Clarify the latest version of podman 5.2.2 #1599
Conversation
## Description Previously the latest version of podman 5.2.2 was 5.2.2-13. However, now the latest version is 5.2.2-15. We have confirmed with that @matt-elastic in an [internal discussion here](https://elastic.slack.com/archives/CS5UH0E3T/p1748867788234029?thread_ts=1748577885.885639&cid=CS5UH0E3T) that it makes sense to make such change. Thus, we need to update the public doc to reflect this. Also, we want to avoid saying 5.2.2-15 and then later we need to update the public docs again, so we are using a more generic way to express it.
kunisen
added
documentation
|
Hi @matt-elastic may I trouble you to kindly take a look about this and let me know if anything is missing or clear please? |
|
Thank you for your efforts and the improvements, @kunisen. I concur that the currently specified versions are overly specific. I verified that Podman 5.2.2 is currently (still) available on RHEL 9.6 I think the version numbers originate from the documentation we created during the analysis of the healthcheck bug. At that time, I think mid-term, we should consider mentioning 
In-place upgrades
Currently, the latest My understanding is that we still recommend the Podman version of a given RHEL OS that is installed by default. Would you agree with this? |
|
Thank you @matt-elastic !
Yeah I had some time to spin up a RHEL 9 and tested the command behavior. sudo dnf install podman-5.2.2 podman-remote-5.2.2Also version lock command works below: sudo dnf install 'dnf-command(versionlock)'
sudo dnf versionlock add --raw 'podman-5.2.2'
sudo dnf versionlock add --raw 'podman-remote-5.2.2'My test log: Install podman ## Check podman version - not installed yet
[kuniyasu_sen@kuni-rhel-9 ~]$ podman --version
-bash: podman: command not found
## Show podman version list
[kuniyasu_sen@kuni-rhel-9 ~]$ sudo su -
[root@kuni-rhel-9 ~]# dnf --showduplicates list podman | grep 5.2.2
podman.src 2:5.2.2-1.el9 rhui-rhel-9-for-x86_64-appstream-rhui-source-rpms
podman.x86_64 2:5.2.2-1.el9 rhui-rhel-9-for-x86_64-appstream-rhui-rpms
podman.src 4:5.2.2-9.el9_5 rhui-rhel-9-for-x86_64-appstream-rhui-source-rpms
podman.x86_64 4:5.2.2-9.el9_5 rhui-rhel-9-for-x86_64-appstream-rhui-rpms
podman.src 4:5.2.2-11.el9_5 rhui-rhel-9-for-x86_64-appstream-rhui-source-rpms
podman.x86_64 4:5.2.2-11.el9_5 rhui-rhel-9-for-x86_64-appstream-rhui-rpms
podman.src 4:5.2.2-13.el9_5 rhui-rhel-9-for-x86_64-appstream-rhui-source-rpms
podman.x86_64 4:5.2.2-13.el9_5 rhui-rhel-9-for-x86_64-appstream-rhui-rpms
podman.src 4:5.2.2-15.el9_5 rhui-rhel-9-for-x86_64-appstream-rhui-source-rpms
podman.x86_64 4:5.2.2-15.el9_5 rhui-rhel-9-for-x86_64-appstream-rhui-rpms
podman.src 4:5.2.2-16.el9_5 rhui-rhel-9-for-x86_64-appstream-rhui-source-rpms
podman.x86_64 4:5.2.2-16.el9_5 rhui-rhel-9-for-x86_64-appstream-rhui-rpms
## Use `sudo dnf install podman-5.2.2` to install podman 5.2.2-latest version
[root@kuni-rhel-9 ~]# sudo dnf install podman-5.2.2
Last metadata expiration check: 0:05:14 ago on Mon 16 Jun 2025 03:02:12 PM UTC.
Dependencies resolved.
===================================================================================================================================================================================================
Package Architecture Version Repository Size
===================================================================================================================================================================================================
Installing:
podman x86_64 4:5.2.2-16.el9_5 rhui-rhel-9-for-x86_64-appstream-rhui-rpms 16 M
Installing dependencies:
aardvark-dns x86_64 2:1.14.0-1.el9 rhui-rhel-9-for-x86_64-appstream-rhui-rpms 881 k
(... skip ...)
