Skip to content

Class: PodmanContainer

Podman container

URI: containers:PodmanContainer

classDiagram class PodmanContainer IacModule <|-- PodmanContainer PodmanContainer : annotation PodmanContainer ..> MetaObject : annotation PodmanContainer : authfile PodmanContainer ..> string : authfile PodmanContainer : blkio_weight PodmanContainer ..> integer : blkio_weight PodmanContainer : blkio_weight_device PodmanContainer ..> MetaObject : blkio_weight_device PodmanContainer : cap_add PodmanContainer ..> string : cap_add PodmanContainer : cap_drop PodmanContainer ..> string : cap_drop PodmanContainer : cgroup_parent PodmanContainer ..> string : cgroup_parent PodmanContainer : cgroupns PodmanContainer ..> string : cgroupns PodmanContainer : cgroups PodmanContainer ..> string : cgroups PodmanContainer : cidfile PodmanContainer ..> string : cidfile PodmanContainer : cmd_args PodmanContainer ..> string : cmd_args PodmanContainer : command PodmanContainer ..> string : command PodmanContainer : conmon_pidfile PodmanContainer ..> string : conmon_pidfile PodmanContainer : cpu_period PodmanContainer ..> integer : cpu_period PodmanContainer : cpu_rt_period PodmanContainer ..> integer : cpu_rt_period PodmanContainer : cpu_rt_runtime PodmanContainer ..> integer : cpu_rt_runtime PodmanContainer : cpu_shares PodmanContainer ..> integer : cpu_shares PodmanContainer : cpus PodmanContainer ..> string : cpus PodmanContainer : cpuset_cpus PodmanContainer ..> string : cpuset_cpus PodmanContainer : cpuset_mems PodmanContainer ..> string : cpuset_mems PodmanContainer : debug PodmanContainer ..> boolean : debug PodmanContainer : detach PodmanContainer ..> boolean : detach PodmanContainer : detach_keys PodmanContainer ..> string : detach_keys PodmanContainer : device PodmanContainer ..> string : device PodmanContainer : device_read_bps PodmanContainer ..> string : device_read_bps PodmanContainer : device_read_iops PodmanContainer ..> string : device_read_iops PodmanContainer : device_write_bps PodmanContainer ..> string : device_write_bps PodmanContainer : device_write_iops PodmanContainer ..> string : device_write_iops PodmanContainer : dns PodmanContainer ..> string : dns PodmanContainer : dns_option PodmanContainer ..> string : dns_option PodmanContainer : dns_search PodmanContainer ..> string : dns_search PodmanContainer : entrypoint PodmanContainer ..> string : entrypoint PodmanContainer : env PodmanContainer ..> MetaObject : env PodmanContainer : env_file PodmanContainer ..> string : env_file PodmanContainer : env_host PodmanContainer ..> boolean : env_host PodmanContainer : etc_hosts PodmanContainer ..> MetaObject : etc_hosts PodmanContainer : executable PodmanContainer ..> string : executable PodmanContainer : expose PodmanContainer ..> string : expose PodmanContainer : force_restart PodmanContainer ..> boolean : force_restart PodmanContainer : generate_systemd PodmanContainer ..> MetaObject : generate_systemd PodmanContainer : gidmap PodmanContainer ..> string : gidmap PodmanContainer : group_add PodmanContainer ..> string : group_add PodmanContainer : healthcheck PodmanContainer ..> string : healthcheck PodmanContainer : healthcheck_interval PodmanContainer ..> string : healthcheck_interval PodmanContainer : healthcheck_retries PodmanContainer ..> integer : healthcheck_retries PodmanContainer : healthcheck_start_period PodmanContainer ..> string : healthcheck_start_period PodmanContainer : healthcheck_timeout PodmanContainer ..> string : healthcheck_timeout PodmanContainer : hostname PodmanContainer ..> string : hostname PodmanContainer : http_proxy PodmanContainer ..> boolean : http_proxy PodmanContainer : image_strict PodmanContainer ..> boolean : image_strict PodmanContainer : image_volume PodmanContainer ..> ContainerImageVolumeEnum : image_volume PodmanContainer : init PodmanContainer ..> boolean : init PodmanContainer : init_path PodmanContainer ..> string : init_path PodmanContainer : interactive PodmanContainer ..> boolean : interactive PodmanContainer : ip PodmanContainer ..> string : ip PodmanContainer : ipc PodmanContainer ..> string : ipc PodmanContainer : kernel_memory PodmanContainer ..> string : kernel_memory PodmanContainer : label PodmanContainer ..> MetaObject : label PodmanContainer : label_file PodmanContainer ..> string : label_file PodmanContainer : log_driver PodmanContainer ..> ContainerLogDriverEnum : log_driver PodmanContainer : log_level PodmanContainer ..> ContainerLogLevelEnum : log_level PodmanContainer : log_opt PodmanContainer ..> MetaObject : log_opt PodmanContainer : mac_address PodmanContainer ..> string : mac_address PodmanContainer : memory PodmanContainer ..> string : memory PodmanContainer : memory_reservation PodmanContainer ..> string : memory_reservation PodmanContainer : memory_swap PodmanContainer ..> string : memory_swap PodmanContainer : memory_swappiness PodmanContainer ..> integer : memory_swappiness PodmanContainer : mount PodmanContainer ..> string : mount PodmanContainer : name PodmanContainer ..> label type : name PodmanContainer : network PodmanContainer ..> string : network PodmanContainer : network_aliases PodmanContainer ..> string : network_aliases PodmanContainer : no_hosts PodmanContainer ..> boolean : no_hosts PodmanContainer : oom_kill_disable PodmanContainer ..> boolean : oom_kill_disable PodmanContainer : oom_score_adj PodmanContainer ..> integer : oom_score_adj PodmanContainer : pid PodmanContainer ..> string : pid PodmanContainer : pids_limit PodmanContainer ..> integer : pids_limit PodmanContainer : pod PodmanContainer ..> string : pod PodmanContainer : privileged PodmanContainer ..> boolean : privileged PodmanContainer : publish PodmanContainer ..> string : publish PodmanContainer : publish_all PodmanContainer ..> boolean : publish_all PodmanContainer : read_only PodmanContainer ..> boolean : read_only PodmanContainer : read_only_tmpfs PodmanContainer ..> boolean : read_only_tmpfs PodmanContainer : recreate PodmanContainer ..> boolean : recreate PodmanContainer : requires PodmanContainer ..> string : requires PodmanContainer : restart_policy PodmanContainer ..> string : restart_policy PodmanContainer : rm PodmanContainer ..> boolean : rm PodmanContainer : rootfs PodmanContainer ..> boolean : rootfs PodmanContainer : sdnotify PodmanContainer ..> string : sdnotify PodmanContainer : secrets PodmanContainer ..> string : secrets PodmanContainer : security_opt PodmanContainer ..> string : security_opt PodmanContainer : shm_size PodmanContainer ..> string : shm_size PodmanContainer : sig_proxy PodmanContainer ..> boolean : sig_proxy PodmanContainer : state PodmanContainer ..> ContainerStateEnum : state PodmanContainer : stop_signal PodmanContainer ..> integer : stop_signal PodmanContainer : stop_timeout PodmanContainer ..> integer : stop_timeout PodmanContainer : subgidname PodmanContainer ..> string : subgidname PodmanContainer : subuidname PodmanContainer ..> string : subuidname PodmanContainer : sysctl PodmanContainer ..> MetaObject : sysctl PodmanContainer : systemd PodmanContainer ..> string : systemd PodmanContainer : timezone PodmanContainer ..> string : timezone PodmanContainer : tmpfs PodmanContainer ..> MetaObject : tmpfs PodmanContainer : tty PodmanContainer ..> boolean : tty PodmanContainer : uidmap PodmanContainer ..> string : uidmap PodmanContainer : ulimit PodmanContainer ..> string : ulimit PodmanContainer : user PodmanContainer ..> string : user PodmanContainer : userns PodmanContainer ..> string : userns PodmanContainer : uts PodmanContainer ..> string : uts PodmanContainer : volume PodmanContainer ..> string : volume PodmanContainer : volumes_from PodmanContainer ..> string : volumes_from PodmanContainer : workdir PodmanContainer ..> string : workdir

