composed of. format: int64 type: integer VirtualSize: format: int64 type: integer required: - Containers - Created - Id - Labels - ParentId - RepoDigests - RepoTags - SharedSize - Size type: object x-go-package: go.podman.io/podman/v6/pkg/api/handlers LibpodContainersRmReport: properties: Err: description: |- Error which occurred during Rm operation (if any). This field is optional and may be omitted if no error occurred. type: string x-go-name: RmError x-nullable: true x-omitempty: true Id: type: string x-go-name: ID type: object x-go-package: go.podman.io/podman/v6/pkg/api/handlers LibpodImageSummary: properties: Arch: description: Podman extensions type: string Containers: format: int64 type: integer Created: format: int64 type: integer Dangling: type: boolean Digest: type: string History: items: type: string type: array Id: type: string x-go-name: ID IsManifestList: description: |- IsManifestList is a ptr so we can distinguish between a true json empty response and false. the docker compat side needs to return empty; where as the libpod side needs a value of true or false type: boolean Labels: additionalProperties: type: string type: object Names: items: type: string type: array Os: type: string ParentId: type: string ReadOnly: type: boolean RepoDigests: items: type: string type: array RepoTags: items: type: string type: array SharedSize: format: int64 type: integer Size: format: int64 type: integer VirtualSize: format: int64 type: integer type: object x-go-name: ImageSummary x-go-package: go.podman.io/podman/v6/pkg/domain/entities/types LibpodImagesPullReport: allOf: - $ref: '#/definitions/ImagePullReport' x-go-package: go.podman.io/podman/v6/pkg/api/handlers LibpodImagesRemoveReport: allOf: - $ref: '#/definitions/ImageRemoveReport' - properties: Errors: description: Image removal requires is to return data and an error. items: type: string type: array type: object description: |- LibpodImagesRemoveReport is the return type for image removal via the rest api. x-go-package: go.podman.io/podman/v6/pkg/api/handlers LibpodInfo: description: |- Info is the overall struct that describes the host system running libpod/podman properties: host: $ref: '#/definitions/HostInfo' plugins: $ref: '#/definitions/Plugins' registries: additionalProperties: {} type: object x-go-name: Registries store: $ref: '#/definitions/StoreInfo' version: $ref: '#/definitions/Version' type: object x-go-name: Info x-go-package: go.podman.io/podman/v6/libpod/define LinuxBlockIO: description: LinuxBlockIO for Linux cgroup 'blkio' resource management properties: leafWeight: description: Specifies tasks' weight in the given cgroup while competing with the cgroup's child cgroups, CFQ scheduler only format: uint16 type: integer x-go-name: LeafWeight throttleReadBpsDevice: description: IO read rate limit per cgroup per device, bytes per second items: $ref: '#/definitions/LinuxThrottleDevice' type: array x-go-name: ThrottleReadBpsDevice throttleReadIOPSDevice: description: IO read rate limit per cgroup per device, IO per second items: $ref: '#/definitions/LinuxThrottleDevice' type: array x-go-name: ThrottleReadIOPSDevice throttleWriteBpsDevice: description: IO write rate limit per cgroup per device, bytes per second items: $ref: '#/definitions/LinuxThrottleDevice' type: array x-go-name: ThrottleWriteBpsDevice throttleWriteIOPSDevice: description: IO write rate limit per cgroup per device, IO per second items: $ref: '#/definitions/LinuxThrottleDevice' type: array x-go-name: ThrottleWriteIOPSDevice weight: description: Specifies per cgroup weight format: uint16 type: integer x-go-name: Weight weightDevice: description: Weight per cgroup per device, can override BlkioWeight items: $ref: '#/definitions/LinuxWeightDevice' type: array x-go-name: WeightDevice type: object x-go-package: github.com/opencontainers/runtime-spec/specs-go LinuxBlockIODevice: description: LinuxBlockIODevice holds major:minor format supported in blkio cgroup properties: major: description: Major is the device's major number. format: int64 type: integer x-go-name: Major minor: description: Minor is the device's minor number. format: int64 type: integer x-go-name: Minor type: object x-go-package: github.com/opencontainers/runtime-spec/specs-go LinuxCPU: description: LinuxCPU for Linux cgroup 'cpu' resource management properties: burst: description: |- CPU hardcap burst limit (in usecs). Allowed accumulated cpu time additionally for burst in a given period. format: uint64 type: integer x-go-name: Burst cpus: description: CPUs to use within the cpuset. Default is to use any CPU available. type: string x-go-name: Cpus idle: description: 'cgroups are configured with minimum weight, 0: default behavior, 1: SCHED_IDLE.' format: int64 type: integer x-go-name: Idle mems: description: List of memory nodes in the cpuset. Default is to use any available memory node. type: string x-go-name: Mems period: description: CPU period to be used for hardcapping (in usecs). format: uint64 type: integer x-go-name: Period quota: description: CPU hardcap limit (in usecs). Allowed cpu time in a given period. format: int64 type: integer x-go-name: Quota realtimePeriod: description: CPU period to be used for realtime scheduling (in usecs). format: uint64 type: integer x-go-name: RealtimePeriod realtimeRuntime: description: How much time realtime scheduling may use (in usecs). format: int64 type: integer x-go-name: RealtimeRuntime shares: description: CPU shares (relative weight (ratio) vs. other cgroups with cpu shares). format: uint64 type: integer x-go-name: Shares type: object x-go-package: github.com/opencontainers/runtime-spec/specs-go LinuxDevice: description: LinuxDevice represents the mknod information for a Linux special device file properties: fileMode: $ref: '#/definitions/FileMode' gid: description: Gid of the device. format: uint32 type: integer x-go-name: GID major: description: Major is the device's major number. format: int64 type: integer x-go-name: Major minor: description: Minor is the device's minor number. format: int64 type: integer x-go-name: Minor path: description: Path to the device. type: string x-go-name: Path type: description: Device type, block, char, etc. type: string x-go-name: Type uid: description: UID of the device. format: uint32 type: integer x-go-name: UID type: object x-go-package: github.com/opencontainers/runtime-spec/specs-go LinuxDeviceCgroup: description: |- LinuxDeviceCgroup represents a device rule for the devices specified to the device controller properties: access: description: Cgroup access permissions format, rwm. type: string x-go-name: Access allow: description: Allow or deny type: boolean x-go-name: Allow major: description: Major is the device's major number. format: int64 type: integer x-go-name: Major minor: description: Minor is the device's minor number. format: int64 type: integer x-go-name: Minor type: description: Device type, block, char, etc. type: string x-go-name: Type type: object x-go-package: github.com/opencontainers/runtime-spec/specs-go LinuxHugepageLimit: description: Default to reservation limits if supported. Otherwise fallback to page fault limits. properties: limit: description: Limit is the limit of "hugepagesize" hugetlb reservations (if supported) or usage. format: uint64 type: integer x-go-name: Limit pageSize: description: |- Pagesize is the hugepage size. Format: "

B' (e.g. 64KB, 2MB, 1GB, etc.). type: string x-go-name: Pagesize title: LinuxHugepageLimit structure corresponds to limiting kernel hugepages. type: object x-go-package: github.com/opencontainers/runtime-spec/specs-go LinuxIDMapping: description: LinuxIDMapping specifies UID/GID mappings properties: containerID: description: ContainerID is the starting UID/GID in the container format: uint32 type: integer x-go-name: ContainerID hostID: description: HostID is the starting UID/GID on the host to be mapped to 'ContainerID' format: uint32 type: integer x-go-name: HostID size: description: Size is the number of IDs to be mapped format: uint32 type: integer x-go-name: Size type: object x-go-package: github.com/opencontainers/runtime-spec/specs-go LinuxIntelRdt: description: |- LinuxIntelRdt has container runtime resource constraints for Intel RDT CAT and MBA features and flags enabling Intel RDT CMT and MBM features. Intel RDT features are available in Linux 4.14 and newer kernel versions. properties: closID: description: The identity for RDT Class of Service type: string x-go-name: ClosID enableMonitoring: description: |- EnableMonitoring enables resctrl monitoring for the container. This will create a dedicated resctrl monitoring group for the container. type: boolean x-go-name: EnableMonitoring l3CacheSchema: description: |- The schema for L3 cache id and capacity bitmask (CBM) Format: "L3:=;=;..." NOTE: Should not be specified if Schemata is non-empty. type: string x-go-name: L3CacheSchema memBwSchema: description: |- The schema of memory bandwidth per L3 cache id Format: "MB:=bandwidth0;=bandwidth1;..." The unit of memory bandwidth is specified in "percentages" by default, and in "MBps" if MBA Software Controller is enabled. NOTE: Should not be specified if Schemata is non-empty. type: string x-go-name: MemBwSchema schemata: description: |- Schemata specifies the complete schemata to be written as is to the schemata file in resctrl fs. Each element represents a single line in the schemata file. NOTE: This will overwrite schemas specified in the L3CacheSchema and/or MemBwSchema fields. items: type: string type: array x-go-name: Schemata type: object x-go-package: github.com/opencontainers/runtime-spec/specs-go LinuxInterfacePriority: description: LinuxInterfacePriority for network interfaces properties: name: description: Name is the name of the network interface type: string x-go-name: Name priority: description: Priority for the interface format: uint32 type: integer x-go-name: Priority type: object x-go-package: github.com/opencontainers/runtime-spec/specs-go LinuxMemory: description: LinuxMemory for Linux cgroup 'memory' resource management properties: checkBeforeUpdate: description: |- CheckBeforeUpdate enables checking if a new memory limit is lower than the current usage during update, and if so, rejecting the new limit. type: boolean x-go-name: CheckBeforeUpdate disableOOMKiller: description: DisableOOMKiller disables the OOM killer for out of memory conditions type: boolean x-go-name: DisableOOMKiller kernel: description: |- Kernel memory limit (in bytes). Deprecated: kernel-memory limits are not supported in cgroups v2, and were obsoleted in [kernel v5.4]. This field should no longer be used, as it may be ignored by runtimes. [kernel v5.4]: https://github.com/torvalds/linux/commit/0158115f702b0ba208ab0 format: int64 type: integer x-go-name: Kernel kernelTCP: description: Kernel memory limit for tcp (in bytes) format: int64 type: integer x-go-name: KernelTCP limit: description: Memory limit (in bytes). format: int64 type: integer x-go-name: Limit reservation: description: Memory reservation or soft_limit (in bytes). format: int64 type: integer x-go-name: Reservation swap: description: Total memory limit (memory + swap). format: int64 type: integer x-go-name: Swap swappiness: description: How aggressive the kernel will swap memory pages. format: uint64 type: integer x-go-name: Swappiness useHierarchy: description: Enables hierarchical memory accounting type: boolean x-go-name: UseHierarchy type: object x-go-package: github.com/opencontainers/runtime-spec/specs-go LinuxNetwork: description: LinuxNetwork identification and priority configuration properties: classID: description: Set class identifier for container's network packets format: uint32 type: integer x-go-name: ClassID priorities: description: Set priority of network traffic for container items: $ref: '#/definitions/LinuxInterfacePriority' type: array x-go-name: Priorities type: object x-go-package: github.com/opencontainers/runtime-spec/specs-go LinuxPersonality: description: LinuxPersonality represents the Linux personality syscall input properties: domain: $ref: '#/definitions/LinuxPersonalityDomain' flags: description: Additional flags items: $ref: '#/definitions/LinuxPersonalityFlag' type: array x-go-name: Flags type: object x-go-package: github.com/opencontainers/runtime-spec/specs-go LinuxPersonalityDomain: title: LinuxPersonalityDomain refers to a personality domain. type: string x-go-package: github.com/opencontainers/runtime-spec/specs-go LinuxPersonalityFlag: title: LinuxPersonalityFlag refers to an additional personality flag. None are currently defined. type: string x-go-package: github.com/opencontainers/runtime-spec/specs-go LinuxPids: description: LinuxPids for Linux cgroup 'pids' resource management (Linux 4.3) properties: limit: description: Maximum number of PIDs. Default is "no limit". format: int64 type: integer x-go-name: Limit type: object x-go-package: github.com/opencontainers/runtime-spec/specs-go LinuxRdma: description: LinuxRdma for Linux cgroup 'rdma' resource management (Linux 4.11) properties: hcaHandles: description: Maximum number of HCA handles that can be opened. Default is "no limit". format: uint32 type: integer x-go-name: HcaHandles hcaObjects: description: Maximum number of HCA objects that can be created. Default is "no limit". format: uint32 type: integer x-go-name: HcaObjects type: object x-go-package: github.com/opencontainers/runtime-spec/specs-go LinuxResources: description: LinuxResources has container runtime resource constraints properties: blockIO: $ref: '#/definitions/LinuxBlockIO' cpu: $ref: '#/definitions/LinuxCPU' devices: description: Devices configures the device allowlist. items: $ref: '#/definitions/LinuxDeviceCgroup' type: array x-go-name: Devices hugepageLimits: description: Hugetlb limits (in bytes). Default to reservation limits if supported. items: $ref: '#/definitions/LinuxHugepageLimit' type: array x-go-name: HugepageLimits memory: $ref: '#/definitions/LinuxMemory' network: $ref: '#/definitions/LinuxNetwork' pids: $ref: '#/definitions/LinuxPids' rdma: additionalProperties: $ref: '#/definitions/LinuxRdma' description: |- Rdma resource restriction configuration. Limits are a set of key value pairs that define RDMA resource limits, where the key is device name and value is resource limits. type: object x-go-name: Rdma unified: additionalProperties: type: string description: Unified resources. type: object x-go-name: Unified type: object x-go-package: github.com/opencontainers/runtime-spec/specs-go LinuxThrottleDevice: description: LinuxThrottleDevice struct holds a `major:minor rate_per_second` pair properties: major: description: Major is the device's major number. format: int64 type: integer x-go-name: Major minor: description: Minor is the device's minor number. format: int64 type: integer x-go-name: Minor rate: description: Rate is the IO rate limit per cgroup per device format: uint64 type: integer x-go-name: Rate type: object x-go-package: github.com/opencontainers/runtime-spec/specs-go LinuxWeightDevice: description: LinuxWeightDevice struct holds a `major:minor weight` pair for weightDevice properties: leafWeight: description: LeafWeight is the bandwidth rate for the device while competing with the cgroup's child cgroups, CFQ scheduler only format: uint16 type: integer x-go-name: LeafWeight major: description: Major is the device's major number. format: int64 type: integer x-go-name: Major minor: description: Minor is the device's minor number. format: int64 type: integer x-go-name: Minor weight: description: Weight is the bandwidth rate for the device. format: uint16 type: integer x-go-name: Weight type: object x-go-package: github.com/opencontainers/runtime-spec/specs-go ListContainer: description: ListContainer describes a container suitable for listing type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities ListPodsReport: type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities ListQuadlet: description: A ListQuadlet is a single Quadlet to be listed by `podman quadlet list` properties: App: description: |- If multiple quadlets were installed together they will belong to common App. type: string Name: description: Name is the name of the Quadlet file type: string Path: description: Path to the Quadlet on disk type: string Pod: description: |- Pod is the pod Quadlet file referenced by Pod= in [Container] Empty for quadlet types that do not support Pod= type: string Status: description: |- What is the status of the Quadlet - if present in systemd, will be a systemd status, else will mention if the Quadlet has syntax errors type: string UnitName: description: |- UnitName is the name of the systemd unit created from the Quadlet. May be empty if systemd has not be reloaded since it was installed. type: string type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities ListResponse: description: '# Volume list response' properties: Volumes: description: List of volumes items: $ref: '#/definitions/Volume' type: array Warnings: description: Warnings that occurred when fetching the list of volumes. example: [] items: type: string type: array title: ListResponse VolumeListResponse type: object x-go-package: github.com/moby/moby/api/types/volume LogConfig: properties: Config: additionalProperties: type: string type: object Type: type: string title: LogConfig represents the logging configuration of the container. type: object x-go-package: github.com/moby/moby/api/types/container LogConfigLibpod: description: LogConfig describes the logging characteristics for a container properties: driver: description: |- LogDriver is the container's log driver. Optional. type: string x-go-name: Driver labels: additionalProperties: type: string description: |- A set of log labels to apply Only available if LogDriver is set to "journald". Optional type: object x-go-name: Labels options: additionalProperties: type: string description: |- A set of options to accompany the log driver. Optional. type: object x-go-name: Options path: description: |- LogPath is the path the container's logs will be stored at. Only available if LogDriver is set to "json-file" or "k8s-file". Optional. type: string x-go-name: Path size: description: |- Size is the maximum size of the log file Optional. format: int64 type: integer x-go-name: Size type: object x-go-name: LogConfig x-go-package: go.podman.io/podman/v6/pkg/specgen ManifestAddArtifactOptions: description: |- ManifestAddArtifactOptions provides the model for creating artifact manifests for files and adding those manifests to a manifest list properties: annotation: description: Annotation to add to the item in the manifest list items: type: string type: array x-go-name: Annotation annotations: additionalProperties: type: string description: Annotations to add to the item in the manifest list by a map which is preferred over Annotation type: object x-go-name: Annotations arch: description: Arch overrides the architecture for the item in the manifest list type: string x-go-name: Arch artifact_annotations: additionalProperties: type: string type: object x-go-name: Annotations artifact_config: type: string x-go-name: Config artifact_config_type: type: string x-go-name: ConfigType artifact_exclude_titles: type: boolean x-go-name: ExcludeTitles artifact_files: items: type: string type: array x-go-name: Files artifact_layer_type: type: string x-go-name: LayerType artifact_subject: type: string x-go-name: Subject artifact_type: description: 'Note to future maintainers: keep these fields synchronized with ManifestModifyOptions!' type: string x-go-name: Type features: description: Feature list for the item in the manifest list items: type: string type: array x-go-name: Features index_annotation: description: IndexAnnotation is a slice of key=value annotations to add to the manifest list itself items: type: string type: array x-go-name: IndexAnnotation index_annotations: additionalProperties: type: string description: IndexAnnotations is a map of key:value annotations to add to the manifest list itself, by a map which is preferred over IndexAnnotation type: object x-go-name: IndexAnnotations os: description: OS overrides the operating system for the item in the manifest list type: string x-go-name: OS os_features: description: OS features for the item in the manifest list items: type: string type: array x-go-name: OSFeatures os_version: description: OSVersion overrides the operating system for the item in the manifest list type: string x-go-name: OSVersion subject: description: IndexSubject is a subject value to set in the manifest list itself type: string x-go-name: IndexSubject variant: description: Variant for the item in the manifest list type: string x-go-name: Variant type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities ManifestAddOptions: description: ManifestAddOptions provides model for adding digests to manifest list properties: all: description: True when operating on a list to include all images type: boolean x-go-name: All annotation: description: Annotation to add to the item in the manifest list items: type: string type: array x-go-name: Annotation annotations: additionalProperties: type: string description: Annotations to add to the item in the manifest list by a map which is preferred over Annotation type: object x-go-name: Annotations arch: description: Arch overrides the architecture for the item in the manifest list type: string x-go-name: Arch features: description: Feature list for the item in the manifest list items: type: string type: array x-go-name: Features images: description: Images is an optional list of image references to add to manifest list items: type: string type: array x-go-name: Images index_annotation: description: IndexAnnotation is a slice of key=value annotations to add to the manifest list itself items: type: string type: array x-go-name: IndexAnnotation index_annotations: additionalProperties: type: string description: IndexAnnotations is a map of key:value annotations to add to the manifest list itself, by a map which is preferred over IndexAnnotation type: object x-go-name: IndexAnnotations os: description: OS overrides the operating system for the item in the manifest list type: string x-go-name: OS os_features: description: OS features for the item in the manifest list items: type: string type: array x-go-name: OSFeatures os_version: description: OSVersion overrides the operating system for the item in the manifest list type: string x-go-name: OSVersion subject: description: IndexSubject is a subject value to set in the manifest list itself type: string x-go-name: IndexSubject variant: description: Variant for the item in the manifest list type: string x-go-name: Variant type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities ManifestAnnotateOptions: description: ManifestAnnotateOptions provides model for annotating manifest list properties: annotation: description: Annotation to add to the item in the manifest list items: type: string type: array x-go-name: Annotation annotations: additionalProperties: type: string description: Annotations to add to the item in the manifest list by a map which is preferred over Annotation type: object x-go-name: Annotations arch: description: Arch overrides the architecture for the item in the manifest list type: string x-go-name: Arch features: description: Feature list for the item in the manifest list items: type: string type: array x-go-name: Features index_annotation: description: IndexAnnotation is a slice of key=value annotations to add to the manifest list itself items: type: string type: array x-go-name: IndexAnnotation index_annotations: additionalProperties: type: string description: IndexAnnotations is a map of key:value annotations to add to the manifest list itself, by a map which is preferred over IndexAnnotation type: object x-go-name: IndexAnnotations os: description: OS overrides the operating system for the item in the manifest list type: string x-go-name: OS os_features: description: OS features for the item in the manifest list items: type: string type: array x-go-name: OSFeatures os_version: description: OSVersion overrides the operating system for the item in the manifest list type: string x-go-name: OSVersion subject: description: IndexSubject is a subject value to set in the manifest list itself type: string x-go-name: IndexSubject variant: description: Variant for the item in the manifest list type: string x-go-name: Variant type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities ManifestKind: type: string x-go-package: github.com/moby/moby/api/types/image ManifestModifyOptions: description: |- swagger 2.0 does not support oneOf for schema validation. Operation "update" uses all fields. Operation "remove" uses fields: Operation and Images Operation "annotate" uses fields: Operation and Annotations properties: all: description: True when operating on a list to include all images type: boolean x-go-name: All annotation: description: Annotation to add to the item in the manifest list items: type: string type: array x-go-name: Annotation annotations: additionalProperties: type: string description: Annotations to add to the item in the manifest list by a map which is preferred over Annotation type: object x-go-name: Annotations arch: description: Arch overrides the architecture for the item in the manifest list type: string x-go-name: Arch artifact_annotations: additionalProperties: type: string type: object x-go-name: ArtifactAnnotations artifact_config: type: string x-go-name: ArtifactConfig artifact_config_type: type: string x-go-name: ArtifactConfigType artifact_exclude_titles: type: boolean x-go-name: ArtifactExcludeTitles artifact_files: items: type: string type: array x-go-name: ArtifactFiles artifact_layer_type: type: string x-go-name: ArtifactLayerType artifact_subject: type: string x-go-name: ArtifactSubject artifact_type: description: |- The following are all of the fields from ManifestAddArtifactOptions. We can't just embed the whole structure because it embeds a ManifestAnnotateOptions, which would conflict with the one that ManifestAddOptions embeds. type: string x-go-name: ArtifactType features: description: Feature list for the item in the manifest list items: type: string type: array x-go-name: Features images: description: Images is an optional list of image references to add to manifest list items: type: string type: array x-go-name: Images index_annotation: description: IndexAnnotation is a slice of key=value annotations to add to the manifest list itself items: type: string type: array x-go-name: IndexAnnotation index_annotations: additionalProperties: type: string description: IndexAnnotations is a map of key:value annotations to add to the manifest list itself, by a map which is preferred over IndexAnnotation type: object x-go-name: IndexAnnotations operation: type: string x-go-name: Operation os: description: OS overrides the operating system for the item in the manifest list type: string x-go-name: OS os_features: description: OS features for the item in the manifest list items: type: string type: array x-go-name: OSFeatures os_version: description: OSVersion overrides the operating system for the item in the manifest list type: string x-go-name: OSVersion subject: description: IndexSubject is a subject value to set in the manifest list itself type: string x-go-name: IndexSubject variant: description: Variant for the item in the manifest list type: string x-go-name: Variant title: ManifestModifyOptions provides the model for mutating a manifest type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities ManifestModifyReport: properties: Id: description: Manifest List ID type: string x-go-name: ID errors: description: Errors associated with operation items: type: string x-go-type: error type: array x-go-name: Errors files: description: Files added to manifest list, otherwise not provided. items: type: string type: array x-go-name: Files images: description: Images added to or removed from manifest list, otherwise not provided. items: type: string type: array x-go-name: Images type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities/types ManifestPushReport: properties: Id: description: ID of the pushed manifest type: string x-go-name: ID error: description: Error contains text of errors from pushing type: string x-go-name: Error stream: description: Stream used to provide push progress type: string x-go-name: Stream type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities/types ManifestRemoveOptions: description: ManifestRemoveOptions provides the model for removing digests from a manifest type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities ManifestRemoveReport: properties: Deleted: description: Deleted manifest list. items: type: string type: array Errors: description: Errors associated with operation items: type: string type: array ExitCode: description: |- ExitCode describes the exit codes as described in the `podman rmi` man page. format: int64 type: integer Untagged: description: Untagged images. Can be longer than Deleted. items: type: string type: array type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities/types ManifestSummary: properties: AttestationData: $ref: '#/definitions/AttestationProperties' Available: description: |- Indicates whether all the child content (image config, layers) is fully available locally type: boolean Descriptor: $ref: '#/definitions/Descriptor' ID: description: |- ID is the content-addressable ID of an image and is the same as the digest of the image manifest. type: string ImageData: $ref: '#/definitions/ImageProperties' Kind: $ref: '#/definitions/ManifestKind' Size: description: |- Size is the size information of the content related to this manifest. Note: These sizes only take the locally available content into account. properties: Content: description: |- Content is the size (in bytes) of all the locally present content in the content store (e.g. image config, layers) referenced by this manifest and its children. This only includes blobs in the content store. format: int64 type: integer Total: description: |- Total is the total size (in bytes) of all the locally present data (both distributable and non-distributable) that's related to this manifest and its children. This equal to the sum of [Content] size AND all the sizes in the [Size] struct present in the Kind-specific data struct. For example, for an image kind (Kind == ManifestKindImage), this would include the size of the image content and unpacked image snapshots ([Size.Content] + [ImageData.Size.Unpacked]). format: int64 type: integer type: object required: - ID - Descriptor - Available - Size - Kind type: object x-go-package: github.com/moby/moby/api/types/image Metadata: properties: LastTagTime: description: LastTagTime is the date and time at which the image was last tagged. format: date-time type: string title: Metadata contains engine-local data about the image. type: object x-go-package: github.com/moby/moby/api/types/image Mount: properties: BindOptions: $ref: '#/definitions/BindOptions' ClusterOptions: $ref: '#/definitions/ClusterOptions' Consistency: $ref: '#/definitions/Consistency' ImageOptions: $ref: '#/definitions/ImageOptions' ReadOnly: type: boolean Source: description: |- Source specifies the name of the mount. Depending on mount type, this may be a volume name or a host path, or even ignored. Source is not supported for tmpfs (must be an empty value) type: string Target: type: string TmpfsOptions: $ref: '#/definitions/TmpfsOptions' Type: $ref: '#/definitions/Type' VolumeOptions: $ref: '#/definitions/VolumeOptions' title: Mount represents a mount (volume). type: object x-go-package: github.com/moby/moby/api/types/mount MountPoint: description: This is used for reporting the mountpoints in use by a container. properties: Destination: description: |- Destination is the path relative to the container root (`/`) where the Source is mounted inside the container. type: string Driver: description: Driver is the volume driver used to create the volume (if it is a volume). type: string Mode: description: |- Mode is a comma separated list of options supplied by the user when creating the bind/volume mount. The default is platform-specific (`"z"` on Linux, empty on Windows). type: string Name: description: |- Name is the name reference to the underlying data defined by `Source` e.g., the volume name. type: string Propagation: $ref: '#/definitions/Propagation' RW: description: RW indicates whether the mount is mounted writable (read-write). type: boolean Source: description: |- Source is the source location of the mount. For volumes, this contains the storage location of the volume (within `/var/lib/docker/volumes/`). For bind-mounts, and `npipe`, this contains the source (host) part of the bind-mount. For `tmpfs` mount points, this field is empty. type: string Type: $ref: '#/definitions/Type' title: MountPoint represents a mount point configuration inside the container. type: object x-go-package: github.com/moby/moby/api/types/container NamedVolume: description: |- NamedVolume holds information about a named volume that will be mounted into the container. properties: Dest: description: |- Destination to mount the named volume within the container. Must be an absolute path. Path will be created if it does not exist. type: string IsAnonymous: description: |- IsAnonymous sets the named volume as anonymous even if it has a name This is used for emptyDir volumes from a kube yaml type: boolean Name: description: |- Name is the name of the named volume to be mounted. May be empty. If empty, a new named volume with a pseudorandomly generated name will be mounted at the given destination. type: string Options: description: Options are options that the named volume will be mounted with. items: type: string type: array SubPath: description: SubPath stores the sub directory of the named volume to be mounted in the container type: string type: object x-go-package: go.podman.io/podman/v6/pkg/specgen Namespace: description: Namespace describes the namespace properties: nsmode: $ref: '#/definitions/NamespaceMode' value: type: string x-go-name: Value type: object x-go-package: go.podman.io/podman/v6/pkg/specgen NamespaceMode: type: string x-go-package: go.podman.io/podman/v6/pkg/specgen NetOptions: description: |- NetOptions reflect the shared network options between pods and containers properties: dns_option: items: type: string type: array x-go-name: DNSOptions dns_search: items: type: string type: array x-go-name: DNSSearch dns_server: items: type: string x-go-type: net.IP type: array x-go-name: DNSServers hostadd: items: type: string type: array x-go-name: AddHosts hosts_file: type: string x-go-name: HostsFile netns: $ref: '#/definitions/Namespace' network_alias: items: type: string type: array x-go-name: Aliases network_options: additionalProperties: items: type: string type: array description: NetworkOptions are additional options for each network type: object x-go-name: NetworkOptions network_order: items: type: string type: array x-go-name: NetworkOrder networks: additionalProperties: $ref: '#/definitions/PerNetworkOptions' type: object x-go-name: Networks no_manage_hostname: type: boolean x-go-name: NoHostname no_manage_hosts: type: boolean x-go-name: NoHosts no_manage_resolv_conf: type: boolean x-go-name: UseImageResolvConf portmappings: items: $ref: '#/definitions/PortMapping' type: array x-go-name: PublishPorts type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities Network: properties: created: description: Created contains the timestamp when this network was created. format: date-time type: string x-go-name: Created dns_enabled: description: |- DNSEnabled is whether name resolution is active for container on this Network. Only supported with the bridge driver. type: boolean x-go-name: DNSEnabled driver: description: Driver for this Network, e.g. bridge, macvlan... type: string x-go-name: Driver id: description: ID of the Network. type: string x-go-name: ID internal: description: |- Internal is whether the Network should not have external routes to public or other Networks. type: boolean x-go-name: Internal ipam_options: additionalProperties: type: string description: IPAMOptions contains options used for the ip assignment. type: object x-go-name: IPAMOptions ipv6_enabled: description: IPv6Enabled if set to true an ipv6 subnet should be created for this net. type: boolean x-go-name: IPv6Enabled labels: additionalProperties: type: string description: |- Labels is a set of key-value labels that have been applied to the Network. type: object x-go-name: Labels name: description: Name of the Network. type: string x-go-name: Name network_dns_servers: description: |- List of custom DNS server for podman's DNS resolver at network level, all the containers attached to this network will consider resolvers configured at network level. items: type: string type: array x-go-name: NetworkDNSServers network_interface: description: NetworkInterface is the network interface name on the host. type: string x-go-name: NetworkInterface options: additionalProperties: type: string description: |- Options is a set of key-value options that have been applied to the Network. type: object x-go-name: Options routes: description: Routes to use for this network. items: $ref: '#/definitions/Route' type: array x-go-name: Routes subnets: description: Subnets to use for this network. items: $ref: '#/definitions/Subnet' type: array x-go-name: Subnets title: Network describes the Network attributes. type: object x-go-package: go.podman.io/common/libnetwork/types NetworkBackend: type: string x-go-package: go.podman.io/common/libnetwork/types NetworkConnectOptions: description: |- NetworkConnectOptions describes options for connecting a container to a network type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities NetworkInfo: properties: backend: $ref: '#/definitions/NetworkBackend' defaultNetwork: type: string x-go-name: DefaultNetwork dns: $ref: '#/definitions/DNSNetworkInfo' package: type: string x-go-name: Package path: type: string x-go-name: Path version: type: string x-go-name: Version title: NetworkInfo contains the network information. type: object x-go-package: go.podman.io/common/libnetwork/types NetworkInspectReport: type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities NetworkMode: title: NetworkMode represents the container network stack. type: string x-go-package: github.com/moby/moby/api/types/container NetworkPruneReport: description: |- NetworkPruneReport containers the name of network and an error associated in its pruning (removal) properties: Error: type: string x-go-type: error Name: type: string type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities/types NetworkRmReport: description: NetworkRmReport describes the results of network removal type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities NetworkSettings: description: NetworkSettings exposes the network settings in the api properties: Networks: additionalProperties: $ref: '#/definitions/EndpointSettings' type: object Ports: $ref: '#/definitions/PortMap' SandboxID: type: string SandboxKey: type: string type: object x-go-package: github.com/moby/moby/api/types/container NetworkSettingsSummary: description: |- NetworkSettingsSummary provides a summary of container's networks in /containers/json properties: Networks: additionalProperties: $ref: '#/definitions/EndpointSettings' type: object type: object x-go-package: github.com/moby/moby/api/types/container NetworkUpdateOptions: description: NetworkUpdateOptions describes options to update a network properties: adddnsservers: items: type: string type: array x-go-name: AddDNSServers removednsservers: items: type: string type: array x-go-name: RemoveDNSServers type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities NetworkingConfig: description: |- NetworkingConfig represents the container's networking configuration for each of its interfaces Carries the networking configs specified in the `docker run` and `docker network connect` commands properties: EndpointsConfig: additionalProperties: $ref: '#/definitions/EndpointSettings' type: object type: object x-go-package: github.com/moby/moby/api/types/network OCIRuntimeInfo: description: |- OCIRuntimeInfo describes the runtime (crun or runc) being used with podman properties: name: type: string x-go-name: Name package: type: string x-go-name: Package path: type: string x-go-name: Path version: type: string x-go-name: Version type: object x-go-package: go.podman.io/podman/v6/libpod/define OverlayVolume: description: |- OverlayVolume holds information about an overlay volume that will be mounted into the container. properties: destination: description: Destination is the absolute path where the mount will be placed in the container. type: string x-go-name: Destination options: description: Options holds overlay volume options. items: type: string type: array x-go-name: Options source: description: Source specifies the source path of the mount. type: string x-go-name: Source type: object x-go-package: go.podman.io/podman/v6/pkg/specgen POSIXRlimit: description: POSIXRlimit type and restrictions properties: hard: description: Hard is the hard limit for the specified type format: uint64 type: integer x-go-name: Hard soft: description: Soft is the soft limit