Transaction Summary
===================================================================================================================================================================================================
Install 21 Packages
Total download size: 23 M
Installed size: 75 M
Is this ok [y/N]: y
Downloading Packages:
(1/21): criu-libs-3.19-1.el9.x86_64.rpm 499 kB/s | 33 kB 00:00
(... skip ...)
(21/21): shadow-utils-subid-4.9-12.el9.x86_64.rpm 1.0 MB/s | 88 kB 00:00
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 25 MB/s | 23 MB 00:00
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : passt-0^20250217.ga1e48a0-1.el9.x86_64 1/21
(... skip ...)
Verifying : shadow-utils-subid-2:4.9-12.el9.x86_64 21/21
Installed:
aardvark-dns-2:1.14.0-1.el9.x86_64 conmon-3:2.1.12-1.el9.x86_64 container-selinux-4:2.235.0-2.el9_6.noarch containers-common-2:1-117.el9_6.x86_64
criu-3.19-1.el9.x86_64 criu-libs-3.19-1.el9.x86_64 crun-1.21-1.el9_6.x86_64 fuse-common-3.10.2-9.el9.x86_64
fuse-overlayfs-1.14-1.el9.x86_64 fuse3-3.10.2-9.el9.x86_64 fuse3-libs-3.10.2-9.el9.x86_64 libnet-1.2-7.el9.x86_64
libslirp-4.4.0-8.el9.x86_64 netavark-2:1.14.1-1.el9_6.x86_64 passt-0^20250217.ga1e48a0-1.el9.x86_64 passt-selinux-0^20250217.ga1e48a0-1.el9.noarch
podman-4:5.2.2-16.el9_5.x86_64 protobuf-c-1.3.3-13.el9.x86_64 shadow-utils-subid-2:4.9-12.el9.x86_64 slirp4netns-1.3.2-1.el9.x86_64
yajl-2.1.0-25.el9.x86_64
Complete!
## Check podman version
[root@kuni-rhel-9 ~]# podman --version
podman version 5.2.2
[root@kuni-rhel-9 ~]# rpm -q podman
podman-5.2.2-16.el9_5.x86_64Install podman-remote ## Check podman-remote version
[root@kuni-rhel-9 ~]# podman-remote --version
-bash: podman-remote: command not found
## Show podman-remote version list
[root@kuni-rhel-9 ~]# dnf --showduplicates list podman-remote | grep 5.2.2
podman-remote.x86_64 2:5.2.2-1.el9 rhui-rhel-9-for-x86_64-appstream-rhui-rpms
podman-remote.x86_64 4:5.2.2-9.el9_5 rhui-rhel-9-for-x86_64-appstream-rhui-rpms
podman-remote.x86_64 4:5.2.2-11.el9_5 rhui-rhel-9-for-x86_64-appstream-rhui-rpms
podman-remote.x86_64 4:5.2.2-13.el9_5 rhui-rhel-9-for-x86_64-appstream-rhui-rpms
podman-remote.x86_64 4:5.2.2-15.el9_5 rhui-rhel-9-for-x86_64-appstream-rhui-rpms
podman-remote.x86_64 4:5.2.2-16.el9_5 rhui-rhel-9-for-x86_64-appstream-rhui-rpms
## Install podman-remote
[root@kuni-rhel-9 ~]# sudo dnf install podman-remote-5.2.2
Last metadata expiration check: 0:17:51 ago on Mon 16 Jun 2025 03:02:12 PM UTC.
Dependencies resolved.
===================================================================================================================================================================================================
Package Architecture Version Repository Size
===================================================================================================================================================================================================
Installing:
podman-remote x86_64 4:5.2.2-16.el9_5 rhui-rhel-9-for-x86_64-appstream-rhui-rpms 11 M
Transaction Summary
===================================================================================================================================================================================================
Install 1 Package
Total download size: 11 M
Installed size: 37 M
Is this ok [y/N]: y
Downloading Packages:
podman-remote-5.2.2-16.el9_5.x86_64.rpm 24 MB/s | 11 MB 00:00
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 21 MB/s | 11 MB 00:00
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : podman-remote-4:5.2.2-16.el9_5.x86_64 1/1
Running scriptlet: podman-remote-4:5.2.2-16.el9_5.x86_64 1/1
Verifying : podman-remote-4:5.2.2-16.el9_5.x86_64 1/1
Installed:
podman-remote-4:5.2.2-16.el9_5.x86_64
Complete!