Inheritance

Slots

Name Cardinality and Range Description Inheritance
state 0..1
xsd:string
The way something is with respect to its main attributes direct
annotation 0..1
xsd:string
piece of metadata attached to a document or other entity direct
authfile 0..1
xsd:string
A file used for authentication direct
blkio_weight 0..1
xsd:integer
Specifies per cgroup weight direct
blkio_weight_device 0..*
xsd:string
Per cgroup per device rules using this interface direct
cap_add 0..*
xsd:string
List of capabilities to add to OCI container direct
cap_drop 0..*
xsd:string
List of capabilities to drop from OCI container direct
cgroup_parent 0..1
xsd:string
On creation, all processes are put in the cgroup that the parent process belo... direct
cgroupns 0..1
xsd:string
cgroup namespace provides a mechanism to virtualize the view of the "/proc/$P... direct
cgroups 0..1
xsd:string
Resource limit method in Linux direct
cidfile 0..1
xsd:string
Write the container ID to the file direct
cmd_args 0..*
xsd:string
Additional data that was passed as an argument to a subroutine direct
conmon_pidfile 0..1
xsd:string
File to which the conman daemon's PID is written direct
command 0..1
xsd:string
Directive to a computer program direct
cpu_period 0..1
xsd:integer
Configure CPU allocation parameters using platform realtime scheduler direct
cpu_rt_period 0..1
xsd:integer
Configure CPU allocation parameters using platform realtime scheduler direct
cpu_rt_runtime 0..1
xsd:integer
A global limit on how much time platform realtime scheduling may use direct
cpu_shares 0..1
xsd:integer
Control how much CPU time a process in a hierarchy can use direct
cpus 0..1
xsd:string
Number of CPUs direct
cpuset_cpus 0..1
xsd:string
CPUs in which to allow execution (0-3, 0,1) direct
cpuset_mems 0..1
xsd:string
Memory nodes (MEMs) in which to allow execution (0-3, 0,1) on NUMA systems direct
detach 0..1
xsd:string
Separate one entity to form another entity direct
debug 0..1
xsd:string
Return additional information which can be helpful for investigations direct
detach_keys 0..1
xsd:string
Override the key sequence for detaching a container direct
device 0..1
xsd:string
System device direct
device_read_bps 0..1
xsd:string
Limit read rate (bytes per second) from a device direct
device_read_iops 0..1
xsd:string
Limit read rate (IO per second) from a device direct
device_write_bps 0..1
xsd:string
Limit write rate (bytes per second) to a device direct
device_write_iops 0..1
xsd:string
Limit write rate (IO per second) to a device direct
dns 0..*
xsd:string
Domain name service servers direct
dns_option 0..1
xsd:string
DNS options direct
dns_search 0..1
xsd:string
DNS search domains direct
entrypoint 0..1
xsd:string
Point in a computer program where instruction-execution begins direct
env 0..1
xsd:string
Set environment variables direct
env_file 0..1
xsd:string
Line delimited file of environment variables direct
env_host 0..1
xsd:string
Environment variables for a host direct
etc_hosts 0..1
xsd:string
Computer configuration file to map hostnames to IP addresses direct
expose 0..1
xsd:string
To present to view; exhibit; display direct
force_restart 0..1
xsd:boolean
Force restart of entity direct
generate_systemd 0..1
MetaObject
Generate systemd unit file for a service direct
gidmap 0..*
xsd:string
Group id mapping direct
group_add 0..*
xsd:string
Add additional groups direct
healthcheck 0..1
xsd:string
Set or alter a healthcheck command direct
healthcheck_interval 0..1
xsd:string
Set an interval for the healthchecks direct
healthcheck_retries 0..1
xsd:integer
The number of retries allowed before a healthcheck is considered unhealthy direct
healthcheck_start_period 0..1
xsd:string
The initialization time needed for a container to bootstrap direct
healthcheck_timeout 0..1
xsd:string
The maximum time allowed to complete the healthcheck before an interval is co... direct
hostname 0..1
xsd:string
label assigned to a device connected to a computer network direct
http_proxy 0..1
xsd:string
The https_proxy environment variable holds the hostname or IP address of your... direct
image_volume 0..1
xsd:string
Volume created from an Image direct
image_strict 0..1
xsd:boolean
Whether to compare images in idempotency by taking into account a full name w... direct
init 0..1
xsd:string
UNIX system component; 1st process started during booting of the computer sys... direct
init_path 0..1
xsd:string
Path to the init binary direct
interactive 0..1
xsd:boolean
Allow flow of information between a computer and a computer-user; responding ... direct
ip 0..1
xsd:string
Principal communications protocol used for relaying datagrams (also known as ... direct
ipc 0..1
xsd:string
Mechanisms an operating system provides allowing processes to manage shared d... direct
kernel_memory 0..1
xsd:string
The kernel has full access to the system's memory and allows processes to saf... direct
label 0..1
xsd:string
Word or phrase used for identification direct
label_file 0..1
xsd:string
Line delimited file of labels direct
log_driver 0..1
xsd:string
Driver used for logging direct
log_level 0..1
xsd:string
Message logging level direct
log_opt 0..1
MetaObject
Logging driver specific options direct
mac_address 0..1
xsd:string
Unique identifier assigned to network interfaces for communications on the ph... direct
memory 0..1
xsd:string
Storage of digital data readable by computers direct
memory_reservation 0..1
xsd:string
A memory reservation ensures that even as other virtual devices on the same h... direct
memory_swap 0..1
xsd:string
Memory management scheme by which a computer stores and retrieves data from s... direct
memory_swappiness 0..1
xsd:integer
Swappiness is a Linux kernel parameter that controls the relative weight give... direct
mount 0..*
xsd:string
Directory over which a filesystem is mounted direct
name 0..1
LabelType
A human-readable name for an attribute or entity direct
network 0..1
xsd:string
Network that allows computers to share resources and communicate with each ot... direct
network_aliases 0..*
xsd:string
Add network-scoped alias direct
no_hosts 0..1
xsd:boolean
Do not create /etc/hosts direct
oom_kill_disable 0..1
xsd:boolean
Whether to disable OOM Killer for the entity or not direct
oom_score_adj 0..1
xsd:integer
Tune the host's OOM preferences for entity (accepts -1000 to 1000) direct
pid 0..1
xsd:string
number to identify each process running on a computer direct
pids_limit 0..1
xsd:integer
Tune the entity's PIDs limit direct
pod 0..1
xsd:string
Vessel that contains seeds for an entity direct
privileged 0..1
xsd:boolean
Delegated authority to perform security-relevant functions on a system direct
publish 0..*
xsd:string
Publish things to make something externally available direct
publish_all 0..1
xsd:boolean
Publish all exposed ports to random ports on the host interfaces direct
read_only 0..1
xsd:boolean
Can be accessed but not modified direct
read_only_tmpfs 0..1
xsd:boolean
If container is running in --read-only mode, then mount a read-write tmpfs on... direct
recreate 0..1
xsd:boolean
Create again direct
requires 0..*
xsd:string
Specify one or more requirements direct
restart_policy 0..1
xsd:string
Restart policy to follow when entity exits direct
rm 0..1
xsd:boolean
Automatically remove the entity when it exits direct
rootfs 0..1
xsd:string
Root filesystem at the top of the hierarchical file tree (also known as ‘/’) direct
sdnotify 0..1
xsd:string
Notify service manager about start-up completion and other service status cha... direct
secrets 0..*
xsd:string
information that is hidden from someone direct
security_opt 0..*
xsd:string
Security Options direct
shm_size 0..1
xsd:string
Size of /dev/shm direct
sig_proxy 0..1
xsd:string
Proxy signals direct
stop_signal 0..1
xsd:integer
Signal to stop a process direct
stop_timeout 0..1
xsd:integer
Timeout (in seconds) to stop a process direct
state 0..1
xsd:string
The way something is with respect to its main attributes direct
subgidname 0..1
xsd:string
Name from /etc/subgid direct
subuidname 0..1
xsd:string
Name from /etc/subuid direct
sysctl 0..1
xsd:string
Unix-like software that manages kernel attributes direct
systemd 0..1
xsd:string
Init system and system/service manager for Linux systems direct
timezone 0..1
xsd:string
Region on Earth that has a uniform standard time for legal, commercial, and s... direct
tmpfs 0..1
xsd:string
Tmpfs (short for Temporary File System) is a temporary file storage paradigm ... direct
tty 0..1
xsd:string
Device for transmitting messages in written form by electrical signals direct
uidmap 0..1
xsd:string
Run the container in a new user namespace using the supplied mapping direct
ulimit 0..1
xsd:string
User limits - limit the use of system-wide resources direct
user 0..1
xsd:string
Person who interacts with a system, typically through an interface, to extrac... direct
userns 0..1
xsd:string
User namespaces are an isolation feature allowing processes to run with diffe... direct
uts 0..1
xsd:string
UTS (UNIX Time-Sharing) namespaces allow a single system to appear to have di... direct
volume 0..1
xsd:string
volume of a book or music release in a collection/series or a published colle... direct
volumes_from 0..*
xsd:string
Mount volumes from the specified source direct
workdir 0..1
xsd:string
The currently used hierarchical file system directory associated with a runni... direct
executable 0..1
xsd:string
Path to podman executable if it is not in the $PATH on the machine running po... IacModule

Identifier and Mapping Information

Schema Source

  • from schema: https://w3id.org/lmodel/ucs-containers

Mappings

Mapping Type Mapped Value
self containers:PodmanContainer
native containers:PodmanContainer