for the specified type format: uint64 type: integer x-go-name: Soft type: description: Type of the rlimit to set type: string x-go-name: Type type: object x-go-package: github.com/opencontainers/runtime-spec/specs-go PastaInfo: description: PastaInfo describes the pasta executable that is being used properties: executable: type: string x-go-name: Executable package: type: string x-go-name: Package version: type: string x-go-name: Version type: object x-go-package: go.podman.io/podman/v6/libpod/define PeerInfo: properties: IP: description: IP-address of the peer-node in the Swarm cluster. example: 10.133.77.91 type: string x-go-type: net/netip.Addr Name: description: ID of the peer-node in the Swarm cluster. example: 6869d7c1732b type: string title: PeerInfo represents one peer of an overlay network. type: object x-go-package: github.com/moby/moby/api/types/network PerNetworkOptions: properties: aliases: description: |- Aliases contains a list of names which the dns server should resolve to this container. Should only be set when DNSEnabled is true on the Network. If aliases are set but there is no dns support for this network the network interface implementation should ignore this and NOT error. Optional. items: type: string type: array x-go-name: Aliases interface_name: description: |- InterfaceName for this container. Required in the backend. Optional in the frontend. Will be filled with ethX (where X is a integer) when empty. type: string x-go-name: InterfaceName options: additionalProperties: type: string description: Driver-specific options for this container. type: object x-go-name: Options static_ips: description: StaticIPs for this container. Optional. items: type: string x-go-type: net.IP type: array x-go-name: StaticIPs static_mac: description: StaticMac for this container. Optional. format: string type: string x-go-name: StaticMAC x-go-type: go.podman.io/common/libnetwork/types.HardwareAddr title: PerNetworkOptions are options which should be set on a per network basis. type: object x-go-package: go.podman.io/common/libnetwork/types PidMode: title: PidMode represents the pid namespace of the container. type: string x-go-package: github.com/moby/moby/api/types/container Platform: properties: architecture: description: |- Architecture field specifies the CPU architecture, for example `amd64` or `ppc64le`. type: string x-go-name: Architecture os: description: OS specifies the operating system, for example `linux` or `windows`. type: string x-go-name: OS os.features: description: |- OSFeatures is an optional field specifying an array of strings, each listing a required OS feature (for example on Windows `win32k`). items: type: string type: array x-go-name: OSFeatures os.version: description: |- OSVersion is an optional field specifying the operating system version, for example on Windows `10.0.14393.1066`. type: string x-go-name: OSVersion variant: description: |- Variant is an optional field specifying a variant of the CPU, for example `v7` to specify ARMv7 when architecture is `arm`. type: string x-go-name: Variant title: Platform describes the platform which the image in the manifest runs on. type: object x-go-package: github.com/opencontainers/image-spec/specs-go/v1 PlayKubeReport: title: PlayKubeReport contains the results of running play kube. type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities Plugins: properties: authorization: description: Authorization is provided for compatibility, will always be nil as Podman has no daemon items: type: string type: array x-go-name: Authorization log: items: type: string type: array x-go-name: Log network: items: type: string type: array x-go-name: Network volume: items: type: string type: array x-go-name: Volume type: object x-go-package: go.podman.io/podman/v6/libpod/define PodBasicConfig: properties: exit_policy: description: ExitPolicy determines the pod's exit and stop behaviour. type: string x-go-name: ExitPolicy hostname: description: |- Hostname is the pod's hostname. If not set, the name of the pod will be used (if a name was not provided here, the name auto-generated for the pod will be used). This will be used by the infra container and all containers in the pod as long as the UTS namespace is shared. Optional. type: string x-go-name: Hostname infra_command: description: |- InfraCommand sets the command that will be used to start the infra container. If not set, the default set in the Libpod configuration file will be used. Conflicts with NoInfra=true. Optional. items: type: string type: array x-go-name: InfraCommand infra_conmon_pid_file: description: |- InfraConmonPidFile is a custom path to store the infra container's conmon PID. type: string x-go-name: InfraConmonPidFile infra_image: description: |- InfraImage is the image that will be used for the infra container. If not set, the default set in the Libpod configuration file will be used. Conflicts with NoInfra=true. Optional. type: string x-go-name: InfraImage infra_name: description: |- InfraName is the name that will be used for the infra container. If not set, the default set in the Libpod configuration file will be used. Conflicts with NoInfra=true. Optional. type: string x-go-name: InfraName ipcns: $ref: '#/definitions/Namespace' labels: additionalProperties: type: string description: |- Labels are key-value pairs that are used to add metadata to pods. Optional. type: object x-go-name: Labels name: description: |- Name is the name of the pod. If not provided, a name will be generated when the pod is created. Optional. type: string x-go-name: Name no_infra: description: |- NoInfra tells the pod not to create an infra container. If this is done, many networking-related options will become unavailable. Conflicts with setting any options in PodNetworkConfig, and the InfraCommand and InfraImages in this struct. Optional. type: boolean x-go-name: NoInfra pidns: $ref: '#/definitions/Namespace' pod_create_command: items: type: string type: array x-go-name: PodCreateCommand pod_devices: description: Devices contains user specified Devices to be added to the Pod items: type: string type: array x-go-name: Devices restart_policy: description: |- RestartPolicy is the pod's restart policy - an action which will be taken when one or all the containers in the pod exits. If not given, the default policy will be set to Always, which restarts the containers in the pod when they exit indefinitely. Optional. type: string x-go-name: RestartPolicy restart_tries: description: |- RestartRetries is the number of attempts that will be made to restart the container. Only available when RestartPolicy is set to "on-failure". Optional. format: uint64 type: integer x-go-name: RestartRetries share_parent: description: |- PodCreateCommand is the command used to create this pod. This will be shown in the output of Inspect() on the pod, and may also be used by some tools that wish to recreate the pod (e.g. `podman generate systemd --new`). Optional. ShareParent determines if all containers in the pod will share the pod's cgroup as the cgroup parent type: boolean x-go-name: ShareParent shared_namespaces: description: |- SharedNamespaces instructs the pod to share a set of namespaces. Shared namespaces will be joined (by default) by every container which joins the pod. If not set and NoInfra is false, the pod will set a default set of namespaces to share. Conflicts with NoInfra=true. Optional. items: type: string type: array x-go-name: SharedNamespaces sysctl: additionalProperties: type: string description: Sysctl sets kernel parameters for the pod type: object x-go-name: Sysctl userns: $ref: '#/definitions/Namespace' utsns: $ref: '#/definitions/Namespace' title: PodBasicConfig contains basic configuration options for pods. type: object x-go-package: go.podman.io/podman/v6/pkg/specgen PodCgroupConfig: description: This will be expanded in future updates to pods. properties: cgroup_parent: description: |- CgroupParent is the parent for the Cgroup that the pod will create. This pod cgroup will, in turn, be the default cgroup parent for all containers in the pod. Optional. type: string x-go-name: CgroupParent title: PodCgroupConfig contains configuration options about a pod's cgroups. type: object x-go-package: go.podman.io/podman/v6/pkg/specgen PodCreateOptions: description: The JSON tags below are made to match the respective field in ContainerCreateOptions for the purpose of mapping. properties: cgroup_parent: type: string x-go-name: CgroupParent container_command: type: string x-go-name: InfraCommand container_conmon_pidfile: type: string x-go-name: InfraConmonPidFile container_name: type: string x-go-name: InfraName cpus: format: double type: number x-go-name: Cpus cpuset_cpus: type: string x-go-name: CpusetCpus create_command: items: type: string type: array x-go-name: CreateCommand device_read_bps: items: type: string type: array x-go-name: DeviceReadBPs devices: items: type: string type: array x-go-name: Devices exit_policy: type: string x-go-name: ExitPolicy hostname: type: string x-go-name: Hostname infra: type: boolean x-go-name: Infra infra_image: type: string x-go-name: InfraImage ipc: type: string x-go-name: Ipc labels: additionalProperties: type: string type: object x-go-name: Labels name: type: string x-go-name: Name net: $ref: '#/definitions/NetOptions' pid: type: string x-go-name: Pid restart: type: string x-go-name: Restart security_opt: items: type: string type: array x-go-name: SecurityOpt share: items: type: string type: array x-go-name: Share share_parent: type: boolean x-go-name: ShareParent sysctl: items: type: string type: array x-go-name: Sysctl uts: type: string x-go-name: Uts volume: items: type: string type: array x-go-name: Volume volumes_from: items: type: string type: array x-go-name: VolumesFrom title: PodCreateOptions provides all possible options for creating a pod and its infra container. type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities PodKillReport: type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities PodNetworkConfig: properties: Networks: additionalProperties: $ref: '#/definitions/PerNetworkOptions' description: |- Map of networks names to ids the container should join to. You can request additional settings for each network, you can set network aliases, static ips, static mac address and the network interface name for this container on the specific network. If the map is empty and the bridge network mode is set the container will be joined to the default network. type: object dns_option: description: |- DNSOption is a set of DNS options that will be used in the infra container's resolv.conf, which will, by default, be shared with all containers in the pod. Conflicts with NoInfra=true. Optional. items: type: string type: array x-go-name: DNSOption dns_search: description: |- DNSSearch is a set of DNS search domains that will be used in the infra container's resolv.conf, which will, by default, be shared with all containers in the pod. If not provided, DNS search domains from the host's resolv.conf will be used. Conflicts with NoInfra=true. Optional. items: type: string type: array x-go-name: DNSSearch dns_server: description: |- DNSServer is a set of DNS servers that will be used in the infra container's resolv.conf, which will, by default, be shared with all containers in the pod. If not provided, the host's DNS servers will be used, unless the only server set is a localhost address. As the container cannot connect to the host's localhost, a default server will instead be set. Conflicts with NoInfra=true. Optional. items: type: string x-go-type: net.IP type: array x-go-name: DNSServer hostadd: description: |- HostAdd is a set of hosts that will be added to the infra container's etc/hosts that will, by default, be shared with all containers in the pod. Conflicts with NoInfra=true and NoManageHosts. Optional. items: type: string type: array x-go-name: HostAdd hostsFile: description: |- HostsFile is the base file to create the `/etc/hosts` file inside the infra container. This must either be an absolute path to a file on the host system, or one of the special flags `image` or `none`. If it is empty it defaults to the base_hosts_file configuration in containers.conf. Conflicts with NoInfra=true and NoManageHosts. Optional. type: string x-go-name: HostsFile netns: $ref: '#/definitions/Namespace' network_options: additionalProperties: items: type: string type: array description: |- NetworkOptions are additional options for each network Optional. type: object x-go-name: NetworkOptions no_manage_hostname: description: |- NoManageHostname indicates that /etc/hostname should not be managed by the pod. Instead, each container will create a separate etc/hostname as they would if not in a pod. type: boolean x-go-name: NoManageHostname no_manage_hosts: description: |- NoManageHosts indicates that /etc/hosts should not be managed by the pod. Instead, each container will create a separate /etc/hosts as they would if not in a pod. Conflicts with HostAdd. type: boolean x-go-name: NoManageHosts no_manage_resolv_conf: description: |- NoManageResolvConf indicates that /etc/resolv.conf should not be managed by the pod. Instead, each container will create and manage a separate resolv.conf as if they had not joined a pod. Conflicts with NoInfra=true and DNSServer, DNSSearch, DNSOption. Optional. type: boolean x-go-name: NoManageResolvConf portmappings: description: |- PortMappings is a set of ports to map into the infra container. As, by default, containers share their network with the infra container, this will forward the ports to the entire pod. Only available if NetNS is set to Bridge or Pasta. Optional. items: $ref: '#/definitions/PortMapping' type: array x-go-name: PortMappings title: PodNetworkConfig contains networking configuration for a pod. type: object x-go-package: go.podman.io/podman/v6/pkg/specgen PodPauseReport: type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities PodPruneReport: type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities PodResourceConfig: properties: resource_limits: $ref: '#/definitions/LinuxResources' type: object x-go-package: go.podman.io/podman/v6/pkg/specgen PodRestartReport: type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities PodRmReport: type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities PodSecurityConfig: properties: idmappings: $ref: '#/definitions/IDMappingOptions' security_opt: items: type: string type: array x-go-name: SecurityOpt type: object x-go-package: go.podman.io/podman/v6/pkg/specgen PodSpecGenerator: description: PodSpecGenerator describes options to create a pod properties: Networks: additionalProperties: $ref: '#/definitions/PerNetworkOptions' description: |- Map of networks names to ids the container should join to. You can request additional settings for each network, you can set network aliases, static ips, static mac address and the network interface name for this container on the specific network. If the map is empty and the bridge network mode is set the container will be joined to the default network. type: object cgroup_parent: description: |- CgroupParent is the parent for the Cgroup that the pod will create. This pod cgroup will, in turn, be the default cgroup parent for all containers in the pod. Optional. type: string x-go-name: CgroupParent dns_option: description: |- DNSOption is a set of DNS options that will be used in the infra container's resolv.conf, which will, by default, be shared with all containers in the pod. Conflicts with NoInfra=true. Optional. items: type: string type: array x-go-name: DNSOption dns_search: description: |- DNSSearch is a set of DNS search domains that will be used in the infra container's resolv.conf, which will, by default, be shared with all containers in the pod. If not provided, DNS search domains from the host's resolv.conf will be used. Conflicts with NoInfra=true. Optional. items: type: string type: array x-go-name: DNSSearch dns_server: description: |- DNSServer is a set of DNS servers that will be used in the infra container's resolv.conf, which will, by default, be shared with all containers in the pod. If not provided, the host's DNS servers will be used, unless the only server set is a localhost address. As the container cannot connect to the host's localhost, a default server will instead be set. Conflicts with NoInfra=true. Optional. items: type: string x-go-type: net.IP type: array x-go-name: DNSServer exit_policy: description: ExitPolicy determines the pod's exit and stop behaviour. type: string x-go-name: ExitPolicy hostadd: description: |- HostAdd is a set of hosts that will be added to the infra container's etc/hosts that will, by default, be shared with all containers in the pod. Conflicts with NoInfra=true and NoManageHosts. Optional. items: type: string type: array x-go-name: HostAdd hostname: description: |- Hostname is the pod's hostname. If not set, the name of the pod will be used (if a name was not provided here, the name auto-generated for the pod will be used). This will be used by the infra container and all containers in the pod as long as the UTS namespace is shared. Optional. type: string x-go-name: Hostname hostsFile: description: |- HostsFile is the base file to create the `/etc/hosts` file inside the infra container. This must either be an absolute path to a file on the host system, or one of the special flags `image` or `none`. If it is empty it defaults to the base_hosts_file configuration in containers.conf. Conflicts with NoInfra=true and NoManageHosts. Optional. type: string x-go-name: HostsFile idmappings: $ref: '#/definitions/IDMappingOptions' image_volumes: description: |- Image volumes bind-mount a container-image mount into the pod's infra container. Optional. items: $ref: '#/definitions/ImageVolume' type: array x-go-name: ImageVolumes infra_command: description: |- InfraCommand sets the command that will be used to start the infra container. If not set, the default set in the Libpod configuration file will be used. Conflicts with NoInfra=true. Optional. items: type: string type: array x-go-name: InfraCommand infra_conmon_pid_file: description: |- InfraConmonPidFile is a custom path to store the infra container's conmon PID. type: string x-go-name: InfraConmonPidFile infra_image: description: |- InfraImage is the image that will be used for the infra container. If not set, the default set in the Libpod configuration file will be used. Conflicts with NoInfra=true. Optional. type: string x-go-name: InfraImage infra_name: description: |- InfraName is the name that will be used for the infra container. If not set, the default set in the Libpod configuration file will be used. Conflicts with NoInfra=true. Optional. type: string x-go-name: InfraName ipcns: $ref: '#/definitions/Namespace' labels: additionalProperties: type: string description: |- Labels are key-value pairs that are used to add metadata to pods. Optional. type: object x-go-name: Labels mounts: description: |- Mounts are mounts that will be added to the pod. These will supersede Image Volumes and VolumesFrom volumes where there are conflicts. Optional. items: $ref: '#/definitions/Mount' type: array x-go-name: Mounts name: description: |- Name is the name of the pod. If not provided, a name will be generated when the pod is created. Optional. type: string x-go-name: Name netns: $ref: '#/definitions/Namespace' network_options: additionalProperties: items: type: string type: array description: |- NetworkOptions are additional options for each network Optional. type: object x-go-name: NetworkOptions no_infra: description: |- NoInfra tells the pod not to create an infra container. If this is done, many networking-related options will become unavailable. Conflicts with setting any options in PodNetworkConfig, and the InfraCommand and InfraImages in this struct. Optional. type: boolean x-go-name: NoInfra no_manage_hostname: description: |- NoManageHostname indicates that /etc/hostname should not be managed by the pod. Instead, each container will create a separate etc/hostname as they would if not in a pod. type: boolean x-go-name: NoManageHostname no_manage_hosts: description: |- NoManageHosts indicates that /etc/hosts should not be managed by the pod. Instead, each container will create a separate /etc/hosts as they would if not in a pod. Conflicts with HostAdd. type: boolean x-go-name: NoManageHosts no_manage_resolv_conf: description: |- NoManageResolvConf indicates that /etc/resolv.conf should not be managed by the pod. Instead, each container will create and manage a separate resolv.conf as if they had not joined a pod. Conflicts with NoInfra=true and DNSServer, DNSSearch, DNSOption. Optional. type: boolean x-go-name: NoManageResolvConf overlay_volumes: description: |- Overlay volumes are named volumes that will be added to the pod. Optional. items: $ref: '#/definitions/OverlayVolume' type: array x-go-name: OverlayVolumes pidns: $ref: '#/definitions/Namespace' pod_create_command: items: type: string type: array x-go-name: PodCreateCommand pod_devices: description: Devices contains user specified Devices to be added to the Pod items: type: string type: array x-go-name: Devices portmappings: description: |- PortMappings is a set of ports to map into the infra container. As, by default, containers share their network with the infra container, this will forward the ports to the entire pod. Only available if NetNS is set to Bridge or Pasta. Optional. items: $ref: '#/definitions/PortMapping' type: array x-go-name: PortMappings resource_limits: $ref: '#/definitions/LinuxResources' restart_policy: description: |- RestartPolicy is the pod's restart policy - an action which will be taken when one or all the containers in the pod exits. If not given, the default policy will be set to Always, which restarts the containers in the pod when they exit indefinitely. Optional. type: string x-go-name: RestartPolicy restart_tries: description: |- RestartRetries is the number of attempts that will be made to restart the container. Only available when RestartPolicy is set to "on-failure". Optional. format: uint64 type: integer x-go-name: RestartRetries security_opt: items: type: string type: array x-go-name: SecurityOpt serviceContainerID: description: The ID of the pod's service container. type: string x-go-name: ServiceContainerID share_parent: description: |- PodCreateCommand is the command used to create this pod. This will be shown in the output of Inspect() on the pod, and may also be used by some tools that wish to recreate the pod (e.g. `podman generate systemd --new`). Optional. ShareParent determines if all containers in the pod will share the pod's cgroup as the cgroup parent type: boolean x-go-name: ShareParent shared_namespaces: description: |- SharedNamespaces instructs the pod to share a set of namespaces. Shared namespaces will be joined (by default) by every container which joins the pod. If not set and NoInfra is false, the pod will set a default set of namespaces to share. Conflicts with NoInfra=true. Optional. items: type: string type: array x-go-name: SharedNamespaces shm_size: description: |- ShmSize is the size of the tmpfs to mount in at /dev/shm, in bytes. Conflicts with ShmSize if IpcNS is not private. Optional. format: int64 type: integer x-go-name: ShmSize shm_size_systemd: description: |- ShmSizeSystemd is the size of systemd-specific tmpfs mounts specifically /run, /run/lock, /var/log/journal and /tmp. Optional format: int64 type: integer x-go-name: ShmSizeSystemd sysctl: additionalProperties: type: string description: Sysctl sets kernel parameters for the pod type: object x-go-name: Sysctl userns: $ref: '#/definitions/Namespace' utsns: $ref: '#/definitions/Namespace' volumes: description: |- Volumes are named volumes that will be added to the pod. These will supersede Image Volumes and VolumesFrom volumes where there are conflicts. Optional. items: $ref: '#/definitions/NamedVolume' type: array x-go-name: Volumes volumes_from: description: |- VolumesFrom is a set of containers whose volumes will be added to this pod. The name or ID of the container must be provided, and may optionally be followed by a : and then one or more comma-separated options. Valid options are 'ro', 'rw', and 'z'. Options will be used for all volumes sourced from the container. items: type: string type: array x-go-name: VolumesFrom type: object x-go-package: go.podman.io/podman/v6/pkg/specgen PodStartReport: type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities PodStatsReport: title: PodStatsReport includes pod-resource statistics data. type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities PodStopReport: type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities PodStorageConfig: properties: image_volumes: description: |- Image volumes bind-mount a container-image mount into the pod's infra container. Optional. items: $ref: '#/definitions/ImageVolume' type: array x-go-name: ImageVolumes mounts: description: |- Mounts are mounts that will be added to the pod. These will supersede Image Volumes and VolumesFrom volumes where there are conflicts. Optional. items: $ref: '#/definitions/Mount' type: array x-go-name: Mounts overlay_volumes: description: |- Overlay volumes are named volumes that will be added to the pod. Optional. items: $ref: '#/definitions/OverlayVolume' type: array x-go-name: OverlayVolumes shm_size: description: |- ShmSize is the size of the tmpfs to mount in at /dev/shm, in bytes. Conflicts with ShmSize if IpcNS is not private. Optional. format: int64 type: integer x-go-name: ShmSize shm_size_systemd: description: |- ShmSizeSystemd is the size of systemd-specific tmpfs mounts specifically /run, /run/lock, /var/log/journal and /tmp. Optional format: int64 type: integer x-go-name: ShmSizeSystemd volumes: description: |- Volumes are named volumes that will be added to the pod. These will supersede Image Volumes and VolumesFrom volumes where there are conflicts. Optional. items: $ref: '#/definitions/NamedVolume' type: array x-go-name: Volumes volumes_from: description: |- VolumesFrom is a set of containers whose volumes will be added to this pod. The name or ID of the container must be provided, and may optionally be followed by a : and then one or more comma-separated options. Valid options are 'ro', 'rw', and 'z'. Options will be used for all volumes sourced from the container. items: type: string type: array x-go-name: VolumesFrom title: PodStorageConfig contains all of the storage related options for the pod and its infra container. type: object x-go-package: go.podman.io/podman/v6/pkg/specgen PodTopOKBody: properties: Processes: description: |- Each process running in the container, where each process is an array of values corresponding to the titles. example: '{"Processes":[["root","13642","882","0","17:03","pts/0","00:00:00","/bin/bash"],["root","13735","13642","0","17:06","pts/0","00:00:00","sleep 10"]]}' items: items: type: string type: array type: array Titles: description: The ps column titles example: '{"Titles":["UID","PID","PPID","C","STIME","TTY","TIME","CMD"]}' items: type: string type: array type: object x-go-package: go.podman.io/podman/v6/pkg/api/handlers PodUnpauseReport: type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities PortMap: additionalProperties: items: properties: HostIp: description: HostIP is the host IP Address type: string x-go-name: HostIP x-go-type: net/netip.Addr HostPort: description: HostPort is the host port number type: string type: object type: array title: PortMap is a collection of [PortBinding] indexed by [Port]. type: object x-go-package: github.com/moby/moby/api/types/network PortMapping: properties: container_port: description: |- ContainerPort is the port number that will be exposed from the container. Mandatory. format: uint16 type: integer x-go-name: ContainerPort host_ip: description: |- HostIP is the IP that we will bind to on the host. If unset, assumed to be 0.0.0.0 (all interfaces). type: string x-go-name: HostIP host_port: description: |- HostPort is the port number that will be forwarded from the host into the container. If omitted, a random port on the host (guaranteed to be over 1024) will be assigned. format: uint16 type: integer x-go-name: HostPort protocol: description: |- Protocol is the protocol forward. Must be either "tcp", "udp", and "sctp", or some combination of these separated by commas. If unset, assumed to be TCP. type: string x-go-name: Protocol range: description: |- Range is the number of ports that will be forwarded, starting at HostPort and ContainerPort and counting up. This is 1-indexed, so 1 is assumed to be a single port (only the Hostport:Containerport mapping will be added), 2 is two ports (both Hostport:Containerport and Hostport+1:Containerport+1), etc. If unset, assumed to be 1 (a single port). Both hostport + range and containerport + range must be less than 65536. format: uint16 type: integer x-go-name: Range title: PortMapping is one or more ports that will be mapped into the container. type: object x-go-package: go.podman.io/common/libnetwork/types PortSet: additionalProperties: type: object title: PortSet is a collection of structs indexed by [Port]. type: object x-go-package: github.com/moby/moby/api/types/network PortSummary: example: '{"PrivatePort":8080,"PublicPort":80,"Type":"tcp"}' properties: IP: description: Host IP address that the container's port is mapped to type: string x-go-type: net/netip.Addr PrivatePort: description: Port on the container format: uint16 type: integer PublicPort: description: Port exposed on the host format: uint16 type: integer Type: description: type enum: - tcp - udp - sctp type: string required: - PrivatePort - Type title: PortSummary Describes a port-mapping between the container and the host. type: object x-go-package: github.com/moby/moby/api/types/container Propagation: title: Propagation represents the propagation of a mount. type: string x-go-package: github.com/moby/moby/api/types/mount PruneReport: description: POST "/volumes/prune" properties: Err: type: string x-go-type: error Id: type: string Size: format: uint64 type: integer title: 'PruneReport contains the response for Engine API:' type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities/reports PublishState: description: |- PublishState represents the state of a Volume as it pertains to its use on a particular Node. type: string x-go-package: github.com/moby/moby/api/types/volume PublishStatus: description: |- PublishStatus represents the status of the volume as published to an individual node properties: NodeID: description: NodeID is the ID of the swarm node this Volume is published to. type: string PublishContext: additionalProperties: type: string description: |- PublishContext is the PublishContext returned by the CSI plugin when a volume is published. type: object State: $ref: '#/definitions/PublishState' type: object x-go-package: github.com/moby/moby/api/types/volume PullIdentity: description: If image was pulled via mirror, this contains the original repository location. properties: Repository: description: Repository is the remote repository location the image was pulled from. type: string title: PullIdentity contains remote location information if image was created via pull. type: object x-go-package: github.com/moby/moby/api/types/image QuadletRemoveReport: description: QuadletRemoveReport contains the results of an operation to remove obe or more quadlets properties: Errors: additionalProperties: type: string x-go-type: error description: Errors is a map of Quadlet name to error that occurred during removal. type: object Removed: description: Removed is a list of quadlets that were successfully removed items: type: string type: array type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities RemoteSocket: description: RemoteSocket describes information about the API socket properties: exists: type: boolean x-go-name: Exists path: type: string x-go-name: Path type: object x-go-package: go.podman.io/podman/v6/libpod/define Resources: description: Resources contains container's resources (cgroups config, ulimits...) properties: BlkioDeviceReadBps: items: $ref: '#/definitions/ThrottleDevice' type: array BlkioDeviceReadIOps: items: $ref: '#/definitions/ThrottleDevice' type: array BlkioDeviceWriteBps: items: $ref: '#/definitions/ThrottleDevice' type: array BlkioDeviceWriteIOps: items: $ref: '#/definitions/ThrottleDevice' type: array BlkioWeight: format: uint16 type: integer BlkioWeightDevice: items: $ref: '#/definitions/WeightDevice' type: array CgroupParent: description: Applicable to UNIX platforms type: string CpuCount: description: Applicable to Windows format: int64 type: integer x-go-name: CPUCount CpuPercent: format: int64 type: integer x-go-name: CPUPercent CpuPeriod: format: int64 type: integer x-go-name: CPUPeriod CpuQuota: format: int64 type: integer x-go-name: CPUQuota CpuRealtimePeriod: format: int64 type: integer x-go-name: CPURealtimePeriod CpuRealtimeRuntime: format: int64 type: integer x-go-name: CPURealtimeRuntime CpuShares: description: Applicable to all platforms format: int64 type: integer x-go-name: CPUShares CpusetCpus: type: string CpusetMems: type: string DeviceCgroupRules: items: type: string type: array DeviceRequests: items: $ref: '#/definitions/DeviceRequest' type: array Devices: items: $ref: '#/definitions/DeviceMapping' type: array IOMaximumBandwidth: format: uint64 type: integer IOMaximumIOps: format: uint64 type: integer Memory: format: int64 type: integer MemoryReservation: format: int64 type: integer MemorySwap: format: int64 type: integer MemorySwappiness: format: int64 type: integer NanoCpus: format: int64 type: integer x-go-name: NanoCPUs OomKillDisable: type: boolean PidsLimit: format: int64 type: integer Ulimits: items: $ref: '#/definitions/Ulimit' type: array type: object x-go-package: github.com/moby/moby/api/types/container RestartPolicy: properties: MaximumRetryCount: format: int64 type: integer Name: $ref: '#/definitions/RestartPolicyMode' title: RestartPolicy represents the restart policies of the container. type: object x-go-package: github.com/moby/moby/api/types/container RestartPolicyMode: type: string x-go-package: github.com/moby/moby/api/types/container RootFS: properties: Layers: items: $ref: '#/definitions/Digest' type: string type: array Type: type: string title: RootFS holds the root fs information of an image. type: object x-go-package: go.podman.io/podman/v6/pkg/inspect RootFSStorage: properties: Snapshot: $ref: '#/definitions/RootFSStorageSnapshot' title: RootFSStorage Information about the storage used for the container's root filesystem. type: object x-go-package: github.com/moby/moby/api/types/storage RootFSStorageSnapshot: properties: Name: description: Name of the snapshotter. type: string title: RootFSStorageSnapshot Information about a snapshot backend of the container's root filesystem. type: object x-go-package: github.com/moby/moby/api/types/storage Route: properties: destination: description: Destination for this route in CIDR form. format: string type: string x-go-name: Destination gateway: description: Gateway IP for this route. Required for unicast routes, must be empty for blackhole/unreachable/prohibit. format: string type: string x-go-name: Gateway x-go-type: net.IP metric: description: Metric for this route. Optional. format: uint32 type: integer x-go-name: Metric route_type: $ref: '#/definitions/RouteType' type: object x-go-package: go.podman.io/common/libnetwork/types RouteType: title: RouteType represents the type of a route. type: string x-go-package: go.podman.io/common/libnetwork/types Schema2HealthConfig: description: |- Schema2HealthConfig is a HealthConfig, which holds configuration settings for the HEALTHCHECK feature, from docker/docker/api/types/container. properties: Interval: $ref: '#/definitions/Duration' Retries: description: |- Retries is the number of consecutive failures needed to consider a container as unhealthy. Zero means inherit. format: int64 type: integer StartInterval: $ref: '#/definitions/Duration' StartPeriod: $ref: '#/definitions/Duration' Test: description: |- Test is the test to perform to check that the container is healthy. An empty slice means to inherit the default. The options are: {} : inherit healthcheck {"NONE"} : disable healthcheck {"CMD", args...