## Check podman-remote version again
[root@kuni-rhel-9 ~]# podman-remote --version
podman-remote version 5.2.2
[root@kuni-rhel-9 ~]# rpm -q podman-remote
podman-remote-5.2.2-16.el9_5.x86_64Just in case, check again ## Use one liner
[root@kuni-rhel-9 ~]# sudo dnf install podman-5.2.2 podman-remote-5.2.2
Last metadata expiration check: 0:21:44 ago on Mon 16 Jun 2025 03:02:12 PM UTC.
Package podman-4:5.2.2-16.el9_5.x86_64 is already installed.
Package podman-remote-4:5.2.2-16.el9_5.x86_64 is already installed.
Dependencies resolved.
Nothing to do.
Complete!Version lock [root@kuni-rhel-9 ~]# sudo dnf install 'dnf-command(versionlock)'
Last metadata expiration check: 0:34:08 ago on Mon 16 Jun 2025 03:02:12 PM UTC.
Dependencies resolved.
===================================================================================================================================================================================================
Package Architecture Version Repository Size
===================================================================================================================================================================================================
Installing:
python3-dnf-plugin-versionlock noarch 4.3.0-20.el9 rhui-rhel-9-for-x86_64-baseos-rhui-rpms 28 k
Transaction Summary
===================================================================================================================================================================================================
Install 1 Package
Total download size: 28 k
Installed size: 27 k
Is this ok [y/N]: y
Downloading Packages:
python3-dnf-plugin-versionlock-4.3.0-20.el9.noarch.rpm 508 kB/s | 28 kB 00:00
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 262 kB/s | 28 kB 00:00
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : python3-dnf-plugin-versionlock-4.3.0-20.el9.noarch 1/1
Running scriptlet: python3-dnf-plugin-versionlock-4.3.0-20.el9.noarch 1/1
Verifying : python3-dnf-plugin-versionlock-4.3.0-20.el9.noarch 1/1
Installed:
python3-dnf-plugin-versionlock-4.3.0-20.el9.noarch
Complete!
[root@kuni-rhel-9 ~]# sudo dnf versionlock add --raw 'podman-5.2.2'
Last metadata expiration check: 0:34:21 ago on Mon 16 Jun 2025 03:02:12 PM UTC.
Adding versionlock on: podman-5.2.2
[root@kuni-rhel-9 ~]# sudo dnf versionlock add --raw 'podman-remote-5.2.2'
Last metadata expiration check: 0:34:29 ago on Mon 16 Jun 2025 03:02:12 PM UTC.
Adding versionlock on: podman-remote-5.2.2
[root@kuni-rhel-9 ~]# sudo dnf versionlock list
Last metadata expiration check: 0:34:36 ago on Mon 16 Jun 2025 03:02:12 PM UTC.
podman-5.2.2
podman-remote-5.2.2Since I tested the above behavior and it worked, I will update my PR to reflect the command I tested and mark it as ready for review. |
Yes as you said, we should recommend the latest version by default. In this case,
That said, I think we have 2 action items:
Do you know how to check the bug fixes are included in latest RHEL 9.6 OS or not? |
|
🔍 Preview links for changed docs:
🔔 The preview site may take up to 3 minutes to finish building. These links will become live once it completes. |
|
Thanks @matt-elastic! @eedugon @shainaraskas that said, this PR is technically ready. Thanks again! |
There was a problem hiding this comment.
For the configure RHEL host document I've added some comments because some of the sentences don't look aligned with the support matrix statement, and we need clarification.
The migration to Podman 5 feels difficult to understand and digest, and I've more than 20 years of experience as system administrator. Now that we are going to apply changes to that document, let's make it readable, and at least ensure it's technically accurate, as there are parts that don't feel even correct.