LinkML Source

Direct

name: PodmanContainer
description: Podman container
from_schema: https://w3id.org/lmodel/ucs-containers
rank: 1000
is_a: IacModule
slots:
- state
- annotation
- authfile
- blkio_weight
- blkio_weight_device
- cap_add
- cap_drop
- cgroup_parent
- cgroupns
- cgroups
- cidfile
- cmd_args
- conmon_pidfile
- command
- cpu_period
- cpu_rt_period
- cpu_rt_runtime
- cpu_shares
- cpus
- cpuset_cpus
- cpuset_mems
- detach
- debug
- detach_keys
- device
- device_read_bps
- device_read_iops
- device_write_bps
- device_write_iops
- dns
- dns_option
- dns_search
- entrypoint
- env
- env_file
- env_host
- etc_hosts
- expose
- force_restart
- generate_systemd
- gidmap
- group_add
- healthcheck
- healthcheck_interval
- healthcheck_retries
- healthcheck_start_period
- healthcheck_timeout
- hostname
- http_proxy
- image_volume
- image_strict
- init
- init_path
- interactive
- ip
- ipc
- kernel_memory
- label
- label_file
- log_driver
- log_level
- log_opt
- mac_address
- memory
- memory_reservation
- memory_swap
- memory_swappiness
- mount
- name
- network
- network_aliases
- no_hosts
- oom_kill_disable
- oom_score_adj
- pid
- pids_limit
- pod
- privileged
- publish
- publish_all
- read_only
- read_only_tmpfs
- recreate
- requires
- restart_policy
- rm
- rootfs
- sdnotify
- secrets
- security_opt
- shm_size
- sig_proxy
- stop_signal
- stop_timeout
- state
- subgidname
- subuidname
- sysctl
- systemd
- timezone
- tmpfs
- tty
- uidmap
- ulimit
- user
- userns
- uts
- volume
- volumes_from
- workdir
slot_usage:
  annotation:
    name: annotation
    description: Add an annotation to the container. The format is key value, multiple
      times.
    domain_of:
    - PodmanContainer
    range: MetaObject
  authfile:
    name: authfile
    description: Path of the authentication file. Default is ``${XDG_RUNTIME_DIR}/containers/auth.json``
      (Not available for remote commands) You can also override the default path of
      the authentication file by setting the ``REGISTRY_AUTH_FILE`` environment variable.
      ``export REGISTRY_AUTH_FILE=path``
    domain_of:
    - PodmanContainer
    - PodmanLogin
    - PodmanLogout
    - PodmanPlay
  blkio_weight:
    name: blkio_weight
    description: 'Block IO weight (relative weight) accepts a weight value between
      10 and 1000        minimum_value: 10'
    domain_of:
    - PodmanContainer
    range: integer
    maximum_value: 1000
  blkio_weight_device:
    name: blkio_weight_device
    description: Block IO weight (relative device weight, format DEVICE_NAME[:]WEIGHT).
    domain_of:
    - PodmanContainer
    range: MetaObject
  cap_add:
    name: cap_add
    description: List of capabilities to add to the container.
    aliases:
    - capabilities
    multivalued: true
    domain_of:
    - PodmanContainer
  cap_drop:
    name: cap_drop
    description: List of capabilities to drop from the container.
    multivalued: true
    domain_of:
    - PodmanContainer
  cgroup_parent:
    name: cgroup_parent
    description: Path to cgroups under which the cgroup for the container will be
      created. If the path is not absolute, the path is considered to be relative
      to the cgroups path of the init process. Cgroups will be created if they do
      not already exist.
    domain_of:
    - PodmanContainer
    - PodmanPod
  cgroupns:
    name: cgroupns
    description: Path to cgroups under which the cgroup for the container will be
      created.
    domain_of:
    - PodmanContainer
  cgroups:
    name: cgroups
    description: Determines whether the container will create CGroups. Valid values
      are enabled and disabled, which the default being enabled. The disabled option
      will force the container to not create CGroups, and thus conflicts with CGroup
      options cgroupns and cgroup-parent.
    domain_of:
    - PodmanContainer
  cidfile:
    name: cidfile
    description: Write the container ID to the file
    domain_of:
    - PodmanContainer
  cmd_args:
    name: cmd_args
    description: Any additional command options you want to pass to podman command,
      cmd_args - [’–other-param’, ‘value’] Be aware module doesn’t support idempotency
      if this is set.
    multivalued: true
    domain_of:
    - PodmanContainer
  command:
    name: command
    description: Override command of container. Can be a string or a list.
    multivalued: true
    domain_of:
    - PodmanContainer
  conmon_pidfile:
    name: conmon_pidfile
    description: Write the pid of the conmon process to a file. conmon runs in a separate
      process than Podman, so this is necessary when using systemd to restart Podman
      containers.
    domain_of:
    - PodmanContainer
  cpu_period:
    name: cpu_period
    description: Limit the CPU real-time period in microseconds
    domain_of:
    - PodmanContainer
    range: integer
  cpu_rt_period:
    name: cpu_rt_period
    description: Limit the CPU real-time period in microseconds. Limit the container’s
      Real Time CPU usage. This flag tell the kernel to restrict the container’s Real
      Time CPU usage to the period you specify.
    domain_of:
    - PodmanContainer
    range: integer
  cpu_rt_runtime:
    name: cpu_rt_runtime
    description: Limit the CPU real-time runtime in microseconds. This flag tells
      the kernel to limit the amount of time in a given CPU period Real Time tasks
      may consume.
    domain_of:
    - PodmanContainer
    range: integer
  cpu_shares:
    name: cpu_shares
    description: CPU shares (relative weight)
    domain_of:
    - PodmanContainer
    range: integer
  cpus:
    name: cpus
    description: Number of CPUs. The default is 0.0 which means no limit.
    domain_of:
    - PodmanContainer
    - PodmanPod
  cpuset_cpus:
    name: cpuset_cpus
    description: CPUs in which to allow execution (0-3, 0,1)
    domain_of:
    - PodmanContainer
    - PodmanPod
  cpuset_mems:
    name: cpuset_mems
    description: Memory nodes (MEMs) in which to allow execution (0-3, 0,1). Only
      effective on NUMA systems.
    domain_of:
    - PodmanContainer
  debug:
    name: debug
    description: Return additional information which can be helpful for investigations.
    ifabsent: 'False'
    domain_of:
    - PodmanContainer
    - PodmanContainers
    - PodmanNetwork
    - PodmanPlay
    - PodmanPod
    - PodmanVolume
    range: boolean
  detach:
    name: detach
    description: Run container in detach mode
    ifabsent: 'True'
    domain_of:
    - PodmanContainer
    range: boolean
  detach_keys:
    name: detach_keys
    description: Override the key sequence for detaching a container. Format is a
      single character or ctrl-value
    domain_of:
    - PodmanContainer
  device:
    name: device
    description: Add a host device to the container. The format is <device-on-host>[:<device-on-container>][:<permissions>]
      (e.g. device /dev/sdc:/dev/xvdc:rwm)
    multivalued: true
    domain_of:
    - PodmanContainer
    - PodmanPod
  device_read_bps:
    name: device_read_bps
    description: Limit read rate (bytes per second) from a device (e.g. device-read-bps
      /dev/sda:1mb)
    multivalued: true
    domain_of:
    - PodmanContainer
    - PodmanPod
  device_read_iops:
    name: device_read_iops
    description: Limit read rate (IO per second) from a device (e.g. device-read-iops
      /dev/sda:1000)
    multivalued: true
    domain_of:
    - PodmanContainer
  device_write_bps:
    name: device_write_bps
    description: Limit write rate (bytes per second) to a device (e.g. device-write-bps
      /dev/sda:1mb)
    multivalued: true
    domain_of:
    - PodmanContainer
  device_write_iops:
    name: device_write_iops
    description: Limit write rate (IO per second) to a device (e.g. device-write-iops
      /dev/sda:1000)
    multivalued: true
    domain_of:
    - PodmanContainer
  dns:
    name: dns
    description: Set custom DNS servers
    aliases:
    - dns_servers
    multivalued: true
    domain_of:
    - PodmanContainer
    - PodmanPod
  dns_option:
    name: dns_option
    description: Set custom DNS options
    aliases:
    - dns_opts
    domain_of:
    - PodmanContainer
  dns_search:
    name: dns_search
    description: Set custom DNS search domains (Use dns_search with ‘’ if you don’t
      wish to set the search domain)
    aliases:
    - dns_search_domains
    domain_of:
    - PodmanContainer
    - PodmanPod
  entrypoint:
    name: entrypoint
    description: Overwrite the default ENTRYPOINT of the image
    domain_of:
    - PodmanContainer
  env:
    name: env
    description: Set environment variables. This option allows you to specify arbitrary
      environment variables that are available for the process that will be launched
      inside of the container.
    domain_of:
    - PodmanContainer
    - PodmanGenerateSystemd
    range: MetaObject
  env_file:
    name: env_file
    description: Read in a line delimited file of environment variables. Doesn’t support
      idempotency. If users changes the file with environment variables it’s on them
      to recreate the container.
    domain_of:
    - PodmanContainer
  env_host:
    name: env_host
    description: Use all current host environment variables in container. Defaults
      to false.
    ifabsent: 'False'
    domain_of:
    - PodmanContainer
    range: boolean
  etc_hosts:
    name: etc_hosts
    description: Dict of host-to-IP mappings, where each host name is a key in the
      dictionary. Each host name will be added to the container’s ``/etc/hosts`` file.
    aliases:
    - add_hosts
    domain_of:
    - PodmanContainer
    range: MetaObject
  executable:
    name: executable
    description: Path to podman executable if it is not in the $PATH on the machine
      running podman
    ifabsent: string(podman)
    domain_of:
    - IacModule
  expose:
    name: expose
    description: Expose a port, or a range of ports (e.g. expose “3300-3310”) to set
      up port redirection on the host system.
    aliases:
    - exposed
    - exposed_ports
    multivalued: true
    domain_of:
    - PodmanContainer
  force_restart:
    name: force_restart
    description: Force restart of container.
    aliases:
    - restart
    ifabsent: 'False'
    domain_of:
    - PodmanContainer
    range: boolean
  generate_systemd:
    name: generate_systemd
    description: Generate systemd unit file for container.
    domain_of:
    - PodmanContainer
    - PodmanPod
    range: MetaObject
  gidmap:
    name: gidmap
    description: Run the container in a new user namespace using the supplied mapping.
    multivalued: true
    domain_of:
    - PodmanContainer
    - PodmanPod
  group_add:
    name: group_add
    description: Add additional groups to run as
    aliases:
    - groups
    multivalued: true
    domain_of:
    - PodmanContainer
  healthcheck:
    name: healthcheck
    description: Set or alter a healthcheck command for a container.
    domain_of:
    - PodmanContainer
  healthcheck_interval:
    name: healthcheck_interval
    description: Set an interval for the healthchecks (a value of disable results
      in no automatic timer setup) (default “30s”)
    domain_of:
    - PodmanContainer
  healthcheck_retries:
    name: healthcheck_retries
    description: The number of retries allowed before a healthcheck is considered
      to be unhealthy. The default value is 3.
    ifabsent: int(3)
    domain_of:
    - PodmanContainer
    range: integer
  healthcheck_start_period:
    name: healthcheck_start_period
    description: The initialization time needed for a container to bootstrap. The
      value can be expressed in time format like 2m3s. The default value is 0s
    domain_of:
    - PodmanContainer
  healthcheck_timeout:
    name: healthcheck_timeout
    description: The maximum time allowed to complete the healthcheck before an interval
      is considered failed. Like start-period, the value can be expressed in a time
      format such as 1m22s. The default value is 30s
    domain_of:
    - PodmanContainer
  hostname:
    name: hostname
    description: Container host name. Sets the container host name that is available
      inside the container.
    domain_of:
    - PodmanContainer
    - PodmanPod
  http_proxy:
    name: http_proxy
    description: By default proxy environment variables are passed into the container
      if set for the podman process. This can be disabled by setting the http_proxy
      option to false. The environment variables passed in include http_proxy, https_proxy,
      ftp_proxy, no_proxy, and also the upper case versions of those. Defaults to
      true
    ifabsent: 'True'
    domain_of:
    - PodmanContainer
    range: boolean
  image:
    name: image
    description: Repository path (or image name) and tag used to create the container.
      If an image is not found, the image will be pulled from the registry. If no
      tag is included, latest will be used. Can also be an image ID. If this is the
      case, the image is assumed to be available locally.
  image_strict:
    name: image_strict
    description: Whether to compare images in idempotency by taking into account a
      full name with registry and namespaces.
    ifabsent: 'False'
    domain_of:
    - PodmanContainer
    range: boolean
  image_volume:
    name: image_volume
    description: Tells podman how to handle the builtin image volumes. The options
      are bind, tmpfs, or ignore (default bind)
    domain_of:
    - PodmanContainer
    range: ContainerImageVolumeEnum
  init:
    name: init
    description: Run an init inside the container that forwards signals and reaps
      processes. The default is false.
    ifabsent: 'False'
    domain_of:
    - PodmanContainer
    range: boolean
  init_path:
    name: init_path
    description: Path to the container-init binary.
    domain_of:
    - PodmanContainer
  interactive:
    name: interactive
    description: Keep STDIN open even if not attached. The default is false. When
      set to true, keep stdin open even if not attached. The default is false.
    ifabsent: 'False'
    domain_of:
    - PodmanContainer
    range: boolean
  ip:
    name: ip
    description: Specify a static IP address for the container, for example ‘10.88.64.128’.
      Can only be used if no additional CNI networks to join were specified via ‘network:’,
      and if the container is not joining another container’s network namespace via
      ‘network container:<name|id>’. The address must be within the default CNI network’s
      pool (default 10.88.0.0/16).
    domain_of:
    - PodmanContainer
    - PodmanPod
  ipc:
    name: ipc
    description: Default is to create a private IPC namespace (POSIX SysV IPC) for
      the container
    aliases:
    - ipc_mode
    domain_of:
    - PodmanContainer
  kernel_memory:
    name: kernel_memory
    description: Kernel memory limit (format <number>[<unit>], where unit = b, k,
      m or g) Note - idempotency is supported for integers only.
    domain_of:
    - PodmanContainer
  label:
    name: label
    description: Add metadata to a container, pass dictionary of label names and values
    aliases:
    - labels
    domain_of:
    - PodmanContainer
    - PodmanPod
    - PodmanVolume
    range: MetaObject
  label_file:
    name: label_file
    description: Read in a line delimited file of labels
    domain_of:
    - PodmanContainer
    - PodmanPod
  log_driver:
    name: log_driver
    description: Logging driver. Used to set the log driver for the container. For
      example log_driver “k8s-file”.
    domain_of:
    - PodmanContainer
    - PodmanPlay
    range: ContainerLogDriverEnum
  log_level:
    name: log_level
    description: Logging level for Podman. Log messages above specified level (“debug”|”info”|”warn”|”error”|”fatal”|”panic”)
      (default “error”)
    domain_of:
    - PodmanContainer
    - PodmanPlay
    range: ContainerLogLevelEnum
  log_opt:
    name: log_opt
    description: Logging driver specific options. Used to set the path to the container
      log file.
    aliases:
    - log_options
    domain_of:
    - PodmanContainer
    range: MetaObject
  mac_address:
    name: mac_address
    description: Specify a MAC address for the container, for example ‘92:d0:c6:0a:29:33’.
      Don’t forget that it must be unique within one Ethernet network.
    domain_of:
    - PodmanContainer
    - PodmanPod
  memory:
    name: memory
    description: Memory limit (format 10k, where unit = b, k, m or g) Note - idempotency
      is supported for integers only.
    domain_of:
    - PodmanContainer
  memory_reservation:
    name: memory_reservation
    description: Memory soft limit (format 100m, where unit = b, k, m or g) Note -
      idempotency is supported for integers only.
    domain_of:
    - PodmanContainer
  memory_swap:
    name: memory_swap
    description: A limit value equal to memory plus swap. Must be used with the -m
      (–memory) flag. The swap LIMIT should always be larger than -m (–memory) value.
      By default, the swap LIMIT will be set to double the value of –memory Note -
      idempotency is supported for integers only.
    domain_of:
    - PodmanContainer
  memory_swappiness:
    name: memory_swappiness
    description: Tune a container’s memory swappiness behavior. Accepts an integer
      between 0 and 100.
    domain_of:
    - PodmanContainer
    range: integer
    minimum_value: 0
    maximum_value: 100
  mount:
    name: mount
    description: Attach a filesystem mount to the container. bind or tmpfs For example
      mount “type=bind,source=/path/on/host,destination=/path/in/container”
    aliases:
    - mounts
    multivalued: true
    domain_of:
    - PodmanContainer
  name:
    name: name
    description: Name of the container
    domain_of:
    - PodmanContainer
    - PodmanGenerateSystemd
    - PodmanImage
    - PodmanNetwork
    - PodmanPod
    - PodmanSecret
    - PodmanVolume
    - Attribute
    - Entity
    required: true
  network:
    name: network
    description: Set the Network mode for the container * bridge create a network
      stack on the default bridge * none no networking * container:<name|id> reuse
      another container’s network stack * host use the podman host network stack.
      * <network-name>|<network-id> connect to a user-defined network * ns:<path>
      path to a network namespace to join * slirp4netns use slirp4netns to create
      a user network stack. This is the default for rootless containers
    aliases:
    - net
    - network_mode
    multivalued: true
    domain_of:
    - PodmanContainer
    - PodmanPlay
    - PodmanPod
  network_aliases:
    name: network_aliases
    description: Add network-scoped alias for the container. A container will only
      have access to aliases on the first network that it joins. This is a limitation
      that will be removed in a later release.
    multivalued: true
    domain_of:
    - PodmanContainer
  no_hosts:
    name: no_hosts
    description: Do not create /etc/hosts for the container Default is false.
    ifabsent: 'False'
    domain_of:
    - PodmanContainer
    - PodmanPod
    range: boolean
  oom_kill_disable:
    name: oom_kill_disable
    description: Whether to disable OOM Killer for the container or not. Default is
      false.
    ifabsent: 'False'
    domain_of:
    - PodmanContainer
    range: boolean
  oom_score_adj:
    name: oom_score_adj
    description: Tune the host’s OOM preferences for containers (accepts -1000 to
      1000)
    domain_of:
    - PodmanContainer
    range: integer
    minimum_value: -1000
    maximum_value: 1000
  pid:
    name: pid
    description: Set the PID mode for the container
    aliases:
    - pid_mode
    domain_of:
    - PodmanContainer
    - PodmanPod
  pids_limit:
    name: pids_limit
    description: Tune the container’s PIDs limit. Set -1 to have unlimited PIDs for
      the container.
    domain_of:
    - PodmanContainer
  pod:
    name: pod
    description: Run container in an existing pod. If you want podman to make the
      pod for you, prefix the pod name with “new:”
    domain_of:
    - PodmanContainer
  privileged:
    name: privileged
    description: Give extended privileges to this container. The default is false.
    ifabsent: 'False'
    domain_of:
    - PodmanContainer
    range: boolean
  publish:
    name: publish
    description: Publish a container’s port, or range of ports, to the host. Format
      - ip:hostPort:containerPort | ip::containerPort | hostPort:containerPort | containerPort
      In case of only containerPort is set, the hostPort will chosen randomly by Podman.
    aliases:
    - ports
    - published
    - published_ports
    multivalued: true
    domain_of:
    - PodmanContainer
    - PodmanPod
  publish_all:
    name: publish_all
    description: Publish all exposed ports to random ports on the host interfaces.
      The default is false.
    ifabsent: 'False'
    domain_of:
    - PodmanContainer
    range: boolean
  read_only:
    name: read_only
    description: Mount the container’s root filesystem as read only. Default is false
    ifabsent: 'False'
    domain_of:
    - PodmanContainer
    range: boolean
  read_only_tmpfs:
    name: read_only_tmpfs
    description: If container is running in –read-only mode, then mount a read-write
      tmpfs on /run, /tmp, and /var/tmp. The default is true
    ifabsent: 'True'
    domain_of:
    - PodmanContainer
    range: boolean
  recreate:
    name: recreate
    description: Use with present and started states to force the re-creation of an
      existing container.
    ifabsent: 'False'
    domain_of:
    - PodmanContainer
    - PodmanNetwork
    - PodmanPlay
    - PodmanPod
    - PodmanVolume
    range: boolean
  requires:
    name: requires
    description: Specify one or more requirements. A requirement is a dependency container
      that will be started before this container. Containers can be specified by name
      or ID.
    multivalued: true
    domain_of:
    - PodmanContainer
    - PodmanGenerateSystemd
  restart_policy:
    name: restart_policy
    description: Restart policy to follow when containers exit. Restart policy will
      not take effect if a container is stopped via the podman kill or podman stop
      commands. Valid values are * no - Do not restart containers on exit * on-failure[:max_retries]
      - Restart containers when they exit with a non-0 exit code, retrying indefinitely
      or until the optional max_retries count is hit * always - Restart containers
      when they exit, regardless of status, retrying indefinitely
    domain_of:
    - PodmanContainer
    - PodmanGenerateSystemd
  rm:
    name: rm
    description: Automatically remove the container when it exits. The default is
      false.
    aliases:
    - remove
    - auto_remove
    ifabsent: 'False'
    domain_of:
    - PodmanContainer
    range: boolean
  rootfs:
    name: rootfs
    description: If true, the first argument refers to an exploded container on the
      file system. The default is false.
    ifabsent: 'False'
    domain_of:
    - PodmanContainer
    range: boolean
  sdnotify:
    name: sdnotify
    description: Determines how to use the NOTIFY_SOCKET, as passed with systemd and
      Type=notify. Can be container, conmon, ignore.
    domain_of:
    - PodmanContainer
  secrets:
    name: secrets
    description: Add the named secrets into the container. The format is secret[,opt=opt...],
      see documentation for more details.
    multivalued: true
    domain_of:
    - PodmanContainer
  security_opt:
    name: security_opt
    description: Security Options. For example security_opt “seccomp=unconfined”
    multivalued: true
    domain_of:
    - PodmanContainer
  shm_size:
    name: shm_size
    description: Size of /dev/shm. The format is <number><unit>. number must be greater
      than 0. Unit is optional and can be b (bytes), k (kilobytes), m(megabytes),
      or g (gigabytes). If you omit the unit, the system uses bytes. If you omit the
      size entirely, the system uses 64m
    domain_of:
    - PodmanContainer
  sig_proxy:
    name: sig_proxy
    description: Proxy signals sent to the podman run command to the container process.
      SIGCHLD, SIGSTOP, and SIGKILL are not proxied. The default is true.
    ifabsent: 'True'
    domain_of:
    - PodmanContainer
    range: boolean
  state:
    name: state
    description: 'absent - A container matching the specified name will be stopped
      and removed.