} : exec arguments directly {"CMD-SHELL", command} : run command with system's default shell items: type: string type: array Timeout: $ref: '#/definitions/Duration' type: object x-go-package: go.podman.io/image/v5/manifest Schema2List: title: Schema2List is a list of platform-specific manifests. type: object x-go-package: go.podman.io/image/v5/manifest Scope: description: |- Scope defines the Scope of a Cluster Volume. This is how many nodes a Volume can be accessed simultaneously on. type: string x-go-package: github.com/moby/moby/api/types/volume ScpReport: properties: Id: type: string type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities/reports Secret: properties: GID: format: uint32 type: integer Mode: format: uint32 type: integer Source: type: string Target: type: string UID: format: uint32 type: integer type: object x-go-package: go.podman.io/podman/v6/pkg/specgen SecretCreate: properties: Data: description: Base64-url-safe-encoded (RFC 4648) data to store as secret. type: string Driver: $ref: '#/definitions/SecretDriverSpec' Labels: additionalProperties: type: string description: Labels are labels on the secret type: object Name: description: User-defined name of the secret. type: string type: object x-go-name: SecretCreateRequest x-go-package: go.podman.io/podman/v6/pkg/domain/entities SecretCreateReport: type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities SecretDriverSpec: type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities SecretInfoReport: type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities SecretInfoReportCompat: type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities SecurityInfo: description: SecurityInfo describes the libpod host properties: apparmorEnabled: type: boolean x-go-name: AppArmorEnabled capabilities: type: string x-go-name: DefaultCapabilities rootless: type: boolean x-go-name: Rootless seccompEnabled: type: boolean x-go-name: SECCOMPEnabled seccompProfilePath: type: string x-go-name: SECCOMPProfilePath selinuxEnabled: type: boolean x-go-name: SELinuxEnabled type: object x-go-package: go.podman.io/podman/v6/libpod/define ServiceInfo: description: ServiceInfo represents service parameters with the list of service's tasks properties: LocalLBIndex: description: local l b index format: int64 type: integer Ports: description: ports items: type: string type: array Tasks: description: tasks items: $ref: '#/definitions/Task' type: array VIP: description: v IP type: string x-go-type: net/netip.Addr type: object x-go-package: github.com/moby/moby/api/types/network SharingMode: description: |- SharingMode defines the Sharing of a Cluster Volume. This is how Tasks using a Volume at the same time can use it. type: string x-go-package: github.com/moby/moby/api/types/volume Signal: description: It implements the [os.Signal] interface. format: int64 title: A Signal is a number describing a process signal. type: integer x-go-package: syscall SignatureIdentity: properties: DockerReference: description: |- DockerReference is the Docker image reference associated with the signature. This is an optional field only present in older hashedrecord signatures. type: string Error: description: |- Error contains error information if signature verification failed. Other fields will be empty in this case. type: string KnownSigner: $ref: '#/definitions/KnownSignerIdentity' Name: description: Name is a textual description summarizing the type of signature. type: string SignatureType: $ref: '#/definitions/SignatureType' Signer: $ref: '#/definitions/SignerIdentity' Timestamps: description: Timestamps contains a list of verified signed timestamps for the signature. items: $ref: '#/definitions/SignatureTimestamp' type: array Warnings: description: |- Warnings contains any warnings that occurred during signature verification. For example, if there was no internet connectivity and cached trust roots were used. Warning does not indicate a failed verification but may point to configuration issues. items: type: string type: array title: SignatureIdentity contains the properties of verified signatures for the image. type: object x-go-package: github.com/moby/moby/api/types/image SignatureTimestamp: properties: Timestamp: format: date-time type: string Type: $ref: '#/definitions/SignatureTimestampType' URI: type: string title: SignatureTimestamp contains information about a verified signed timestamp for an image signature. type: object x-go-package: github.com/moby/moby/api/types/image SignatureTimestampType: title: SignatureTimestampType is the type of timestamp used in the signature. type: string x-go-package: github.com/moby/moby/api/types/image SignatureType: title: SignatureType is the type of signature format. type: string x-go-package: github.com/moby/moby/api/types/image SignerIdentity: description: '[certificate.Summary]: https://pkg.go.dev/github.com/sigstore/sigstore-go/pkg/fulcio/certificate#Summary' properties: BuildConfigDigest: description: Immutable reference to the specific version of the top-level/initiating build instructions. type: string BuildConfigURI: description: Build Config URL to the top-level/initiating build instructions. type: string BuildSignerDigest: description: Immutable reference to the specific version of the build instructions that is responsible for signing. type: string BuildSignerURI: description: Reference to specific build instructions that are responsible for signing. type: string BuildTrigger: description: Event or action that initiated the build. type: string CertificateIssuer: type: string Issuer: description: |- The OIDC issuer. Should match `iss` claim of ID token or, in the case of a federated login like Dex it should match the issuer URL of the upstream issuer. The issuer is not set the extensions are invalid and will fail to render. type: string RunInvocationURI: description: Run Invocation URL to uniquely identify the build execution. type: string RunnerEnvironment: description: Specifies whether the build took place in platform-hosted cloud infrastructure or customer/self-hosted infrastructure. type: string SourceRepositoryDigest: description: Immutable reference to a specific version of the source code that the build was based upon. type: string SourceRepositoryIdentifier: description: Immutable identifier for the source repository the workflow was based upon. type: string SourceRepositoryOwnerIdentifier: description: Immutable identifier for the owner of the source repository that the workflow was based upon. type: string SourceRepositoryOwnerURI: description: Source repository owner URL of the owner of the source repository that the build was based on. type: string SourceRepositoryRef: description: Source Repository Ref that the build run was based upon. type: string SourceRepositoryURI: description: Source repository URL that the build was based on. type: string SourceRepositoryVisibilityAtSigning: description: Source repository visibility at the time of signing the certificate. type: string SubjectAlternativeName: type: string title: |- SignerIdentity contains information about the signer certificate used to sign the image. This is [certificate.Summary] with deprecated fields removed and keys in Moby uppercase style. type: object x-go-package: github.com/moby/moby/api/types/image SpecGenerator: description: |- SpecGenerator creates an OCI spec and Libpod configuration options to create a container based on the given configuration. properties: Networks: additionalProperties: $ref: '#/definitions/PerNetworkOptions' description: |- Map of networks names or ids that the container should join. You can request additional settings for each network, you can set network aliases, static ips, static mac address and the network interface name for this container on the specific network. If the map is empty and the bridge network mode is set the container will be joined to the default network. Optional. type: object annotations: additionalProperties: type: string description: |- Annotations are key-value options passed into the container runtime that can be used to trigger special behavior. Optional. type: object x-go-name: Annotations apparmor_profile: description: |- ApparmorProfile is the name of the Apparmor profile the container will use. Optional. type: string x-go-name: ApparmorProfile artifact_volumes: description: ArtifactVolumes volumes based on an existing artifact. items: $ref: '#/definitions/ArtifactVolume' type: array x-go-name: ArtifactVolumes base_hosts_file: description: |- BaseHostsFile is the base file to create the `/etc/hosts` file inside the container. This must either be an absolute path to a file on the host system, or one of the special flags `image` or `none`. If it is empty it defaults to the base_hosts_file configuration in containers.conf. Optional. type: string x-go-name: BaseHostsFile cap_add: description: |- CapAdd are capabilities which will be added to the container. Conflicts with Privileged. Optional. items: type: string type: array x-go-name: CapAdd cap_drop: description: |- CapDrop are capabilities which will be removed from the container. Conflicts with Privileged. Optional. items: type: string type: array x-go-name: CapDrop cgroup_parent: description: |- CgroupParent is the container's Cgroup parent. If not set, the default for the current cgroup driver will be used. Optional. type: string x-go-name: CgroupParent cgroupns: $ref: '#/definitions/Namespace' cgroups_mode: description: |- CgroupsMode sets a policy for how cgroups will be created for the container, including the ability to disable creation entirely. Optional. type: string x-go-name: CgroupsMode chroot_directories: description: |- ChrootDirs is an additional set of directories that need to be treated as root directories. Standard bind mounts will be mounted into paths relative to these directories. Optional. items: type: string type: array x-go-name: ChrootDirs command: description: |- Command is the container's command. If not given and Image is specified, this will be populated by the image's configuration. Optional. items: type: string type: array x-go-name: Command conmon_pid_file: description: |- ConmonPidFile is a path at which a PID file for Conmon will be placed. If not given, a default location will be used. Optional. type: string x-go-name: ConmonPidFile containerCreateCommand: description: |- ContainerCreateCommand is the command that was used to create this container. This will be shown in the output of Inspect() on the container, and may also be used by some tools that wish to recreate the container (e.g. `podman generate systemd --new`). Optional. items: type: string type: array x-go-name: ContainerCreateCommand create_working_dir: description: |- Create the working directory if it doesn't exist. If unset, it doesn't create it. Optional. type: boolean x-go-name: CreateWorkingDir dependencyContainers: description: |- DependencyContainers is an array of containers this container depends on. Dependency containers must be started before this container. Dependencies can be specified by name or full/partial ID. Optional. items: type: string type: array x-go-name: DependencyContainers device_cgroup_rule: description: |- DeviceCgroupRule are device cgroup rules that allow containers to use additional types of devices. items: $ref: '#/definitions/LinuxDeviceCgroup' type: array x-go-name: DeviceCgroupRule devices: description: |- Devices are devices that will be added to the container. Optional. items: $ref: '#/definitions/LinuxDevice' type: array x-go-name: Devices devices_from: description: |- DevicesFrom specifies that this container will mount the device(s) from other container(s). Optional. items: type: string type: array x-go-name: DevicesFrom dns_option: description: |- DNSOptions is a set of DNS options that will be used in the container's resolv.conf, replacing the host's DNS options which are used by default. Conflicts with UseImageResolvConf. Optional. items: type: string type: array x-go-name: DNSOptions dns_search: description: |- DNSSearch is a set of DNS search domains that will be used in the container's resolv.conf, replacing the host's DNS search domains which are used by default. Conflicts with UseImageResolvConf. Optional. items: type: string type: array x-go-name: DNSSearch dns_server: description: |- DNSServers is a set of DNS servers that will be used in the container's resolv.conf, replacing the host's DNS Servers which are used by default. Conflicts with UseImageResolvConf. Optional. items: type: string x-go-type: net.IP type: array x-go-name: DNSServers entrypoint: description: |- Entrypoint is the container's entrypoint. If not given and Image is specified, this will be populated by the image's configuration. Optional. items: type: string type: array x-go-name: Entrypoint env: additionalProperties: type: string description: |- Env is a set of environment variables that will be set in the container. Optional. type: object x-go-name: Env env_host: description: |- EnvHost indicates that the host environment should be added to container Optional. type: boolean x-go-name: EnvHost envmerge: description: |- EnvMerge takes the specified environment variables from image and preprocess them before injecting them into the container. Optional. items: type: string type: array x-go-name: EnvMerge expose: description: |- Expose is a number of ports that will be forwarded to the container if PublishExposedPorts is set. Expose is a map of uint16 (port number) to a string representing protocol i.e map[uint16]string. Allowed protocols are "tcp", "udp", and "sctp", or some combination of the three separated by commas. If protocol is set to "" we will assume TCP. Only available if NetNS is set to Bridge or Pasta, and PublishExposedPorts is set. Optional. x-go-name: Expose gpus: description: |- GPUs contains GPU device identifiers for CDI resolution. These will be resolved to full CDI device paths on the server side. Optional. items: type: string type: array x-go-name: GPUs group_entry: description: |- GroupEntry specifies an arbitrary string to append to the container's /etc/group file. Optional. type: string x-go-name: GroupEntry groups: description: |- Groups are a list of supplemental groups the container's user will be granted access to. Optional. items: type: string type: array x-go-name: Groups health_check_on_failure_action: $ref: '#/definitions/HealthCheckOnFailureAction' healthLogDestination: description: |- HealthLogDestination defines the destination where the log is stored. TODO (6.0): In next major release convert it to pointer and use omitempty type: string x-go-name: HealthLogDestination healthMaxLogCount: description: |- HealthMaxLogCount is maximum number of attempts in the HealthCheck log file. ('0' value means an infinite number of attempts in the log file). TODO (6.0): In next major release convert it to pointer and use omitempty format: uint64 type: integer x-go-name: HealthMaxLogCount healthMaxLogSize: description: |- HealthMaxLogSize is the maximum length in characters of stored HealthCheck log ("0" value means an infinite log length). TODO (6.0): In next major release convert it to pointer and use omitempty format: uint64 type: integer x-go-name: HealthMaxLogSize healthconfig: $ref: '#/definitions/Schema2HealthConfig' host_device_list: description: HostDeviceList is used to recreate the mounted device on inherited containers items: $ref: '#/definitions/LinuxDevice' type: array x-go-name: HostDeviceList hostadd: description: |- HostAdd is a set of hosts which will be added to the container's etc/hosts file. Conflicts with UseImageHosts. Optional. items: type: string type: array x-go-name: HostAdd hostname: description: |- Hostname is the container's hostname. If not set, the hostname will not be modified (if UtsNS is not private) or will be set to the container ID (if UtsNS is private). Conflicts with UtsNS if UtsNS is not set to private. Optional. type: string x-go-name: Hostname hostusers: description: |- HostUsers is a list of host usernames or UIDs to add to the container etc/passwd file items: type: string type: array x-go-name: HostUsers httpproxy: description: |- EnvHTTPProxy indicates that the http host proxy environment variables should be added to container Optional. type: boolean x-go-name: HTTPProxy idmappings: $ref: '#/definitions/IDMappingOptions' image: description: |- Image is the image the container will be based on. The image will be used as the container's root filesystem, and its environment vars, volumes, and other configuration will be applied to the container. Conflicts with Rootfs. At least one of Image or Rootfs must be specified. type: string x-go-name: Image image_arch: description: |- ImageArch is the user-specified image architecture. Used to select a different variant from a manifest list. Optional. type: string x-go-name: ImageArch image_os: description: |- ImageOS is the user-specified OS of the image. Used to select a different variant from a manifest list. Optional. type: string x-go-name: ImageOS image_variant: description: |- ImageVariant is the user-specified image variant. Used to select a different variant from a manifest list. Optional. type: string x-go-name: ImageVariant image_volume_mode: description: |- ImageVolumeMode indicates how image volumes will be created. Supported modes are "ignore" (do not create), "tmpfs" (create as tmpfs), and "anonymous" (create as anonymous volumes). The default if unset is anonymous. Optional. type: string x-go-name: ImageVolumeMode image_volumes: description: |- Image volumes bind-mount a container-image mount into the container. Optional. items: $ref: '#/definitions/ImageVolume' type: array x-go-name: ImageVolumes init: description: |- Init specifies that an init binary will be mounted into the container, and will be used as PID1. Optional. type: boolean x-go-name: Init init_container_type: description: |- InitContainerType describes if this container is an init container and if so, what type: always or once. Optional. type: string x-go-name: InitContainerType init_path: description: |- InitPath specifies the path to the init binary that will be added if Init is specified above. If not specified, the default set in the Libpod config will be used. Ignored if Init above is not set. Optional. type: string x-go-name: InitPath intelRdt: $ref: '#/definitions/LinuxIntelRdt' ipcns: $ref: '#/definitions/Namespace' label_nested: description: |- LabelNested indicates whether or not the container is allowed to run fully nested containers including SELinux labelling. Optional. type: boolean x-go-name: LabelNested labels: additionalProperties: type: string description: |- Labels are key-value pairs that are used to add metadata to containers. Optional. type: object x-go-name: Labels log_configuration: $ref: '#/definitions/LogConfigLibpod' manage_password: description: Passwd is a container run option that determines if we are validating users/groups before running the container type: boolean x-go-name: Passwd mask: description: |- Mask is the path we want to mask in the container. This masks the paths given in addition to the default list. Optional items: type: string type: array x-go-name: Mask mounts: description: |- Mounts are mounts that will be added to the container. These will supersede Image Volumes and VolumesFrom volumes where there are conflicts. Optional. items: $ref: '#/definitions/Mount' type: array x-go-name: Mounts name: description: |- Name is the name the container will be given. If no name is provided, one will be randomly generated. Optional. type: string x-go-name: Name netns: $ref: '#/definitions/Namespace' network_options: additionalProperties: items: type: string type: array description: |- NetworkOptions are additional options for each network Optional. type: object x-go-name: NetworkOptions networkOrder: description: |- The order that networks will be configured in. If not set, alphabetical order based on network name will be used. If set: Must be the same length as Networks and its contents must be every key in the Networks map. Optional. items: type: string type: array x-go-name: NetworkOrder no_new_privileges: description: |- NoNewPrivileges is whether the container will set the no new privileges flag on create, which disables gaining additional privileges (e.g. via setuid) in the container. Optional. type: boolean x-go-name: NoNewPrivileges oci_runtime: description: |- OCIRuntime is the name of the OCI runtime that will be used to create the container. If not specified, the default will be used. Optional. type: string x-go-name: OCIRuntime oom_score_adj: description: |- OOMScoreAdj adjusts the score used by the OOM killer to determine processes to kill for the container's process. Optional. format: int64 type: integer x-go-name: OOMScoreAdj overlay_volumes: description: |- Overlay volumes are named volumes that will be added to the container. Optional. items: $ref: '#/definitions/OverlayVolume' type: array x-go-name: OverlayVolumes passwd_entry: description: |- PasswdEntry specifies an arbitrary string to append to the container's /etc/passwd file. Optional. type: string x-go-name: PasswdEntry personality: $ref: '#/definitions/LinuxPersonality' pidns: $ref: '#/definitions/Namespace' pod: description: |- Pod is the ID of the pod the container will join. Optional. type: string x-go-name: Pod portmappings: description: |- PortBindings is a set of ports to map into the container. Only available if NetNS is set to bridge or pasta. Optional. items: $ref: '#/definitions/PortMapping' type: array x-go-name: PortMappings privileged: description: |- Privileged is whether the container is privileged. Privileged does the following: Adds all devices on the system to the container. Adds all capabilities to the container. Disables Seccomp, SELinux, and Apparmor confinement. (Though SELinux can be manually re-enabled). TODO: this conflicts with things. TODO: this does more. Optional. type: boolean x-go-name: Privileged procfs_opts: description: ProcOpts are the options used for the proc mount. items: type: string type: array x-go-name: ProcOpts publish_image_ports: description: |- PublishExposedPorts will publish ports specified in the image to random unused ports (guaranteed to be above 1024) on the host. This is based on ports set in Expose below, and any ports specified by the Image (if one is given). Only available if NetNS is set to Bridge or Pasta. Optional. type: boolean x-go-name: PublishExposedPorts r_limits: description: |- Rlimits are POSIX rlimits to apply to the container. Optional. items: $ref: '#/definitions/POSIXRlimit' type: array x-go-name: Rlimits raw_image_name: description: |- RawImageName is the user-specified and unprocessed input referring to a local or a remote image. Optional, but strongly encouraged to be set if Image is set. type: string x-go-name: RawImageName read_only_filesystem: description: |- ReadOnlyFilesystem indicates that everything will be mounted as read-only. Optional. type: boolean x-go-name: ReadOnlyFilesystem read_write_tmpfs: description: |- ReadWriteTmpfs indicates that when running with a ReadOnlyFilesystem mount temporary file systems. Optional. type: boolean x-go-name: ReadWriteTmpfs remove: description: |- Remove indicates if the container should be removed once it has been started and exits. Optional. type: boolean x-go-name: Remove removeImage: description: |- RemoveImage indicates that the container should remove the image it was created from after it exits. Only allowed if Remove is set to true and Image, not Rootfs, is in use. Optional. type: boolean x-go-name: RemoveImage resource_limits: $ref: '#/definitions/LinuxResources' restart_policy: description: |- RestartPolicy is the container's restart policy - an action which will be taken when the container exits. If not given, the default policy, which does nothing, will be used. Optional. type: string x-go-name: RestartPolicy restart_tries: description: |- RestartRetries is the number of attempts that will be made to restart the container. Only available when RestartPolicy is set to "on-failure". Optional. format: uint64 type: integer x-go-name: RestartRetries rootfs: description: |- Rootfs is the path to a directory that will be used as the container's root filesystem. No modification will be made to the directory, it will be directly mounted into the container as root. Conflicts with Image. At least one of Image or Rootfs must be specified. type: string x-go-name: Rootfs rootfs_mapping: description: |- RootfsMapping specifies if there are UID/GID mappings to apply to the rootfs. Optional. type: string x-go-name: RootfsMapping rootfs_overlay: description: |- RootfsOverlay tells if rootfs is actually an overlay on top of base path. Optional. type: boolean x-go-name: RootfsOverlay rootfs_propagation: description: |- RootfsPropagation is the rootfs propagation mode for the container. If not set, the default of rslave will be used. Optional. type: string x-go-name: RootfsPropagation sdnotifyMode: description: |- Determine how to handle the NOTIFY_SOCKET - do we participate or pass it through "container" - let the OCI runtime deal with it, advertise conmon's MAINPID "conmon-only" - advertise conmon's MAINPID, send READY when started, don't pass to OCI "ignore" - unset NOTIFY_SOCKET Optional. type: string x-go-name: SdNotifyMode seccomp_policy: description: |- SeccompPolicy determines which seccomp profile gets applied the container. valid values: empty,default,image type: string x-go-name: SeccompPolicy seccomp_profile_path: description: |- SeccompProfilePath is the path to a JSON file containing the container's Seccomp profile. If not specified, no Seccomp profile will be used. Optional. type: string x-go-name: SeccompProfilePath secret_env: additionalProperties: type: string description: |- EnvSecrets are secrets that will be set as environment variables Optional. type: object x-go-name: EnvSecrets secrets: description: |- Secrets are the secrets that will be added to the container Optional. items: $ref: '#/definitions/Secret' type: array x-go-name: Secrets selinux_opts: description: |- SelinuxProcessLabel is the process label the container will use. If SELinux is enabled and this is not specified, a label will be automatically generated if not specified. Optional. items: type: string type: array x-go-name: SelinuxOpts shm_size: description: |- ShmSize is the size of the tmpfs to mount in at /dev/shm, in bytes. Conflicts with ShmSize if IpcNS is not private. Optional. format: int64 type: integer x-go-name: ShmSize shm_size_systemd: description: |- ShmSizeSystemd is the size of systemd-specific tmpfs mounts specifically /run, /run/lock, /var/log/journal and /tmp. Optional format: int64 type: integer x-go-name: ShmSizeSystemd startupHealthConfig: $ref: '#/definitions/StartupHealthCheck' stdin: description: |- Stdin is whether the container will keep its STDIN open. Optional. type: boolean x-go-name: Stdin stop_signal: $ref: '#/definitions/Signal' stop_timeout: description: |- StopTimeout is a timeout between the container's stop signal being sent and SIGKILL being sent. If not provided, the default will be used. If 0 is used, stop signal will not be sent, and SIGKILL will be sent instead. Optional. format: uint64 type: integer x-go-name: StopTimeout storage_opts: additionalProperties: type: string description: |- StorageOpts is the container's storage options Optional. type: object x-go-name: StorageOpts sysctl: additionalProperties: type: string description: Sysctl sets kernel parameters for the container type: object x-go-name: Sysctl systemd: description: |- Systemd is whether the container will be started in systemd mode. Valid options are "true", "false", and "always". "true" enables this mode only if the binary run in the container is sbin/init or systemd. "always" unconditionally enables systemd mode. "false" unconditionally disables systemd mode. If enabled, mounts and stop signal will be modified. If set to "always" or set to "true" and conditionally triggered, conflicts with StopSignal. If not specified, "false" will be assumed. Optional. type: string x-go-name: Systemd terminal: description: |- Terminal is whether the container will create a PTY. Optional. type: boolean x-go-name: Terminal throttleReadBpsDevice: additionalProperties: $ref: '#/definitions/LinuxThrottleDevice' description: IO read rate limit per cgroup per device, bytes per second type: object x-go-name: ThrottleReadBpsDevice throttleReadIOPSDevice: additionalProperties: $ref: '#/definitions/LinuxThrottleDevice' description: IO read rate limit per cgroup per device, IO per second type: object x-go-name: ThrottleReadIOPSDevice throttleWriteBpsDevice: additionalProperties: $ref: '#/definitions/LinuxThrottleDevice' description: IO write rate limit per cgroup per device, bytes per second type: object x-go-name: ThrottleWriteBpsDevice throttleWriteIOPSDevice: additionalProperties: $ref: '#/definitions/LinuxThrottleDevice' description: IO write rate limit per cgroup per device, IO per second type: object x-go-name: ThrottleWriteIOPSDevice timeout: description: |- Timeout is a maximum time in seconds the container will run before main process is sent SIGKILL. If 0 is used, signal will not be sent. Container can run indefinitely if they do not stop after the default termination signal. Optional. format: uint64 type: integer x-go-name: Timeout timezone: description: |- Timezone is the timezone inside the container. Local means it has the same timezone as the host machine Optional. type: string x-go-name: Timezone umask: description: Umask is the umask the init process of the container will be run with. type: string x-go-name: Umask unified: additionalProperties: type: string description: |- CgroupConf are key-value options passed into the container runtime that are used to configure cgroup v2. Optional. type: object x-go-name: CgroupConf unmask: description: |- Unmask a path in the container. Some paths are masked by default, preventing them from being accessed within the container; this undoes that masking. If ALL is passed, all paths will be unmasked. Optional. items: type: string type: array x-go-name: Unmask unsetenv: description: |- UnsetEnv unsets the specified default environment variables from the image or from built-in or containers.conf Optional. items: type: string type: array x-go-name: UnsetEnv unsetenvall: description: |- UnsetEnvAll unsetall default environment variables from the image or from built-in or containers.conf UnsetEnvAll unsets all default environment variables from the image or from built-in Optional. type: boolean x-go-name: UnsetEnvAll use_image_hostname: description: |- UseImageHostname indicates that /etc/hostname should not be managed by Podman, and instead sourced from the image. Optional. type: boolean x-go-name: UseImageHostname use_image_hosts: description: |- UseImageHosts indicates that /etc/hosts should not be managed by Podman, and instead sourced from the image. Conflicts with HostAdd. Optional. type: boolean x-go-name: UseImageHosts use_image_resolve_conf: description: |- UseImageResolvConf indicates that resolv.conf should not be managed by Podman, but instead sourced from the image. Conflicts with DNSServer, DNSSearch, DNSOption. Optional. type: boolean x-go-name: UseImageResolvConf user: description: |- User is the user the container will be run as. Can be given as a UID or a username; if a username, it will be resolved within the container, using the container's /etc/passwd. If unset, the container will be run as root. Optional. type: string x-go-name: User userns: $ref: '#/definitions/Namespace' utsns: $ref: '#/definitions/Namespace' volatile: description: |- Volatile specifies whether the container storage can be optimized at the cost of not syncing all the dirty files in memory. Optional. type: boolean x-go-name: Volatile volumes: description: |- Volumes are named volumes that will be added to the container. These will supersede Image Volumes and VolumesFrom volumes where there are conflicts. Optional. items: $ref: '#/definitions/NamedVolume' type: array x-go-name: Volumes volumes_from: description: |- VolumesFrom is a set of containers whose volumes will be added to this container. The name or ID of the container must be provided, and may optionally be followed by a : and then one or more comma-separated options. Valid options are 'ro', 'rw', and 'z'. Options will be used for all volumes sourced from the container. Optional. items: type: string type: array x-go-name: VolumesFrom weightDevice: additionalProperties: $ref: '#/definitions/LinuxWeightDevice' description: Weight per cgroup per device, can override BlkioWeight type: object x-go-name: WeightDevice work_dir: description: |- WorkDir is the container's working directory. If unset, the default, /, will be used. Optional. type: string x-go-name: WorkDir type: object x-go-package: go.podman.io/podman/v6/pkg/specgen StartupHealthCheck: properties: Interval: $ref: '#/definitions/Duration' Retries: description: |- Retries is the number of consecutive failures needed to consider a container as unhealthy. Zero means inherit. format: int64 type: integer StartInterval: $ref: '#/definitions/Duration' StartPeriod: $ref: '#/definitions/Duration' Successes: description: |- Successes are the number of successes required to mark the startup HC as passed. If set to 0, a single success will mark the HC as passed. format: int64 type: integer Test: description: |- Test is the test to perform to check that the container is healthy. An empty slice means to inherit the default. The options are: {} : inherit healthcheck {"NONE"} : disable healthcheck {"CMD", args...} : exec arguments directly {"CMD-SHELL", command} : run command with system's default shell items: type: string type: array Timeout: $ref: '#/definitions/Duration' title: StartupHealthCheck is the configuration of a startup healthcheck. type: object x-go-package: go.podman.io/podman/v6/libpod/define State: description: |- State stores container's running state it's part of ContainerJSONBase and returned by "inspect" command properties: Dead: type: boolean Error: type: string ExitCode: format: int64 type: integer FinishedAt: type: string Health: $ref: '#/definitions/Health' OOMKilled: type: boolean Paused: type: boolean Pid: format: int64 type: integer Restarting: type: boolean Running: type: boolean StartedAt: type: string Status: $ref: '#/definitions/ContainerState' type: object x-go-package: github.com/moby/moby/api/types/container Status: properties: IPAM: $ref: '#/definitions/IPAMStatus' title: Status provides runtime information about the network such as the number of allocated IPs. type: object x-go-package: github.com/moby/moby/api/types/network Storage: properties: RootFS: $ref: '#/definitions/RootFSStorage' title: Storage Information about the storage used by the container. type: object x-go-package: github.com/moby/moby/api/types/storage StoreInfo: description: |- StoreInfo describes the container storage and its attributes properties: containerStore: $ref: '#/definitions/ContainerStore' graphDriverName: type: string x-go-name: GraphDriverName graphOptions: additionalProperties: {} type: object x-go-name: GraphOptions graphRoot: type: string x-go-name: GraphRoot graphRootAllocated: description: GraphRootAllocated is how much space the graphroot has in bytes format: uint64 type: integer x-go-name: GraphRootAllocated graphRootUsed: description: GraphRootUsed is how much of graphroot is used in bytes format: uint64 type: integer x-go-name: GraphRootUsed graphStatus: additionalProperties: type: string type: object x-go-name: GraphStatus imageCopyTmpDir: type: string x-go-name: ImageCopyTmpDir imageStore: $ref: '#/definitions/ImageStore' runRoot: type: string x-go-name: RunRoot transientStore: type: boolean x-go-name: TransientStore volumePath: type: string x-go-name: VolumePath type: object x-go-package: go.podman.io/podman/v6/libpod/define Subnet: properties: gateway: description: Gateway IP for this Network. format: string type: string x-go-name: Gateway x-go-type: net.IP lease_range: $ref: '#/definitions/LeaseRange' subnet: description: Subnet for this Network in CIDR form. format: string type: string x-go-name: Subnet type: object x-go-package: go.podman.io/common/libnetwork/types SubnetStatuses: additionalProperties: type: object type: object x-go-package: github.com/moby/moby/api/types/network Summary: properties: Containers: description: |- Number of containers using this image. Includes both stopped and running containers. This size is not calculated by default, and depends on which API endpoint is used. `-1` indicates that the value has not been set / calculated. format: int64 type: integer Created: description: |- Date and time at which the image was created as a Unix timestamp (number of seconds since EPOCH). format: int64 type: integer Descriptor: $ref: '#/definitions/Descriptor' Id: description: |- ID is the content-addressable ID of an image. This identifier is a content-addressable digest calculated from the image's configuration (which includes the digests of layers used by the image). Note that this digest differs from the `RepoDigests` below, which holds digests of image manifests that reference the image. type: string x-go-name: ID Labels: additionalProperties: type: string description: User-defined key/value metadata. type: object Manifests: description: |- Manifests is a list of image manifests available in this image. It provides a more detailed view of the platform-specific image manifests or other image-attached data like build attestations. WARNING: This is experimental and may change at any time without any backward compatibility. items: $ref: '#/definitions/ManifestSummary' type: array ParentId: description: |- ID of the parent image. Depending on how the image was created, this field may be empty and is only set for images that were built/created locally. This field is empty if the image was pulled from an image registry. type: string x-go-name: ParentID RepoDigests: description: |- List of content-addressable digests of locally available image manifests that the image is referenced from. Multiple manifests can refer to the same image. These digests are usually only available if the image was either pulled from a registry, or if the image was pushed to a registry, which is when the manifest is generated and its digest calculated. items: type: string type: array RepoTags: description: |- List of image names/tags in the local image cache that reference this image. Multiple image tags can refer to the same image, and this list may be empty if no tags reference the image, in which case the image is "untagged", in which case it can still be referenced by its ID. items: type: string type: array SharedSize: description: |- Total size of image layers that are shared between this image and other images. This size is not calculated by default. `-1` indicates that the value has not been set / calculated. format: int64 type: integer Size: description: Total size of the image including all layers it is composed of. format: int64 type: integer required: - Containers - Created - Id - Labels - ParentId - RepoDigests - RepoTags - SharedSize - Size type: object x-go-package: github.com/moby/moby/api/types/image SystemCheckReport: description: ServiceOptions provides the input for starting an API and sidecar pprof services type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities SystemDfReport: description: ServiceOptions provides the input for starting an API and sidecar pprof services type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities SystemPruneReport: description: ServiceOptions provides the input for starting an API and sidecar pprof services type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities Task: description: Task carries the information about one backend task properties: EndpointID: description: endpoint ID type: string EndpointIP: description: endpoint IP type: string x-go-type: net/netip.Addr Info: additionalProperties: type: string description: info type: object Name: description: name type: string type: object x-go-package: github.com/moby/moby/api/types/network ThrottleDevice: description: ThrottleDevice is a structure that holds device:rate_per_second pair properties: Path: type: string Rate: format: uint64 type: integer type: object x-go-package: github.com/moby/moby/api/types/blkiodev TmpfsOptions: properties: Mode: $ref: '#/definitions/FileMode' Options: description: |- Options to be passed to the tmpfs mount. An array of arrays. Flag options should be provided as 1-length arrays. Other types should be provided as 2-length arrays, where the first item is the key and the second the value. items: items: type: string type: array type: array SizeBytes: description: |- Size sets the size of the tmpfs, in bytes. This will be converted to an operating system specific value depending on the host. For example, on linux, it will be converted to use a 'k', 'm' or 'g' syntax. BSD, though not widely supported with docker, uses a straight byte value. Percentages are not supported. format: int64 type: integer title: TmpfsOptions defines options specific to mounts of type "tmpfs". type: object x-go-package: github.com/moby/moby/api/types/mount Topology: description: |- This description is taken verbatim from the CSI Spec: A topological domain is a sub-division of a cluster, like "region", "zone", "rack", etc. A topological segment is a specific instance of a topological domain, like "zone3", "rack3", etc. For example {"com.company/zone": "Z1", "com.company/rack": "R3"} Valid keys have two segments: an OPTIONAL prefix and name, separated example: '"com.company.example/zone".' properties: Segments: additionalProperties: type: string type: object title: Topology is a map of topological domains to topological segments. type: object x-go-package: github.com/moby/moby/api/types/volume TopologyRequirement: description: |- TopologyRequirement expresses the user's requirements for a volume's accessible topology. properties: Preferred: description: |- Preferred is a list of Topologies that the volume should attempt to be provisioned in. Taken from the CSI spec: Specifies the list of topologies the CO would prefer the volume to be provisioned in. This field is OPTIONAL. If TopologyRequirement is specified either requisite or preferred or both MUST be specified. An SP MUST attempt to make the provisioned volume available using the preferred topologies in order from first to last. If requisite is specified, all topologies in preferred list MUST also be present in the list of requisite topologies. If the SP is unable to make the provisioned volume available from any of the preferred topologies, the SP MAY choose a topology from the list of requisite topologies. If the list of requisite topologies is not specified, then the SP MAY choose from the list of all possible topologies. If the list of requisite topologies is specified and the SP is unable to make the provisioned volume available from any of the requisite topologies it MUST fail the CreateVolume call. Example 1: Given a volume should be accessible from a single zone, and requisite = {"region": "R1", "zone": "Z2"}, {"region": "R1", "zone": "Z3"} preferred = {"region": "R1", "zone": "Z3"} then the SP SHOULD first attempt to make the provisioned volume available from "zone" "Z3" in the "region" "R1" and fall back to "zone" "Z2" in the "region" "R1" if that is not possible. Example 2: Given a volume should be accessible from a single zone, and requisite = {"region": "R1", "zone": "Z2"}, {"region": "R1", "zone": "Z3"}, {"region": "R1", "zone": "Z4"}, {"region": "R1", "zone": "Z5"} preferred = {"region": "R1", "zone": "Z4"}, {"region": "R1", "zone": "Z2"} then the SP SHOULD first attempt to make the provisioned volume accessible from "zone" "Z4" in the "region" "R1" and fall back to "zone" "Z2" in the "region" "R1" if that is not possible. If that is not possible, the SP may choose between either the "zone" "Z3" or "Z5" in the "region" "R1". Example 3: Given a volume should be accessible from TWO zones (because an opaque parameter in CreateVolumeRequest, for example, specifies the volume is accessible from two zones, aka synchronously replicated), and requisite = {"region": "R1", "zone": "Z2"}, {"region": "R1", "zone": "Z3"}, {"region": "R1", "zone": "Z4"}, {"region": "R1", "zone": "Z5"} preferred = {"region": "R1", "zone": "Z5"}, {"region": "R1", "zone": "Z3"} then the SP SHOULD first attempt to make the provisioned volume accessible from the combination of the two "zones" "Z5" and "Z3" in the "region" "R1". If that's not possible, it should fall back to a combination of "Z5" and other possibilities from the list of requisite. If that's not possible, it should fall back to a combination of "Z3" and other possibilities from the list of requisite. If that's not possible, it should fall back to a combination of other possibilities from the list of requisite. items: $ref: '#/definitions/Topology' type: array Requisite: description: |- Requisite specifies a list of Topologies, at least one of which the volume must be accessible from. Taken verbatim from the CSI Spec: Specifies the list of topologies the provisioned volume MUST be accessible from. This field is OPTIONAL. If TopologyRequirement is specified either requisite or preferred or both MUST be specified. If requisite is specified, the provisioned volume MUST be accessible from at least one of the requisite topologies. Given x = number of topologies provisioned volume is accessible from n = number of requisite topologies The CO MUST ensure n >= 1. The SP MUST ensure x >= 1 If x==n, then the SP MUST make the provisioned volume available to all topologies from the list of requisite topologies. If it is unable to do so, the SP MUST fail the CreateVolume call. For example, if a volume should be accessible from a single zone, and requisite = {"region": "R1", "zone": "Z2"} then the provisioned volume MUST be accessible from the "region" "R1" and the "zone" "Z2". Similarly, if a volume should be accessible from two zones, and requisite = {"region": "R1", "zone": "Z2"}, {"region": "R1", "zone": "Z3"} then the provisioned volume MUST be accessible from the "region" "R1" and both "zone" "Z2" and "zone" "Z3". If xn, then the SP MUST make the provisioned volume available from all topologies from the list of requisite