Also if we mention concepts like in-place and grow-and-shrink, there should be a small description of what we mean with each (although that's not the main issue of the doc).
|
|
||
| If you decide to install a previous Podman 5 version, make sure to replace `5.2.2-13` with the desired version in the commands below. | ||
| If you decide to install a previous Podman 5 version, make sure to replace `5.2.2` with the desired version in the commands below. |
There was a problem hiding this comment.
How can a user DECIDE to install a previous version if it's NOT supported per our support matrix?
Didn't we agree some time ago that we wanted to make our docs version agnostic (when possible), and referring to support matrix as the source of truth?
In such case... why we document that the user might want to install a previous version right after saying in an important banner that they must install a compatible OS / Podman version per support matrix?
That paragraph looks contradictory to me.
There was a problem hiding this comment.
@eedugon yes, I will need to raise support matrix update PR in advance.
I only got dev approval from @matt-elastic yesterday so now I can go and file support matrix update.
(That's a different system so it's a bit mixed, but you are right, support matrix is the source of truth, so we must update that too.)
There was a problem hiding this comment.
I think you didn't get my point, sorry. I wasn't talking about your specific change, but the entire sentence.,
What I mean is that the entire sentence doesn't add any values because users should NOT decide to install a previous version, as they should refer to the support matrix (which is already stated in the doc).
Actually the entire Note (the 3 paragraphs) should be removed, they don't add value.
|
|
||
| :::{note} | ||
| As mentioned in [Migrating to Podman 5](migrate-to-podman-5.md) it is recommended to install Podman `5.2.2-13` since this is the latest supported version. | ||
| As mentioned in [Migrating to Podman 5](migrate-to-podman-5.md) it is recommended to install Podman `5.2.2` since this is the latest supported version. |
There was a problem hiding this comment.
Why recommended? Per our support matrix we only support 5.2.2.
Aren't we saying before this paragraph:
Make sure to use a supported combination of Linux distribution and container engine version as defined in our official Support matrix
In such case I'd say it's mandatory (at the moment) to install 5.2.2, and not recommended. Per the support matrix.
What I'd do is to WARN against 5.2.2 versions that include a memory leak, and saying that we recommend 5.2.2 latest, and certain versions (5.2.2-11 - 5.2.2-13 should be avoided).
There was a problem hiding this comment.
If this is the fresh installation document for a new node, there's no need to link the migration to podman 5 document, as it's irrelevant, i would also remove the link and I'd state to stick to support matrix (already in the doc), avoid memory leak versions (if we know them), and suggest 5.2.2 latest as you are already doing.
A link in the migration document towards the normal installation document would make more sense than a link in this doc towards the crazy table of the other doc.
There was a problem hiding this comment.
5.2.2-13 is no longer the latest, it was the latest weeks/months ago.
We need to use 5.2.2 so that it can understand the latest automatically - you can see the detailed test log in #1599 (comment).
Again, support matrix is outdated now. I will raise update request today later or tomorrow.
There was a problem hiding this comment.
Sorry if I wasn't clear, I was challenging the entire sentence, not your specific change. It doesn't add any value and should be removed from the doc.
|
|
||
| For **in-place updates**, it is recommended to use Podman `5.2.2-9`, since upgrades to versions `5.2.2-11` and `5.2.2-13` are affected by a known [memory leak issue](https://github.com/containers/podman/issues/25473). | ||
| For **in-place updates**, it is recommended to use Podman `5.2.2-9`, since upgrades to versions `5.2.2-11` and latest version of `5.2.2` are affected by a known [memory leak issue](https://github.com/containers/podman/issues/25473). |
There was a problem hiding this comment.
Quick question about this sentence:
For in-place updates, it is recommended to use Podman
5.2.2-9, since upgrades to versions5.2.2-11and latest version of5.2.2are affected by a known memory leak issue.
Considering 5.2.2-latest is NOT affected by that known memory leak (please correct me if I'm wrong).... why we don't support an in-place upgrade to 5.2.2-latest and we only support it to 5.2.2-9?
Does the bug affect to 5.2.2-latest when upgrading but not in a new installation? Because it looks very weird in the normal installation doc to tell users to install 5.2.2-latest and then in the migration doc to upgrade to 5.2.2-9 but not 5.2.2-latest.