      present - Asserts the existence of a container matching the name and any provided
      configuration parameters. If no container matches the name, a container will
      be created. If a container matches the name but the provided configuration does
      not match, the container will be updated, if it can be. If it cannot be updated,
      it will be removed and re-created with the requested config. Image version will
      be taken into account when comparing configuration. Use the recreate option
      to force the re-creation of the matching container.

      started - Asserts there is a running container matching the name and any provided
      configuration. If no container matches the name, a container will be created
      and started. Use recreate to always re-create a matching container, even if
      it is running. Use force_restart to force a matching container to be stopped
      and restarted.

      stopped - Asserts that the container is first present, and then if the container
      is running moves it to a stopped state.

      created - Asserts that the container exists with given configuration. If container
      doesn’t exist, the module creates it and leaves it in ‘created’ state. If configuration
      doesn’t match or ‘recreate’ option is set, the container will be recreated'
    ifabsent: string(started)
    domain_of:
    - PodmanContainer
    - PodmanImage
    - PodmanNetwork
    - PodmanPlay
    - PodmanPod
    - PodmanSecret
    - PodmanVolume
    range: ContainerStateEnum
  stop_signal:
    name: stop_signal
    description: Signal to stop a container. Default is SIGTERM.
    domain_of:
    - PodmanContainer
    range: integer
  stop_timeout:
    name: stop_timeout
    description: Timeout (in seconds) to stop a container. Default is 10.
    ifabsent: int(10)
    domain_of:
    - PodmanContainer
    - PodmanGenerateSystemd
    range: integer
  subgidname:
    name: subgidname
    description: Run the container in a new user namespace using the map with ‘name’
      in the /etc/subgid file.
    domain_of:
    - PodmanContainer
    - PodmanPod
  subuidname:
    name: subuidname
    description: Run the container in a new user namespace using the map with ‘name’
      in the /etc/subuid file.
    domain_of:
    - PodmanContainer
    - PodmanPod
  sysctl:
    name: sysctl
    description: Configure namespaced kernel parameters at runtime
    domain_of:
    - PodmanContainer
    range: MetaObject
  systemd:
    name: systemd
    description: Run container in systemd mode. The default is true.
    ifabsent: string(true)
    domain_of:
    - PodmanContainer
  timezone:
    name: timezone
    description: Set timezone in container. This flag takes area-based timezones,
      GMT time, as well as local, which sets the timezone in the container to match
      the host machine. See /usr/share/zoneinfo/ for valid timezones. Remote connections
      use local containers.conf for defaults.
    domain_of:
    - PodmanContainer
  tmpfs:
    name: tmpfs
    description: Create a tmpfs mount. For example tmpfs “/tmp” “rw,size=787448k,mode=1777”
    domain_of:
    - PodmanContainer
    range: MetaObject
  tty:
    name: tty
    description: Allocate a pseudo-TTY. The default is false.
    ifabsent: 'False'
    domain_of:
    - PodmanContainer
    range: boolean
  uidmap:
    name: uidmap
    description: Run the container in a new user namespace using the supplied mapping.
    multivalued: true
    domain_of:
    - PodmanContainer
    - PodmanPod
  ulimit:
    name: ulimit
    description: Ulimit options
    aliases:
    - ulimits
    multivalued: true
    domain_of:
    - PodmanContainer
  user:
    name: user
    description: Sets the username or UID used and optionally the groupname or GID
      for the specified command.
    domain_of:
    - PodmanContainer
  userns:
    name: userns
    description: Set the user namespace mode for the container. It defaults to the
      PODMAN_USERNS environment variable. An empty value means user namespaces are
      disabled.
    aliases:
    - userns_mode
    domain_of:
    - PodmanContainer
    - PodmanPod
  uts:
    name: uts
    description: Set the UTS mode for the container
    domain_of:
    - PodmanContainer
  volume:
    name: volume
    description: Create a bind mount. If you specify, volume /HOST-DIR:/CONTAINER-DIR,
      podman bind mounts /HOST-DIR in the host to /CONTAINER-DIR in the podman container.
    aliases:
    - volumes
    multivalued: true
    domain_of:
    - PodmanContainer
    - PodmanPod
  volumes_from:
    name: volumes_from
    description: Mount volumes from the specified container(s).
    multivalued: true
    domain_of:
    - PodmanContainer
  workdir:
    name: workdir
    description: Working directory inside the container. The default working directory
      for running binaries within a container is the root directory (/).
    aliases:
    - working_dir
    domain_of:
    - PodmanContainer