topologies and MAY choose the remaining x-n unique topologies from the list of all possible topologies. If it is unable to do so, the SP MUST fail the CreateVolume call. For example, if a volume should be accessible from two zones, and requisite = {"region": "R1", "zone": "Z2"} then the provisioned volume MUST be accessible from the "region" "R1" and the "zone" "Z2" and the SP may select the second zone independently, e.g. "R1/Z4". items: $ref: '#/definitions/Topology' type: array type: object x-go-package: github.com/moby/moby/api/types/volume Type: title: Type represents the type of a mount. type: string x-go-package: github.com/moby/moby/api/types/mount TypeBlock: description: Intentionally empty. title: TypeBlock defines options for using a volume as a block-type volume. type: object x-go-package: github.com/moby/moby/api/types/volume TypeMount: description: |- TypeMount contains options for using a volume as a Mount-type volume. properties: FsType: description: FsType specifies the filesystem type for the mount volume. Optional. type: string MountFlags: description: MountFlags defines flags to pass when mounting the volume. Optional. items: type: string type: array type: object x-go-package: github.com/moby/moby/api/types/volume UTSMode: title: UTSMode represents the UTS namespace of the container. type: string x-go-package: github.com/moby/moby/api/types/container Ulimit: description: Users are recommended to use this alias instead of using [units.Ulimit] directly. title: |- Ulimit is an alias for [units.Ulimit], which may be moving to a different location or become a local type. This alias is to help transitioning. type: object x-go-package: github.com/moby/moby/api/types/container UpdateConfig: description: Those attributes can be updated at runtime. properties: BlkioDeviceReadBps: items: $ref: '#/definitions/ThrottleDevice' type: array BlkioDeviceReadIOps: items: $ref: '#/definitions/ThrottleDevice' type: array BlkioDeviceWriteBps: items: $ref: '#/definitions/ThrottleDevice' type: array BlkioDeviceWriteIOps: items: $ref: '#/definitions/ThrottleDevice' type: array BlkioWeight: format: uint16 type: integer BlkioWeightDevice: items: $ref: '#/definitions/WeightDevice' type: array CgroupParent: description: Applicable to UNIX platforms type: string CpuCount: description: Applicable to Windows format: int64 type: integer x-go-name: CPUCount CpuPercent: format: int64 type: integer x-go-name: CPUPercent CpuPeriod: format: int64 type: integer x-go-name: CPUPeriod CpuQuota: format: int64 type: integer x-go-name: CPUQuota CpuRealtimePeriod: format: int64 type: integer x-go-name: CPURealtimePeriod CpuRealtimeRuntime: format: int64 type: integer x-go-name: CPURealtimeRuntime CpuShares: description: Applicable to all platforms format: int64 type: integer x-go-name: CPUShares CpusetCpus: type: string CpusetMems: type: string DeviceCgroupRules: items: type: string type: array DeviceRequests: items: $ref: '#/definitions/DeviceRequest' type: array Devices: items: $ref: '#/definitions/DeviceMapping' type: array IOMaximumBandwidth: format: uint64 type: integer IOMaximumIOps: format: uint64 type: integer Memory: format: int64 type: integer MemoryReservation: format: int64 type: integer MemorySwap: format: int64 type: integer MemorySwappiness: format: int64 type: integer NanoCpus: format: int64 type: integer x-go-name: NanoCPUs OomKillDisable: type: boolean PidsLimit: format: int64 type: integer RestartPolicy: $ref: '#/definitions/RestartPolicy' Ulimits: items: $ref: '#/definitions/Ulimit' type: array title: UpdateConfig holds the mutable attributes of a Container. type: object x-go-package: github.com/moby/moby/api/types/container UpdateContainerDevicesLimits: properties: BlkIOWeightDevice: description: |- Block IO weight (relative device weight) in the form: ```[{"Path": "device_path", "Weight": weight}]``` items: $ref: '#/definitions/WeightDevice' type: array DeviceReadBPs: description: |- Limit read rate (bytes per second) from a device, in the form: ```[{"Path": "device_path", "Rate": rate}]``` items: $ref: '#/definitions/ThrottleDevice' type: array DeviceReadIOPs: description: |- Limit read rate (IO per second) from a device, in the form: ```[{"Path": "device_path", "Rate": rate}]``` items: $ref: '#/definitions/ThrottleDevice' type: array DeviceWriteBPs: description: |- Limit write rate (bytes per second) to a device, in the form: ```[{"Path": "device_path", "Rate": rate}]``` items: $ref: '#/definitions/ThrottleDevice' type: array DeviceWriteIOPs: description: |- Limit write rate (IO per second) to a device, in the form: ```[{"Path": "device_path", "Rate": rate}]``` items: $ref: '#/definitions/ThrottleDevice' type: array type: object x-go-package: go.podman.io/podman/v6/libpod/define UpdateEntities: description: UpdateEntities used to wrap the oci resource spec in a swagger model properties: BlkIOWeightDevice: description: |- Block IO weight (relative device weight) in the form: ```[{"Path": "device_path", "Weight": weight}]``` items: $ref: '#/definitions/WeightDevice' type: array DeviceReadBPs: description: |- Limit read rate (bytes per second) from a device, in the form: ```[{"Path": "device_path", "Rate": rate}]``` items: $ref: '#/definitions/ThrottleDevice' type: array DeviceReadIOPs: description: |- Limit read rate (IO per second) from a device, in the form: ```[{"Path": "device_path", "Rate": rate}]``` items: $ref: '#/definitions/ThrottleDevice' type: array DeviceWriteBPs: description: |- Limit write rate (bytes per second) to a device, in the form: ```[{"Path": "device_path", "Rate": rate}]``` items: $ref: '#/definitions/ThrottleDevice' type: array DeviceWriteIOPs: description: |- Limit write rate (IO per second) to a device, in the form: ```[{"Path": "device_path", "Rate": rate}]``` items: $ref: '#/definitions/ThrottleDevice' type: array Env: items: type: string type: array UnsetEnv: items: type: string type: array blockIO: $ref: '#/definitions/LinuxBlockIO' cpu: $ref: '#/definitions/LinuxCPU' devices: description: Devices configures the device allowlist. items: $ref: '#/definitions/LinuxDeviceCgroup' type: array x-go-name: Devices health_cmd: description: HealthCmd set a healthcheck command for the container. ('none' disables the existing healthcheck) type: string x-go-name: HealthCmd health_interval: description: |- HealthInterval set an interval for the healthcheck. (a value of disable results in no automatic timer setup) Changing this setting resets timer. type: string x-go-name: HealthInterval health_log_destination: description: |- HealthLogDestination set the destination of the HealthCheck log. Directory path, local or events_logger (local use container state file) Warning: Changing this setting may cause the loss of previous logs! type: string x-go-name: HealthLogDestination health_max_log_count: description: |- HealthMaxLogCount set maximum number of attempts in the HealthCheck log file. ('0' value means an infinite number of attempts in the log file) format: uint64 type: integer x-go-name: HealthMaxLogCount health_max_log_size: description: |- HealthMaxLogSize set maximum length in characters of stored HealthCheck log. ('0' value means an infinite log length) format: uint64 type: integer x-go-name: HealthMaxLogSize health_on_failure: description: HealthOnFailure set the action to take once the container turns unhealthy. type: string x-go-name: HealthOnFailure health_retries: description: HealthRetries set the number of retries allowed before a healthcheck is considered to be unhealthy. format: uint64 type: integer x-go-name: HealthRetries health_start_period: description: HealthStartPeriod set the initialization time needed for a container to bootstrap. type: string x-go-name: HealthStartPeriod health_startup_cmd: description: HealthStartupCmd set a startup healthcheck command for the container. type: string x-go-name: HealthStartupCmd health_startup_interval: description: |- HealthStartupInterval set an interval for the startup healthcheck. Changing this setting resets the timer, depending on the state of the container. type: string x-go-name: HealthStartupInterval health_startup_retries: description: HealthStartupRetries set the maximum number of retries before the startup healthcheck will restart the container. format: uint64 type: integer x-go-name: HealthStartupRetries health_startup_success: description: |- HealthStartupSuccess set the number of consecutive successes before the startup healthcheck is marked as successful and the normal healthcheck begins (0 indicates any success will start the regular healthcheck) format: uint64 type: integer x-go-name: HealthStartupSuccess health_startup_timeout: description: HealthStartupTimeout set the maximum amount of time that the startup healthcheck may take before it is considered failed. type: string x-go-name: HealthStartupTimeout health_timeout: description: HealthTimeout set the maximum time allowed to complete the healthcheck before an interval is considered failed. type: string x-go-name: HealthTimeout hugepageLimits: description: Hugetlb limits (in bytes). Default to reservation limits if supported. items: $ref: '#/definitions/LinuxHugepageLimit' type: array x-go-name: HugepageLimits memory: $ref: '#/definitions/LinuxMemory' network: $ref: '#/definitions/LinuxNetwork' no_healthcheck: description: Disable healthchecks on container. type: boolean x-go-name: NoHealthCheck pids: $ref: '#/definitions/LinuxPids' r_limits: items: $ref: '#/definitions/POSIXRlimit' type: array x-go-name: Rlimits rdma: additionalProperties: $ref: '#/definitions/LinuxRdma' description: |- Rdma resource restriction configuration. Limits are a set of key value pairs that define RDMA resource limits, where the key is device name and value is resource limits. type: object x-go-name: Rdma unified: additionalProperties: type: string description: Unified resources. type: object x-go-name: Unified type: object x-go-package: go.podman.io/podman/v6/pkg/api/handlers UpdateHealthCheckConfig: properties: health_cmd: description: HealthCmd set a healthcheck command for the container. ('none' disables the existing healthcheck) type: string x-go-name: HealthCmd health_interval: description: |- HealthInterval set an interval for the healthcheck. (a value of disable results in no automatic timer setup) Changing this setting resets timer. type: string x-go-name: HealthInterval health_log_destination: description: |- HealthLogDestination set the destination of the HealthCheck log. Directory path, local or events_logger (local use container state file) Warning: Changing this setting may cause the loss of previous logs! type: string x-go-name: HealthLogDestination health_max_log_count: description: |- HealthMaxLogCount set maximum number of attempts in the HealthCheck log file. ('0' value means an infinite number of attempts in the log file) format: uint64 type: integer x-go-name: HealthMaxLogCount health_max_log_size: description: |- HealthMaxLogSize set maximum length in characters of stored HealthCheck log. ('0' value means an infinite log length) format: uint64 type: integer x-go-name: HealthMaxLogSize health_on_failure: description: HealthOnFailure set the action to take once the container turns unhealthy. type: string x-go-name: HealthOnFailure health_retries: description: HealthRetries set the number of retries allowed before a healthcheck is considered to be unhealthy. format: uint64 type: integer x-go-name: HealthRetries health_start_period: description: HealthStartPeriod set the initialization time needed for a container to bootstrap. type: string x-go-name: HealthStartPeriod health_startup_cmd: description: HealthStartupCmd set a startup healthcheck command for the container. type: string x-go-name: HealthStartupCmd health_startup_interval: description: |- HealthStartupInterval set an interval for the startup healthcheck. Changing this setting resets the timer, depending on the state of the container. type: string x-go-name: HealthStartupInterval health_startup_retries: description: HealthStartupRetries set the maximum number of retries before the startup healthcheck will restart the container. format: uint64 type: integer x-go-name: HealthStartupRetries health_startup_success: description: |- HealthStartupSuccess set the number of consecutive successes before the startup healthcheck is marked as successful and the normal healthcheck begins (0 indicates any success will start the regular healthcheck) format: uint64 type: integer x-go-name: HealthStartupSuccess health_startup_timeout: description: HealthStartupTimeout set the maximum amount of time that the startup healthcheck may take before it is considered failed. type: string x-go-name: HealthStartupTimeout health_timeout: description: HealthTimeout set the maximum time allowed to complete the healthcheck before an interval is considered failed. type: string x-go-name: HealthTimeout no_healthcheck: description: Disable healthchecks on container. type: boolean x-go-name: NoHealthCheck type: object x-go-package: go.podman.io/podman/v6/libpod/define UsageData: description: |- UsageData Usage details about the volume. This information is used by the `GET /system/df` endpoint, and omitted in other endpoints. properties: RefCount: description: |- The number of containers referencing this volume. This field is set to `-1` if the reference-count is not available. format: int64 type: integer Size: description: |- Amount of disk space used by the volume (in bytes). This information is only available for volumes created with the `"local"` volume driver. For volumes created with other volume drivers, this field is set to `-1` ("not available") format: int64 type: integer required: - RefCount - Size type: object x-go-package: github.com/moby/moby/api/types/volume UsernsMode: title: UsernsMode represents userns mode in the container. type: string x-go-package: github.com/moby/moby/api/types/container Version: description: Version is an output struct for API properties: APIVersion: type: string BuildOrigin: type: string Built: format: int64 type: integer BuiltTime: type: string GitCommit: type: string GoVersion: type: string Os: type: string OsArch: type: string Version: type: string type: object x-go-package: go.podman.io/podman/v6/libpod/define Volume: description: Volume volume properties: ClusterVolume: $ref: '#/definitions/ClusterVolume' CreatedAt: description: Date/Time the volume was created. example: "2016-06-07T20:31:11.853781916Z" type: string Driver: description: Name of the volume driver used by the volume. example: custom type: string Labels: additionalProperties: type: string description: User-defined key/value metadata. example: com.example.some-label: some-value com.example.some-other-label: some-other-value type: object Mountpoint: description: Mount path of the volume on the host. example: /var/lib/docker/volumes/tardis type: string Name: description: Name of the volume. example: tardis type: string Options: additionalProperties: type: string description: The driver specific options used when creating the volume. example: device: tmpfs o: size=100m,uid=1000 type: tmpfs type: object Scope: description: |- The level at which the volume exists. Either `global` for cluster-wide, or `local` for machine level. enum: - local - global example: local type: string Status: additionalProperties: {} description: |- Low-level details about the volume, provided by the volume driver. Details are returned as a map with key/value pairs: `{"key":"value","key2":"value2"}`. The `Status` field is optional, and is omitted if the volume driver does not support this feature. example: hello: world type: object UsageData: $ref: '#/definitions/UsageData' required: - Driver - Labels - Mountpoint - Name - Options - Scope type: object x-go-package: github.com/moby/moby/api/types/volume VolumeConfigResponse: type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities VolumeCreateOptions: properties: Driver: description: Volume driver to use type: string GID: description: GID that the volume will be created as format: int64 type: integer IgnoreIfExists: description: Ignore existing volumes type: boolean Label: additionalProperties: type: string description: User-defined key/value metadata. Provided for compatibility type: object Labels: additionalProperties: type: string description: User-defined key/value metadata. Preferred field, will override Label type: object Name: description: New volume's name. Can be left blank type: string Options: additionalProperties: type: string description: Mapping of driver options and values. type: object UID: description: UID that the volume will be created as format: int64 type: integer type: object x-go-package: go.podman.io/podman/v6/pkg/domain/entities/types VolumeOptions: properties: DriverConfig: $ref: '#/definitions/Driver' Labels: additionalProperties: type: string type: object NoCopy: type: boolean Subpath: type: string title: VolumeOptions represents the options for a mount of type volume. type: object x-go-package: github.com/moby/moby/api/types/mount WeightDevice: description: WeightDevice is a structure that holds device:weight pair properties: Path: type: string Weight: format: uint16 type: integer type: object x-go-package: github.com/moby/moby/api/types/blkiodev cacheLibImage: type: object x-go-package: go.podman.io/podman/v6/pkg/specgen containerUpdateRequest: description: Container update properties: BlkioDeviceReadBps: items: $ref: '#/definitions/ThrottleDevice' type: array BlkioDeviceReadIOps: items: $ref: '#/definitions/ThrottleDevice' type: array BlkioDeviceWriteBps: items: $ref: '#/definitions/ThrottleDevice' type: array BlkioDeviceWriteIOps: items: $ref: '#/definitions/ThrottleDevice' type: array BlkioWeight: format: uint16 type: integer BlkioWeightDevice: items: $ref: '#/definitions/WeightDevice' type: array CgroupParent: description: Applicable to UNIX platforms type: string CpuCount: description: Applicable to Windows format: int64 type: integer x-go-name: CPUCount CpuPercent: format: int64 type: integer x-go-name: CPUPercent CpuPeriod: format: int64 type: integer x-go-name: CPUPeriod CpuQuota: format: int64 type: integer x-go-name: CPUQuota CpuRealtimePeriod: format: int64 type: integer x-go-name: CPURealtimePeriod CpuRealtimeRuntime: format: int64 type: integer x-go-name: CPURealtimeRuntime CpuShares: description: Applicable to all platforms format: int64 type: integer x-go-name: CPUShares CpusetCpus: type: string CpusetMems: type: string DeviceCgroupRules: items: type: string type: array DeviceRequests: items: $ref: '#/definitions/DeviceRequest' type: array Devices: items: $ref: '#/definitions/DeviceMapping' type: array IOMaximumBandwidth: format: uint64 type: integer IOMaximumIOps: format: uint64 type: integer Memory: format: int64 type: integer MemoryReservation: format: int64 type: integer MemorySwap: format: int64 type: integer MemorySwappiness: format: int64 type: integer NanoCpus: format: int64 type: integer x-go-name: NanoCPUs OomKillDisable: type: boolean PidsLimit: format: int64 type: integer RestartPolicy: $ref: '#/definitions/RestartPolicy' Ulimits: items: $ref: '#/definitions/Ulimit' type: array type: object x-go-package: go.podman.io/podman/v6/pkg/api/handlers/swagger networkConnectRequest: $ref: '#/definitions/ConnectRequest' description: Network connect networkConnectRequestLibpod: $ref: '#/definitions/NetworkConnectOptions' description: Network connect networkCreate: $ref: '#/definitions/CreateRequest' description: Network create networkCreateLibpod: description: Network create properties: created: description: Created contains the timestamp when this network was created. format: date-time type: string x-go-name: Created dns_enabled: description: |- DNSEnabled is whether name resolution is active for container on this Network. Only supported with the bridge driver. type: boolean x-go-name: DNSEnabled driver: description: Driver for this Network, e.g. bridge, macvlan... type: string x-go-name: Driver id: description: ID of the Network. type: string x-go-name: ID internal: description: |- Internal is whether the Network should not have external routes to public or other Networks. type: boolean x-go-name: Internal ipam_options: additionalProperties: type: string description: IPAMOptions contains options used for the ip assignment. type: object x-go-name: IPAMOptions ipv6_enabled: description: IPv6Enabled if set to true an ipv6 subnet should be created for this net. type: boolean x-go-name: IPv6Enabled labels: additionalProperties: type: string description: |- Labels is a set of key-value labels that have been applied to the Network. type: object x-go-name: Labels name: description: Name of the Network. type: string x-go-name: Name network_dns_servers: description: |- List of custom DNS server for podman's DNS resolver at network level, all the containers attached to this network will consider resolvers configured at network level. items: type: string type: array x-go-name: NetworkDNSServers network_interface: description: NetworkInterface is the network interface name on the host. type: string x-go-name: NetworkInterface options: additionalProperties: type: string description: |- Options is a set of key-value options that have been applied to the Network. type: object x-go-name: Options routes: description: Routes to use for this network. items: $ref: '#/definitions/Route' type: array x-go-name: Routes subnets: description: Subnets to use for this network. items: $ref: '#/definitions/Subnet' type: array x-go-name: Subnets type: object x-go-package: go.podman.io/podman/v6/pkg/api/handlers/swagger networkDisconnectRequest: $ref: '#/definitions/DisconnectRequest' description: Network disconnect networkUpdateRequestLibpod: $ref: '#/definitions/NetworkUpdateOptions' description: Network update volumeCreate: description: Details for creating a volume properties: Driver: description: Name of the volume driver to use. type: string DriverOpts: additionalProperties: type: string description: |- A mapping of driver options and values. These options are passed directly to the driver and are driver specific. type: object Labels: additionalProperties: type: string description: User-defined key/value metadata. type: object Name: description: The new volume's name. If not specified, Docker generates a name. type: string required: - Driver - DriverOpts - Labels - Name type: object x-go-package: go.podman.io/podman/v6/pkg/api/handlers/swagger host: podman.io info: contact: email: podman@lists.podman.io name: Podman url: https://podman.io/community/ description: |- This documentation describes the Podman v2.x+ RESTful API. It consists of a Docker-compatible API and a Libpod API providing support for Podman’s unique features such as pods. To start the service and keep it running for 5,000 seconds (-t 0 runs forever): podman system service -t 5000 & You can then use cURL on the socket using requests documented below. NOTE: if you install the package podman-docker, it will create a symbolic link for /run/docker.sock to /run/podman/podman.sock NOTE: Some fields in the API response JSON are encoded as omitempty, which means that if said field has a zero value, they will not be encoded in the API response. This is a feature to help reduce the size of the JSON responses returned via the API. NOTE: Due to the limitations of [go-swagger](https://github.com/go-swagger/go-swagger), some field values that have a complex type show up as null in the docs as well as in the API responses. This is because the zero value for the field type is null. The field description in the docs will state what type the field is expected to be for such cases. See podman-system-service(1) for more information. Quick Examples: 'podman info' curl --unix-socket /run/podman/podman.sock http://d/v6.0.0/libpod/info 'podman pull quay.io/containers/podman' curl -XPOST --unix-socket /run/podman/podman.sock -v 'http://d/v6.0.0/images/create?fromImage=quay.io%2Fcontainers%2Fpodman' 'podman list images' curl --unix-socket /run/podman/podman.sock -v 'http://d/v6.0.0/libpod/images/json' | jq license: name: Apache-2.0 url: https://opensource.org/licenses/Apache-2.0 termsOfService: https://github.com/containers/podman/blob/913caaa9b1de2b63692c9bae15120208194c9eb3/LICENSE title: supports a RESTful API for the Libpod library version: 5.0.0 x-logo: - url: https://raw.githubusercontent.com/containers/libpod/main/logo/podman-logo.png - altText: Podman logo paths: /auth: post: operationId: SystemAuth parameters: - description: Authentication to check in: body name: authConfig schema: $ref: '#/definitions/AuthConfig' produces: - application/json responses: "200": $ref: '#/responses/systemAuthResponse' "500": $ref: '#/responses/internalError' summary: Check auth configuration tags: - system (compat) /build: post: description: Build an image from the given Dockerfile(s) operationId: ImageBuild parameters: - default: application/x-tar enum: - application/x-tar in: header name: Content-Type type: string - in: header name: X-Registry-Config type: string - default: Dockerfile description: | Path within the build context to the `Dockerfile`. This is ignored if remote is specified and points to an external `Dockerfile`. in: query name: dockerfile type: string - default: latest description: A name and optional tag to apply to the image in the `name:tag` format. If you omit the tag, the default latest value is assumed. You can provide several t parameters. in: query name: t type: string - description: | TBD Extra hosts to add to /etc/hosts (As of version 1.xx) in: query name: extrahosts type: string - description: | Not to create /etc/hosts when building the image in: query name: nohosts type: boolean - description: | A Git repository URI or HTTP/HTTPS context URI. If the URI points to a single text file, the file’s contents are placed into a file called Dockerfile and the image is built from that file. If the URI points to a tarball, the file is downloaded by the daemon and the contents therein used as the context for the build. If the URI points to a tarball and the dockerfile parameter is also specified, there must be a file with the corresponding path inside the tarball. (As of version 1.xx) in: query name: remote type: string - default: 3 description: | Number of times to retry in case of failure when performing push/pull. in: query name: retry type: integer - default: 2s description: | Delay between retries in case of push/pull failures. in: query name: retry-delay type: string - default: false description: | Suppress verbose build output in: query name: q type: boolean - default: false description: | Do not use the cache when building the image (As of version 1.xx) in: query name: nocache type: boolean - description: | JSON array of images used to build cache resolution (As of version 1.xx) in: query name: cachefrom type: string - default: false description: | Attempt to pull the image even if an older image exists locally (As of version 1.xx) in: query name: pull type: boolean - default: true description: | Remove intermediate containers after a successful build (As of version 1.xx) in: query name: rm type: boolean - default: false description: | Always remove intermediate containers, even upon failure (As of version 1.xx) in: query name: forcerm type: boolean - description: | Memory is the upper limit (in bytes) on how much memory running containers can use (As of version 1.xx) in: query name: memory type: integer - description: | MemorySwap limits the amount of memory and swap together (As of version 1.xx) in: query name: memswap type: integer - description: | CPUShares (relative weight (As of version 1.xx) in: query name: cpushares type: integer - description: | CPUSetCPUs in which to allow execution (0-3, 0,1) (As of version 1.xx) in: query name: cpusetcpus type: string - description: | CPUPeriod limits the CPU CFS (Completely Fair Scheduler) period (As of version 1.xx) in: query name: cpuperiod type: integer - description: | CPUQuota limits the CPU CFS (Completely Fair Scheduler) quota (As of version 1.xx) in: query name: cpuquota type: integer - description: | JSON map of string pairs denoting build-time variables. For example, the build argument `Foo` with the value of `bar` would be encoded in JSON as `["Foo":"bar"]`. For example, buildargs={"Foo":"bar"}. Note(s): * This should not be used to pass secrets. * The value of buildargs should be URI component encoded before being passed to the API. (As of version 1.xx) in: query name: buildargs type: string - default: 67108864 description: | ShmSize is the "size" value to use when mounting an shmfs on the container's /dev/shm directory. Default is 64MB (As of version 1.xx) in: query name: shmsize type: integer - default: false description: | Silently ignored. Squash the resulting images layers into a single layer (As of version 1.xx) in: query name: squash type: boolean - default: false description: | Preserve intermediate stage images instead of removing them after the build completes. By default, they are removed to save space. However, they can be useful for debugging multi-stage builds or reusing stages in subsequent builds. in: query name: save-stages type: boolean - default: false description: | Add metadata labels to all intermediate stage images of a multistage build, including the final image. If set to true, save-stages must also be set to true. If enabled, the labels 'io.buildah.stage.name' and 'io.buildah.stage.base' will be added. in: query name: stage-labels type: boolean - description: | JSON map of key, value pairs to set as labels on the new image (As of version 1.xx) in: query name: labels type: string - default: bridge description: | Sets the networking mode for the run commands during build. Supported standard values are: * `bridge` limited to containers within a single host, port mapping required for external access * `host` no isolation between host and containers on this network * `none` disable all networking for this container * container: share networking with given container ---All other values are assumed to be a custom network's name (As of version 1.xx) in: query name: networkmode type: string - description: | Platform format os[/arch[/variant]] Can be comma separated list for multi arch builds. (As of version 1.xx) in: query name: platform type: string - description: | Target build stage (As of version 1.xx) in: query name: target type: string - description: | output configuration TBD (As of version 1.xx) in: query name: outputs type: string - description: | A tar archive compressed with one of the following algorithms: identity (no compression), gzip, bzip2, xz. in: body name: inputStream schema: format: binary type: string produces: - application/json responses: "200": description: OK (As of version 1.xx) schema: properties: stream: description: output from build process example: | (build details...) Successfully built 8ba084515c724cbf90d447a63600c0a6 Successfully tagged your_image:latest type: string required: - stream type: object "400": $ref: '#/responses/badParamError' "500": $ref: '#/responses/internalError' summary: Build image tags: - images (compat) /commit: post: description: Create a new image from a container operationId: ImageCommit parameters: - description: the name or ID of a container in: query name: container type: string - description: the repository name for the created image in: query name: repo type: string - description: tag name for the created image in: query name: tag type: string - description: commit message in: query name: comment type: string - description: author of the image in: query name: author type: string - description: pause the container before committing it in: query name: pause type: boolean - description: instructions to apply while committing in Dockerfile format in: query name: changes type: string - description: squash newly built layers into a single new layer in: query name: squash type: boolean produces: - application/json responses: "201": description: no error "404": $ref: '#/responses/imageNotFound' "500": $ref: '#/responses/internalError' summary: New Image tags: - containers (compat) /containers/{name}: delete: operationId: ContainerDelete parameters: - description: the name or ID of the container in: path name: name required: true type: string - default: false description: If the container is running, kill it before removing it. in: query name: force type: boolean - default: false description: Remove the volumes associated with the container. in: query name: v type: boolean - description: not supported in: query name: link type: boolean - default: false description: Ignore if a specified container does not exist. in: query name: ignore type: boolean - default: false description: Remove container dependencies. in: query name: depend type: boolean - description: Number of seconds to wait before forcibly stopping the container. in: query name: timeout type: integer - default: false description: Remove anonymous volumes associated with the container. in: query name: volumes type: boolean produces: - application/json responses: "204": description: no error "400": $ref: '#/responses/badParamError' "404": $ref: '#/responses/containerNotFound' "409": $ref: '#/responses/conflictError' "500": $ref: '#/responses/internalError' summary: Remove a container tags: - containers (compat) /containers/{name}/archive: get: description: Get a tar archive of files from a container operationId: ContainerArchive parameters: - description: container name or id in: path name: name required: true type: string - description: Path to a directory in the container to extract in: query name: path required: true type: string produces: - application/json responses: "200": description: no error schema: format: binary type: string "400": $ref: '#/responses/badParamError' "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: Get files from a container tags: - containers (compat) put: description: Put a tar archive of files into a container operationId: PutContainerArchive parameters: - description: container name or id in: path name: name required: true type: string - description: Path to a directory in the container to extract in: query name: path required: true type: string - description: if unpacking the given content would cause an existing directory to be replaced with a non-directory and vice versa (1 or true) in: query name: noOverwriteDirNonDir type: string - description: copy UID/GID maps to the dest file or di (1 or true) in: query name: copyUIDGID type: string - description: tarfile of files to copy into the container in: body name: request schema: type: string produces: - application/json responses: "200": description: no error "400": $ref: '#/responses/badParamError' "403": description: the container rootfs is read-only "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: Put files into a container tags: - containers (compat) /containers/{name}/attach: post: description: | Attach to a container to read its output or send it input. You can attach to the same container multiple times and you can reattach to containers that have been detached. It uses the same stream format as docker, see the libpod attach endpoint for a description of the format. operationId: ContainerAttach parameters: - description: the name or ID of the container in: path name: name required: true type: string - description: keys to use for detaching from the container in: query name: detachKeys type: string - description: Stream all logs from the container across the connection. Happens before streaming attach (if requested). At least one of logs or stream must be set in: query name: logs type: boolean - default: true description: Attach to the container. If unset, and logs is set, only the container's logs will be sent. At least one of stream or logs must be set in: query name: stream type: boolean - description: Attach to container STDOUT in: query name: stdout type: boolean - description: Attach to container STDERR in: query name: stderr type: boolean - description: Attach to container STDIN in: query name: stdin type: boolean produces: - application/json responses: "101": description: No error, connection has been hijacked for transporting streams. "400": $ref: '#/responses/badParamError' "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: Attach to a container tags: - containers (compat) /containers/{name}/changes: get: description: | Returns which files in a container's filesystem have been added, deleted, or modified. The Kind of modification can be one of: 0: Modified 1: Added 2: Deleted operationId: ContainerChanges parameters: - description: the name or id of the container in: path name: name required: true type: string - description: specify a second layer which is used to compare against it instead of the parent layer in: query name: parent type: string - description: select what you want to match, default is all enum: - all - container - image in: query name: diffType type: string responses: "200": description: Array of Changes "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: Report on changes to container's filesystem; adds, deletes or modifications. tags: - containers (compat) /containers/{name}/exec: post: description: Create an exec session to run a command inside a running container. Exec sessions will be automatically removed 5 minutes after they exit. operationId: ContainerExec parameters: - description: name of container in: path name: name required: true type: string - description: Attributes for create in: body name: control schema: properties: AttachStderr: description: Attach to stderr of the exec command type: boolean AttachStdin: description: Attach to stdin of the exec command type: boolean AttachStdout: description: Attach to stdout of the exec command type: boolean Cmd: description: Command to run, as a string or array of strings. items: type: string type: array DetachKeys: description: | "Override the key sequence for detaching a container. Format is a single character [a-Z] or ctrl- where is one of: a-z, @, ^, [, , or _." type: string Env: description: A list of environment variables in the form ["VAR=value", ...] items: type: string type: array Privileged: default: false description: Runs the exec process with extended privileges type: boolean Tty: description: Allocate a pseudo-TTY type: boolean User: description: | "The user, and optionally, group to run the exec process inside the container. Format is one of: user, user:group, uid, or uid:gid." type: string WorkingDir: description: The working directory for the exec process inside the container. type: string type: object produces: - application/json responses: "201": description: no error "404": $ref: '#/responses/containerNotFound' "409": description: container is paused "500": $ref: '#/responses/internalError' summary: Create an exec instance tags: - exec (compat) /containers/{name}/export: get: description: Export the contents of a container as a tarball. operationId: ContainerExport parameters: - description: the name or ID of the container in: path name: name required: true type: string produces: - application/json responses: "200": description: tarball is returned in body "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: Export a container tags: - containers (compat) /containers/{name}/json: get: description: Return low-level information about a container. operationId: ContainerInspect parameters: - description: the name or id of the container in: path name: name required: true type: string - default: false description: include the size of the container in: query name: size type: boolean produces: - application/json responses: "200": $ref: '#/responses/containerInspectResponse' "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: Inspect container tags: - containers (compat) /containers/{name}/kill: post: description: Signal to send to the container as an integer or string (e.g. SIGINT) operationId: ContainerKill parameters: - description: the name or ID of the container in: path name: name required: true type: string - default: false description: Send kill signal to all containers in: query name: all type: boolean - default: SIGKILL description: signal to be sent to container in: query name: signal type: string produces: - application/json responses: "204": description: no error "404": $ref: '#/responses/containerNotFound' "409": $ref: '#/responses/conflictError' "500": $ref: '#/responses/internalError' summary: Kill container tags: - containers (compat) /containers/{name}/logs: get: description: Get stdout and stderr logs from a container. operationId: ContainerLogs parameters: - description: the name or ID of the container in: path name: name required: true type: string - description: Keep connection after returning logs. in: query name: follow type: boolean - description: Return logs from stdout in: query name: stdout type: boolean - description: Return logs from stderr in: query name: stderr type: boolean - description: Only return logs since this time, as a UNIX timestamp in: query name: since type: string - description: Only return logs before this time, as a UNIX timestamp in: query name: until type: string - default: false description: Add timestamps to every log line in: query name: timestamps type: boolean - default: all description: Only return this number of log lines from the end of the logs in: query name: tail type: string produces: - application/json responses: "200": description: logs returned as a stream in response body. "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: Get container logs tags: - containers (compat) /containers/{name}/pause: post: description: Use the cgroups freezer to suspend all processes in a container. operationId: ContainerPause parameters: - description: the name or ID of the container in: path name: name required: true type: string produces: - application/json responses: "204": description: no error "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: Pause container tags: - containers (compat) /containers/{name}/rename: post: description: Change the name of an existing container. operationId: ContainerRename parameters: - description: Full or partial ID or full name of the container to rename in: path name: name required: true type: string - description: New name for the container in: query name: name required: true type: string produces: - application/json responses: "204": description: no error "404": $ref: '#/responses/containerNotFound' "409": $ref: '#/responses/conflictError' "500": $ref: '#/responses/internalError' summary: Rename an existing container tags: - containers (compat) /containers/{name}/resize: post: description: Resize the terminal attached to a container (for use with Attach). operationId: ContainerResize parameters: - description: the name or ID of the container in: path name: name required: true type: string - description: Height to set for the terminal, in characters in: query name: h type: integer - description: Width to set for the terminal, in characters in: query name: w type: integer - description: Ignore containers not running errors in: query name: running type: boolean produces: - application/json responses: "200": $ref: '#/responses/ok' "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: Resize a container's TTY tags: - containers (compat) /containers/{name}/restart: post: operationId: ContainerRestart parameters: - description: the name or ID of the container in: path name: name required: true type: string - description: timeout before sending kill signal to container in: query name: t type: integer produces: - application/json responses: "204": description: no error "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: Restart container tags: - containers (compat) /containers/{name}/start: post: operationId: ContainerStart parameters: - description: the name or ID of the container in: path name: name required: true type: string - default: ctrl-p,ctrl-q description: 'Override the key sequence for detaching a container. Format is a single character [a-Z] or ctrl- where is one of: a-z, @, ^, [, , or _.' in: query name: detachKeys type: string produces: - application/json responses: "204": description: no error "304": $ref: '#/responses/containerAlreadyStartedError' "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: Start a container tags: - containers (compat) /containers/{name}/stats: get: description: This returns a live stream of a container’s resource usage statistics. operationId: ContainerStats parameters: - description: the name or ID of the container in: path name: name required: true type: string - default: true description: Stream the output in: query name: stream type: boolean - default: false description: Provide a one-shot response in which preCPU stats are blank, resulting in a single cycle return. in: query name: one-shot type: boolean produces: - application/json responses: "200": description: no error schema: type: object "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: Get stats for a container tags: - containers (compat) /containers/{name}/stop: post: description: Stop a container operationId: ContainerStop parameters: - description: the name or ID of the container in: path name: name required: true type: string - description: number of seconds to wait before killing container in: query name: t type: integer - description: Number of seconds to wait before killing the container (libpod alias for `t`). in: query name: timeout type: integer - default: false description: Do not return an error if the container is already stopped. in: query name: ignore type: boolean produces: - application/json responses: "204": description: no error "304": $ref: '#/responses/containerAlreadyStoppedError' "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: Stop a container tags: - containers (compat) /containers/{name}/top: get: operationId: ContainerTop parameters: - description: the name or ID of the container in: path name: name required: true type: string - default: -ef description: arguments to pass to ps such as aux. in: query name: ps_args type: string produces: - application/json responses: "200": $ref: '#/responses/containerTopResponse' "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: List processes running inside a container tags: - containers (compat) /containers/{name}/unpause: post: description: Resume a paused container operationId: ContainerUnpause parameters: - description: the name or ID of the container in: path name: name required: true type: string produces: - application/json responses: "204": description: no error "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: Unpause container tags: - containers (compat) /containers/{name}/update: post: description: Change configuration settings for an existing container without requiring recreation. operationId: ContainerUpdate parameters: - description: Full or partial ID or full name of the container to rename in: path name: name required: true type: string - description: attributes for updating the container in: body name: resources schema: $ref: '#/definitions/containerUpdateRequest' produces: - application/json responses: "200": description: no error "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: Update configuration of an existing container, allowing changes to resource limits tags: - containers (compat) /containers/{name}/wait: post: description: | Block until a container stops or given condition is met. This is a Docker-compatible endpoint. operationId: ContainerWait parameters: - description: the name or ID of the container in: path name: name required: true type: string - default: not-running description: | Wait condition. Valid values are: - not-running (default) - return when the container is not running (stopped, exited, or was never started). - next-exit - wait for the next time the container stops. If the container is running, block until it exits. If the container is already stopped, block until the next start-and-exit cycle. - removed - wait until the container is removed. in: query name: condition type: string produces: - application/json responses: "200": $ref: '#/responses/containerWaitResponse' "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: Wait on a container tags: - containers (compat) /containers/create: post: operationId: ContainerCreate parameters: - description: container name in: query name: name type: string - description: Container to create in: body name: body required: true schema: $ref: '#/definitions/CreateContainerConfig' produces: - application/json responses: "201": $ref: '#/responses/containerCreateResponse' "400": $ref: '#/responses/badParamError' "404": $ref: '#/responses/containerNotFound' "409": $ref: '#/responses/conflictError' "500": $ref: '#/responses/internalError' summary: Create a container tags: - containers (compat) /containers/json: get: description: Returns a list of containers operationId: ContainerList parameters: - default: false description: Return all containers. By default, only running containers are shown in: query name: all type: boolean - default: false description: Return containers in storage not controlled by Podman in: query name: external type: boolean - description: Return this number of most recently created containers, including non-running ones. in: query name: limit type: integer - default: false description: Return the size of container as fields SizeRw and SizeRootFs. in: query name: size type: boolean - description: | A JSON encoded value of the filters (a `map[string][]string`) to process on the containers list. Available filters: - `ancestor`=(`[:]`, ``, or ``) - `before`=(`` or ``) - `expose`=(`[/]` or `/[]`) - `exited=` containers with exit code of `` - `health`=(`starting`, `healthy`, `unhealthy` or `none`) - `id=` a container's ID - `is-task`=(`true` or `false`) - `label`=(`key` or `"key=value"`) of a container label - `name=` a container's name - `network`=(`` or ``) - `publish`=(`[/]` or `/[]`) - `since`=(`` or ``) - `status`=(`created`, `restarting`, `running`, `removing`, `paused`, `exited` or `dead`) - `volume`=(`` or ``) in: query name: filters type: string produces: - application/json responses: "200": $ref: '#/responses/containersList' "400": $ref: '#/responses/badParamError' "500": $ref: '#/responses/internalError' summary: List containers tags: - containers (compat) /containers/prune: post: description: Remove containers not in use operationId: ContainerPrune parameters: - description: | Filters to process on the prune list, encoded as JSON (a `map[string][]string`). Available filters: - `until=` Prune containers created before this timestamp. The `` can be Unix timestamps, date formatted timestamps, or Go duration strings (e.g. `10m`, `1h30m`) computed relative to the daemon machine’s time. - `label` (`label=`, `label==`, `label!=`, or `label!==`) Prune containers with (or without, in case `label!=...` is used) the specified labels. in: query name: filters type: string produces: - application/json responses: "200": $ref: '#/responses/containersPrune' "500": $ref: '#/responses/internalError' summary: Delete stopped containers tags: - containers (compat) /events: get: description: Returns events filtered on query parameters operationId: SystemEvents parameters: - description: start streaming events from this time in: query name: since type: string - description: stop streaming events later than this in: query name: until type: string - description: JSON encoded map[string][]string of constraints in: query name: filters type: string produces: - application/json responses: "200": description: returns a string of json data describing an event "500": $ref: '#/responses/internalError' summary: Get events tags: - system (compat) /exec/{id}/json: get: description: Return low-level information about an exec instance. operationId: ExecInspect parameters: - description: Exec instance ID in: path name: id required: true type: string produces: - application/json responses: "200": $ref: '#/responses/execSessionInspect' "404": $ref: '#/responses/execSessionNotFound' "500": $ref: '#/responses/internalError' summary: Inspect an exec instance tags: - exec (compat) /exec/{id}/resize: post: description: | Resize the TTY session used by an exec instance. This endpoint only works if tty was specified as part of creating and starting the exec instance. operationId: ExecResize parameters: - description: Exec instance ID in: path name: id required: true type: string - description: Height of the TTY session in characters in: query name: h type: integer - description: Width of the TTY session in characters in: query name: w type: integer - description: Ignore containers not running errors in: query name: running type: boolean produces: - application/json responses: "201": description: no error "404": $ref: '#/responses/execSessionNotFound' "500": $ref: '#/responses/internalError' summary: Resize an exec instance tags: - exec (compat) /exec/{id}/start: post: description: Starts a previously set up exec instance. If detach is true, this endpoint returns immediately after starting the command. Otherwise, it sets up an interactive session with the command. operationId: ExecStart parameters: - description: Exec instance ID in: path name: id required: true type: string - description: Attributes for start in: body name: control schema: properties: Detach: description: Detach from the command. Not presently supported. type: boolean Tty: description: Allocate a pseudo-TTY. Presently ignored. type: boolean type: object produces: - application/octet-stream responses: "200": description: no error "404": $ref: '#/responses/execSessionNotFound' "409": description: container is not running "500": $ref: '#/responses/internalError' summary: Start an exec instance tags: - exec (compat) /images/{name}: delete: description: Delete an image from local storage operationId: ImageDelete parameters: - description: name or ID of image to delete in: path name: name required: true type: string - description: Remove the image even if it is being used by stopped containers or has other tags in: query name: force type: boolean - description: do not remove dangling parent images in: query name: noprune type: boolean - default: false description: Ignore if a specified image does not exist and do not throw an error. in: query name: ignore type: boolean produces: - application/json responses: "200": $ref: '#/responses/imageDeleteResponse' "404": $ref: '#/responses/imageNotFound' "409": $ref: '#/responses/conflictError' "500": $ref: '#/responses/internalError' summary: Remove Image tags: - images (compat) /images/{name}/get: get: description: Export an image in tarball format operationId: ImageGet parameters: - description: the name or ID of the container in: path name: name required: true type: string produces: - application/x-tar responses: "200": description: no error schema: format: binary type: string "500": $ref: '#/responses/internalError' summary: Export an image tags: - images (compat) /images/{name}/history: get: description: Return parent layers of an image. operationId: ImageHistory parameters: - description: the name or ID of the container in: path name: name required: true type: string produces: - application/json responses: "200": $ref: '#/responses/history' "404": $ref: '#/responses/imageNotFound' "500": $ref: '#/responses/internalError' summary: History of an image tags: - images (compat) /images/{name}/json: get: description: Return low-level information about an image. operationId: ImageInspect parameters: - description: the name or ID of the container in: path name: name required: true type: string produces: - application/json responses: "200": $ref: '#/responses/imageInspect' "404": $ref: '#/responses/imageNotFound' "500": $ref: '#/responses/internalError' summary: Inspect an image tags: - images (compat) /images/{name}/push: post: description: Push an image to a container registry operationId: ImagePush parameters: - description: Name of image to push. in: path name: name required: true type: string - description: The tag to associate with the image on the registry. in: query name: tag type: string - description: All indicates whether to push all images related to the image list in: query name: all type: boolean - description: Use compression on image. in: query name: compress type: boolean - description: Allows for pushing the image to a different destination than the image refers to. in: query name: destination type: string - description: Manifest type (oci, v2s1, or v2s2) to use when pushing an image. Default is manifest type of source, with fallbacks. in: query name: format type: string - default: true description: Require TLS verification. in: query name: tlsVerify type: boolean - description: A base64-encoded auth configuration. in: header name: X-Registry-Auth type: string produces: - application/json responses: "200": description: no error schema: format: binary type: string "404": $ref: '#/responses/imageNotFound' "500": $ref: '#/responses/internalError' summary: Push Image tags: - images (compat) /images/{name}/tag: post: description: Tag an image so that it becomes part of a repository. operationId: ImageTag parameters: - description: the name or ID of the container in: path name: name required: true type: string - description: the repository to tag in in: query name: repo type: string - description: the name of the new tag in: query name: tag type: string produces: - application/json responses: "201": description: no error "400": $ref: '#/responses/badParamError' "404": $ref: '#/responses/imageNotFound' "409": $ref: '#/responses/conflictError' "500": $ref: '#/responses/internalError' summary: Tag an image tags: - images (compat) /images/create: post: consumes: - text/plain - application/octet-stream description: Create an image by either pulling it from a registry or importing it. operationId: ImageCreate parameters: - description: A base64-encoded auth configuration. in: header name: X-Registry-Auth type: string - description: Name of the image to pull. The name may include a tag or digest. This parameter may only be used when pulling an image. The pull is cancelled if the HTTP connection is closed. in: query name: fromImage type: string - description: Source to import. The value may be a URL from which the image can be retrieved or - to read the image from the request body. This parameter may only be used when importing an image in: query name: fromSrc type: string - description: Repository name given to an image when it is imported. The repo may include a tag. This parameter may only be used when importing an image. in: query name: repo type: string - description: Tag or digest. If empty when pulling an image, this causes all tags for the given image to be pulled. in: query name: tag type: string - description: Set commit message for imported image. in: query name: message type: string - description: Platform in the format os[/arch[/variant]] in: query name: platform type: string - description: Number of times to retry in case of failure when performing pull. in: query name: retry type: integer - description: Delay between retries in case of pull failures. in: query name: retryDelay type: string - description: Image content if fromSrc parameter was used in: body name: inputImage schema: format: binary type: string produces: - application/json responses: "200": description: no error schema: format: binary type: string "404": $ref: '#/responses/imageNotFound' "500": $ref: '#/responses/internalError' summary: Create an image tags: - images (compat) /images/get: get: description: Get a tarball containing all images and metadata for several image repositories operationId: ImageGetAll parameters: - description: one or more image names or IDs comma separated in: query name: names required: true type: string produces: - application/json responses: "200": description: no error schema: format: binary type: string "500": $ref: '#/responses/internalError' summary: Export several images tags: - images (compat) /images/json: get: description: Returns a list of images on the server. Note that it uses a different, smaller representation of an image than inspecting a single image. operationId: ImageList parameters: - default: false description: Show all images. Only images from a final layer (no children) are shown by default. in: query name: all type: boolean - description: | JSON-encoded string containing filters as a `map[string][]string` to process on the images list. Available filters: - `before`=(`[:]`, `` or ``) - `dangling=true` - `label=key` or `label="key=value"` of an image label - `reference`=(`[:]`) - `since`=(`[:]`, `` or ``) in: query name: filters type: string - default: false description: Not supported in: query name: digests type: boolean - default: false description: Compute and show shared size as a SharedSize field on each image. in: query name: shared-size type: boolean produces: - application/json responses: "200": $ref: '#/responses/imageList' "500": $ref: '#/responses/internalError' summary: List Images tags: - images (compat) /images/load: post: description: Load a set of images and tags into a repository. operationId: ImageLoad parameters: - description: not supported in: query name: quiet type: boolean - description: tarball of container image in: body name: request schema: type: string produces: - application/json responses: "200": description: no error "500": $ref: '#/responses/internalError' summary: Import image tags: - images (compat) /images/prune: post: description: Remove images from local storage that are not being used by a container operationId: ImagePrune parameters: - description: | filters to apply to image pruning, encoded as JSON (map[string][]string). Available filters: - `dangling=` When set to `true` (or `1`), prune only unused *and* untagged images. When set to `false` (or `0`), all unused images are pruned. - `until=` Prune images created before this timestamp. The `` can be Unix timestamps, date formatted timestamps, or Go duration strings (e.g. `10m`, `1h30m`) computed relative to the daemon machine’s time. - `label` (`label=`, `label==`, `label!=`, or `label!==`) Prune images with (or without, in case `label!=...` is used) the specified labels. in: query name: filters type: string produces: - application/json responses: "200": $ref: '#/responses/imageDeleteResponse' "500": $ref: '#/responses/internalError' summary: Prune unused images tags: - images (compat) /images/search: get: description: Search registries for an image operationId: ImageSearch parameters: - description: term to search in: query name: term type: string - default: 25 description: maximum number of results in: query name: limit type: integer - description: | JSON-encoded string containing filters as a `map[string][]string` to process on the images list. Available filters: - `is-automated=(true|false)` - `is-official=(true|false)` - `stars=` Matches images that have at least 'number' stars. in: query name: filters type: string - default: true description: Require HTTPS and verify signatures when contacting registries. in: query name: tlsVerify type: boolean - description: list the available tags in the repository in: query name: listTags type: boolean produces: - application/json responses: "200": $ref: '#/responses/registrySearchResponse' "400": $ref: '#/responses/badParamError' "500": $ref: '#/responses/internalError' summary: Search images tags: - images (compat) /info: get: description: Returns information on the system and libpod configuration operationId: SystemInfo produces: - application/json responses: "200": description: to be determined "500": $ref: '#/responses/internalError' summary: Get info tags: - system (compat) /libpod/_ping: get: description: | Return protocol information in response headers. `HEAD /libpod/_ping` is also supported. `/_ping` is available for compatibility with other engines. The '_ping' endpoints are not versioned. operationId: SystemPing produces: - text/plain responses: "200": description: Success headers: API-Version: description: Max compatibility API Version the server supports type: string BuildKit-Version: description: Default version of docker image builder type: string Cache-Control: description: always no-cache type: string Docker-Experimental: description: If the server is running with experimental mode enabled, always true type: boolean Libpod-API-Version: description: | Max Podman API Version the server supports. Available if service is backed by Podman, therefore may be used to determine if talking to Podman engine or another engine type: string Libpod-Buildah-Version: description: | Default version of libpod image builder. Available if service is backed by Podman, therefore may be used to determine if talking to Podman engine or another engine type: string Pragma: description: always no-cache type: string schema: description: OK example: OK type: string "500": $ref: '#/responses/internalError' summary: Ping service tags: - system (compat) - system /libpod/artifacts/{name}: delete: description: Remove a single artifact from local storage by name or ID. operationId: ArtifactDeleteLibpod parameters: - description: Name or ID of the artifact to remove in: path name: name required: true type: string produces: - application/json responses: "200": $ref: '#/responses/artifactRemoveResponse' "404": $ref: '#/responses/artifactNotFound' "500": $ref: '#/responses/internalError' summary: Remove an artifact tags: - artifacts /libpod/artifacts/{name}/extract: get: description: Extract the files of an OCI artifact to the local filesystem as a tar archive. operationId: ArtifactExtractLibpod parameters: - description: Name or digest of the artifact in: path name: name required: true type: string - description: Only extract the file with the given title in: query name: title type: string - description: Only extract the file with the given digest in: query name: digest type: string - description: | When extracting a single file from an artifact, don't use the files title as the file name in the tar archive in: query name: excludeTitle type: boolean produces: - application/x-tar responses: "200": description: Extract successful schema: type: file "400": $ref: '#/responses/badParamError' "404": $ref: '#/responses/artifactNotFound' "500": $ref: '#/responses/internalError' summary: Extract an artifacts contents tags: - artifacts /libpod/artifacts/{name}/json: get: description: | Retrieve detailed information about a specific OCI artifact by name or ID. operationId: ArtifactInspectLibpod parameters: - description: Name or ID of the artifact in: path name: name required: true type: string produces: - application/json responses: "200": $ref: '#/responses/inspectArtifactResponse' "404": $ref: '#/responses/artifactNotFound' "500": $ref: '#/responses/internalError' summary: Inspect an artifact tags: - artifacts /libpod/artifacts/{name}/push: post: description: Push an OCI artifact from local storage to a remote image registry. operationId: ArtifactPushLibpod parameters: - description: Mandatory reference to the artifact (e.g., quay.io/image/artifact:tag) in: path name: name required: true type: string - default: 3 description: Number of times to retry in case of failure when performing pull in: query name: retry type: integer - default: 1s description: Delay between retries in case of pull failures (e.g., 10s) in: query name: retryDelay type: string - default: true description: Require TLS verification in: query name: tlsVerify type: boolean - description: | base-64 encoded auth config. Must include the following four values: username, password, email and server address OR simply just an identity token. in: header name: X-Registry-Auth type: string produces: - application/json responses: "200": $ref: '#/responses/artifactPushResponse' "400": $ref: '#/responses/badParamError' "401": $ref: '#/responses/artifactBadAuth' "404": $ref: '#/responses/artifactNotFound' "500": $ref: '#/responses/internalError' summary: Push an artifact tags: - artifacts /libpod/artifacts/add: post: consumes: - application/octet-stream description: | Add a file as a new OCI artifact, or append to an existing artifact if 'append' is true. operationId: ArtifactAddLibpod parameters: - description: Mandatory reference to the artifact (e.g., quay.io/image/artifact:tag) in: query name: name required: true type: string - description: Path of the file to be added in: query name: fileName required: true type: string - description: Optionally set the type of file in: query name: fileMIMEType type: string - description: Array of annotation strings e.g "test=true" in: query items: type: string name: annotations type: array - description: Use type to describe an artifact in: query name: artifactMIMEType type: string - default: false description: Append files to an existing artifact in: query name: append type: boolean - default: false description: Replace an existing artifact with the same name in: query name: replace type: boolean - description: Binary stream of the file to add to an artifact in: body name: inputStream schema: format: binary type: string produces: - application/json responses: "201": $ref: '#/responses/artifactAddResponse' "400": $ref: '#/responses/badParamError' "404": $ref: '#/responses/artifactNotFound' "500": $ref: '#/responses/internalError' summary: Add a file as an artifact tags: - artifacts /libpod/artifacts/json: get: description: Return a list of all OCI artifacts in local storage. operationId: ArtifactListLibpod produces: - application/json responses: "200": $ref: '#/responses/artifactListResponse' "500": $ref: '#/responses/internalError' summary: List artifacts tags: - artifacts /libpod/artifacts/local/add: post: description: | Add a file from the local filesystem as a new OCI artifact, or append to an existing artifact if 'append' is true. operationId: ArtifactLocalLibpod parameters: - description: Mandatory reference to the artifact (e.g., quay.io/image/artifact:tag) in: query name: name required: true type: string - description: Absolute path to the local file on the server filesystem to be added in: query name: path required: true type: string - description: Name/title of the file within the artifact in: query name: fileName required: true type: string - description: Optionally set the MIME type of the file in: query name: fileMIMEType type: string - description: Array of annotation strings e.g "test=true" in: query items: type: string name: annotations type: array - description: Use type to describe an artifact in: query name: artifactMIMEType type: string - default: false description: Append files to an existing artifact in: query name: append type: boolean - default: false description: Replace an existing artifact with the same name in: query name: replace type: boolean produces: - application/json responses: "201": $ref: '#/responses/artifactAddResponse' "400": $ref: '#/responses/badParamError' "404": $ref: '#/responses/artifactNotFound' "500": $ref: '#/responses/internalError' summary: Add a local file as an artifact tags: - artifacts /libpod/artifacts/pull: post: description: Pull an OCI artifact from a remote registry to local storage. operationId: ArtifactPullLibpod parameters: - description: Mandatory reference to the artifact (e.g., quay.io/image/artifact:tag) in: query name: name required: true type: string - default: 3 description: Number of times to retry in case of failure when performing pull in: query name: retry type: integer - default: 1s description: Delay between retries in case of pull failures (e.g., 10s) in: query name: retryDelay type: string - default: true description: Require TLS verification in: query name: tlsVerify type: boolean - description: | base-64 encoded auth config. Must include the following four values: username, password, email and server address OR simply just an identity token. in: header name: X-Registry-Auth type: string produces: - application/json responses: "200": $ref: '#/responses/artifactPullResponse' "400": $ref: '#/responses/badParamError' "401": $ref: '#/responses/artifactBadAuth' "404": $ref: '#/responses/artifactNotFound' "500": $ref: '#/responses/internalError' summary: Pull an artifact tags: - artifacts /libpod/artifacts/remove: delete: description: | Remove one or more OCI artifacts from local storage. Can be filtered by name/ID or all artifacts can be removed. operationId: ArtifactDeleteAllLibpod parameters: - description: List of artifact names/IDs to remove in: query items: type: string name: artifacts type: array - description: Remove all artifacts in: query name: all type: boolean - description: Ignore errors if artifact does not exist in: query name: ignore type: boolean produces: - application/json responses: "200": $ref: '#/responses/artifactRemoveResponse' "404": $ref: '#/responses/artifactNotFound' "500": $ref: '#/responses/internalError' summary: Remove one or more artifacts tags: - artifacts /libpod/build: post: description: Build an image from the given Dockerfile(s) operationId: ImageBuildLibpod parameters: - default: application/x-tar enum: - application/x-tar - multipart/form-data in: header name: Content-Type type: string - in: header name: X-Registry-Config type: string - default: Dockerfile description: | Path within the build context to the `Dockerfile`. This is ignored if remote is specified and points to an external `Dockerfile`. in: query name: dockerfile type: string - default: latest description: A name and optional tag to apply to the image in the `name:tag` format. If you omit the tag, the default latest value is assumed. You can provide several t parameters. in: query name: t type: string - default: false description: | Instead of building for a set of platforms specified using the platform option, inspect the build's base images, and build for all of the platforms that are available. Stages that use *scratch* as a starting point can not be inspected, so at least one non-*scratch* stage must be present for detection to work usefully. in: query name: allplatforms type: boolean - default: [] description: | Additional build contexts for builds that require more than one context. Each additional context must be specified as a key-value pair in the format "name=value". The value can be specified in two formats: - URL context: Use the prefix "url:" followed by a URL to a tar archive Example: "mycontext=url:https://example.com/context.tar" - Image context: Use the prefix "image:" followed by an image reference Example: "mycontext=image:alpine:latest" or "mycontext=image:docker.io/library/ubuntu:22.04" Local contexts are provided via multipart/form-data upload. When using multipart/form-data, include additional build contexts as separate form fields with names prefixed by "build-context-". For example, a local context named "mycontext" should be uploaded as a tar file in a field named "build-context-mycontext". (As of version 5.6.0) in: query items: type: string name: additionalbuildcontexts type: array - description: | TBD Extra hosts to add to /etc/hosts (As of version 1.xx) in: query name: extrahosts type: string - description: | Not to create /etc/hosts when building the image in: query name: nohosts type: boolean - description: | A Git repository URI or HTTP/HTTPS context URI. If the URI points to a single text file, the file’s contents are placed into a file called Dockerfile and the image is built from that file. If the URI points to a tarball, the file is downloaded by the daemon and the contents therein used as the context for the build. If the URI points to a tarball and the dockerfile parameter is also specified, there must be a file with the corresponding path inside the tarball. (As of version 1.xx) in: query name: remote type: string - default: false description: | Suppress verbose build output in: query name: q type: boolean - default: false description: | Contents of volume locations to be modified on ADD or COPY only (As of Podman version v5.2) in: query name: compatvolumes type: boolean - default: true description: | Add an "org.opencontainers.image.created" annotation to the image. (As of Podman version v5.6) in: query name: createdannotation type: boolean - description: | Timestamp to use for newly-added history entries and the image's creation date. (As of Podman version v5.6) in: query name: sourcedateepoch type: number - default: false description: | If sourcedateepoch is set, force new content added in layers to have timestamps no later than the sourcedateepoch date. (As of Podman version v5.6) in: query name: rewritetimestamp type: boolean - description: | Timestamp to use for newly-added history entries, the image's creation date, and for new content added in layers. in: query name: timestamp type: number - default: true description: | Inherit the labels from the base image or base stages (As of Podman version v5.5) in: query name: inheritlabels type: boolean - default: true description: | Inherit the annotations from the base image or base stages (As of Podman version v5.6) in: query name: inheritannotations type: boolean - default: false description: | Do not use the cache when building the image (As of version 1.xx) in: query name: nocache type: boolean - description: | JSON array of images used to build cache resolution (As of version 1.xx) in: query name: cachefrom type: string - default: false description: | Attempt to pull the image even if an older image exists locally (As of version 1.xx) in: query name: pull type: boolean - default: true description: | Remove intermediate containers after a successful build (As of version 1.xx) in: query name: rm type: boolean - default: false description: | Always remove intermediate containers, even upon failure (As of version 1.xx) in: query name: forcerm type: boolean - description: | Memory is the upper limit (in bytes) on how much memory running containers can use (As of version 1.xx) in: query name: memory type: integer - description: | MemorySwap limits the amount of memory and swap together (As of version 1.xx) in: query name: memswap type: integer - description: | CPUShares (relative weight (As of version 1.xx) in: query name: cpushares type: integer - description: | CPUSetCPUs in which to allow execution (0-3, 0,1) (As of version 1.xx) in: query name: cpusetcpus type: string - description: | CPUPeriod limits the CPU CFS (Completely Fair Scheduler) period (As of version 1.xx) in: query name: cpuperiod type: integer - description: | CPUQuota limits the CPU CFS (Completely Fair Scheduler) quota (As of version 1.xx) in: query name: cpuquota type: integer - description: | JSON map of string pairs denoting build-time variables. For example, the build argument `Foo` with the value of `bar` would be encoded in JSON as `["Foo":"bar"]`. For example, buildargs={"Foo":"bar"}. Note(s): * This should not be used to pass secrets. * The value of buildargs should be URI component encoded before being passed to the API. (As of version 1.xx) in: query name: buildargs type: string - default: 67108864 description: | ShmSize is the "size" value to use when mounting an shmfs on the container's /dev/shm directory. Default is 64MB (As of version 1.xx) in: query name: shmsize type: integer - default: false description: | Silently ignored. Squash the resulting images layers into a single layer (As of version 1.xx) in: query name: squash type: boolean - description: | JSON map of key, value pairs to set as labels on the new image (As of version 1.xx) in: query name: labels type: string - description: Add an intermediate image *label* (e.g. label=*value*) to the intermediate image metadata. in: query items: type: string name: layerLabel type: array - default: true description: | Cache intermediate layers during build. (As of version 1.xx) in: query name: layers type: boolean - default: bridge description: | Sets the networking mode for the run commands during build. Supported standard values are: * `bridge` limited to containers within a single host, port mapping required for external access * `host` no isolation between host and containers on this network * `none` disable all networking for this container * container: share networking with given container ---All other values are assumed to be a custom network's name (As of version 1.xx) in: query name: networkmode type: string - description: | Platform format os[/arch[/variant]] (As of version 1.xx) in: query name: platform type: string - description: | Target build stage (As of version 1.xx) in: query name: target type: string - description: | output configuration TBD (As of version 1.xx) in: query name: outputs type: string - description: | Inject http proxy environment variables into container (As of version 2.0.0) in: query name: httpproxy type: boolean - description: Unset environment variables from the final image. in: query items: type: string name: unsetenv type: array - description: Unset the image label, causing the label not to be inherited from the base image. in: query items: type: string name: unsetlabel type: array - description: | Unset the image annotation, causing the annotation not to be inherited from the base image. (As of Podman version v5.6) in: query items: type: string name: unsetannotation type: array - description: Extra volumes that should be mounted in the build container. in: query items: type: string name: volume type: array - description: | Add the image to the specified manifest list. Creates a manifest list if it does not exist. in: query name: manifest type: string produces: - application/json responses: "200": description: OK (As of version 1.xx) schema: properties: stream: description: output from build process example: | (build details...) type: string required: - stream type: object "400": $ref: '#/responses/badParamError' "500": $ref: '#/responses/internalError' summary: Build image tags: - images /libpod/commit: post: description: Create a new image from a container operationId: ImageCommitLibpod parameters: - description: the name or ID of a container in: query name: container required: true type: string - description: author of the image in: query name: author type: string - description: instructions to apply while committing in Dockerfile format (i.e. "CMD=/bin/foo") in: query items: type: string name: changes type: array - description: commit message in: query name: comment type: string - description: format of the image manifest and metadata (default "oci") in: query name: format type: string - description: pause the container before committing it in: query name: pause type: boolean - description: squash the container before committing it in: query name: squash type: boolean - description: the repository name for the created image in: query name: repo type: string - description: output from commit process in: query name: stream type: boolean - description: tag name for the created image in: query name: tag type: string produces: - application/json responses: "201": description: no error "404": $ref: '#/responses/imageNotFound' "500": $ref: '#/responses/internalError' summary: Commit tags: - containers /libpod/containers/{name}: delete: description: Delete container operationId: ContainerDeleteLibpod parameters: - description: the name or ID of the container in: path name: name required: true type: string - description: additionally remove containers that depend on the container to be removed in: query name: depend type: boolean - description: force stop container if running in: query name: force type: boolean - description: ignore errors when the container to be removed does not existxo in: query name: ignore type: boolean - default: 10 description: number of seconds to wait before killing container when force removing in: query name: timeout type: integer - description: delete volumes in: query name: v type: boolean produces: - application/json responses: "200": $ref: '#/responses/containerRemoveLibpod' "204": description: no error "400": $ref: '#/responses/badParamError' "404": $ref: '#/responses/containerNotFound' "409": $ref: '#/responses/conflictError' "500": $ref: '#/responses/internalError' summary: Delete container tags: - containers /libpod/containers/{name}/archive: get: description: Copy a tar archive of files from a container operationId: ContainerArchiveLibpod parameters: - description: container name or id in: path name: name required: true type: string - description: Path to a directory in the container to extract in: query name: path required: true type: string - description: JSON encoded map[string]string to translate paths in: query name: rename type: string produces: - application/json responses: "200": description: no error schema: format: binary type: string "400": $ref: '#/responses/badParamError' "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: Copy files from a container tags: - containers (compat) put: description: Copy a tar archive of files into a container operationId: PutContainerArchiveLibpod parameters: - description: container name or id in: path name: name required: true type: string - description: Path to a directory in the container to extract in: query name: path required: true type: string - default: true description: pause the container while copying (defaults to true) in: query name: pause type: boolean - description: tarfile of files to copy into the container in: body name: request schema: type: string produces: - application/json responses: "200": description: no error "400": $ref: '#/responses/badParamError' "403": description: the container rootfs is read-only "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: Copy files into a container tags: - containers /libpod/containers/{name}/attach: post: description: | Attach to a container to read its output or send it input. You can attach to the same container multiple times and you can reattach to containers that have been detached. ### Hijacking This endpoint hijacks the HTTP connection to transport `stdin`, `stdout`, and `stderr` on the same socket. This is the response from the service for an attach request: ``` HTTP/1.1 200 OK Content-Type: application/vnd.docker.raw-stream [STREAM] ``` After the headers and two new lines, the TCP connection can now be used for raw, bidirectional communication between the client and server. To inform potential proxies about connection hijacking, the client can also optionally send connection upgrade headers. For example, the client sends this request to upgrade the connection: ``` POST /v4.6.0/libpod/containers/16253994b7c4/attach?stream=1&stdout=1 HTTP/1.1 Upgrade: tcp Connection: Upgrade ``` The service will respond with a `101 UPGRADED` response, and will similarly follow with the raw stream: ``` HTTP/1.1 101 UPGRADED Content-Type: application/vnd.docker.raw-stream Connection: Upgrade Upgrade: tcp [STREAM] ``` ### Stream format When the TTY setting is disabled for the container, the HTTP Content-Type header is set to application/vnd.docker.multiplexed-stream (starting with v4.7.0, previously application/vnd.docker.raw-stream was always used) and the stream over the hijacked connected is multiplexed to separate out `stdout` and `stderr`. The stream consists of a series of frames, each containing a header and a payload. The header contains the information about the output stream type and the size of the payload. It is encoded on the first eight bytes like this: ```go header := [8]byte{STREAM_TYPE, 0, 0, 0, SIZE1, SIZE2, SIZE3, SIZE4} ``` `STREAM_TYPE` can be: - 0: `stdin` (is written on `stdout`) - 1: `stdout` - 2: `stderr` `SIZE1, SIZE2, SIZE3, SIZE4` are the four bytes of the `uint32` size encoded as big endian. Following the header is the payload, which contains the specified number of bytes as written in the size. The simplest way to implement this protocol is the following: 1. Read 8 bytes. 