If the doc is accurate I'd recommend to explain why 5.2.2-latest is the way to go with a new installation (grow-and-shrink update) but not for an in-place upgrade, and why the users should end up in an old (5.2.2-9) release.
Also... I don't understand why we have certain columns with certain patch releases (.9, .11) while other patch releases also exist.
The feeling of the table is that looks over-complicated, and maybe all could be simplified by ensuring we mention to skip / avoid certain releases with the memory leak (-11 and -13?) and then explaining the difference between an in-place upgrade and a grow-and-shrink update.
There was a problem hiding this comment.
Considering 5.2.2-latest is NOT affected by that known memory leak (please correct me if I'm wrong).... why we don't support an in-place upgrade to 5.2.2-latest and we only support it to 5.2.2-9?
It's super complicated, but to say it in short,
- 5.2.2-11 is the buggy version.
- there's difference between "in-place upgrade" and "grow-and-shrink upgrade / fresh install".
You can get a full picture from https://www.elastic.co/docs/deploy-manage/deploy/cloud-enterprise/migrate-to-podman-5.
=> This doc has 1 place incorrect that the latest version is no longer podman 5.2.2-13, but now is 5.2.2-16. we updated the description to 5.2.2 so it can fetch the latest automatically. again, support matrix needs update too
Note:
- The logic itself is correct, and
- the only wrong part is "latest version is no longer 5.2.2-13. We need to update it to 5.2.2-16. And the command to auto-fetch latest version is to use version 5.2.2 specification".
- all other logic pieces are correct, including the version description about 5.2.2-9 and 5.2.2-11, as well as in place / grow and shrink upgrade, and fresh installation
- however, support matrix is outdated and needs update.
|
|
||
| Podman `5.2.2-13` is only supported when conducting a **fresh {{ece}} installation** or performing a **grow-and-shrink update** from Docker or Podman 4. | ||
| The latest version of Podman `5.2.2` is only supported when conducting a **fresh {{ece}} installation** or performing a **grow-and-shrink update** from Docker or Podman 4. |
There was a problem hiding this comment.
That sentence feels incorrect at first sight.
If latest 5.2.2 version of podman is supported in a FRESH installation, why it's not supported in a grow-and-shrink upgrade from Podman 5 when grow-and-shrink means actually installing new nodes and then destroying old ones?
So, if we are doing grow-and-shrink, it should be irrelevant if the original system runs Docker, Podman 4 or Podman 5.
There was a problem hiding this comment.
Again, as mentioned in #1599 (comment), it's super complicated, due to the podman memory leak bug as well as the version difference, upgrade method difference, etc.
All behaviors were verified by @matt-elastic from control plane dev team.
Co-authored-by: Edu González de la Herrán <[email protected]>
|
@kunisen : if you like I could prepare a commit with some simplification and clarifications of the migration document for your review, we could always revert back to the exact status you have now :) Anyway I totally agree with the original goal of this PR:
But IMO:
|
|
Thank you Edu! To #1599 (comment), I believe the biggest confusion comes from support matrix is not outdated. However, we must also update support matrix. # Before
For new installation, the latest version we recommend is 5.2.2-13
# After
For new installation, we recommend the latest 5.2.2 version. I will do that today later or tomorrow. All other dots and pieces, let me rephrase here:
Other than above, we also need @matt-elastic's help to test if the latest version contains the podman bug fix or not.
|
|
I'll work on this on Wednesday 25th and I'll try to share a proposal ASAP. |
Description
Previously the latest version of podman 5.2.2 was 5.2.2-13. However, now the latest version is 5.2.2-15.
We have confirmed with that @matt-elastic in an internal discussion here that it makes sense to make such change.
Thus, we need to update the public doc to reflect this. Also, we want to avoid saying 5.2.2-15 and then later we need to update the public docs again, so we are using a more generic way to express it.
Special Note
@matt-elastic could you also help us confirm if the command in use is correct or not please?
I don't have a RHEL environment to test for now and I am making the change on the fly.
Thank you!
Before / After PR merge
:: Before
https://www.elastic.co/docs/deploy-manage/deploy/cloud-enterprise/configure-host-rhel
:: After
cc @rheppe