Induced

name: PodmanContainer
description: Podman container
from_schema: https://w3id.org/lmodel/ucs-containers
rank: 1000
is_a: IacModule
slot_usage:
  annotation:
    name: annotation
    description: Add an annotation to the container. The format is key value, multiple
      times.
    domain_of:
    - PodmanContainer
    range: MetaObject
  authfile:
    name: authfile
    description: Path of the authentication file. Default is ``${XDG_RUNTIME_DIR}/containers/auth.json``
      (Not available for remote commands) You can also override the default path of
      the authentication file by setting the ``REGISTRY_AUTH_FILE`` environment variable.
      ``export REGISTRY_AUTH_FILE=path``
    domain_of:
    - PodmanContainer
    - PodmanLogin
    - PodmanLogout
    - PodmanPlay
  blkio_weight:
    name: blkio_weight
    description: 'Block IO weight (relative weight) accepts a weight value between
      10 and 1000        minimum_value: 10'
    domain_of:
    - PodmanContainer
    range: integer
    maximum_value: 1000
  blkio_weight_device:
    name: blkio_weight_device
    description: Block IO weight (relative device weight, format DEVICE_NAME[:]WEIGHT).
    domain_of:
    - PodmanContainer
    range: MetaObject
  cap_add:
    name: cap_add
    description: List of capabilities to add to the container.
    aliases:
    - capabilities
    multivalued: true
    domain_of:
    - PodmanContainer
  cap_drop:
    name: cap_drop
    description: List of capabilities to drop from the container.
    multivalued: true
    domain_of:
    - PodmanContainer
  cgroup_parent:
    name: cgroup_parent
    description: Path to cgroups under which the cgroup for the container will be
      created. If the path is not absolute, the path is considered to be relative
      to the cgroups path of the init process. Cgroups will be created if they do
      not already exist.
    domain_of:
    - PodmanContainer
    - PodmanPod
  cgroupns:
    name: cgroupns
    description: Path to cgroups under which the cgroup for the container will be
      created.
    domain_of:
    - PodmanContainer
  cgroups:
    name: cgroups
    description: Determines whether the container will create CGroups. Valid values
      are enabled and disabled, which the default being enabled. The disabled option
      will force the container to not create CGroups, and thus conflicts with CGroup
      options cgroupns and cgroup-parent.
    domain_of:
    - PodmanContainer
  cidfile:
    name: cidfile
    description: Write the container ID to the file
    domain_of:
    - PodmanContainer
  cmd_args:
    name: cmd_args
    description: Any additional command options you want to pass to podman command,
      cmd_args - [’–other-param’, ‘value’] Be aware module doesn’t support idempotency
      if this is set.
    multivalued: true
    domain_of:
    - PodmanContainer
  command:
    name: command
    description: Override command of container. Can be a string or a list.
    multivalued: true
    domain_of:
    - PodmanContainer
  conmon_pidfile:
    name: conmon_pidfile
    description: Write the pid of the conmon process to a file. conmon runs in a separate
      process than Podman, so this is necessary when using systemd to restart Podman
      containers.
    domain_of:
    - PodmanContainer
  cpu_period:
    name: cpu_period
    description: Limit the CPU real-time period in microseconds
    domain_of:
    - PodmanContainer
    range: integer
  cpu_rt_period:
    name: cpu_rt_period
    description: Limit the CPU real-time period in microseconds. Limit the container’s
      Real Time CPU usage. This flag tell the kernel to restrict the container’s Real
      Time CPU usage to the period you specify.
    domain_of:
    - PodmanContainer
    range: integer
  cpu_rt_runtime:
    name: cpu_rt_runtime
    description: Limit the CPU real-time runtime in microseconds. This flag tells
      the kernel to limit the amount of time in a given CPU period Real Time tasks
      may consume.
    domain_of:
    - PodmanContainer
    range: integer
  cpu_shares:
    name: cpu_shares
    description: CPU shares (relative weight)
    domain_of:
    - PodmanContainer
    range: integer
  cpus:
    name: cpus
    description: Number of CPUs. The default is 0.0 which means no limit.
    domain_of:
    - PodmanContainer
    - PodmanPod
  cpuset_cpus:
    name: cpuset_cpus
    description: CPUs in which to allow execution (0-3, 0,1)
    domain_of:
    - PodmanContainer
    - PodmanPod
  cpuset_mems:
    name: cpuset_mems
    description: Memory nodes (MEMs) in which to allow execution (0-3, 0,1). Only
      effective on NUMA systems.
    domain_of:
    - PodmanContainer
  debug:
    name: debug
    description: Return additional information which can be helpful for investigations.
    ifabsent: 'False'
    domain_of:
    - PodmanContainer
    - PodmanContainers
    - PodmanNetwork
    - PodmanPlay
    - PodmanPod
    - PodmanVolume
    range: boolean
  detach:
    name: detach
    description: Run container in detach mode
    ifabsent: 'True'
    domain_of:
    - PodmanContainer
    range: boolean
  detach_keys:
    name: detach_keys
    description: Override the key sequence for detaching a container. Format is a
      single character or ctrl-value
    domain_of:
    - PodmanContainer
  device:
    name: device
    description: Add a host device to the container. The format is <device-on-host>[:<device-on-container>][:<permissions>]
      (e.g. device /dev/sdc:/dev/xvdc:rwm)
    multivalued: true
    domain_of:
    - PodmanContainer
    - PodmanPod
  device_read_bps:
    name: device_read_bps
    description: Limit read rate (bytes per second) from a device (e.g. device-read-bps
      /dev/sda:1mb)
    multivalued: true
    domain_of:
    - PodmanContainer
    - PodmanPod
  device_read_iops:
    name: device_read_iops
    description: Limit read rate (IO per second) from a device (e.g. device-read-iops
      /dev/sda:1000)
    multivalued: true
    domain_of:
    - PodmanContainer
  device_write_bps:
    name: device_write_bps
    description: Limit write rate (bytes per second) to a device (e.g. device-write-bps
      /dev/sda:1mb)
    multivalued: true
    domain_of:
    - PodmanContainer
  device_write_iops:
    name: device_write_iops
    description: Limit write rate (IO per second) to a device (e.g. device-write-iops
      /dev/sda:1000)
    multivalued: true
    domain_of:
    - PodmanContainer
  dns:
    name: dns
    description: Set custom DNS servers
    aliases:
    - dns_servers
    multivalued: true
    domain_of:
    - PodmanContainer
    - PodmanPod
  dns_option:
    name: dns_option
    description: Set custom DNS options
    aliases:
    - dns_opts
    domain_of:
    - PodmanContainer
  dns_search:
    name: dns_search
    description: Set custom DNS search domains (Use dns_search with ‘’ if you don’t
      wish to set the search domain)
    aliases:
    - dns_search_domains
    domain_of:
    - PodmanContainer
    - PodmanPod
  entrypoint:
    name: entrypoint
    description: Overwrite the default ENTRYPOINT of the image
    domain_of:
    - PodmanContainer
  env:
    name: env
    description: Set environment variables. This option allows you to specify arbitrary
      environment variables that are available for the process that will be launched
      inside of the container.
    domain_of:
    - PodmanContainer
    - PodmanGenerateSystemd
    range: MetaObject
  env_file:
    name: env_file
    description: Read in a line delimited file of environment variables. Doesn’t support
      idempotency. If users changes the file with environment variables it’s on them
      to recreate the container.
    domain_of:
    - PodmanContainer
  env_host:
    name: env_host
    description: Use all current host environment variables in container. Defaults
      to false.
    ifabsent: 'False'
    domain_of:
    - PodmanContainer
    range: boolean
  etc_hosts:
    name: etc_hosts
    description: Dict of host-to-IP mappings, where each host name is a key in the
      dictionary. Each host name will be added to the container’s ``/etc/hosts`` file.
    aliases:
    - add_hosts
    domain_of:
    - PodmanContainer
    range: MetaObject
  executable:
    name: executable
    description: Path to podman executable if it is not in the $PATH on the machine
      running podman
    ifabsent: string(podman)
    domain_of:
    - IacModule
  expose:
    name: expose
    description: Expose a port, or a range of ports (e.g. expose “3300-3310”) to set
      up port redirection on the host system.
    aliases:
    - exposed
    - exposed_ports
    multivalued: true
    domain_of:
    - PodmanContainer
  force_restart:
    name: force_restart
    description: Force restart of container.
    aliases:
    - restart
    ifabsent: 'False'
    domain_of:
    - PodmanContainer
    range: boolean
  generate_systemd:
    name: generate_systemd
    description: Generate systemd unit file for container.
    domain_of:
    - PodmanContainer
    - PodmanPod
    range: MetaObject
  gidmap:
    name: gidmap
    description: Run the container in a new user namespace using the supplied mapping.
    multivalued: true
    domain_of:
    - PodmanContainer
    - PodmanPod
  group_add:
    name: group_add
    description: Add additional groups to run as
    aliases:
    - groups
    multivalued: true
    domain_of:
    - PodmanContainer
  healthcheck:
    name: healthcheck
    description: Set or alter a healthcheck command for a container.
    domain_of:
    - PodmanContainer
  healthcheck_interval:
    name: healthcheck_interval
    description: Set an interval for the healthchecks (a value of disable results
      in no automatic timer setup) (default “30s”)
    domain_of:
    - PodmanContainer
  healthcheck_retries:
    name: healthcheck_retries
    description: The number of retries allowed before a healthcheck is considered
      to be unhealthy. The default value is 3.
    ifabsent: int(3)
    domain_of:
    - PodmanContainer
    range: integer
  healthcheck_start_period:
    name: healthcheck_start_period
    description: The initialization time needed for a container to bootstrap. The
      value can be expressed in time format like 2m3s. The default value is 0s
    domain_of:
    - PodmanContainer
  healthcheck_timeout:
    name: healthcheck_timeout
    description: The maximum time allowed to complete the healthcheck before an interval
      is considered failed. Like start-period, the value can be expressed in a time
      format such as 1m22s. The default value is 30s
    domain_of:
    - PodmanContainer
  hostname:
    name: hostname
    description: Container host name. Sets the container host name that is available
      inside the container.
    domain_of:
    - PodmanContainer
    - PodmanPod
  http_proxy:
    name: http_proxy
    description: By default proxy environment variables are passed into the container
      if set for the podman process. This can be disabled by setting the http_proxy
      option to false. The environment variables passed in include http_proxy, https_proxy,
      ftp_proxy, no_proxy, and also the upper case versions of those. Defaults to
      true
    ifabsent: 'True'
    domain_of:
    - PodmanContainer
    range: boolean
  image:
    name: image
    description: Repository path (or image name) and tag used to create the container.
      If an image is not found, the image will be pulled from the registry. If no
      tag is included, latest will be used. Can also be an image ID. If this is the
      case, the image is assumed to be available locally.
  image_strict:
    name: image_strict
    description: Whether to compare images in idempotency by taking into account a
      full name with registry and namespaces.
    ifabsent: 'False'
    domain_of:
    - PodmanContainer
    range: boolean
  image_volume:
    name: image_volume
    description: Tells podman how to handle the builtin image volumes. The options
      are bind, tmpfs, or ignore (default bind)
    domain_of:
    - PodmanContainer
    range: ContainerImageVolumeEnum
  init:
    name: init
    description: Run an init inside the container that forwards signals and reaps
      processes. The default is false.
    ifabsent: 'False'
    domain_of:
    - PodmanContainer
    range: boolean
  init_path:
    name: init_path
    description: Path to the container-init binary.
    domain_of:
    - PodmanContainer
  interactive:
    name: interactive
    description: Keep STDIN open even if not attached. The default is false. When
      set to true, keep stdin open even if not attached. The default is false.
    ifabsent: 'False'
    domain_of:
    - PodmanContainer
    range: boolean
  ip:
    name: ip
    description: Specify a static IP address for the container, for example ‘10.88.64.128’.
      Can only be used if no additional CNI networks to join were specified via ‘network:’,
      and if the container is not joining another container’s network namespace via
      ‘network container:<name|id>’. The address must be within the default CNI network’s
      pool (default 10.88.0.0/16).
    domain_of:
    - PodmanContainer
    - PodmanPod
  ipc:
    name: ipc
    description: Default is to create a private IPC namespace (POSIX SysV IPC) for
      the container
    aliases:
    - ipc_mode
    domain_of:
    - PodmanContainer
  kernel_memory:
    name: kernel_memory
    description: Kernel memory limit (format <number>[<unit>], where unit = b, k,
      m or g) Note - idempotency is supported for integers only.
    domain_of:
    - PodmanContainer
  label:
    name: label
    description: Add metadata to a container, pass dictionary of label names and values
    aliases:
    - labels
    domain_of:
    - PodmanContainer
    - PodmanPod
    - PodmanVolume
    range: MetaObject
  label_file:
    name: label_file
    description: Read in a line delimited file of labels
    domain_of:
    - PodmanContainer
    - PodmanPod
  log_driver:
    name: log_driver
    description: Logging driver. Used to set the log driver for the container. For
      example log_driver “k8s-file”.
    domain_of:
    - PodmanContainer
    - PodmanPlay
    range: ContainerLogDriverEnum
  log_level:
    name: log_level
    description: Logging level for Podman. Log messages above specified level (“debug”|”info”|”warn”|”error”|”fatal”|”panic”)
      (default “error”)
    domain_of:
    - PodmanContainer
    - PodmanPlay
    range: ContainerLogLevelEnum
  log_opt:
    name: log_opt
    description: Logging driver specific options. Used to set the path to the container
      log file.
    aliases:
    - log_options
    domain_of:
    - PodmanContainer
    range: MetaObject
  mac_address:
    name: mac_address
    description: Specify a MAC address for the container, for example ‘92:d0:c6:0a:29:33’.
      Don’t forget that it must be unique within one Ethernet network.
    domain_of:
    - PodmanContainer
    - PodmanPod
  memory:
    name: memory
    description: Memory limit (format 10k, where unit = b, k, m or g) Note - idempotency
      is supported for integers only.
    domain_of:
    - PodmanContainer
  memory_reservation:
    name: memory_reservation
    description: Memory soft limit (format 100m, where unit = b, k, m or g) Note -
      idempotency is supported for integers only.
    domain_of:
    - PodmanContainer
  memory_swap:
    name: memory_swap
    description: A limit value equal to memory plus swap. Must be used with the -m
      (–memory) flag. The swap LIMIT should always be larger than -m (–memory) value.
      By default, the swap LIMIT will be set to double the value of –memory Note -
      idempotency is supported for integers only.
    domain_of:
    - PodmanContainer
  memory_swappiness:
    name: memory_swappiness
    description: Tune a container’s memory swappiness behavior. Accepts an integer
      between 0 and 100.
    domain_of:
    - PodmanContainer
    range: integer
    minimum_value: 0
    maximum_value: 100
  mount:
    name: mount
    description: Attach a filesystem mount to the container. bind or tmpfs For example
      mount “type=bind,source=/path/on/host,destination=/path/in/container”
    aliases:
    - mounts
    multivalued: true
    domain_of:
    - PodmanContainer
  name:
    name: name
    description: Name of the container
    domain_of:
    - PodmanContainer
    - PodmanGenerateSystemd
    - PodmanImage
    - PodmanNetwork
    - PodmanPod
    - PodmanSecret
    - PodmanVolume
    - Attribute
    - Entity
    required: true
  network:
    name: network
    description: Set the Network mode for the container * bridge create a network
      stack on the default bridge * none no networking * container:<name|id> reuse
      another container’s network stack * host use the podman host network stack.
      * <network-name>|<network-id> connect to a user-defined network * ns:<path>
      path to a network namespace to join * slirp4netns use slirp4netns to create
      a user network stack. This is the default for rootless containers
    aliases:
    - net
    - network_mode
    multivalued: true
    domain_of:
    - PodmanContainer
    - PodmanPlay
    - PodmanPod
  network_aliases:
    name: network_aliases
    description: Add network-scoped alias for the container. A container will only
      have access to aliases on the first network that it joins. This is a limitation
      that will be removed in a later release.
    multivalued: true
    domain_of:
    - PodmanContainer
  no_hosts:
    name: no_hosts
    description: Do not create /etc/hosts for the container Default is false.
    ifabsent: 'False'
    domain_of:
    - PodmanContainer
    - PodmanPod
    range: boolean
  oom_kill_disable:
    name: oom_kill_disable
    description: Whether to disable OOM Killer for the container or not. Default is
      false.
    ifabsent: 'False'
    domain_of:
    - PodmanContainer
    range: boolean
  oom_score_adj:
    name: oom_score_adj
    description: Tune the host’s OOM preferences for containers (accepts -1000 to
      1000)
    domain_of:
    - PodmanContainer
    range: integer
    minimum_value: -1000
    maximum_value: 1000
  pid:
    name: pid
    description: Set the PID mode for the container
    aliases:
    - pid_mode
    domain_of:
    - PodmanContainer
    - PodmanPod
  pids_limit:
    name: pids_limit
    description: Tune the container’s PIDs limit. Set -1 to have unlimited PIDs for
      the container.
    domain_of:
    - PodmanContainer
  pod:
    name: pod
    description: Run container in an existing pod. If you want podman to make the
      pod for you, prefix the pod name with “new:”
    domain_of:
    - PodmanContainer
  privileged:
    name: privileged
    description: Give extended privileges to this container. The default is false.
    ifabsent: 'False'
    domain_of:
    - PodmanContainer
    range: boolean
  publish:
    name: publish
    description: Publish a container’s port, or range of ports, to the host. Format
      - ip:hostPort:containerPort | ip::containerPort | hostPort:containerPort | containerPort
      In case of only containerPort is set, the hostPort will chosen randomly by Podman.
    aliases:
    - ports
    - published
    - published_ports
    multivalued: true
    domain_of:
    - PodmanContainer
    - PodmanPod
  publish_all:
    name: publish_all
    description: Publish all exposed ports to random ports on the host interfaces.
      The default is false.
    ifabsent: 'False'
    domain_of:
    - PodmanContainer
    range: boolean
  read_only:
    name: read_only
    description: Mount the container’s root filesystem as read only. Default is false
    ifabsent: 'False'
    domain_of:
    - PodmanContainer
    range: boolean
  read_only_tmpfs:
    name: read_only_tmpfs
    description: If container is running in –read-only mode, then mount a read-write
      tmpfs on /run, /tmp, and /var/tmp. The default is true
    ifabsent: 'True'
    domain_of:
    - PodmanContainer
    range: boolean
  recreate:
    name: recreate
    description: Use with present and started states to force the re-creation of an
      existing container.
    ifabsent: 'False'
    domain_of:
    - PodmanContainer
    - PodmanNetwork
    - PodmanPlay
    - PodmanPod
    - PodmanVolume
    range: boolean
  requires:
    name: requires
    description: Specify one or more requirements. A requirement is a dependency container
      that will be started before this container. Containers can be specified by name
      or ID.
    multivalued: true
    domain_of:
    - PodmanContainer
    - PodmanGenerateSystemd
  restart_policy:
    name: restart_policy
    description: Restart policy to follow when containers exit. Restart policy will
      not take effect if a container is stopped via the podman kill or podman stop
      commands. Valid values are * no - Do not restart containers on exit * on-failure[:max_retries]
      - Restart containers when they exit with a non-0 exit code, retrying indefinitely
      or until the optional max_retries count is hit * always - Restart containers
      when they exit, regardless of status, retrying indefinitely
    domain_of:
    - PodmanContainer
    - PodmanGenerateSystemd
  rm:
    name: rm
    description: Automatically remove the container when it exits. The default is
      false.
    aliases:
    - remove
    - auto_remove
    ifabsent: 'False'
    domain_of:
    - PodmanContainer
    range: boolean
  rootfs:
    name: rootfs
    description: If true, the first argument refers to an exploded container on the
      file system. The default is false.
    ifabsent: 'False'
    domain_of:
    - PodmanContainer
    range: boolean
  sdnotify:
    name: sdnotify
    description: Determines how to use the NOTIFY_SOCKET, as passed with systemd and
      Type=notify. Can be container, conmon, ignore.
    domain_of:
    - PodmanContainer
  secrets:
    name: secrets
    description: Add the named secrets into the container. The format is secret[,opt=opt...],
      see documentation for more details.
    multivalued: true
    domain_of:
    - PodmanContainer
  security_opt:
    name: security_opt
    description: Security Options. For example security_opt “seccomp=unconfined”
    multivalued: true
    domain_of:
    - PodmanContainer
  shm_size:
    name: shm_size
    description: Size of /dev/shm. The format is <number><unit>. number must be greater
      than 0. Unit is optional and can be b (bytes), k (kilobytes), m(megabytes),
      or g (gigabytes). If you omit the unit, the system uses bytes. If you omit the
      size entirely, the system uses 64m
    domain_of:
    - PodmanContainer
  sig_proxy:
    name: sig_proxy
    description: Proxy signals sent to the podman run command to the container process.
      SIGCHLD, SIGSTOP, and SIGKILL are not proxied. The default is true.
    ifabsent: 'True'
    domain_of:
    - PodmanContainer
    range: boolean
  state:
    name: state
    description: 'absent - A container matching the specified name will be stopped
      and removed.