2. Choose `stdout` or `stderr` depending on the first byte. 3. Extract the frame size from the last four bytes. 4. Read the extracted size and output it on the correct output. 5. Goto 1. ### Stream format when using a TTY When the TTY setting is enabled for the container, the stream is not multiplexed. The data exchanged over the hijacked connection is simply the raw data from the process PTY and client's `stdin`. operationId: ContainerAttachLibpod parameters: - description: the name or ID of the container in: path name: name required: true type: string - description: keys to use for detaching from the container in: query name: detachKeys type: string - description: Stream all logs from the container across the connection. Happens before streaming attach (if requested). At least one of logs or stream must be set in: query name: logs type: boolean - default: true description: Attach to the container. If unset, and logs is set, only the container's logs will be sent. At least one of stream or logs must be set in: query name: stream type: boolean - description: Attach to container STDOUT in: query name: stdout type: boolean - description: Attach to container STDERR in: query name: stderr type: boolean - description: Attach to container STDIN in: query name: stdin type: boolean produces: - application/json responses: "101": description: No error, connection has been hijacked for transporting streams. "400": $ref: '#/responses/badParamError' "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: Attach to a container tags: - containers /libpod/containers/{name}/changes: get: description: | Returns which files in a container's filesystem have been added, deleted, or modified. The Kind of modification can be one of: 0: Modified 1: Added 2: Deleted operationId: ContainerChangesLibpod parameters: - description: the name or id of the container in: path name: name required: true type: string - description: specify a second layer which is used to compare against it instead of the parent layer in: query name: parent type: string - description: select what you want to match, default is all enum: - all - container - image in: query name: diffType type: string responses: "200": description: Array of Changes "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: Report on changes to container's filesystem; adds, deletes or modifications. tags: - containers /libpod/containers/{name}/checkpoint: post: operationId: ContainerCheckpointLibpod parameters: - description: the name or ID of the container in: path name: name required: true type: string - description: keep all temporary checkpoint files in: query name: keep type: boolean - description: leave the container running after writing checkpoint to disk in: query name: leaveRunning type: boolean - description: checkpoint a container with established TCP connections in: query name: tcpEstablished type: boolean - description: export the checkpoint image to a tar.gz in: query name: export type: boolean - description: do not include root file-system changes when exporting. can only be used with export in: query name: ignoreRootFS type: boolean - description: do not include associated volumes. can only be used with export in: query name: ignoreVolumes type: boolean - description: dump the container's memory information only, leaving the container running. only works on runc 1.0-rc or higher in: query name: preCheckpoint type: boolean - description: check out the container with previous criu image files in pre-dump. only works on runc 1.0-rc or higher in: query name: withPrevious type: boolean - description: checkpoint a container with filelocks in: query name: fileLocks type: boolean - description: add checkpoint statistics to the returned CheckpointReport in: query name: printStats type: boolean produces: - application/json responses: "200": description: tarball is returned in body if exported "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: Checkpoint a container tags: - containers /libpod/containers/{name}/exec: post: description: Create an exec session to run a command inside a running container. Exec sessions will be automatically removed 5 minutes after they exit. operationId: ContainerExecLibpod parameters: - description: name of container in: path name: name required: true type: string - description: Attributes for create in: body name: control schema: properties: AttachStderr: description: Attach to stderr of the exec command type: boolean AttachStdin: description: Attach to stdin of the exec command type: boolean AttachStdout: description: Attach to stdout of the exec command type: boolean Cmd: description: Command to run, as a string or array of strings. items: type: string type: array DetachKeys: description: | "Override the key sequence for detaching a container. Format is a single character [a-Z] or ctrl- where is one of: a-z, @, ^, [, , or _." type: string Env: description: A list of environment variables in the form ["VAR=value", ...] items: type: string type: array Privileged: default: false description: Runs the exec process with extended privileges type: boolean Tty: description: Allocate a pseudo-TTY type: boolean User: description: | "The user, and optionally, group to run the exec process inside the container. Format is one of: user, user:group, uid, or uid:gid." type: string WorkingDir: description: The working directory for the exec process inside the container. type: string type: object produces: - application/json responses: "201": description: no error "404": $ref: '#/responses/containerNotFound' "409": description: container is paused "500": $ref: '#/responses/internalError' summary: Create an exec instance tags: - exec /libpod/containers/{name}/exists: get: description: Quick way to determine if a container exists by name or ID operationId: ContainerExistsLibpod parameters: - description: the name or ID of the container in: path name: name required: true type: string produces: - application/json responses: "204": description: container exists "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: Check if container exists tags: - containers /libpod/containers/{name}/export: get: description: Export the contents of a container as a tarball. operationId: ContainerExportLibpod parameters: - description: the name or ID of the container in: path name: name required: true type: string produces: - application/json responses: "200": description: tarball is returned in body "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: Export a container tags: - containers /libpod/containers/{name}/healthcheck: get: description: Execute the defined healthcheck and return information about the results operationId: ContainerHealthcheckLibpod parameters: - description: the name or ID of the container in: path name: name required: true type: string produces: - application/json responses: "200": $ref: '#/responses/healthCheck' "404": $ref: '#/responses/containerNotFound' "409": description: container has no healthcheck or is not running "500": $ref: '#/responses/internalError' summary: Run a container's healthcheck tags: - containers /libpod/containers/{name}/init: post: description: Performs all tasks necessary for initializing the container but does not start the container. operationId: ContainerInitLibpod parameters: - description: the name or ID of the container in: path name: name required: true type: string produces: - application/json responses: "204": description: no error "304": description: container already initialized "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: Initialize a container tags: - containers /libpod/containers/{name}/json: get: description: Return low-level information about a container. operationId: ContainerInspectLibpod parameters: - description: the name or ID of the container in: path name: name required: true type: string - description: display filesystem usage in: query name: size type: boolean produces: - application/json responses: "200": $ref: '#/responses/containerInspectResponseLibpod' "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: Inspect container tags: - containers /libpod/containers/{name}/kill: post: description: send a signal to a container, defaults to killing the container operationId: ContainerKillLibpod parameters: - description: the name or ID of the container in: path name: name required: true type: string - default: SIGKILL description: signal to be sent to container, either by integer or SIG_ name in: query name: signal type: string produces: - application/json responses: "204": description: no error "404": $ref: '#/responses/containerNotFound' "409": $ref: '#/responses/conflictError' "500": $ref: '#/responses/internalError' summary: Kill container tags: - containers /libpod/containers/{name}/logs: get: description: | Get stdout and stderr logs from a container. The stream format is the same as described in the attach endpoint. operationId: ContainerLogsLibpod parameters: - description: the name or ID of the container in: path name: name required: true type: string - description: Keep connection after returning logs. in: query name: follow type: boolean - description: Return logs from stdout in: query name: stdout type: boolean - description: Return logs from stderr in: query name: stderr type: boolean - description: Only return logs since this time, as a UNIX timestamp in: query name: since type: string - description: Only return logs before this time, as a UNIX timestamp in: query name: until type: string - default: false description: Add timestamps to every log line in: query name: timestamps type: boolean - default: all description: Only return this number of log lines from the end of the logs in: query name: tail type: string produces: - application/json responses: "200": description: logs returned as a stream in response body. "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: Get container logs tags: - containers /libpod/containers/{name}/mount: post: description: Mount a container to the filesystem operationId: ContainerMountLibpod parameters: - description: the name or ID of the container in: path name: name required: true type: string - default: false description: Include external containers that are not managed by Podman. in: query name: external type: boolean produces: - application/json responses: "200": description: mounted container schema: description: id example: /var/lib/containers/storage/overlay/f3f693bd88872a1e3193f4ebb925f4c282e8e73aadb8ab3e7492754dda3a02a4/merged type: string "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: Mount a container tags: - containers /libpod/containers/{name}/pause: post: description: Use the cgroups freezer to suspend all processes in a container. operationId: ContainerPauseLibpod parameters: - description: the name or ID of the container in: path name: name required: true type: string produces: - application/json responses: "204": description: no error "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: Pause a container tags: - containers /libpod/containers/{name}/rename: post: description: Change the name of an existing container. operationId: ContainerRenameLibpod parameters: - description: Full or partial ID or full name of the container to rename in: path name: name required: true type: string - description: New name for the container in: query name: name required: true type: string produces: - application/json responses: "204": description: no error "404": $ref: '#/responses/containerNotFound' "409": $ref: '#/responses/conflictError' "500": $ref: '#/responses/internalError' summary: Rename an existing container tags: - containers /libpod/containers/{name}/resize: post: description: Resize the terminal attached to a container (for use with Attach). operationId: ContainerResizeLibpod parameters: - description: the name or ID of the container in: path name: name required: true type: string - description: Height to set for the terminal, in characters in: query name: h type: integer - description: Width to set for the terminal, in characters in: query name: w type: integer - description: Ignore containers not running errors in: query name: running type: boolean produces: - application/json responses: "200": $ref: '#/responses/ok' "404": $ref: '#/responses/containerNotFound' "409": $ref: '#/responses/conflictError' "500": $ref: '#/responses/internalError' summary: Resize a container's TTY tags: - containers /libpod/containers/{name}/restart: post: operationId: ContainerRestartLibpod parameters: - description: the name or ID of the container in: path name: name required: true type: string - description: number of seconds to wait before killing container (Docker compatibility) in: query name: t type: integer - description: number of seconds to wait before killing container in: query name: timeout type: integer produces: - application/json responses: "204": description: no error "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: Restart a container tags: - containers /libpod/containers/{name}/restore: post: description: Restore a container from a checkpoint. operationId: ContainerRestoreLibpod parameters: - description: the name or id of the container in: path name: name required: true type: string - description: the name of the container when restored from a tar. can only be used with import in: query name: name type: string - description: keep all temporary checkpoint files in: query name: keep type: boolean - description: restore a container with established TCP connections in: query name: tcpEstablished type: boolean - description: restore a container but close the TCP connections in: query name: tcpClose type: boolean - description: import the restore from a checkpoint tar.gz in: query name: import type: boolean - description: do not include root file-system changes when exporting. can only be used with import in: query name: ignoreRootFS type: boolean - description: do not restore associated volumes. can only be used with import in: query name: ignoreVolumes type: boolean - description: ignore IP address if set statically in: query name: ignoreStaticIP type: boolean - description: ignore MAC address if set statically in: query name: ignoreStaticMAC type: boolean - description: restore a container with file locks in: query name: fileLocks type: boolean - description: add restore statistics to the returned RestoreReport in: query name: printStats type: boolean - description: pod to restore into in: query name: pod type: string produces: - application/json responses: "200": description: tarball is returned in body if exported "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: Restore a container tags: - containers /libpod/containers/{name}/start: post: operationId: ContainerStartLibpod parameters: - description: the name or ID of the container in: path name: name required: true type: string - default: ctrl-p,ctrl-q description: 'Override the key sequence for detaching a container. Format is a single character [a-Z] or ctrl- where is one of: a-z, @, ^, [, , or _.' in: query name: detachKeys type: string produces: - application/json responses: "204": description: no error "304": $ref: '#/responses/containerAlreadyStartedError' "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: Start a container tags: - containers /libpod/containers/{name}/stats: get: description: DEPRECATED. This endpoint will be removed with the next major release. Please use /libpod/containers/stats instead. operationId: ContainerStatsLibpod parameters: - description: the name or ID of the container in: path name: name required: true type: string - default: true description: Stream the output in: query name: stream type: boolean produces: - application/json responses: "200": description: no error "404": $ref: '#/responses/containerNotFound' "409": $ref: '#/responses/conflictError' "500": $ref: '#/responses/internalError' summary: Get stats for a container tags: - containers /libpod/containers/{name}/stop: post: operationId: ContainerStopLibpod parameters: - description: the name or ID of the container in: path name: name required: true type: string - default: 10 description: number of seconds to wait before killing container in: query name: timeout type: integer - default: false description: do not return error if container is already stopped in: query name: ignore type: boolean produces: - application/json responses: "204": description: no error "304": $ref: '#/responses/containerAlreadyStoppedError' "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: Stop a container tags: - containers /libpod/containers/{name}/top: get: description: List processes running inside a container operationId: ContainerTopLibpod parameters: - description: Name of container to query for processes (As of version 1.xx) in: path name: name required: true type: string - description: when true, repeatedly stream the latest output (As of version 4.0) in: query name: stream type: boolean - default: 5 description: if streaming, delay in seconds between updates. Must be >1. (As of version 4.0) in: query name: delay type: integer - description: | arguments to pass to ps such as aux. in: query items: type: string name: ps_args type: array produces: - application/json responses: "200": $ref: '#/responses/containerTopResponse' "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: List processes tags: - containers /libpod/containers/{name}/unmount: post: description: Unmount a container from the filesystem operationId: ContainerUnmountLibpod parameters: - description: the name or ID of the container in: path name: name required: true type: string produces: - application/json responses: "204": description: ok "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: Unmount a container tags: - containers /libpod/containers/{name}/unpause: post: operationId: ContainerUnpauseLibpod parameters: - description: the name or ID of the container in: path name: name required: true type: string produces: - application/json responses: "204": description: no error "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: Unpause Container tags: - containers /libpod/containers/{name}/update: post: description: Updates the configuration of an existing container, allowing changes to resource limits and healthchecks. operationId: ContainerUpdateLibpod parameters: - description: Full or partial ID or full name of the container to update in: path name: name required: true type: string - description: New restart policy for the container. in: query name: restartPolicy type: string - description: New amount of retries for the container's restart policy. Only allowed if restartPolicy is set to on-failure in: query name: restartRetries type: integer - description: attributes for updating the container in: body name: config schema: $ref: '#/definitions/UpdateEntities' produces: - application/json responses: "201": $ref: '#/responses/containerUpdateResponse' "400": $ref: '#/responses/badParamError' "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: Updates the configuration of an existing container, allowing changes to resource limits and healthchecks tags: - containers /libpod/containers/{name}/wait: post: description: Wait on a container to meet a given condition operationId: ContainerWaitLibpod parameters: - description: the name or ID of the container in: path name: name required: true type: string - description: Conditions to wait for. If no condition provided the 'exited' condition is assumed. in: query items: enum: - configured - created - exited - healthy - initialized - paused - removing - running - stopped - stopping - unhealthy type: string name: condition type: array - default: 250ms description: Time Interval to wait before polling for completion. in: query name: interval type: string produces: - application/json - text/plain responses: "200": description: Status code examples: text/plain: 137 schema: format: int32 type: integer "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: Wait on a container tags: - containers /libpod/containers/create: post: operationId: ContainerCreateLibpod parameters: - description: attributes for creating a container in: body name: create required: true schema: $ref: '#/definitions/SpecGenerator' produces: - application/json responses: "201": $ref: '#/responses/containerCreateResponse' "400": $ref: '#/responses/badParamError' "404": $ref: '#/responses/containerNotFound' "409": $ref: '#/responses/conflictError' "500": $ref: '#/responses/internalError' summary: Create a container tags: - containers /libpod/containers/json: get: description: Returns a list of containers operationId: ContainerListLibpod parameters: - default: false description: Return all containers. By default, only running containers are shown in: query name: all type: boolean - description: Return this number of most recently created containers, including non-running ones. in: query name: limit type: integer - description: Alias for `limit`. Return this number of most recently created containers. in: query name: last type: integer - default: false description: Return containers created by external tools that use container storage. in: query name: external type: boolean - default: false description: Include namespace information in: query name: namespace type: boolean - default: false description: Ignored. Previously included details on pod name and ID that are currently included by default. in: query name: pod type: boolean - default: false description: Return the size of container as fields SizeRw and SizeRootFs. in: query name: size type: boolean - default: false description: Sync container state with OCI runtime in: query name: sync type: boolean - description: | A JSON encoded value of the filters (a `map[string][]string`) to process on the containers list. Available filters: - `ancestor`=(`[:]`, ``, or ``) - `before`=(`` or ``) - `expose`=(`[/]` or `/[]`) - `exited=` containers with exit code of `` - `health`=(`starting`, `healthy`, `unhealthy` or `none`) - `id=` a container's ID - `is-task`=(`true` or `false`) - `label`=(`key` or `"key=value"`) of a container label - `name=` a container's name - `network`=(`` or ``) - `pod`=(`` or ``) - `publish`=(`[/]` or `/[]`) - `since`=(`` or ``) - `status`=(`created`, `restarting`, `running`, `removing`, `paused`, `exited` or `dead`) - `volume`=(`` or ``) in: query name: filters type: string produces: - application/json responses: "200": $ref: '#/responses/containersListLibpod' "400": $ref: '#/responses/badParamError' "500": $ref: '#/responses/internalError' summary: List containers tags: - containers /libpod/containers/prune: post: description: Remove containers not in use operationId: ContainerPruneLibpod parameters: - description: | Filters to process on the prune list, encoded as JSON (a `map[string][]string`). Available filters: - `until=` Prune containers created before this timestamp. The `` can be Unix timestamps, date formatted timestamps, or Go duration strings (e.g. `10m`, `1h30m`) computed relative to the daemon machine’s time. - `label` (`label=`, `label==`, `label!=`, or `label!==`) Prune containers with (or without, in case `label!=...` is used) the specified labels. in: query name: filters type: string produces: - application/json responses: "200": $ref: '#/responses/containersPruneLibpod' "500": $ref: '#/responses/internalError' summary: Delete stopped containers tags: - containers /libpod/containers/showmounted: get: description: Lists all mounted containers mount points operationId: ContainerShowMountedLibpod produces: - application/json responses: "200": description: mounted containers schema: additionalProperties: type: string type: object "500": $ref: '#/responses/internalError' summary: Show mounted containers tags: - containers /libpod/containers/stats: get: description: Return a live stream of resource usage statistics of one or more container. If no container is specified, the statistics of all containers are returned. operationId: ContainersStatsAllLibpod parameters: - description: names or IDs of containers in: query items: type: string name: containers type: array - default: true description: Stream the output in: query name: stream type: boolean - default: 5 description: Time in seconds between stats reports in: query name: interval type: integer - default: false description: Provide statistics for all running containers in: query name: all type: boolean produces: - application/json responses: "200": $ref: '#/responses/containerStats' "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: Get stats for one or more containers tags: - containers /libpod/events: get: description: Returns events filtered on query parameters operationId: SystemEventsLibpod parameters: - description: start streaming events from this time in: query name: since type: string - description: stop streaming events later than this in: query name: until type: string - description: JSON encoded map[string][]string of constraints in: query name: filters type: string - default: true description: when false, do not follow events in: query name: stream type: boolean produces: - application/json responses: "200": description: returns a string of json data describing an event "500": $ref: '#/responses/internalError' summary: Get events tags: - system /libpod/exec/{id}/json: get: description: Return low-level information about an exec instance. operationId: ExecInspectLibpod parameters: - description: Exec instance ID in: path name: id required: true type: string produces: - application/json responses: "200": description: no error "404": $ref: '#/responses/execSessionNotFound' "500": $ref: '#/responses/internalError' summary: Inspect an exec instance tags: - exec /libpod/exec/{id}/resize: post: description: | Resize the TTY session used by an exec instance. This endpoint only works if tty was specified as part of creating and starting the exec instance. operationId: ExecResizeLibpod parameters: - description: Exec instance ID in: path name: id required: true type: string - description: Height of the TTY session in characters in: query name: h type: integer - description: Width of the TTY session in characters in: query name: w type: integer - description: Ignore containers not running errors in: query name: running type: boolean produces: - application/json responses: "201": description: no error "404": $ref: '#/responses/execSessionNotFound' "500": $ref: '#/responses/internalError' summary: Resize an exec instance tags: - exec /libpod/exec/{id}/start: post: description: | Starts a previously set up exec instance. If detach is true, this endpoint returns immediately after starting the command. Otherwise, it sets up an interactive session with the command. The stream format is the same as the attach endpoint. operationId: ExecStartLibpod parameters: - description: Exec instance ID in: path name: id required: true type: string - description: Attributes for start in: body name: control schema: properties: Detach: description: Detach from the command. type: boolean Tty: description: Allocate a pseudo-TTY. type: boolean h: description: Height of the TTY session in characters. Tty must be set to true to use it. type: integer w: description: Width of the TTY session in characters. Tty must be set to true to use it. type: integer type: object produces: - application/json responses: "200": description: no error "404": $ref: '#/responses/execSessionNotFound' "409": description: container is not running. "500": $ref: '#/responses/internalError' summary: Start an exec instance tags: - exec /libpod/generate/{name}/systemd: get: description: Generate Systemd Units based on a pod or container. operationId: GenerateSystemdLibpod parameters: - description: Name or ID of the container or pod. in: path name: name required: true type: string - default: false description: Use container/pod names instead of IDs. in: query name: useName type: boolean - default: false description: Create a new container instead of starting an existing one. in: query name: new type: boolean - default: false description: Do not generate the header including the Podman version and the timestamp. in: query name: noHeader type: boolean - default: 0 description: Start timeout in seconds. in: query name: startTimeout type: integer - default: 10 description: Stop timeout in seconds. in: query name: stopTimeout type: integer - default: on-failure description: Systemd restart-policy. enum: - "no" - on-success - on-failure - on-abnormal - on-watchdog - on-abort - always in: query name: restartPolicy type: string - default: container description: Systemd unit name prefix for containers. in: query name: containerPrefix type: string - default: pod description: Systemd unit name prefix for pods. in: query name: podPrefix type: string - default: '-' description: Systemd unit name separator between name/id and prefix. in: query name: separator type: string - default: 0 description: Configures the time to sleep before restarting a service. in: query name: restartSec type: integer - default: [] description: Systemd Wants list for the container or pods. in: query items: type: string name: wants type: array - default: [] description: Systemd After list for the container or pods. in: query items: type: string name: after type: array - default: [] description: Systemd Requires list for the container or pods. in: query items: type: string name: requires type: array - default: [] description: Set environment variables to the systemd unit files. in: query items: type: string name: additionalEnvVariables type: array - default: false description: Add template specifier for the systemd unit file names. in: query name: templateUnitFile type: boolean produces: - application/json responses: "200": description: no error schema: additionalProperties: type: string type: object "500": $ref: '#/responses/internalError' summary: Generate Systemd Units tags: - containers - pods /libpod/generate/kube: get: description: Generate Kubernetes YAML based on a pod or container. operationId: GenerateKubeLibpod parameters: - description: Name or ID of the container or pod. in: query items: type: string name: names required: true type: array - default: false description: Generate YAML for a Kubernetes service object. in: query name: service type: boolean - default: pod description: Generate YAML for the given Kubernetes kind. in: query name: type type: string - default: 0 description: Set the replica number for Deployment kind. format: int32 in: query name: replicas type: integer - default: false description: don't truncate annotations to the Kubernetes maximum length of 63 characters in: query name: noTrunc type: boolean - default: false description: add podman-only reserved annotations in generated YAML file (cannot be used by Kubernetes) in: query name: podmanOnly type: boolean produces: - text/vnd.yaml - application/json responses: "200": description: Kubernetes YAML file describing pod schema: format: binary type: string "500": $ref: '#/responses/internalError' summary: Generate a Kubernetes YAML file. tags: - containers - pods /libpod/images/{name}: delete: description: Remove an image from the local storage. operationId: ImageDeleteLibpod parameters: - description: name or ID of image to remove in: path name: name required: true type: string - description: remove the image even if used by containers or has other tags in: query name: force type: boolean - default: false description: Ignore if a specified image does not exist and do not throw an error. in: query name: ignore type: boolean - description: Resolve to a manifest list instead of an image. in: query name: lookupManifest type: boolean produces: - application/json responses: "200": $ref: '#/responses/imagesRemoveResponseLibpod' "400": $ref: '#/responses/badParamError' "404": $ref: '#/responses/imageNotFound' "409": $ref: '#/responses/conflictError' "500": $ref: '#/responses/internalError' summary: Remove an image from the local storage. tags: - images /libpod/images/{name}/changes: get: description: | Returns which files in an image's filesystem have been added, deleted, or modified. The Kind of modification can be one of: 0: Modified 1: Added 2: Deleted operationId: ImageChangesLibpod parameters: - description: the name or id of the image in: path name: name required: true type: string - description: specify a second layer which is used to compare against it instead of the parent layer in: query name: parent type: string - description: select what you want to match, default is all enum: - all - container - image in: query name: diffType type: string responses: "200": description: Array of Changes "404": $ref: '#/responses/containerNotFound' "500": $ref: '#/responses/internalError' summary: Report on changes to images's filesystem; adds, deletes or modifications. tags: - images /libpod/images/{name}/exists: get: description: Check if image exists in local store operationId: ImageExistsLibpod parameters: - description: the name or ID of the container in: path name: name required: true type: string produces: - application/json responses: "204": description: image exists "404": $ref: '#/responses/imageNotFound' "500": $ref: '#/responses/internalError' summary: Image exists tags: - images /libpod/images/{name}/get: get: description: Export an image operationId: ImageGetLibpod parameters: - description: the name or ID of the container in: path name: name required: true type: string - description: format for exported image in: query name: format type: string - description: use compression on image in: query name: compress type: boolean produces: - application/x-tar responses: "200": description: no error schema: format: binary type: string "404": $ref: '#/responses/imageNotFound' "500": $ref: '#/responses/internalError' summary: Export an image tags: - images /libpod/images/{name}/history: get: description: Return parent layers of an image. operationId: ImageHistoryLibpod parameters: - description: the name or ID of the container in: path name: name required: true type: string produces: - application/json responses: "200": $ref: '#/responses/history' "404": $ref: '#/responses/imageNotFound' "500": $ref: '#/responses/internalError' summary: History of an image tags: - images /libpod/images/{name}/json: get: description: Obtain low-level information about an image operationId: ImageInspectLibpod parameters: - description: the name or ID of the container in: path name: name required: true type: string produces: - application/json responses: "200": $ref: '#/responses/inspectImageResponseLibpod' "404": $ref: '#/responses/imageNotFound' "500": $ref: '#/responses/internalError' summary: Inspect an image tags: - images /libpod/images/{name}/push: post: description: Push an image to a container registry operationId: ImagePushLibpod parameters: - description: Name of image to push. in: path name: name required: true type: string - description: Allows for pushing the image to a different destination than the image refers to. in: query name: destination type: string - default: false description: Enforce compressing the layers with the specified --compression and do not reuse differently compressed blobs on the registry. in: query name: forceCompressionFormat type: boolean - description: Compression format used to compress image layers. in: query name: compressionFormat type: string - description: Compression level used to compress image layers. in: query name: compressionLevel type: integer - default: true description: Require TLS verification. in: query name: tlsVerify type: boolean - default: true description: Silences extra stream data on push. in: query name: quiet type: boolean - description: Manifest type (oci, v2s1, or v2s2) to use when pushing an image. Default is manifest type of source, with fallbacks. in: query name: format type: string - description: All indicates whether to push all images related to the image list. in: query name: all type: boolean - description: Discard any pre-existing signatures in the image. in: query name: removeSignatures type: boolean - description: Number of times to retry push in case of failure. in: query name: retry type: integer - description: Delay between retries in case of push failures. Duration format such as "412ms", or "3.5h". in: query name: retryDelay type: string - description: A base64-encoded auth configuration. in: header name: X-Registry-Auth type: string produces: - application/json responses: "200": description: no error schema: format: binary type: