Provides Podman 5.6-5.8 updates on Quadlet CLI management, OCI artifacts, multi-file installs, BoltDB-to-SQLite migration, TLS remote. Use for Podman 5.x tasks post-training cutoff.
npx claudepluginhub nevaberry/nevaberry-plugins --plugin podman-knowledge-patchThis skill uses the workspace's default tool permissions.
Implements structured self-debugging workflow for AI agent failures: capture errors, diagnose patterns like loops or context overflow, apply contained recoveries, and generate introspection reports.
Designs and optimizes AI agent action spaces, tool definitions, observation formats, error recovery, and context for higher task completion rates.
Compares coding agents like Claude Code and Aider on custom YAML-defined codebase tasks using git worktrees, measuring pass rate, cost, time, and consistency.
Claude Opus 4.6 knows Podman through 4.x / early 5.x. This skill provides features from Podman 5.6 (2024-08-15) through 5.8 (2025-02-12).
| Topic | Reference | Key features |
|---|---|---|
| Quadlet | references/quadlet.md | CLI management, multi-file install, .artifact type, new keys, REST API |
| CLI enhancements | references/cli-enhancements.md | --creds/--cert-dir, --return-on-first, --no-session, --ulimit update, kube play multi-file |
| OCI artifacts | references/artifacts.md | Stable podman artifact commands, REST API, podman inspect artifacts |
| Infrastructure | references/infrastructure.md | TLS/mTLS remote, BoltDB→SQLite migration, --swap, Rosetta disabled, compat API changes |
podman quadlet install myapp.container # install for current user
podman quadlet list # list installed Quadlets
podman quadlet print myapp.container # print file contents
podman quadlet rm myapp.container # remove a Quadlet
Not available with remote client.
Single file with multiple units separated by ---:
# FileName=app.container
[Container]
Image=myapp:latest
---
# FileName=db.container
[Container]
Image=postgres:16
podman quadlet install combined.quadlet
| Version | File type | Key | Purpose |
|---|---|---|---|
| 5.7 | .container | HttpProxy | Control HTTP proxy forwarding into container |
| 5.7 | .pod | StopTimeout | Configure pod stop timeout |
| 5.7 | .build | BuildArg | Specify build arguments |
| 5.7 | .build | IgnoreFile | Specify ignore file |
| 5.7 | .kube | (multi-YAML) | Multiple YAML files in single .kube file |
| 5.8 | .container | AppArmor | Set container's AppArmor profile |
podman artifact pull oci-registry.example/myartifact:v1
podman artifact ls
podman artifact inspect myartifact
podman artifact push myartifact docker://registry/repo:tag
podman artifact rm myartifact
podman artifact add myartifact file1.tar file2.tar
podman artifact extract myartifact
Available via remote client. podman inspect can also inspect artifacts (5.7+).
| Method | Endpoint | Purpose |
|---|---|---|
GET | /libpod/artifacts/json | List artifacts |
GET | /libpod/artifacts/{name}/json | Inspect artifact |
POST | /libpod/artifacts/pull | Pull artifact |
DELETE | /libpod/artifacts/{name} | Remove artifact |
POST | /libpod/artifacts/add | Add artifact from tar |
POST | /libpod/artifacts/{name}/push | Push to registry |
GET | /libpod/artifacts/{name}/extract | Get artifact contents |
| Method | Endpoint | Purpose |
|---|---|---|
POST | /libpod/quadlets | Install Quadlets |
GET | /libpod/quadlets/{name}/file | Print Quadlet file contents |
GET | /libpod/quadlets/{name}/exists | Check if Quadlet exists |
DELETE | /libpod/quadlets | Remove multiple Quadlets |
DELETE | /libpod/quadlets/{name} | Remove a single Quadlet |
podman run --creds user:pass --cert-dir /path/to/certs docker.io/myimage
podman kube play app.yaml db.yaml
podman kube down app.yaml db.yaml
podman kube play --no-pod-prefix app.yaml # don't prefix container names with pod name
podman wait --return-on-first --condition=exited ctr1 ctr2
podman exec --no-session mycontainer ls /app
podman update --ulimit nofile=65536:65536 mycontainer
podman volume create --uid 1000 --gid 1000 myvolume
podman machine init --swap 2048 # size in megabytes
Remote client and podman system service support TLS and mTLS encryption, including client certificate authentication. podman system connection add can create TLS-encrypted TCP connections.
podman system migrate --migrate-db
BoltDB removal planned for Podman 6.0.
| Version | Change |
|---|---|
| 5.6 | Rosetta disabled by default in podman machine VMs (kernel compatibility issues) |
| 5.7 | Compat Image Inspect API: ContainerConfig field removed (use Config instead, matches Docker v1.45) |
| File | Contents |
|---|---|
| quadlet.md | CLI management commands, multi-file install, .artifact file type, new keys (HttpProxy, StopTimeout, BuildArg, IgnoreFile, AppArmor), REST API endpoints |
| cli-enhancements.md | --creds/--cert-dir, kube play multi-file + --no-pod-prefix, --return-on-first, --no-session, --ulimit update, --uid/--gid volumes, --swap |
| artifacts.md | Stable artifact commands, REST API endpoints, podman inspect artifact support |
| infrastructure.md | TLS/mTLS remote connections, BoltDB deprecation and auto-migration, Rosetta disabled, compat API breaking change |