      present - Asserts the existence of a container matching the name and any provided
      configuration parameters. If no container matches the name, a container will
      be created. If a container matches the name but the provided configuration does
      not match, the container will be updated, if it can be. If it cannot be updated,
      it will be removed and re-created with the requested config. Image version will
      be taken into account when comparing configuration. Use the recreate option
      to force the re-creation of the matching container.

      started - Asserts there is a running container matching the name and any provided
      configuration. If no container matches the name, a container will be created
      and started. Use recreate to always re-create a matching container, even if
      it is running. Use force_restart to force a matching container to be stopped
      and restarted.

      stopped - Asserts that the container is first present, and then if the container
      is running moves it to a stopped state.

      created - Asserts that the container exists with given configuration. If container
      doesn’t exist, the module creates it and leaves it in ‘created’ state. If configuration
      doesn’t match or ‘recreate’ option is set, the container will be recreated'
    ifabsent: string(started)
    domain_of:
    - PodmanContainer
    - PodmanImage
    - PodmanNetwork
    - PodmanPlay
    - PodmanPod
    - PodmanSecret
    - PodmanVolume
    range: ContainerStateEnum
  stop_signal:
    name: stop_signal
    description: Signal to stop a container. Default is SIGTERM.
    domain_of:
    - PodmanContainer
    range: integer
  stop_timeout:
    name: stop_timeout
    description: Timeout (in seconds) to stop a container. Default is 10.
    ifabsent: int(10)
    domain_of:
    - PodmanContainer
    - PodmanGenerateSystemd
    range: integer
  subgidname:
    name: subgidname
    description: Run the container in a new user namespace using the map with ‘name’
      in the /etc/subgid file.
    domain_of:
    - PodmanContainer
    - PodmanPod
  subuidname:
    name: subuidname
    description: Run the container in a new user namespace using the map with ‘name’
      in the /etc/subuid file.
    domain_of:
    - PodmanContainer
    - PodmanPod
  sysctl:
    name: sysctl
    description: Configure namespaced kernel parameters at runtime
    domain_of:
    - PodmanContainer
    range: MetaObject
  systemd:
    name: systemd
    description: Run container in systemd mode. The default is true.
    ifabsent: string(true)
    domain_of:
    - PodmanContainer
  timezone:
    name: timezone
    description: Set timezone in container. This flag takes area-based timezones,
      GMT time, as well as local, which sets the timezone in the container to match
      the host machine. See /usr/share/zoneinfo/ for valid timezones. Remote connections
      use local containers.conf for defaults.
    domain_of:
    - PodmanContainer
  tmpfs:
    name: tmpfs
    description: Create a tmpfs mount. For example tmpfs “/tmp” “rw,size=787448k,mode=1777”
    domain_of:
    - PodmanContainer
    range: MetaObject
  tty:
    name: tty
    description: Allocate a pseudo-TTY. The default is false.
    ifabsent: 'False'
    domain_of:
    - PodmanContainer
    range: boolean
  uidmap:
    name: uidmap
    description: Run the container in a new user namespace using the supplied mapping.
    multivalued: true
    domain_of:
    - PodmanContainer
    - PodmanPod
  ulimit:
    name: ulimit
    description: Ulimit options
    aliases:
    - ulimits
    multivalued: true
    domain_of:
    - PodmanContainer
  user:
    name: user
    description: Sets the username or UID used and optionally the groupname or GID
      for the specified command.
    domain_of:
    - PodmanContainer
  userns:
    name: userns
    description: Set the user namespace mode for the container. It defaults to the
      PODMAN_USERNS environment variable. An empty value means user namespaces are
      disabled.
    aliases:
    - userns_mode
    domain_of:
    - PodmanContainer
    - PodmanPod
  uts:
    name: uts
    description: Set the UTS mode for the container
    domain_of:
    - PodmanContainer
  volume:
    name: volume
    description: Create a bind mount. If you specify, volume /HOST-DIR:/CONTAINER-DIR,
      podman bind mounts /HOST-DIR in the host to /CONTAINER-DIR in the podman container.
    aliases:
    - volumes
    multivalued: true
    domain_of:
    - PodmanContainer
    - PodmanPod
  volumes_from:
    name: volumes_from
    description: Mount volumes from the specified container(s).
    multivalued: true
    domain_of:
    - PodmanContainer
  workdir:
    name: workdir
    description: Working directory inside the container. The default working directory
      for running binaries within a container is the root directory (/).
    aliases:
    - working_dir
    domain_of:
    - PodmanContainer
attributes:
  state:
    name: state
    description: 'absent - A container matching the specified name will be stopped
      and removed.

      present - Asserts the existence of a container matching the name and any provided
      configuration parameters. If no container matches the name, a container will
      be created. If a container matches the name but the provided configuration does
      not match, the container will be updated, if it can be. If it cannot be updated,
      it will be removed and re-created with the requested config. Image version will
      be taken into account when comparing configuration. Use the recreate option
      to force the re-creation of the matching container.

      started - Asserts there is a running container matching the name and any provided
      configuration. If no container matches the name, a container will be created
      and started. Use recreate to always re-create a matching container, even if
      it is running. Use force_restart to force a matching container to be stopped
      and restarted.

      stopped - Asserts that the container is first present, and then if the container
      is running moves it to a stopped state.