string "404": $ref: '#/responses/imageNotFound' "500": $ref: '#/responses/internalError' summary: Push Image tags: - images /libpod/images/{name}/resolve: get: description: Resolve the passed image name to a list of fully-qualified images referring to container registries. operationId: ImageResolveLibpod parameters: - description: the (short) name to resolve in: path name: name required: true type: string produces: - application/json responses: "204": description: resolved image names "400": $ref: '#/responses/badParamError' "500": $ref: '#/responses/internalError' summary: Resolve an image (short) name tags: - images /libpod/images/{name}/tag: post: description: Tag an image so that it becomes part of a repository. operationId: ImageTagLibpod parameters: - description: the name or ID of the container in: path name: name required: true type: string - description: the repository to tag in in: query name: repo type: string - description: the name of the new tag in: query name: tag type: string produces: - application/json responses: "201": description: no error "400": $ref: '#/responses/badParamError' "404": $ref: '#/responses/imageNotFound' "409": $ref: '#/responses/conflictError' "500": $ref: '#/responses/internalError' summary: Tag an image tags: - images /libpod/images/{name}/tree: get: description: Retrieve the image tree for the provided image name or ID operationId: ImageTreeLibpod parameters: - description: the name or ID of the container in: path name: name required: true type: string - description: show all child images and layers of the specified image in: query name: whatrequires type: boolean produces: - application/json responses: "200": $ref: '#/responses/treeResponse' "404": $ref: '#/responses/imageNotFound' "500": $ref: '#/responses/internalError' summary: Image tree tags: - images /libpod/images/{name}/untag: post: description: Untag an image. If not repo and tag are specified, all tags are removed from the image. operationId: ImageUntagLibpod parameters: - description: the name or ID of the container in: path name: name required: true type: string - description: the repository to untag in: query name: repo type: string - description: the name of the tag to untag in: query name: tag type: string produces: - application/json responses: "201": description: no error "400": $ref: '#/responses/badParamError' "404": $ref: '#/responses/imageNotFound' "409": $ref: '#/responses/conflictError' "500": $ref: '#/responses/internalError' summary: Untag an image tags: - images /libpod/images/export: get: description: Export multiple images into a single object. Only `docker-archive` is currently supported. operationId: ImageExportLibpod parameters: - description: format for exported image (only docker-archive is supported) in: query name: format type: string - description: references to images to export in: query items: type: string name: references type: array - description: use compression on image in: query name: compress type: boolean - description: accept uncompressed layers when copying OCI images in: query name: ociAcceptUncompressedLayers type: boolean produces: - application/json responses: "200": description: no error schema: format: binary type: string "404": $ref: '#/responses/imageNotFound' "500": $ref: '#/responses/internalError' summary: Export multiple images tags: - images /libpod/images/import: post: consumes: - application/x-tar description: Import a previously exported tarball as an image. operationId: ImageImportLibpod parameters: - default: application/x-tar enum: - application/x-tar in: header name: Content-Type type: string - description: 'Apply the following possible instructions to the created image: CMD | ENTRYPOINT | ENV | EXPOSE | LABEL | STOPSIGNAL | USER | VOLUME | WORKDIR. JSON encoded string' in: query items: type: string name: changes type: array - description: Set commit message for imported image in: query name: message type: string - description: Optional Name[:TAG] for the image in: query name: reference type: string - description: Load image from the specified URL in: query name: url type: string - description: tarball for imported image in: body name: upload required: true schema: format: binary type: string produces: - application/json responses: "200": $ref: '#/responses/imagesImportResponseLibpod' "400": $ref: '#/responses/badParamError' "500": $ref: '#/responses/internalError' summary: Import image tags: - images /libpod/images/json: get: description: Returns a list of images on the server operationId: ImageListLibpod parameters: - default: false description: Show all images. Only images from a final layer (no children) are shown by default. in: query name: all type: boolean - description: | JSON-encoded string containing filters as a `map[string][]string` to process on the images list. Available filters: - `before`=(`[:]`, `` or ``) - `dangling=true` - `label=key` or `label="key=value"` of an image label - `reference`=(`[:]`) - `id`=(``) - `since`=(`[:]`, `` or ``) in: query name: filters type: string produces: - application/json responses: "200": $ref: '#/responses/imageListLibpod' "500": $ref: '#/responses/internalError' summary: List Images tags: - images /libpod/images/load: post: consumes: - application/x-tar description: Load an image (oci-archive or docker-archive) stream. operationId: ImageLoadLibpod parameters: - description: tarball of container image in: body name: upload required: true schema: type: string produces: - application/json responses: "200": $ref: '#/responses/imagesLoadResponseLibpod' "400": $ref: '#/responses/badParamError' "500": $ref: '#/responses/internalError' summary: Load image tags: - images /libpod/images/prune: post: description: Remove images that are not being used by a container operationId: ImagePruneLibpod parameters: - default: false description: | Remove all images not in use by containers, not just dangling ones in: query name: all type: boolean - default: false description: | Remove images even when they are used by external containers (e.g, by build containers) in: query name: external type: boolean - default: false description: | Remove persistent build cache created by build instructions such as `--mount=type=cache`. in: query name: buildcache type: boolean - description: | filters to apply to image pruning, encoded as JSON (map[string][]string). Available filters: - `dangling=` When set to `true` (or `1`), prune only unused *and* untagged images. When set to `false` (or `0`), all unused images are pruned. - `until=` Prune images created before this timestamp. The `` can be Unix timestamps, date formatted timestamps, or Go duration strings (e.g. `10m`, `1h30m`) computed relative to the daemon machine’s time. - `label` (`label=`, `label==`, `label!=`, or `label!==`) Prune images with (or without, in case `label!=...` is used) the specified labels. in: query name: filters type: string produces: - application/json responses: "200": $ref: '#/responses/imagesPruneLibpod' "500": $ref: '#/responses/internalError' summary: Prune unused images tags: - images /libpod/images/pull: post: description: Pull one or more images from a container registry. Error status codes can come either from the API or from the registry. Errors may be detected later even if the HTTP status 200 is returned, and in that case, the error description will be in the `error` field. operationId: ImagePullLibpod parameters: - description: Mandatory reference to the image (e.g., quay.io/image/name:tag) in: query name: reference type: string - default: false description: Silence extra stream data on pull. Cannot be used with 'compatMode' or 'pullProgress'. in: query name: quiet type: boolean - default: false description: Return the same JSON payload as the Docker-compat endpoint. Cannot be used with 'pullProgress' or 'quiet'. in: query name: compatMode type: boolean - default: false description: Send reports about the progress of the pull. Cannot be used with 'compatMode' or 'quiet'. in: query name: pullProgress type: boolean - description: Pull image for the specified architecture. in: query name: Arch type: string - description: Pull image for the specified operating system. in: query name: OS type: string - description: Pull image for the specified variant. in: query name: Variant type: string - description: Pull policy, "always" (default), "missing", "newer", "never". in: query name: policy type: string - default: true description: Require TLS verification. in: query name: tlsVerify type: boolean - description: Pull all tagged images in the repository. in: query name: allTags type: boolean - description: 'base-64 encoded auth config. Must include the following four values: username, password, email and server address OR simply just an identity token.' in: header name: X-Registry-Auth type: string produces: - application/json responses: "200": $ref: '#/responses/imagesPullResponseLibpod' "400": $ref: '#/responses/badParamError' "500": $ref: '#/responses/internalError' default: $ref: '#/responses/errorFromRegistry' summary: Pull images tags: - images /libpod/images/remove: delete: description: Remove one or more images from the storage. operationId: ImageDeleteAllLibpod parameters: - description: Images IDs or names to remove. in: query items: type: string name: images type: array - default: true description: Remove all images. in: query name: all type: boolean - description: Force image removal (including containers using the images). in: query name: force type: boolean - description: Ignore if a specified image does not exist and do not throw an error. in: query name: ignore type: boolean - description: Resolves to manifest list instead of image. in: query name: lookupManifest type: boolean produces: - application/json responses: "200": $ref: '#/responses/imagesRemoveResponseLibpod' "400": $ref: '#/responses/badParamError' "500": $ref: '#/responses/internalError' summary: Remove one or more images from the storage. tags: - images /libpod/images/scp/{name}: post: description: Copy an image from one host to another operationId: ImageScpLibpod parameters: - description: source connection/image in: path name: name required: true type: string - description: dest connection/image in: query name: destination type: string - default: false description: quiet output in: query name: quiet type: boolean produces: - application/json responses: "200": $ref: '#/responses/imagesScpResponseLibpod' "400": $ref: '#/responses/badParamError' "500": $ref: '#/responses/internalError' summary: Copy an image from one host to another tags: - images /libpod/images/search: get: description: Search registries for images operationId: ImageSearchLibpod parameters: - description: term to search in: query name: term type: string - default: 25 description: maximum number of results in: query name: limit type: integer - description: | JSON-encoded string containing filters as a `map[string][]string` to process on the images list. Available filters: - `is-automated=(true|false)` - `is-official=(true|false)` - `stars=` Matches images that have at least 'number' stars. in: query name: filters type: string - default: true description: Require HTTPS and verify signatures when contacting registries. in: query name: tlsVerify type: boolean - default: false description: list the available tags in the repository in: query name: listTags type: boolean produces: - application/json responses: "200": $ref: '#/responses/registrySearchResponse' "500": $ref: '#/responses/internalError' summary: Search images tags: - images /libpod/info: get: description: Returns information on the system and libpod configuration operationId: SystemInfoLibpod produces: - application/json responses: "200": $ref: '#/responses/infoResponse' "500": $ref: '#/responses/internalError' summary: Get info tags: - system /libpod/kube/apply: post: description: Deploy a podman container, pod, volume, or Kubernetes yaml to a Kubernetes cluster. operationId: KubeApplyLibpod parameters: - description: Path to the CA cert file for the Kubernetes cluster. in: query name: caCertFile type: string - description: Path to the kubeconfig file for the Kubernetes cluster. in: query name: kubeConfig type: string - description: The namespace to deploy the workload to on the Kubernetes cluster. in: query name: namespace type: string - description: Create a service object for the container being deployed. in: query name: service type: boolean - description: Path to the Kubernetes yaml file to deploy. in: query name: file type: string - description: Kubernetes YAML file. in: body name: request schema: type: string produces: - application/json responses: "200": description: Kubernetes YAML file successfully deployed to cluster schema: format: binary type: string "500": $ref: '#/responses/internalError' summary: Apply a podman workload or Kubernetes YAML file. tags: - containers - pods /libpod/local/build: post: description: Build an image from a local build context directory without requiring tar archive upload. The build context must already exist on the server filesystem. operationId: LocalBuildLibpod parameters: - in: header name: X-Registry-Config type: string - description: | Absolute path to the build context directory on the server filesystem. This directory must contain all files needed for the build. in: query name: localcontextdir required: true type: string - default: Dockerfile description: | Absolute path within the build context to the `Dockerfile`. This is ignored if remote is specified and points to an external `Dockerfile`. in: query name: dockerfile type: string - default: latest description: A name and optional tag to apply to the image in the `name:tag` format. If you omit the tag, the default latest value is assumed. You can provide several t parameters. in: query name: t type: string - default: false description: | Instead of building for a set of platforms specified using the platform option, inspect the build's base images, and build for all of the platforms that are available. Stages that use *scratch* as a starting point can not be inspected, so at least one non-*scratch* stage must be present for detection to work usefully. in: query name: allplatforms type: boolean - default: [] description: | Additional build contexts for builds that require more than one context. Each additional context must be specified as a key-value pair in the format "name=value". The value can be specified in three formats: - URL context: Use the prefix "url:" followed by a URL to a tar archive Example: "mycontext=url:https://example.com/context.tar" - Image context: Use the prefix "image:" followed by an image reference Example: "mycontext=image:alpine:latest" or "mycontext=image:docker.io/library/ubuntu:22.04" - Local path context: Use the prefix "localpath:" followed by an absolute path on the server filesystem Example: "mycontext=localpath:/path/to/context/dir" (As of version 5.6.0) in: query items: type: string name: additionalbuildcontexts type: array - description: | TBD Extra hosts to add to /etc/hosts (As of version 1.xx) in: query name: extrahosts type: string - description: | Not to create /etc/hosts when building the image in: query name: nohosts type: boolean - description: | A Git repository URI or HTTP/HTTPS context URI. If the URI points to a single text file, the file's contents are placed into a file called Dockerfile and the image is built from that file. If the URI points to a tarball, the file is downloaded by the daemon and the contents therein used as the context for the build. If the URI points to a tarball and the dockerfile parameter is also specified, there must be a file with the corresponding path inside the tarball. (As of version 1.xx) in: query name: remote type: string - default: false description: | Suppress verbose build output in: query name: q type: boolean - default: false description: | Contents of volume locations to be modified on ADD or COPY only (As of Podman version v5.2) in: query name: compatvolumes type: boolean - default: true description: | Add an "org.opencontainers.image.created" annotation to the image. (As of Podman version v5.6) in: query name: createdannotation type: boolean - description: | Timestamp to use for newly-added history entries and the image's creation date. (As of Podman version v5.6) in: query name: sourcedateepoch type: number - default: false description: | If sourcedateepoch is set, force new content added in layers to have timestamps no later than the sourcedateepoch date. (As of Podman version v5.6) in: query name: rewritetimestamp type: boolean - description: | Timestamp to use for newly-added history entries, the image's creation date, and for new content added in layers. in: query name: timestamp type: number - default: true description: | Inherit the labels from the base image or base stages (As of Podman version v5.5) in: query name: inheritlabels type: boolean - default: true description: | Inherit the annotations from the base image or base stages (As of Podman version v5.6) in: query name: inheritannotations type: boolean - default: false description: | Do not use the cache when building the image (As of version 1.xx) in: query name: nocache type: boolean - description: | JSON array of images used to build cache resolution (As of version 1.xx) in: query name: cachefrom type: string - default: false description: | Attempt to pull the image even if an older image exists locally (As of version 1.xx) in: query name: pull type: boolean - default: true description: | Remove intermediate containers after a successful build (As of version 1.xx) in: query name: rm type: boolean - default: false description: | Always remove intermediate containers, even upon failure (As of version 1.xx) in: query name: forcerm type: boolean - description: | Memory is the upper limit (in bytes) on how much memory running containers can use (As of version 1.xx) in: query name: memory type: integer - description: | MemorySwap limits the amount of memory and swap together (As of version 1.xx) in: query name: memswap type: integer - description: | CPUShares (relative weight (As of version 1.xx) in: query name: cpushares type: integer - description: | CPUSetCPUs in which to allow execution (0-3, 0,1) (As of version 1.xx) in: query name: cpusetcpus type: string - description: | CPUPeriod limits the CPU CFS (Completely Fair Scheduler) period (As of version 1.xx) in: query name: cpuperiod type: integer - description: | CPUQuota limits the CPU CFS (Completely Fair Scheduler) quota (As of version 1.xx) in: query name: cpuquota type: integer - description: | JSON map of string pairs denoting build-time variables. For example, the build argument `Foo` with the value of `bar` would be encoded in JSON as `["Foo":"bar"]`. For example, buildargs={"Foo":"bar"}. Note(s): * This should not be used to pass secrets. * The value of buildargs should be URI component encoded before being passed to the API. (As of version 1.xx) in: query name: buildargs type: string - default: 67108864 description: | ShmSize is the "size" value to use when mounting an shmfs on the container's /dev/shm directory. Default is 64MB (As of version 1.xx) in: query name: shmsize type: integer - default: false description: | Silently ignored. Squash the resulting images layers into a single layer (As of version 1.xx) in: query name: squash type: boolean - description: | JSON map of key, value pairs to set as labels on the new image (As of version 1.xx) in: query name: labels type: string - description: Add an intermediate image *label* (e.g. label=*value*) to the intermediate image metadata. in: query items: type: string name: layerLabel type: array - default: true description: | Cache intermediate layers during build. (As of version 1.xx) in: query name: layers type: boolean - default: bridge description: | Sets the networking mode for the run commands during build. Supported standard values are: * `bridge` limited to containers within a single host, port mapping required for external access * `host` no isolation between host and containers on this network * `none` disable all networking for this container * container: share networking with given container ---All other values are assumed to be a custom network's name (As of version 1.xx) in: query name: networkmode type: string - description: | Platform format os[/arch[/variant]] (As of version 1.xx) in: query name: platform type: string - description: | Target build stage (As of version 1.xx) in: query name: target type: string - description: | output configuration TBD (As of version 1.xx) in: query name: outputs type: string - description: | Inject http proxy environment variables into container (As of version 2.0.0) in: query name: httpproxy type: boolean - description: Unset environment variables from the final image. in: query items: type: string name: unsetenv type: array - description: Unset the image label, causing the label not to be inherited from the base image. in: query items: type: string name: unsetlabel type: array - description: | Unset the image annotation, causing the annotation not to be inherited from the base image. (As of Podman version v5.6) in: query items: type: string name: unsetannotation type: array - description: Extra volumes that should be mounted in the build container. in: query items: type: string name: volume type: array - description: | Add the image to the specified manifest list. Creates a manifest list if it does not exist. in: query name: manifest type: string produces: - application/json responses: "200": description: OK (As of version 1.xx) schema: properties: stream: description: output from build process example: | (build details...) type: string required: - stream type: object "400": $ref: '#/responses/badParamError' "404": $ref: '#/responses/fileNotFound' "500": $ref: '#/responses/internalError' summary: Create image from local build context tags: - images /libpod/local/images/load: post: description: Load an image (oci-archive or docker-archive) from a file path accessible on the server. operationId: LocalImagesLibpod parameters: - description: Absolute path to the image archive file on the server filesystem in: query name: path required: true type: string produces: - application/json responses: "200": $ref: '#/responses/imagesLoadResponseLibpod' "400": $ref: '#/responses/badParamError' "404": $ref: '#/responses/imageNotFound' "500": $ref: '#/responses/internalError' summary: Load image from local path tags: - images /libpod/manifests/{name}: delete: description: | Delete named manifest list As of v4.0.0 operationId: ManifestDeleteLibpod parameters: - description: The name or ID of the list to be deleted in: path name: name required: true type: string - description: Ignore if a specified manifest does not exist and do not throw an error. in: query name: ignore type: boolean produces: - application/json responses: "200": $ref: '#/responses/imagesRemoveResponseLibpod' "404": $ref: '#/responses/manifestNotFound' "500": $ref: '#/responses/internalError' summary: Delete manifest list tags: - manifests post: description: Create a manifest list operationId: ManifestCreateLibpod parameters: - description: manifest list or index name to create in: path name: name required: true type: string - description: | One or more names of an image or a manifest list. Repeat parameter as needed. Support for multiple images, as of version 4.0.0 Alias of `image` is support for compatibility with < 4.0.0 Response status code is 200 with < 4.0.0 for compatibility in: query name: images required: true type: string - description: add all contents if given list in: query name: all type: boolean - description: modify an existing list if one with the desired name already exists in: query name: amend type: boolean - description: options for new manifest in: body name: options schema: $ref: '#/definitions/ManifestModifyOptions' produces: - application/json responses: "201": description: "" schema: $ref: '#/definitions/IDResponse' "400": $ref: '#/responses/badParamError' "404": $ref: '#/responses/imageNotFound' "500": $ref: '#/responses/internalError' summary: Create tags: - manifests put: description: | Add/Remove an image(s) to a manifest list Note: operations are not atomic when multiple Images are provided. As of v4.0.0 operationId: ManifestModifyLibpod parameters: - description: the name or ID of the manifest in: path name: name required: true type: string - default: true description: Require HTTPS and verify signatures when contacting registries. in: query name: tlsVerify type: boolean - description: options for mutating a manifest in: body name: options required: true schema: $ref: '#/definitions/ManifestModifyOptions' produces: - application/json responses: "200": description: "" schema: $ref: '#/definitions/ManifestModifyReport' "400": $ref: '#/responses/badParamError' "404": $ref: '#/responses/manifestNotFound' "409": description: Operation had partial success, both Images and Errors may have members schema: $ref: '#/definitions/ManifestModifyReport' "500": $ref: '#/responses/internalError' summary: Modify manifest list tags: - manifests /libpod/manifests/{name}/add: post: description: | Add an image to a manifest list Deprecated: As of 4.0.0 use ManifestModifyLibpod instead operationId: ManifestAddLibpod parameters: - description: the name or ID of the manifest in: path name: name required: true type: string - description: options for creating a manifest in: body name: options schema: $ref: '#/definitions/ManifestAddOptions' produces: - application/json responses: "200": description: "" schema: $ref: '#/definitions/IDResponse' "404": $ref: '#/responses/manifestNotFound' "409": $ref: '#/responses/badParamError' "500": $ref: '#/responses/internalError' summary: Add image tags: - manifests /libpod/manifests/{name}/exists: get: description: | Check if manifest list exists Note: There is no contract that the manifest list will exist for a follow-on operation operationId: ManifestExistsLibpod parameters: - description: the name or ID of the manifest list in: path name: name required: true type: string produces: - application/json responses: "204": description: manifest list exists "404": $ref: '#/responses/manifestNotFound' "500": $ref: '#/responses/internalError' summary: Exists tags: - manifests /libpod/manifests/{name}/json: get: description: Display attributes of given manifest list operationId: ManifestInspectLibpod parameters: - description: the name or ID of the manifest list in: path name: name required: true type: string - default: true description: Require HTTPS and verify signatures when contacting registries. in: query name: tlsVerify type: boolean produces: - application/json responses: "200": $ref: '#/responses/manifestInspect' "404": $ref: '#/responses/manifestNotFound' "500": $ref: '#/responses/internalError' summary: Inspect tags: - manifests /libpod/manifests/{name}/push: post: description: | Push a manifest list or image index to a registry Deprecated: As of 4.0.0 use ManifestPushLibpod instead operationId: ManifestPushV3Libpod parameters: - description: the name or ID of the manifest in: path name: name required: true type: string - description: the destination for the manifest in: query name: destination required: true type: string - description: push all images in: query name: all type: boolean produces: - application/json responses: "200": description: "" schema: $ref: '#/definitions/IDResponse' "400": $ref: '#/responses/badParamError' "404": $ref: '#/responses/manifestNotFound' "500": $ref: '#/responses/internalError' summary: Push manifest to registry tags: - manifests /libpod/manifests/{name}/registry/{destination}: post: description: | Push a manifest list or image index to the named registry As of v4.0.0 operationId: ManifestPushLibpod parameters: - description: the name or ID of the manifest list in: path name: name required: true type: string - description: add existing instances with requested compression algorithms to manifest list in: query items: type: string name: addCompression type: array - default: false description: Enforce compressing the layers with the specified --compression and do not reuse differently compressed blobs on the registry. in: query name: forceCompressionFormat type: boolean - description: the registry for the manifest list in: path name: destination required: true type: string - default: true description: push all images in: query name: all type: boolean - default: true description: Require HTTPS and verify signatures when contacting registries. in: query name: tlsVerify type: boolean - default: true description: silences extra stream data on push in: query name: quiet type: boolean produces: - application/json responses: "200": description: "" schema: $ref: '#/definitions/IDResponse' "400": $ref: '#/responses/badParamError' "404": $ref: '#/responses/manifestNotFound' "500": $ref: '#/responses/internalError' summary: Push manifest list to registry tags: - manifests /libpod/networks/{name}: delete: description: Remove a configured network operationId: NetworkDeleteLibpod parameters: - description: the name of the network in: path name: name required: true type: string - description: remove containers associated with network in: query name: force type: boolean produces: - application/json responses: "200": $ref: '#/responses/networkRmResponse' "404": $ref: '#/responses/networkNotFound' "500": $ref: '#/responses/internalError' summary: Remove a network tags: - networks /libpod/networks/{name}/connect: post: description: Connect a container to a network. operationId: NetworkConnectLibpod parameters: - description: the name of the network in: path name: name required: true type: string - description: attributes for connecting a container to a network in: body name: create schema: $ref: '#/definitions/networkConnectRequestLibpod' produces: - application/json responses: "200": description: OK "404": $ref: '#/responses/networkNotFound' "500": $ref: '#/responses/internalError' summary: Connect container to network tags: - networks /libpod/networks/{name}/disconnect: post: description: Disconnect a container from a network. operationId: NetworkDisconnectLibpod parameters: - description: the name of the network in: path name: name required: true type: string - description: attributes for disconnecting a container from a network in: body name: create schema: $ref: '#/definitions/networkDisconnectRequest' produces: - application/json responses: "200": description: OK "404": $ref: '#/responses/networkNotFound' "500": $ref: '#/responses/internalError' summary: Disconnect container from network tags: - networks /libpod/networks/{name}/exists: get: description: Check if network exists operationId: NetworkExistsLibpod parameters: - description: the name or ID of the network in: path name: name required: true type: string produces: - application/json responses: "204": description: network exists "404": $ref: '#/responses/networkNotFound' "500": $ref: '#/responses/internalError' summary: Network exists tags: - networks /libpod/networks/{name}/json: get: description: | Display configuration for a network. operationId: NetworkInspectLibpod parameters: - description: the name of the network in: path name: name required: true type: string produces: - application/json responses: "200": $ref: '#/responses/networkInspectResponse' "404": $ref: '#/responses/networkNotFound' "500": $ref: '#/responses/internalError' summary: Inspect a network tags: - networks /libpod/networks/{name}/update: post: description: Update existing podman network operationId: NetworkUpdateLibpod parameters: - description: the name or ID of the network in: path name: name required: true type: string - description: attributes for updating a netavark network in: body name: update schema: $ref: '#/definitions/networkUpdateRequestLibpod' produces: - application/json responses: "200": description: OK "400": $ref: '#/responses/badParamError' "500": $ref: '#/responses/internalError' summary: Update existing podman network tags: - networks /libpod/networks/create: post: description: Create a new network configuration operationId: NetworkCreateLibpod parameters: - description: attributes for creating a network in: body name: create schema: $ref: '#/definitions/networkCreateLibpod' - default: false description: Ignore the request if a network with the same name already exists. in: query name: ignoreIfExists type: boolean produces: - application/json responses: "200": $ref: '#/responses/networkCreateResponse' "400": $ref: '#/responses/badParamError' "409": $ref: '#/responses/conflictError' "500": $ref: '#/responses/internalError' summary: Create network tags: - networks /libpod/networks/json: get: description: | Display summary of network configurations. - In a 200 response, all of the fields named Bytes are returned as a Base64 encoded string. operationId: NetworkListLibpod parameters: - description: | JSON encoded value of the filters (a `map[string][]string`) to process on the network list. Available filters: - `name=[name]` Matches network name (accepts regex). - `id=[id]` Matches for full or partial ID. - `driver=[driver]` Only bridge is supported. - `label=[key]` or `label=[key=value]` Matches networks based on the presence of a label alone or a label and a value. - `until=[timestamp]` Matches all networks that were created before the given timestamp. in: query name: filters type: string produces: - application/json responses: "200": $ref: '#/responses/networkListLibpod' "500": $ref: '#/responses/internalError' summary: List networks tags: - networks /libpod/networks/prune: post: description: Remove networks that do not have containers operationId: NetworkPruneLibpod parameters: - description: | Filters to process on the prune list, encoded as JSON (a `map[string][]string`). Available filters: - `until=` Prune networks created before this timestamp. The `` can be Unix timestamps, date formatted timestamps, or Go duration strings (e.g. `10m`, `1h30m`) computed relative to the daemon machine’s time. - `label` (`label=`, `label==`, `label!=`, or `label!==`) Prune networks with (or without, in case `label!=...` is used) the specified labels. in: query name: filters type: string produces: - application/json responses: "200": $ref: '#/responses/networkPruneResponse' "500": $ref: '#/responses/internalError' summary: Delete unused networks tags: - networks /libpod/play/kube: delete: description: Tears down pods, secrets, and volumes defined in a YAML file operationId: PlayKubeDownLibpod parameters: - default: false description: Remove volumes. in: query name: force type: boolean produces: - application/json responses: "200": $ref: '#/responses/playKubeResponseLibpod' "500": $ref: '#/responses/internalError' summary: Remove resources created from kube play tags: - containers - pods post: description: | Create and run pods based on a Kubernetes YAML file. ### Content-Type Then endpoint support two Content-Type - `plain/text` for yaml format - `application/x-tar` for sending context(s) required for building images #### Tar format The tar format must contain a `play.yaml` file at the root that will be used. If the file format requires context to build an image, it uses the image name and check for corresponding folder. For example, the client sends a tar file with the following structure: ``` └── content.tar ├── play.yaml └── foobar/ └── Containerfile ``` The `play.yaml` is the following, the `foobar` image means we are looking for a context with this name. ``` apiVersion: v1 kind: Pod metadata: name: demo-build-remote spec: containers: - name: container image: foobar ``` operationId: PlayKubeLibpod parameters: - default: plain/text enum: - plain/text - application/x-tar in: header name: Content-Type type: string - description: JSON encoded value of annotations (a map[string]string). in: query name: annotations type: string - description: Logging driver for the containers in the pod. in: query name: logDriver type: string - description: logging driver options in: query items: type: string name: logOptions type: array - description: USe the network mode or specify an array of networks. in: query items: type: string name: network type: array - default: false description: do not setup /etc/hosts file in container in: query name: noHosts type: boolean - default: false description: use annotations that are not truncated to the Kubernetes maximum length of 63 characters in: query name: noTrunc type: boolean - description: publish a container's port, or a range of ports, to the host in: query items: type: string name: publishPorts type: array - description: Whether to publish all ports defined in the K8S YAML file (containerPort, hostPort), if false only hostPort will be published in: query name: publishAllPorts type: boolean - default: false description: replace existing pods and containers in: query name: replace type: boolean - default: false description: Starts a service container before all pods. in: query name: serviceContainer type: boolean - default: true description: Start the pod after creating it. in: query name: start type: boolean - description: Static IPs used for the pods. in: query items: type: string name: staticIPs type: array - description: Static MACs used for the pods. in: query items: type: string name: staticMACs type: array - default: true description: Require HTTPS and verify signatures when contacting registries. in: query name: tlsVerify type: boolean - description: Set the user namespace mode for the pods. in: query name: userns type: string - default: false description: Clean up all objects created when a SIGTERM is received or pods exit. in: query name: wait type: boolean - description: Build the images with corresponding context. in: query name: build type: boolean - description: Kubernetes YAML file. in: body name: request schema: type: string produces: - application/json responses: "200": $ref: '#/responses/playKubeResponseLibpod' "500": $ref: '#/responses/internalError' summary: Play a Kubernetes YAML file. tags: - containers - pods /libpod/pods/{name}: delete: operationId: PodDeleteLibpod parameters: - description: the name or ID of the pod in: path name: name required: true type: string - description: force removal of a running pod by first stopping all containers, then removing all containers in the pod in: query name: force type: boolean - description: number of seconds to wait before killing containers in pod in: query name: timeout type: integer produces: - application/json responses: "200": $ref: '#/responses/podRmResponse' "400": $ref: '#/responses/badParamError' "404": $ref: '#/responses/podNotFound' "500": $ref: '#/responses/internalError' summary: Remove pod tags: - pods /libpod/pods/{name}/exists: get: description: Check if a pod exists by name or ID operationId: PodExistsLibpod parameters: - description: the name or ID of the pod in: path name: name required: true type: string produces: - application/json responses: "204": description: pod exists "404": $ref: '#/responses/podNotFound' "500": $ref: '#/responses/internalError' summary: Pod exists tags: - pods /libpod/pods/{name}/json: get: operationId: PodInspectLibpod parameters: - description: the name or ID of the pod in: path name: name required: true type: string produces: - application/json responses: "200": $ref: '#/responses/podInspectResponse' "404": $ref: '#/responses/podNotFound' "500": $ref: '#/responses/internalError' summary: Inspect pod tags: - pods /libpod/pods/{name}/kill: post: operationId: PodKillLibpod parameters: - description: the name or ID of the pod in: path name: name required: true type: string - default: SIGKILL description: signal to be sent to pod in: query name: signal type: string produces: - application/json responses: "200": $ref: '#/responses/podKillResponse' "400": $ref: '#/responses/badParamError' "404": $ref: '#/responses/podNotFound' "409": $ref: '#/responses/podKillResponse' "500": $ref: '#/responses/internalError' summary: Kill a pod tags: - pods /libpod/pods/{name}/pause: post: description: Pause a pod operationId: PodPauseLibpod parameters: - description: the name or ID of the pod in: path name: name required: true type: string produces: - application/json responses: "200": $ref: '#/responses/podPauseResponse' "404": $ref: '#/responses/podNotFound' "409": $ref: '#/responses/podPauseResponse' "500": $ref: '#/responses/internalError' summary: Pause a pod tags: - pods /libpod/pods/{name}/restart: post: operationId: PodRestartLibpod parameters: - description: the name or ID of the pod in: path name: name required: true type: string produces: - application/json responses: "200": $ref: '#/responses/podRestartResponse' "404": $ref: '#/responses/podNotFound' "409": $ref: '#/responses/podRestartResponse' "500": $ref: '#/responses/internalError' summary: Restart a pod tags: - pods /libpod/pods/{name}/start: post: operationId: PodStartLibpod parameters: - description: the name or ID of the pod in: path name: name required: true type: string produces: - application/json responses: "200": $ref: '#/responses/podStartResponse' "304": $ref: '#/responses/podAlreadyStartedError' "404": $ref: '#/responses/podNotFound' "409": $ref: '#/responses/podStartResponse' "500": $ref: '#/responses/internalError' summary: Start a pod tags: - pods /libpod/pods/{name}/stop: post: operationId: PodStopLibpod parameters: - description: the name or ID of the pod in: path name: name required: true type: string - description: timeout in: query name: t type: integer produces: - application/json responses: "200": $ref: '#/responses/podStopResponse' "304": $ref: '#/responses/podAlreadyStoppedError' "400": $ref: '#/responses/badParamError' "404": $ref: '#/responses/podNotFound' "409": $ref: '#/responses/podStopResponse' "500": $ref: '#/responses/internalError' summary: Stop a pod tags: - pods /libpod/pods/{name}/top: get: description: List processes running inside a pod operationId: PodTopLibpod parameters: - description: Name of pod to query for processes in: path name: name required: true type: string - description: when true, repeatedly stream the latest output (As of version 4.0) in: query name: stream type: boolean - default: 5 description: if streaming, delay in seconds between updates. Must be >1. (As of version 4.0) in: query name: delay type: integer - description: | arguments to pass to ps such as aux. in: query name: ps_args type: string produces: - application/json responses: "200": $ref: '#/responses/podTopResponse' "404": $ref: '#/responses/podNotFound' "500": $ref: '#/responses/internalError' summary: List processes tags: - pods /libpod/pods/{name}/unpause: post: operationId: PodUnpauseLibpod parameters: - description: the name or ID of the pod in: path name: name required: true type: string produces: - application/json responses: "200": $ref: '#/responses/podUnpauseResponse' "404": $ref: '#/responses/podNotFound' "409": $ref: '#/responses/podUnpauseResponse' "500": $ref: '#/responses/internalError' summary: Unpause a pod tags: - pods /libpod/pods/create: post: operationId: PodCreateLibpod parameters: - description: attributes for creating a pod in: body name: create schema: $ref: '#/definitions/PodSpecGenerator' produces: - application/json responses: "201": description: "" schema: $ref: '#/definitions/IDResponse' "400": $ref: '#/responses/badParamError' "409": description: status conflict schema: description: message describing error type: string "500": $ref: '#/responses/internalError' summary: Create a pod tags: - pods /libpod/pods/json: get: operationId: PodListLibpod parameters: - description: | JSON encoded value of the filters (a map[string][]string) to process on the pods list. Available filters: - `id=` Matches all of pod id. - `label=` or `label=:` Matches pods based on the presence of a label alone or a label and a value. - `name=` Matches all of pod name. - `until=` List pods created before this timestamp. The `` can be Unix timestamps, date formatted timestamps, or Go duration strings (e.g. `10m`, `1h30m`) computed relative to the daemon machine’s time. - `status=` Pod's status: `stopped`, `running`, `paused`, `exited`, `dead`, `created`, `degraded`. - `network=` Name or full ID of network. - `ctr-names=` Container name within the pod. - `ctr-ids=` Container ID within the pod. - `ctr-status=` Container status within the pod. - `ctr-number=` Number of containers in the pod. in: query name: filters type: string produces: - application/json responses: "200": $ref: '#/responses/podsListResponse' "400": $ref: '#/responses/badParamError' "500": $ref: '#/responses/internalError' summary: List pods tags: - pods /libpod/pods/prune: post: operationId: PodPruneLibpod produces: - application/json responses: "200": $ref: '#/responses/podPruneResponse' "400": $ref: '#/responses/badParamError' "409": description: pod already exists "500": $ref: '#/responses/internalError' summary: Prune unused pods tags: - pods /libpod/pods/stats: get: description: Display a live stream of resource usage statistics for the containers in one or more pods operationId: PodStatsAllLibpod parameters: - description: Provide statistics for all running pods. in: query name: all type: boolean - description: Names or IDs of pods. in: query items: type: string name: namesOrIDs type: array - default: false description: Stream the output in: query name: stream type: boolean - default: 5 description: Time in seconds between stats reports in: query name: delay type: integer produces: - application/json responses: "200": $ref: '#/responses/podStatsResponse' "404": $ref: '#/responses/podNotFound' "500": $ref: '#/responses/internalError' summary: Statistics for one or more pods tags: - pods /libpod/quadlets: delete: description: | Remove one or more quadlet files. Supports removing specific quadlets by name or all quadlets for the current user. Can force removal of running quadlets and control systemd reload behavior. operationId: QuadletDeleteAllLibpod parameters: - description: Names of quadlets to remove (e.g., "myapp.container"). Required unless all=true in: query items: type: string name: quadlets type: array - default: false description: Remove all quadlets for the current user in: query name: all type: boolean - default: false description: Remove running quadlets by stopping them first in: query name: force type: boolean - default: false description: Do not error for quadlets that do not exist in: query name: ignore type: boolean - default: true description: Reload systemd after removing quadlets in: query name: reload-systemd type: boolean produces: - application/json responses: "200": $ref: '#/responses/quadletRemoveResponse' "400": $ref: '#/responses/badParamError' "500": $ref: '#/responses/internalError' summary: Remove quadlet files (batch operation) tags: - quadlets post: consumes: - application/x-tar - multipart/form-data description: | Install one or more files for a quadlet application. Each request should contain a single quadlet file and optionally more files such as containerfile, kube yaml or configuration files. Supports both tar archives and multipart form data uploads. operationId: QuadletInstallLibpod parameters: - default: false description: Replace the installation files even if the files already exists in: query name: replace type: boolean - default: true description: Reload systemd after installing quadlets in: query name: reload-systemd type: boolean - description: | Quadlet files to install. Can be provided as: - application/x-tar: A tar archive containing one quadlet file and optionally additional files - multipart/form-data: One quadlet file as form data and optionally additional files in: body name: request schema: format: binary type: string produces: - application/json responses: "200": description: Quadlet installation report schema: properties: InstalledQuadlets: additionalProperties: type: string description: Map of source path to installed path for successfully installed quadlets type: object QuadletErrors: additionalProperties: type: string description: Map of source path to error message for failed installations type: object type: object "400": $ref: '#/responses/badParamError' "500": $ref: '#/responses/internalError' summary: Install quadlet files tags: - quadlets /libpod/quadlets/{name}: delete: description: | Remove a quadlet file by name. Can force removal of running quadlets and control systemd reload behavior. operationId: QuadletDeleteLibpod parameters: - description: the name of the quadlet with extension (e.g., "myapp.container") in: path name: name required: true type: string - default: false description: Remove running quadlet by stopping it first in: query name: force type: boolean - default: false description: Do not error if the quadlet does not exist in: query name: ignore type: boolean - default: true description: Reload systemd after removing the quadlet in: query name: reload-systemd type: boolean produces: - application/json responses: "200": $ref: '#/responses/quadletRemoveResponse' "400": $ref: '#/responses/badParamError' "404": $ref: '#/responses/quadletNotFound' "500": $ref: '#/responses/internalError' summary: Remove a quadlet file tags: - quadlets /libpod/quadlets/{name}/exists: get: description: Check if a quadlet exists by name operationId: QuadletExistsLibpod parameters: - description: the name of the quadlet with extension (e.g., "myapp.container") in: path name: name required: true type: string produces: - application/json responses: "204": description: quadlet exists "404": $ref: '#/responses/quadletNotFound' "500": $ref: '#/responses/internalError' summary: Check if quadlet exists tags: - quadlets /libpod/quadlets/{name}/file: get: description: Get the contents of a Quadlet, displaying the file including all comments operationId: QuadletFileLibpod parameters: - description: the name of the quadlet with extension (e.g., "myapp.container") in: path name: name required: true type: string produces: - text/plain responses: "200": $ref: '#/responses/quadletFileResponse' "404": $ref: '#/responses/quadletNotFound' "500": $ref: '#/responses/internalError' summary: Get quadlet file tags: - quadlets /libpod/quadlets/json: get: description: Return a list of all quadlets. operationId: QuadletListLibpod parameters: - description: | JSON encoded value of the filters (a map[string][]string). Supported filters: - name= Filter by quadlet name - pod= Filter by Pod= value (container quadlets only) in: query name: filters type: string produces: - application/json responses: "200": $ref: '#/responses/quadletListResponse' "500": $ref: '#/responses/internalError' summary: List quadlets tags: - quadlets /libpod/secrets/{name}: delete: operationId: SecretDeleteLibpod parameters: - description: the name or ID of the secret in: path name: name required: true type: string - default: false description: Remove all secrets in: query name: all type: boolean produces: - application/json responses: "204": description: no error "404": $ref: '#/responses/NoSuchSecret' "500": $ref: '#/responses/internalError' summary: Remove secret tags: - secrets /libpod/secrets/{name}/exists: get: operationId: SecretExistsLibpod parameters: - description: the name or ID of the secret in: path name: name required: true type: string produces: - application/json responses: "204": description: secret exists "404": $ref: '#/responses/NoSuchSecret' "500": $ref: '#/responses/internalError' summary: Secret exists tags: - secrets /libpod/secrets/{name}/json: get: operationId: SecretInspectLibpod parameters: - description: the name or ID of the secret in: path name: name required: true type: string - default: false description: Display Secret in: query name: showsecret type: boolean produces: - application/json responses: "200": $ref: '#/responses/SecretInspectResponse' "404": $ref: '#/responses/NoSuchSecret' "500": $ref: '#/responses/internalError' summary: Inspect secret tags: - secrets /libpod/secrets/create: post: operationId: SecretCreateLibpod parameters: - description: User-defined name of the secret. in: query name: name required: true type: string - default: file description: Secret driver in: query name: driver type: string - description: JSON-encoded string containing secret driver options as a `map[string]string`. in: query name: driveropts type: string - description: JSON-encoded string containing labels as a `map[string]string`. in: query name: labels type: string - default: false description: Replace an existing secret with the same name. in: query name: replace type: boolean - default: false description: Ignore the request if a secret with the same name already exists. in: query name: ignore type: boolean - description: Secret in: body name: request schema: type: string produces: - application/json responses: "201": $ref: '#/responses/SecretCreateResponse' "500": $ref: '#/responses/internalError' summary: Create a secret tags: - secrets /libpod/secrets/json: get: description: Returns a list of secrets operationId: SecretListLibpod parameters: - description: | JSON encoded value of the filters (a `map[string][]string`) to process on the secrets list. Currently available filters: - `name=[name]` Matches secrets name (accepts regex). - `id=[id]` Matches for full or partial ID. in: query name: filters type: string produces: - application/json responses: "200": $ref: '#/responses/SecretListResponse' "500": $ref: '#/responses/internalError' summary: List secrets tags: - secrets /libpod/system/check: post: operationId: SystemCheckLibpod parameters: - description: Skip time-consuming checks in: query name: quick type: boolean - description: Remove inconsistent images in: query name: repair type: boolean - description: Remove inconsistent containers and images in: query name: repair_lossy type: boolean - default: 24h0m0s description: Maximum allowed age of unreferenced layers in: query name: unreferenced_layer_max_age type: string produces: - application/json responses: "200": $ref: '#/responses/systemCheckResponse' "400": $ref: '#/responses/badParamError' "500": $ref: '#/responses/internalError' summary: Performs consistency checks on storage, optionally removing items which fail checks tags: - system /libpod/system/df: get: description: Return information about disk usage for containers, images, and volumes operationId: SystemDataUsageLibpod produces: - application/json responses: "200": $ref: '#/responses/systemDiskUsage' "500": $ref: '#/responses/internalError' summary: Show disk usage tags: - system /libpod/system/prune: post: operationId: SystemPruneLibpod parameters: - description: Remove all unused data, not just dangling data in: query name: all type: boolean - description: Prune volumes in: query name: volumes type: boolean - description: Remove images used by external containers (e.g., build containers) in: query name: external type: boolean - description: Remove build cache in: query name: build type: boolean - description: | JSON encoded value of filters (a map[string][]string) to match data against before pruning. Available filters: - `until=` Prune data created before this timestamp. The `` can be Unix timestamps, date formatted timestamps, or Go duration strings (e.g. `10m`, `1h30m`) computed relative to the daemon machine's time. - `label` (`label=`, `label==`, `label!=`, or `label!==`) Prune data with (or without, in case `label!=...` is used) the specified labels. in: query name: filters type: string produces: - application/json responses: "200": $ref: '#/responses/systemPruneResponse' "400": $ref: '#/responses/badParamError' "500": $ref: '#/responses/internalError' summary: Prune unused data tags: - system /libpod/version: get: operationId: SystemVersionLibpod produces: - application/json responses: "200": $ref: '#/responses/versionResponse' summary: Component Version information tags: - system /libpod/volumes/{name}: delete: operationId: VolumeDeleteLibpod parameters: - description: the name or ID of the volume in: path name: name required: true type: string - description: force removal in: query name: force type: boolean - description: timeout before forcibly killing any containers using the volume in: query name: timeout type: integer produces: - application/json responses: "204": description: no error "404": $ref: '#/responses/volumeNotFound' "409": description: Volume is in use and cannot be removed "500": $ref: '#/responses/internalError' summary: Remove volume tags: - volumes /libpod/volumes/{name}/exists: get: description: Check if a volume exists operationId: VolumeExistsLibpod parameters: - description: the name of the volume in: path name: name required: true type: string produces: - application/json responses: "204": description: volume exists "404": $ref: '#/responses/volumeNotFound' "500": $ref: '#/responses/internalError' summary: Volume exists tags: - volumes /libpod/volumes/{name}/export: get: operationId: VolumeExportLibpod parameters: - description: the name or ID of the volume in: path name: name required: true type: string produces: - application/x-tar responses: "200": description: no error schema: format: binary type: string "404": $ref: '#/responses/volumeNotFound' "500": $ref: '#/responses/internalError' summary: Export a volume tags: - volumes /libpod/volumes/{name}/import: post: operationId: VolumeImportLibpod parameters: - description: the name or ID of the volume in: path name: name required: true type: string - description: | An uncompressed tar archive in: body name: inputStream schema: format: binary type: string produces: - application/json responses: "204": description: Successful import "404": $ref: '#/responses/volumeNotFound' "500": $ref: '#/responses/internalError' summary: Populate a volume by importing provided tar tags: - volumes /libpod/volumes/{name}/json: get: operationId: VolumeInspectLibpod parameters: - description: the name or ID of the volume in: path name: name required: true type: string produces: - application/json responses: "200": $ref: '#/responses/volumeCreateResponse' "404": $ref: '#/responses/volumeNotFound' "500": $ref: '#/responses/internalError' summary: Inspect volume tags: - volumes /libpod/volumes/create: post: operationId: VolumeCreateLibpod parameters: - description: attributes for creating a volume in: body name: create schema: $ref: '#/definitions/VolumeCreateOptions' produces: - application/json responses: "201": $ref: '#/responses/volumeCreateResponse' "500": $ref: '#/responses/internalError' summary: Create a volume tags: - volumes /libpod/volumes/json: get: description: Returns a list of volumes operationId: VolumeListLibpod parameters: - description: | JSON encoded value of the filters (a map[string][]string) to process on the volumes list. Available filters: - driver= Matches volumes based on their driver. - label= or label=: Matches volumes based on the presence of a label alone or a label and a value. - name= Matches all of volume name. - opt= Matches a storage driver options - `until=` List volumes created before this timestamp. The `` can be Unix timestamps, date formatted timestamps, or Go duration strings (e.g. `10m`, `1h30m`) computed relative to the daemon machine’s time. in: query name: filters type: string produces: - application/json responses: "200": $ref: '#/responses/volumeListLibpod' "500": $ref: '#/responses/internalError' summary: List volumes tags: - volumes /libpod/volumes/prune: post: operationId: VolumePruneLibpod parameters: - description: | JSON encoded value of filters (a map[string][]string) to match volumes against before pruning. Available filters: - `all` When true, prune all unused volumes; when false or unset, only anonymous unused volumes. - `anonymous` When true/false, restrict to anonymous or named volumes only. - `until=` Prune volumes created before this timestamp. The `` can be Unix timestamps, date formatted timestamps, or Go duration strings (e.g. `10m`, `1h30m`) computed relative to the daemon machine’s time. - `label` (`label=`, `label==`, `label!=`, or `label!==`) Prune volumes with (or without, in case `label!=...` is used) the specified labels. in: query name: filters type: string produces: - application/json responses: "200": $ref: '#/responses/volumePruneLibpod' "500": $ref: '#/responses/internalError' summary: Prune volumes tags: - volumes /networks: get: description: Display summary of network configurations operationId: NetworkList parameters: - description: | JSON encoded value of the filters (a `map[string][]string`) to process on the network list. Currently available filters: - `name=[name]` Matches network name (accepts regex). - `id=[id]` Matches for full or partial ID. - `driver=[driver]` Only bridge is supported. - `label=[key]` or `label=[key=value]` Matches networks based on the presence of a label alone or a label and a value. in: query name: filters type: string produces: - application/json responses: "200": $ref: '#/responses/networkListCompat' "500": $ref: '#/responses/internalError' summary: List networks tags: - networks (compat) /networks/{name}: delete: description: Remove a network operationId: NetworkDelete parameters: - description: the name of the network in: path name: name required: true type: string - default: false description: Remove containers associated with the network. in: query name: force type: boolean - description: Seconds to wait for container removal when force is set. in: query name: timeout type: integer produces: - application/json responses: "204": description: no error "404": $ref: '#/responses/networkNotFound' "500": $ref: '#/responses/internalError' summary: Remove a network tags: - networks (compat) get: description: Display low level configuration network operationId: NetworkInspect parameters: - description: the name of the network in: path name: name required: true type: string - description: Detailed inspect output for troubleshooting in: query name: verbose type: boolean - description: Filter the network by scope (swarm, global, or local) in: query name: scope type: string produces: - application/json responses: "200": $ref: '#/responses/networkInspectCompat' "404": $ref: '#/responses/networkNotFound' "500": $ref: '#/responses/internalError' summary: Inspect a network tags: - networks (compat) /networks/{name}/connect: post: description: Connect a container to a network operationId: NetworkConnect parameters: - description: the name of the network in: path name: name required: true type: string - description: attributes for connecting a container to a network in: body name: create schema: $ref: '#/definitions/networkConnectRequest' produces: - application/json responses: "200": description: OK "400": $ref: '#/responses/badParamError' "403": $ref: '#/responses/networkConnectedError' "500": $ref: '#/responses/internalError' summary: Connect container to network tags: - networks (compat) /networks/{name}/disconnect: post: description: Disconnect a container from a network operationId: NetworkDisconnect parameters: - description: the name of the network in: path name: name required: true type: string - description: attributes for disconnecting a container from a network in: body name: create schema: $ref: '#/definitions/networkDisconnectRequest' produces: - application/json responses: "200": description: OK "400": $ref: '#/responses/badParamError' "500": $ref: '#/responses/internalError' summary: Disconnect container from network tags: - networks (compat) /networks/create: post: description: Create a network configuration operationId: NetworkCreate parameters: - description: attributes for creating a network in: body name: create schema: $ref: '#/definitions/networkCreate' produces: - application/json responses: "201": description: network created schema: properties: Id: type: string Warning: type: string type: object "400": $ref: '#/responses/badParamError' "500": $ref: '#/responses/internalError' summary: Create network tags: - networks (compat) /networks/prune: post: description: Remove networks that do not have containers operationId: NetworkPrune parameters: - description: | Filters to process on the prune list, encoded as JSON (a map[string][]string). Available filters: - `until=` Prune networks created before this timestamp. The can be Unix timestamps, date formatted timestamps, or Go duration strings (e.g. `10m`, `1h30m`) computed relative to the daemon machine’s time. - `label` (`label=`, `label==`, `label!=`, or `label!==`) Prune networks with (or without, in case `label!=...` is used) the specified labels. in: query name: filters type: string produces: - application/json responses: "200": description: OK schema: properties: NetworksDeleted: items: type: string type: array type: object "500": $ref: '#/responses/internalError' summary: Delete unused networks tags: - networks (compat) /secrets: get: description: Returns a list of secrets operationId: SecretList parameters: - description: | JSON encoded value of the filters (a `map[string][]string`) to process on the secrets list. Currently available filters: - `name=[name]` Matches secrets name (accepts regex). - `id=[id]` Matches for full or partial ID. in: query name: filters type: string produces: - application/json responses: "200": $ref: '#/responses/SecretListCompatResponse' "500": $ref: '#/responses/internalError' summary: List secrets tags: - secrets (compat) /secrets/{name}: delete: operationId: SecretDelete parameters: - description: the name or ID of the secret in: path name: name required: true type: string produces: - application/json responses: "204": description: no error "404": $ref: '#/responses/NoSuchSecret' "500": $ref: '#/responses/internalError' summary: Remove secret tags: - secrets (compat) get: operationId: SecretInspect parameters: - description: the name or ID of the secret in: path name: name required: true type: string produces: - application/json responses: "200": $ref: '#/responses/SecretInspectCompatResponse' "404": $ref: '#/responses/NoSuchSecret' "500": $ref: '#/responses/internalError' summary: Inspect secret tags: - secrets (compat) /secrets/create: post: operationId: SecretCreate parameters: - description: | attributes for creating a secret in: body name: create schema: $ref: '#/definitions/SecretCreate' produces: - application/json responses: "201": $ref: '#/responses/SecretCreateResponse' "409": $ref: '#/responses/SecretInUse' "500": $ref: '#/responses/internalError' summary: Create a secret tags: - secrets (compat) /system/df: get: description: Return information about disk usage for containers, images, and volumes operationId: SystemDataUsage produces: - application/json responses: "200": $ref: '#/responses/systemDiskUsage' "500": $ref: '#/responses/internalError' summary: Show disk usage tags: - system (compat) /version: get: operationId: SystemVersion produces: - application/json responses: "200": $ref: '#/responses/versionResponse' summary: Component Version information tags: - system (compat) /volumes: get: description: Returns a list of volume operationId: VolumeList parameters: - description: | JSON encoded value of the filters (a map[string][]string) to process on the volumes list. Available filters: - driver= Matches volumes based on their driver. - label= or label=: Matches volumes based on the presence of a label alone or a label and a value. - name= Matches all of volume name. - `until=` List volumes created before this timestamp. The `` can be Unix timestamps, date formatted timestamps, or Go duration strings (e.g. `10m`, `1h30m`) computed relative to the daemon machine’s time. Note: The boolean `dangling` filter is not yet implemented for this endpoint. in: query name: filters type: string produces: - application/json responses: "200": $ref: '#/responses/volumeList' "500": $ref: '#/responses/internalError' summary: List volumes tags: - volumes (compat) /volumes/{name}: delete: operationId: VolumeDelete parameters: - description: the name or ID of the volume in: path name: name required: true type: string - description: | Force removal of the volume. This actually only causes errors due to the names volume not being found to be suppressed, which is the behaviour Docker implements. in: query name: force type: boolean - description: timeout before forcibly killing any containers using the volume in: query name: timeout type: integer produces: - application/json responses: "204": description: no error "404": $ref: '#/responses/volumeNotFound' "409": description: Volume is in use and cannot be removed "500": $ref: '#/responses/internalError' summary: Remove volume tags: - volumes (compat) get: operationId: VolumeInspect parameters: - description: the name or ID of the volume in: path name: name required: true type: string produces: - application/json responses: "200": $ref: '#/responses/volumeInspect' "500": $ref: '#/responses/internalError' summary: Inspect volume tags: - volumes (compat) /volumes/create: post: operationId: VolumeCreate parameters: - description: | attributes for creating a volume. Note: If a volume by the same name exists, a 201 response with that volume's information will be generated. in: body name: create schema: $ref: '#/definitions/volumeCreate' produces: - application/json responses: "201": $ref: '#/responses/volumeInspect' "500": $ref: '#/responses/internalError' summary: Create a volume tags: - volumes (compat) /volumes/prune: post: operationId: VolumePrune parameters: - description: | JSON encoded value of filters (a map[string][]string). Docker API 1.42+ - by default only anonymous (unnamed) unused volumes are pruned; use filter all=true to prune all unused volumes. Available filters: - `all` When true, prune all unused volumes (anonymous and named). When false or unset, only anonymous unused volumes are pruned. - `until=` Prune volumes created before this timestamp. The `` can be Unix timestamps, date formatted timestamps, or Go duration strings (e.g. `10m`, `1h30m`) computed relative to the daemon machine’s time. - `label` (`label=`, `label==`, `label!=`, or `label!==`) Prune volumes with (or without, in case `label!=...` is used) the specified labels. in: query name: filters type: string produces: - application/json responses: "200": $ref: '#/responses/volumePruneResponse' "500": $ref: '#/responses/internalError' summary: Prune volumes tags: - volumes (compat) produces: - application/json - application/octet-stream - text/plain responses: NoSuchSecret: description: No such secret schema: properties: cause: description: API root cause formatted for automated parsing example: API root cause type: string x-go-name: Because message: description: human error message, formatted for a human to read example: human error message type: string x-go-name: Message response: description: HTTP response code format: int64 minimum: 400 type: integer x-go-name: ResponseCode type: object SecretCreateResponse: description: Secret create response schema: allOf: - $ref: '#/definitions/SecretCreateReport' SecretInUse: description: Secret in use schema: properties: cause: description: API root cause formatted for automated parsing example: API root cause type: string x-go-name: Because message: description: human error message, formatted for a human to read example: human error message type: string x-go-name: Message response: description: HTTP response code format: int64 minimum: 400 type: integer x-go-name: ResponseCode type: object SecretInspectCompatResponse: description: Secret inspect compat schema: $ref: '#/definitions/SecretInfoReportCompat' SecretInspectResponse: description: Secret inspect response schema: $ref: '#/definitions/SecretInfoReport' SecretListCompatResponse: description: Secret list response schema: items: $ref: '#/definitions/SecretInfoReportCompat' type: array SecretListResponse: description: Secret list response schema: items: $ref: '#/definitions/SecretInfoReport' type: array artifactAddResponse: description: Artifact Add schema: $ref: '#/definitions/ArtifactAddReport' artifactBadAuth: description: error in authentication schema: $ref: '#/definitions/ErrorModel' artifactListResponse: description: Artifact list schema: items: $ref: '#/definitions/ArtifactListReport' type: array artifactNotFound: description: No such artifact schema: $ref: '#/definitions/ErrorModel' artifactPullResponse: description: Artifact Pull schema: $ref: '#/definitions/ArtifactPullReport' artifactPushResponse: description: Artifact Push schema: $ref: '#/definitions/ArtifactPushReport' artifactRemoveResponse: description: Artifact Remove schema: $ref: '#/definitions/ArtifactRemoveReport' badParamError: description: Bad parameter in request schema: $ref: '#/definitions/ErrorModel' conflictError: description: Conflict error in operation schema: $ref: '#/definitions/ErrorModel' containerAlreadyStartedError: description: Container already started schema: $ref: '#/definitions/ErrorModel' containerAlreadyStoppedError: description: Container already stopped schema: $ref: '#/definitions/ErrorModel' containerCreateResponse: description: Create container schema: $ref: '#/definitions/ContainerCreateResponse' containerInspectResponse: description: Inspect container schema: $ref: '#/definitions/InspectResponse' containerInspectResponseLibpod: description: Inspect container schema: $ref: '#/definitions/InspectContainerData' containerNotFound: description: No such container schema: $ref: '#/definitions/ErrorModel' containerRemoveLibpod: description: Remove Containers schema: items: $ref: '#/definitions/LibpodContainersRmReport' type: array containerStats: description: Get stats for one or more containers schema: $ref: '#/definitions/ContainerStats' containerTopResponse: description: List processes in container schema: $ref: '#/definitions/ContainerTopOKBody' containerUpdateResponse: description: Update container schema: properties: ID: type: string type: object containerWaitResponse: description: Wait container schema: properties: Error: properties: Message: type: string type: object StatusCode: description: container exit code format: int64 type: integer type: object containersList: description: List Containers schema: items: $ref: '#/definitions/Container' type: array containersListLibpod: description: List Containers schema: items: $ref: '#/definitions/ListContainer' type: array containersPrune: description: Prune Containers schema: items: $ref: '#/definitions/ContainersPruneReport' type: array containersPruneLibpod: description: Prune Containers schema: items: $ref: '#/definitions/ContainersPruneReportLibpod' type: array errorFromRegistry: description: Error from registry schema: $ref: '#/definitions/ErrorModel' execSessionInspect: description: Exec Session Inspect schema: $ref: '#/definitions/InspectExecSession' execSessionNotFound: description: No such exec instance schema: $ref: '#/definitions/ErrorModel' fileNotFound: description: No such file schema: $ref: '#/definitions/ErrorModel' healthCheck: description: Healthcheck Results schema: $ref: '#/definitions/HealthCheckResults' history: description: Image History schema: $ref: '#/definitions/HistoryResponse' imageDeleteResponse: description: Image Delete schema: items: properties: deleted: type: string x-go-name: Deleted untagged: items: type: string type: array x-go-name: Untagged type: object type: array imageInspect: description: Image Inspect schema: $ref: '#/definitions/ImageInspect' imageList: description: Image summary for compat API schema: items: $ref: '#/definitions/Summary' type: array imageListLibpod: description: Image summary for libpod API schema: items: $ref: '#/definitions/ImageSummary' type: array imageNotFound: description: No such image schema: $ref: '#/definitions/ErrorModel' imagesImportResponseLibpod: description: Image Import schema: $ref: '#/definitions/ImageImportReport' imagesLoadResponseLibpod: description: Image Load schema: $ref: '#/definitions/ImageLoadReport' imagesPruneLibpod: description: Image Prune schema: items: $ref: '#/definitions/PruneReport' type: array imagesPullResponseLibpod: description: Image Pull. Errors may be detected later even if this returns HTTP status 200, and in that case, the error description will be in the `error` field. schema: $ref: '#/definitions/LibpodImagesPullReport' imagesRemoveResponseLibpod: description: Image Remove schema: $ref: '#/definitions/LibpodImagesRemoveReport' imagesScpResponseLibpod: description: Image Scp schema: $ref: '#/definitions/ScpReport' infoResponse: description: Info schema: $ref: '#/definitions/LibpodInfo' inspectArtifactResponse: description: Inspect Artifact schema: $ref: '#/definitions/ArtifactInspectReport' inspectImageResponseLibpod: description: Inspect Image schema: $ref: '#/definitions/ImageData' internalError: description: Internal server error schema: $ref: '#/definitions/ErrorModel' manifestInspect: description: Inspect Manifest schema: $ref: '#/definitions/Schema2List' manifestNotFound: description: No such manifest schema: $ref: '#/definitions/ErrorModel' networkConnectedError: description: Network is already connected and container is running or transitioning to the running state ('initialized') schema: $ref: '#/definitions/ErrorModel' networkCreateResponse: description: Network create schema: $ref: '#/definitions/Network' networkInspectCompat: description: Network inspect schema: $ref: '#/definitions/Inspect' networkInspectResponse: description: Network inspect schema: $ref: '#/definitions/NetworkInspectReport' networkListCompat: description: Network list schema: items: $ref: '#/definitions/Summary' type: array networkListLibpod: description: Network list schema: items: $ref: '#/definitions/Network' type: array networkNotFound: description: No such network schema: $ref: '#/definitions/ErrorModel' networkPruneResponse: description: Network prune schema: items: $ref: '#/definitions/NetworkPruneReport' type: array networkRmResponse: description: Network Delete schema: items: $ref: '#/definitions/NetworkRmReport' type: array ok: description: Success schema: type: object playKubeResponseLibpod: description: PlayKube response schema: $ref: '#/definitions/PlayKubeReport' podAlreadyStartedError: description: Pod already started schema: $ref: '#/definitions/ErrorModel' podAlreadyStoppedError: description: Pod already stopped schema: $ref: '#/definitions/ErrorModel' podInspectResponse: description: Inspect pod schema: $ref: '#/definitions/InspectPodData' podKillResponse: description: Kill Pod schema: $ref: '#/definitions/PodKillReport' podNotFound: description: No such pod schema: $ref: '#/definitions/ErrorModel' podPauseResponse: description: Pause pod schema: $ref: '#/definitions/PodPauseReport' podPruneResponse: description: Prune pod schema: $ref: '#/definitions/PodPruneReport' podRestartResponse: description: Restart pod schema: $ref: '#/definitions/PodRestartReport' podRmResponse: description: Rm pod schema: $ref: '#/definitions/PodRmReport' podStartResponse: description: Start pod schema: $ref: '#/definitions/PodStartReport' podStatsResponse: description: Pod Statistics schema: items: $ref: '#/definitions/PodStatsReport' type: array podStopResponse: description: Stop pod schema: $ref: '#/definitions/PodStopReport' podTopResponse: description: List processes in pod schema: $ref: '#/definitions/PodTopOKBody' podUnpauseResponse: description: Unpause pod schema: $ref: '#/definitions/PodUnpauseReport' podsListResponse: description: List pods schema: items: $ref: '#/definitions/ListPodsReport' type: array quadletFileResponse: description: Quadlet file quadletListResponse: description: Quadlet list schema: items: $ref: '#/definitions/ListQuadlet' type: array quadletNotFound: description: No such quadlet schema: $ref: '#/definitions/ErrorModel' quadletRemoveResponse: description: Quadlet remove schema: $ref: '#/definitions/QuadletRemoveReport' registrySearchResponse: description: Registry Search schema: properties: Automated: description: Automated indicates if the image was created by an automated build. type: string Description: description: Description of the image. type: string Index: description: Index is the image index example: quay.io type: string Name: description: Name is the canonical name of the image example: docker.io/library/alpine" type: string Official: description: Official indicates if it's an official image. type: string Stars: description: Stars is the number of stars of the image. format: int64 type: integer Tag: description: Tag is the image tag type: string type: object systemAuthResponse: description: Auth response schema: $ref: '#/definitions/AuthReport' systemCheckResponse: description: Check schema: $ref: '#/definitions/SystemCheckReport' systemDiskUsage: description: Disk usage schema: $ref: '#/definitions/SystemDfReport' systemPruneResponse: description: System Prune results schema: $ref: '#/definitions/SystemPruneReport' treeResponse: description: Image Tree schema: $ref: '#/definitions/ImageTreeReport' versionResponse: description: Version schema: $ref: '#/definitions/ComponentVersion' volumeCreateResponse: description: Volume details schema: $ref: '#/definitions/VolumeConfigResponse' volumeInspect: description: This response definition is used for both the create and inspect endpoints schema: $ref: '#/definitions/Volume' volumeList: description: Volume List schema: $ref: '#/definitions/ListResponse' volumeListLibpod: description: Volume list schema: items: $ref: '#/definitions/VolumeConfigResponse' type: array volumeNotFound: description: No such volume schema: $ref: '#/definitions/ErrorModel' volumePruneLibpod: description: Volume Prune schema: items: $ref: '#/definitions/PruneReport' type: array volumePruneResponse: description: Volume prune schema: $ref: '#/definitions/PruneReport' schemes: - http - https swagger: "2.0" tags: - description: Actions related to artifacts name: artifacts - description: Actions related to containers name: containers - description: Actions related to exec name: exec - description: Actions related to images name: images - description: Actions related to manifests name: manifests - description: Actions related to networks name: networks - description: Actions related to pods name: pods - description: Actions related to volumes name: volumes - description: Actions related to secrets name: secrets - description: Actions related to Podman engine name: system - description: Actions related to containers for the compatibility endpoints name: containers (compat) - description: Actions related to exec for the compatibility endpoints name: exec (compat) - description: Actions related to images for the compatibility endpoints name: images (compat) - description: Actions related to networks for the compatibility endpoints name: networks (compat) - description: Actions related to volumes for the compatibility endpoints name: volumes (compat) - description: Actions related to secrets for the compatibility endpoints name: secrets (compat) - description: Actions related to Podman and compatibility engines name: system (compat)