      created - Asserts that the container exists with given configuration. If container
      doesn’t exist, the module creates it and leaves it in ‘created’ state. If configuration
      doesn’t match or ‘recreate’ option is set, the container will be recreated'
    from_schema: https://w3id.org/lmodel/ucs-core
    is_a: associationSlot
    domain: Association
    slot_uri: uco-observable:state
    ifabsent: string(started)
    alias: state
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    - PodmanImage
    - PodmanNetwork
    - PodmanPlay
    - PodmanPod
    - PodmanSecret
    - PodmanVolume
    range: ContainerStateEnum
  annotation:
    name: annotation
    description: Add an annotation to the container. The format is key value, multiple
      times.
    from_schema: https://w3id.org/lmodel/ucs-core
    alias: annotation
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: MetaObject
  authfile:
    name: authfile
    description: Path of the authentication file. Default is ``${XDG_RUNTIME_DIR}/containers/auth.json``
      (Not available for remote commands) You can also override the default path of
      the authentication file by setting the ``REGISTRY_AUTH_FILE`` environment variable.
      ``export REGISTRY_AUTH_FILE=path``
    from_schema: https://w3id.org/lmodel/ucs-core
    alias: authfile
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    - PodmanLogin
    - PodmanLogout
    - PodmanPlay
    range: string
  blkio_weight:
    name: blkio_weight
    description: 'Block IO weight (relative weight) accepts a weight value between
      10 and 1000        minimum_value: 10'
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    alias: blkio_weight
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: integer
    minimum_value: 10
    maximum_value: 1000
  blkio_weight_device:
    name: blkio_weight_device
    description: Block IO weight (relative device weight, format DEVICE_NAME[:]WEIGHT).
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    multivalued: true
    alias: blkio_weight_device
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: MetaObject
  cap_add:
    name: cap_add
    description: List of capabilities to add to the container.
    from_schema: https://w3id.org/lmodel/ucs-containers
    aliases:
    - capabilities
    rank: 1000
    multivalued: true
    alias: cap_add
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  cap_drop:
    name: cap_drop
    description: List of capabilities to drop from the container.
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    multivalued: true
    alias: cap_drop
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  cgroup_parent:
    name: cgroup_parent
    description: Path to cgroups under which the cgroup for the container will be
      created. If the path is not absolute, the path is considered to be relative
      to the cgroups path of the init process. Cgroups will be created if they do
      not already exist.
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    alias: cgroup_parent
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    - PodmanPod
    range: string
  cgroupns:
    name: cgroupns
    description: Path to cgroups under which the cgroup for the container will be
      created.
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    alias: cgroupns
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  cgroups:
    name: cgroups
    description: Determines whether the container will create CGroups. Valid values
      are enabled and disabled, which the default being enabled. The disabled option
      will force the container to not create CGroups, and thus conflicts with CGroup
      options cgroupns and cgroup-parent.
    from_schema: https://w3id.org/lmodel/ucs-core
    alias: cgroups
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  cidfile:
    name: cidfile
    description: Write the container ID to the file
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    alias: cidfile
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  cmd_args:
    name: cmd_args
    description: Any additional command options you want to pass to podman command,
      cmd_args - [’–other-param’, ‘value’] Be aware module doesn’t support idempotency
      if this is set.
    from_schema: https://w3id.org/lmodel/ucs-core
    multivalued: true
    alias: cmd_args
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  conmon_pidfile:
    name: conmon_pidfile
    description: Write the pid of the conmon process to a file. conmon runs in a separate
      process than Podman, so this is necessary when using systemd to restart Podman
      containers.
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    alias: conmon_pidfile
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  command:
    name: command
    description: Override command of container. Can be a string or a list.
    from_schema: https://w3id.org/lmodel/ucs-core
    multivalued: true
    alias: command
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  cpu_period:
    name: cpu_period
    description: Limit the CPU real-time period in microseconds
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    alias: cpu_period
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: integer
  cpu_rt_period:
    name: cpu_rt_period
    description: Limit the CPU real-time period in microseconds. Limit the container’s
      Real Time CPU usage. This flag tell the kernel to restrict the container’s Real
      Time CPU usage to the period you specify.
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    alias: cpu_rt_period
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: integer
  cpu_rt_runtime:
    name: cpu_rt_runtime
    description: Limit the CPU real-time runtime in microseconds. This flag tells
      the kernel to limit the amount of time in a given CPU period Real Time tasks
      may consume.
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    alias: cpu_rt_runtime
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: integer
  cpu_shares:
    name: cpu_shares
    description: CPU shares (relative weight)
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    alias: cpu_shares
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: integer
  cpus:
    name: cpus
    description: Number of CPUs. The default is 0.0 which means no limit.
    from_schema: https://w3id.org/lmodel/ucs-core
    alias: cpus
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    - PodmanPod
    range: string
  cpuset_cpus:
    name: cpuset_cpus
    description: CPUs in which to allow execution (0-3, 0,1)
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    alias: cpuset_cpus
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    - PodmanPod
    range: string
  cpuset_mems:
    name: cpuset_mems
    description: Memory nodes (MEMs) in which to allow execution (0-3, 0,1). Only
      effective on NUMA systems.
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    alias: cpuset_mems
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  detach:
    name: detach
    description: Run container in detach mode
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    ifabsent: 'True'
    alias: detach
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: boolean
  debug:
    name: debug
    description: Return additional information which can be helpful for investigations.
    from_schema: https://w3id.org/lmodel/ucs-core
    ifabsent: 'False'
    alias: debug
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    - PodmanContainers
    - PodmanNetwork
    - PodmanPlay
    - PodmanPod
    - PodmanVolume
    range: boolean
  detach_keys:
    name: detach_keys
    description: Override the key sequence for detaching a container. Format is a
      single character or ctrl-value
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    alias: detach_keys
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  device:
    name: device
    description: Add a host device to the container. The format is <device-on-host>[:<device-on-container>][:<permissions>]
      (e.g. device /dev/sdc:/dev/xvdc:rwm)
    from_schema: https://w3id.org/lmodel/ucs-core
    multivalued: true
    alias: device
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    - PodmanPod
    range: string
  device_read_bps:
    name: device_read_bps
    description: Limit read rate (bytes per second) from a device (e.g. device-read-bps
      /dev/sda:1mb)
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    multivalued: true
    alias: device_read_bps
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    - PodmanPod
    range: string
  device_read_iops:
    name: device_read_iops
    description: Limit read rate (IO per second) from a device (e.g. device-read-iops
      /dev/sda:1000)
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    multivalued: true
    alias: device_read_iops
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  device_write_bps:
    name: device_write_bps
    description: Limit write rate (bytes per second) to a device (e.g. device-write-bps
      /dev/sda:1mb)
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    multivalued: true
    alias: device_write_bps
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  device_write_iops:
    name: device_write_iops
    description: Limit write rate (IO per second) to a device (e.g. device-write-iops
      /dev/sda:1000)
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    multivalued: true
    alias: device_write_iops
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  dns:
    name: dns
    description: Set custom DNS servers
    from_schema: https://w3id.org/lmodel/ucs-core
    aliases:
    - dns_servers
    multivalued: true
    alias: dns
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    - PodmanPod
    range: string
  dns_option:
    name: dns_option
    description: Set custom DNS options
    from_schema: https://w3id.org/lmodel/ucs-core
    aliases:
    - dns_opts
    alias: dns_option
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  dns_search:
    name: dns_search
    description: Set custom DNS search domains (Use dns_search with ‘’ if you don’t
      wish to set the search domain)
    from_schema: https://w3id.org/lmodel/ucs-core
    aliases:
    - dns_search_domains
    alias: dns_search
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    - PodmanPod
    range: string
  entrypoint:
    name: entrypoint
    description: Overwrite the default ENTRYPOINT of the image
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    alias: entrypoint
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  env:
    name: env
    description: Set environment variables. This option allows you to specify arbitrary
      environment variables that are available for the process that will be launched
      inside of the container.
    from_schema: https://w3id.org/lmodel/ucs-core
    alias: env
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    - PodmanGenerateSystemd
    range: MetaObject
  env_file:
    name: env_file
    description: Read in a line delimited file of environment variables. Doesn’t support
      idempotency. If users changes the file with environment variables it’s on them
      to recreate the container.
    from_schema: https://w3id.org/lmodel/ucs-core
    alias: env_file
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  env_host:
    name: env_host
    description: Use all current host environment variables in container. Defaults
      to false.
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    ifabsent: 'False'
    alias: env_host
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: boolean
  etc_hosts:
    name: etc_hosts
    description: Dict of host-to-IP mappings, where each host name is a key in the
      dictionary. Each host name will be added to the container’s ``/etc/hosts`` file.
    from_schema: https://w3id.org/lmodel/ucs-core
    aliases:
    - add_hosts
    alias: etc_hosts
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: MetaObject
  expose:
    name: expose
    description: Expose a port, or a range of ports (e.g. expose “3300-3310”) to set
      up port redirection on the host system.
    from_schema: https://w3id.org/lmodel/ucs-containers
    aliases:
    - exposed
    - exposed_ports
    rank: 1000
    multivalued: true
    alias: expose
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  force_restart:
    name: force_restart
    description: Force restart of container.
    from_schema: https://w3id.org/lmodel/ucs-containers
    aliases:
    - restart
    rank: 1000
    ifabsent: 'False'
    alias: force_restart
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: boolean
  generate_systemd:
    name: generate_systemd
    description: Generate systemd unit file for container.
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    alias: generate_systemd
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    - PodmanPod
    range: MetaObject
  gidmap:
    name: gidmap
    description: Run the container in a new user namespace using the supplied mapping.
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    multivalued: true
    alias: gidmap
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    - PodmanPod
    range: string
  group_add:
    name: group_add
    description: Add additional groups to run as
    from_schema: https://w3id.org/lmodel/ucs-containers
    aliases:
    - groups
    rank: 1000
    multivalued: true
    alias: group_add
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  healthcheck:
    name: healthcheck
    description: Set or alter a healthcheck command for a container.
    from_schema: https://w3id.org/lmodel/ucs-core
    alias: healthcheck
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  healthcheck_interval:
    name: healthcheck_interval
    description: Set an interval for the healthchecks (a value of disable results
      in no automatic timer setup) (default “30s”)
    from_schema: https://w3id.org/lmodel/ucs-core
    alias: healthcheck_interval
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  healthcheck_retries:
    name: healthcheck_retries
    description: The number of retries allowed before a healthcheck is considered
      to be unhealthy. The default value is 3.
    from_schema: https://w3id.org/lmodel/ucs-core
    ifabsent: int(3)
    alias: healthcheck_retries
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: integer
  healthcheck_start_period:
    name: healthcheck_start_period
    description: The initialization time needed for a container to bootstrap. The
      value can be expressed in time format like 2m3s. The default value is 0s
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    ifabsent: string(0s)
    alias: healthcheck_start_period
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  healthcheck_timeout:
    name: healthcheck_timeout
    description: The maximum time allowed to complete the healthcheck before an interval
      is considered failed. Like start-period, the value can be expressed in a time
      format such as 1m22s. The default value is 30s
    from_schema: https://w3id.org/lmodel/ucs-core
    ifabsent: string(30s)
    alias: healthcheck_timeout
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  hostname:
    name: hostname
    description: Container host name. Sets the container host name that is available
      inside the container.
    from_schema: https://w3id.org/lmodel/ucs-core
    slot_uri: uco-observable:hostname
    alias: hostname
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    - PodmanPod
    range: string
  http_proxy:
    name: http_proxy
    description: By default proxy environment variables are passed into the container
      if set for the podman process. This can be disabled by setting the http_proxy
      option to false. The environment variables passed in include http_proxy, https_proxy,
      ftp_proxy, no_proxy, and also the upper case versions of those. Defaults to
      true
    from_schema: https://w3id.org/lmodel/ucs-core
    ifabsent: 'True'
    alias: http_proxy
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: boolean
  image_volume:
    name: image_volume
    description: Tells podman how to handle the builtin image volumes. The options
      are bind, tmpfs, or ignore (default bind)
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    alias: image_volume
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: ContainerImageVolumeEnum
  image_strict:
    name: image_strict
    description: Whether to compare images in idempotency by taking into account a
      full name with registry and namespaces.
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    ifabsent: 'False'
    alias: image_strict
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: boolean
  init:
    name: init
    description: Run an init inside the container that forwards signals and reaps
      processes. The default is false.
    from_schema: https://w3id.org/lmodel/ucs-core
    ifabsent: 'False'
    alias: init
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: boolean
  init_path:
    name: init_path
    description: Path to the container-init binary.
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    alias: init_path
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  interactive:
    name: interactive
    description: Keep STDIN open even if not attached. The default is false. When
      set to true, keep stdin open even if not attached. The default is false.
    from_schema: https://w3id.org/lmodel/ucs-core
    ifabsent: 'False'
    alias: interactive
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: boolean
  ip:
    name: ip
    description: Specify a static IP address for the container, for example ‘10.88.64.128’.
      Can only be used if no additional CNI networks to join were specified via ‘network:’,
      and if the container is not joining another container’s network namespace via
      ‘network container:<name|id>’. The address must be within the default CNI network’s
      pool (default 10.88.0.0/16).
    from_schema: https://w3id.org/lmodel/ucs-core
    slot_uri: uco-observable:ip
    alias: ip
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    - PodmanPod
    range: string
  ipc:
    name: ipc
    description: Default is to create a private IPC namespace (POSIX SysV IPC) for
      the container
    from_schema: https://w3id.org/lmodel/ucs-containers
    aliases:
    - ipc_mode
    rank: 1000
    alias: ipc
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  kernel_memory:
    name: kernel_memory
    description: Kernel memory limit (format <number>[<unit>], where unit = b, k,
      m or g) Note - idempotency is supported for integers only.
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    alias: kernel_memory
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  label:
    name: label
    description: Add metadata to a container, pass dictionary of label names and values
    from_schema: https://w3id.org/lmodel/ucs-core
    aliases:
    - labels
    alias: label
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    - PodmanPod
    - PodmanVolume
    range: MetaObject
  label_file:
    name: label_file
    description: Read in a line delimited file of labels
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    alias: label_file
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    - PodmanPod
    range: string
  log_driver:
    name: log_driver
    description: Logging driver. Used to set the log driver for the container. For
      example log_driver “k8s-file”.
    from_schema: https://w3id.org/lmodel/ucs-core
    alias: log_driver
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    - PodmanPlay
    range: ContainerLogDriverEnum
  log_level:
    name: log_level
    description: Logging level for Podman. Log messages above specified level (“debug”|”info”|”warn”|”error”|”fatal”|”panic”)
      (default “error”)
    from_schema: https://w3id.org/lmodel/ucs-core
    alias: log_level
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    - PodmanPlay
    range: ContainerLogLevelEnum
  log_opt:
    name: log_opt
    description: Logging driver specific options. Used to set the path to the container
      log file.
    from_schema: https://w3id.org/lmodel/ucs-containers
    aliases:
    - log_options
    rank: 1000
    alias: log_opt
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: MetaObject
  mac_address:
    name: mac_address
    description: Specify a MAC address for the container, for example ‘92:d0:c6:0a:29:33’.
      Don’t forget that it must be unique within one Ethernet network.
    from_schema: https://w3id.org/lmodel/ucs-core
    alias: mac_address
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    - PodmanPod
    range: string
  memory:
    name: memory
    description: Memory limit (format 10k, where unit = b, k, m or g) Note - idempotency
      is supported for integers only.
    from_schema: https://w3id.org/lmodel/ucs-core
    alias: memory
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  memory_reservation:
    name: memory_reservation
    description: Memory soft limit (format 100m, where unit = b, k, m or g) Note -
      idempotency is supported for integers only.
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    alias: memory_reservation
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  memory_swap:
    name: memory_swap
    description: A limit value equal to memory plus swap. Must be used with the -m
      (–memory) flag. The swap LIMIT should always be larger than -m (–memory) value.
      By default, the swap LIMIT will be set to double the value of –memory Note -
      idempotency is supported for integers only.
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    alias: memory_swap
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  memory_swappiness:
    name: memory_swappiness
    description: Tune a container’s memory swappiness behavior. Accepts an integer
      between 0 and 100.
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    alias: memory_swappiness
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: integer
    minimum_value: 0
    maximum_value: 100
  mount:
    name: mount
    description: Attach a filesystem mount to the container. bind or tmpfs For example
      mount “type=bind,source=/path/on/host,destination=/path/in/container”
    from_schema: https://w3id.org/lmodel/ucs-core
    aliases:
    - mounts
    multivalued: true
    alias: mount
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  name:
    name: name
    description: Name of the container
    from_schema: https://w3id.org/lmodel/ucs-core
    slot_uri: rdfs:label
    alias: name
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    - PodmanGenerateSystemd
    - PodmanImage
    - PodmanNetwork
    - PodmanPod
    - PodmanSecret
    - PodmanVolume
    - Attribute
    - Entity
    range: label type
    required: true
  network:
    name: network
    description: Set the Network mode for the container * bridge create a network
      stack on the default bridge * none no networking * container:<name|id> reuse
      another container’s network stack * host use the podman host network stack.
      * <network-name>|<network-id> connect to a user-defined network * ns:<path>
      path to a network namespace to join * slirp4netns use slirp4netns to create
      a user network stack. This is the default for rootless containers
    from_schema: https://w3id.org/lmodel/ucs-core
    aliases:
    - net
    - network_mode
    slot_uri: uco-observable:network
    multivalued: true
    alias: network
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    - PodmanPlay
    - PodmanPod
    range: string
  network_aliases:
    name: network_aliases
    description: Add network-scoped alias for the container. A container will only
      have access to aliases on the first network that it joins. This is a limitation
      that will be removed in a later release.
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    multivalued: true
    alias: network_aliases
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  no_hosts:
    name: no_hosts
    description: Do not create /etc/hosts for the container Default is false.
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    ifabsent: 'False'
    alias: no_hosts
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    - PodmanPod
    range: boolean
  oom_kill_disable:
    name: oom_kill_disable
    description: Whether to disable OOM Killer for the container or not. Default is
      false.
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    ifabsent: 'False'
    alias: oom_kill_disable
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: boolean
  oom_score_adj:
    name: oom_score_adj
    description: Tune the host’s OOM preferences for containers (accepts -1000 to
      1000)
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    alias: oom_score_adj
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: integer
    minimum_value: -1000
    maximum_value: 1000
  pid:
    name: pid
    description: Set the PID mode for the container
    from_schema: https://w3id.org/lmodel/ucs-core
    aliases:
    - pid_mode
    slot_uri: uco-observable:pid
    alias: pid
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    - PodmanPod
    range: string
  pids_limit:
    name: pids_limit
    description: Tune the container’s PIDs limit. Set -1 to have unlimited PIDs for
      the container.
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    alias: pids_limit
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: integer
    minimum_value: -1
  pod:
    name: pod
    description: Run container in an existing pod. If you want podman to make the
      pod for you, prefix the pod name with “new:”
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    alias: pod
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  privileged:
    name: privileged
    description: Give extended privileges to this container. The default is false.
    from_schema: https://w3id.org/lmodel/ucs-core
    ifabsent: 'False'
    alias: privileged
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: boolean
  publish:
    name: publish
    description: Publish a container’s port, or range of ports, to the host. Format
      - ip:hostPort:containerPort | ip::containerPort | hostPort:containerPort | containerPort
      In case of only containerPort is set, the hostPort will chosen randomly by Podman.
    from_schema: https://w3id.org/lmodel/ucs-core
    aliases:
    - ports
    - published
    - published_ports
    multivalued: true
    alias: publish
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    - PodmanPod
    range: string
  publish_all:
    name: publish_all
    description: Publish all exposed ports to random ports on the host interfaces.
      The default is false.
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    ifabsent: 'False'
    alias: publish_all
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: boolean
  read_only:
    name: read_only
    description: Mount the container’s root filesystem as read only. Default is false
    from_schema: https://w3id.org/lmodel/ucs-core
    ifabsent: 'False'
    alias: read_only
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: boolean
  read_only_tmpfs:
    name: read_only_tmpfs
    description: If container is running in –read-only mode, then mount a read-write
      tmpfs on /run, /tmp, and /var/tmp. The default is true
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    ifabsent: 'True'
    alias: read_only_tmpfs
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: boolean
  recreate:
    name: recreate
    description: Use with present and started states to force the re-creation of an
      existing container.
    from_schema: https://w3id.org/lmodel/ucs-core
    ifabsent: 'False'
    alias: recreate
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    - PodmanNetwork
    - PodmanPlay
    - PodmanPod
    - PodmanVolume
    range: boolean
  requires:
    name: requires
    description: Specify one or more requirements. A requirement is a dependency container
      that will be started before this container. Containers can be specified by name
      or ID.
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    multivalued: true
    alias: requires
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    - PodmanGenerateSystemd
    range: string
  restart_policy:
    name: restart_policy
    description: Restart policy to follow when containers exit. Restart policy will
      not take effect if a container is stopped via the podman kill or podman stop
      commands. Valid values are * no - Do not restart containers on exit * on-failure[:max_retries]
      - Restart containers when they exit with a non-0 exit code, retrying indefinitely
      or until the optional max_retries count is hit * always - Restart containers
      when they exit, regardless of status, retrying indefinitely
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    alias: restart_policy
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    - PodmanGenerateSystemd
    range: string
  rm:
    name: rm
    description: Automatically remove the container when it exits. The default is
      false.
    from_schema: https://w3id.org/lmodel/ucs-core
    aliases:
    - remove
    - auto_remove
    ifabsent: 'False'
    alias: rm
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: boolean
  rootfs:
    name: rootfs
    description: If true, the first argument refers to an exploded container on the
      file system. The default is false.
    from_schema: https://w3id.org/lmodel/ucs-core
    ifabsent: 'False'
    alias: rootfs
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: boolean
  sdnotify:
    name: sdnotify
    description: Determines how to use the NOTIFY_SOCKET, as passed with systemd and
      Type=notify. Can be container, conmon, ignore.
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    alias: sdnotify
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  secrets:
    name: secrets
    description: Add the named secrets into the container. The format is secret[,opt=opt...],
      see documentation for more details.
    from_schema: https://w3id.org/lmodel/ucs-core
    multivalued: true
    alias: secrets
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  security_opt:
    name: security_opt
    description: Security Options. For example security_opt “seccomp=unconfined”
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    multivalued: true
    alias: security_opt
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  shm_size:
    name: shm_size
    description: Size of /dev/shm. The format is <number><unit>. number must be greater
      than 0. Unit is optional and can be b (bytes), k (kilobytes), m(megabytes),
      or g (gigabytes). If you omit the unit, the system uses bytes. If you omit the
      size entirely, the system uses 64m
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    alias: shm_size
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  sig_proxy:
    name: sig_proxy
    description: Proxy signals sent to the podman run command to the container process.
      SIGCHLD, SIGSTOP, and SIGKILL are not proxied. The default is true.
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    ifabsent: 'True'
    alias: sig_proxy
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: boolean
  stop_signal:
    name: stop_signal
    description: Signal to stop a container. Default is SIGTERM.
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    alias: stop_signal
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: integer
  stop_timeout:
    name: stop_timeout
    description: Timeout (in seconds) to stop a container. Default is 10.
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    ifabsent: int(10)
    alias: stop_timeout
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    - PodmanGenerateSystemd
    range: integer
  subgidname:
    name: subgidname
    description: Run the container in a new user namespace using the map with ‘name’
      in the /etc/subgid file.
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    alias: subgidname
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    - PodmanPod
    range: string
  subuidname:
    name: subuidname
    description: Run the container in a new user namespace using the map with ‘name’
      in the /etc/subuid file.
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    alias: subuidname
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    - PodmanPod
    range: string
  sysctl:
    name: sysctl
    description: Configure namespaced kernel parameters at runtime
    from_schema: https://w3id.org/lmodel/ucs-core
    alias: sysctl
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: MetaObject
  systemd:
    name: systemd
    description: Run container in systemd mode. The default is true.
    from_schema: https://w3id.org/lmodel/ucs-core
    ifabsent: string(true)
    alias: systemd
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  timezone:
    name: timezone
    description: Set timezone in container. This flag takes area-based timezones,
      GMT time, as well as local, which sets the timezone in the container to match
      the host machine. See /usr/share/zoneinfo/ for valid timezones. Remote connections
      use local containers.conf for defaults.
    from_schema: https://w3id.org/lmodel/ucs-core
    alias: timezone
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  tmpfs:
    name: tmpfs
    description: Create a tmpfs mount. For example tmpfs “/tmp” “rw,size=787448k,mode=1777”
    from_schema: https://w3id.org/lmodel/ucs-core
    alias: tmpfs
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: MetaObject
  tty:
    name: tty
    description: Allocate a pseudo-TTY. The default is false.
    from_schema: https://w3id.org/lmodel/ucs-core
    ifabsent: 'False'
    alias: tty
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: boolean
  uidmap:
    name: uidmap
    description: Run the container in a new user namespace using the supplied mapping.
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    multivalued: true
    alias: uidmap
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    - PodmanPod
    range: string
  ulimit:
    name: ulimit
    description: Ulimit options
    from_schema: https://w3id.org/lmodel/ucs-core
    aliases:
    - ulimits
    multivalued: true
    alias: ulimit
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  user:
    name: user
    description: Sets the username or UID used and optionally the groupname or GID
      for the specified command.
    from_schema: https://w3id.org/lmodel/ucs-core
    alias: user
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  userns:
    name: userns
    description: Set the user namespace mode for the container. It defaults to the
      PODMAN_USERNS environment variable. An empty value means user namespaces are
      disabled.
    from_schema: https://w3id.org/lmodel/ucs-containers
    aliases:
    - userns_mode
    rank: 1000
    alias: userns
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    - PodmanPod
    range: string
  uts:
    name: uts
    description: Set the UTS mode for the container
    from_schema: https://w3id.org/lmodel/ucs-core
    alias: uts
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  volume:
    name: volume
    description: Create a bind mount. If you specify, volume /HOST-DIR:/CONTAINER-DIR,
      podman bind mounts /HOST-DIR in the host to /CONTAINER-DIR in the podman container.
    from_schema: https://w3id.org/lmodel/ucs-core
    aliases:
    - volumes
    is_a: nodeProperty
    domain: Publication
    slot_uri: uco-observable:volume
    multivalued: true
    alias: volume
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    - PodmanPod
    range: string
  volumes_from:
    name: volumes_from
    description: Mount volumes from the specified container(s).
    from_schema: https://w3id.org/lmodel/ucs-containers
    rank: 1000
    multivalued: true
    alias: volumes_from
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  workdir:
    name: workdir
    description: Working directory inside the container. The default working directory
      for running binaries within a container is the root directory (/).
    from_schema: https://w3id.org/lmodel/ucs-core
    aliases:
    - working_dir
    alias: workdir
    owner: PodmanContainer
    domain_of:
    - PodmanContainer
    range: string
  executable:
    name: executable
    description: Path to podman executable if it is not in the $PATH on the machine
      running podman
    from_schema: https://w3id.org/lmodel/ucs-core
    ifabsent: string(podman)
    alias: executable
    owner: PodmanContainer
    domain_of:
    - IacModule
    range: string