330 lines
12 KiB
Groff
330 lines
12 KiB
Groff
'\" t
|
|
.nh
|
|
.TH podman-container-clone 1
|
|
.SH NAME
|
|
podman-container-clone \- Create a copy of an existing container
|
|
|
|
.SH SYNOPSIS
|
|
\fBpodman container clone\fP [\fIoptions\fP] \fIcontainer\fP \fIname\fP \fIimage\fP
|
|
|
|
.SH DESCRIPTION
|
|
\fBpodman container clone\fP creates a copy of a container, recreating the original with an identical configuration. This command takes three arguments: the first being the container ID or name to clone, the second argument in this command can change the name of the clone from the default of $ORIGINAL_NAME-clone, and the third is a new image to use in the cloned container.
|
|
|
|
.SH OPTIONS
|
|
.SS \fB--blkio-weight\fP=\fIweight\fP
|
|
Block IO relative weight. The \fIweight\fP is a value between \fB10\fP and \fB1000\fP\&.
|
|
|
|
.PP
|
|
This option is not supported on cgroups V1 rootless systems.
|
|
|
|
.SS \fB--blkio-weight-device\fP=\fIdevice:weight\fP
|
|
Block IO relative device weight.
|
|
|
|
.SS \fB--cpu-period\fP=\fIlimit\fP
|
|
Set the CPU period for the Completely Fair Scheduler (CFS), which is a
|
|
duration in microseconds. Once the container's CPU quota is used up, it will not
|
|
be scheduled to run until the current period ends. Defaults to 100000
|
|
microseconds.
|
|
|
|
.PP
|
|
On some systems, changing the resource limits may not be allowed for non-root
|
|
users. For more details, see
|
|
https://github.com/containers/podman/blob/main/troubleshooting.md#26-running-containers-with-resource-limits-fails-with-a-permissions-error
|
|
|
|
.PP
|
|
This option is not supported on cgroups V1 rootless systems.
|
|
|
|
.PP
|
|
If none is specified, the original container's cpu period is used
|
|
|
|
.SS \fB--cpu-quota\fP=\fIlimit\fP
|
|
Limit the CPU Completely Fair Scheduler (CFS) quota.
|
|
|
|
.PP
|
|
Limit the container's CPU usage. By default, containers run with the full
|
|
CPU resource. The limit is a number in microseconds. If a number is provided,
|
|
the container is allowed to use that much CPU time until the CPU period
|
|
ends (controllable via \fB--cpu-period\fP).
|
|
|
|
.PP
|
|
On some systems, changing the resource limits may not be allowed for non-root
|
|
users. For more details, see
|
|
https://github.com/containers/podman/blob/main/troubleshooting.md#26-running-containers-with-resource-limits-fails-with-a-permissions-error
|
|
|
|
.PP
|
|
This option is not supported on cgroups V1 rootless systems.
|
|
|
|
.PP
|
|
If none is specified, the original container's CPU quota are used.
|
|
|
|
.SS \fB--cpu-rt-period\fP=\fImicroseconds\fP
|
|
Limit the CPU real-time period in microseconds.
|
|
|
|
.PP
|
|
Limit the container's Real Time CPU usage. This option tells the kernel to restrict the container's Real Time CPU usage to the period specified.
|
|
|
|
.PP
|
|
This option is only supported on cgroups V1 rootful systems.
|
|
|
|
.PP
|
|
If none is specified, the original container's CPU runtime period is used.
|
|
|
|
.SS \fB--cpu-rt-runtime\fP=\fImicroseconds\fP
|
|
Limit the CPU real-time runtime in microseconds.
|
|
|
|
.PP
|
|
Limit the containers Real Time CPU usage. This option tells the kernel to limit the amount of time in a given CPU period Real Time tasks may consume. Ex:
|
|
Period of 1,000,000us and Runtime of 950,000us means that this container can consume 95% of available CPU and leave the remaining 5% to normal priority tasks.
|
|
|
|
.PP
|
|
The sum of all runtimes across containers cannot exceed the amount allotted to the parent cgroup.
|
|
|
|
.PP
|
|
This option is only supported on cgroups V1 rootful systems.
|
|
|
|
.SS \fB--cpu-shares\fP, \fB-c\fP=\fIshares\fP
|
|
CPU shares (relative weight).
|
|
|
|
.PP
|
|
By default, all containers get the same proportion of CPU cycles. This
|
|
proportion can be modified by changing the container's CPU share weighting
|
|
relative to the combined weight of all the running containers.
|
|
Default weight is \fB1024\fP\&.
|
|
|
|
.PP
|
|
The proportion only applies when CPU-intensive processes are running.
|
|
When tasks in one container are idle, other containers can use the
|
|
left-over CPU time. The actual amount of CPU time varies depending on
|
|
the number of containers running on the system.
|
|
|
|
.PP
|
|
For example, consider three containers, one has a cpu-share of 1024 and
|
|
two others have a cpu-share setting of 512. When processes in all three
|
|
containers attempt to use 100% of CPU, the first container receives
|
|
50% of the total CPU time. If a fourth container is added with a cpu-share
|
|
of 1024, the first container only gets 33% of the CPU. The remaining containers
|
|
receive 16.5%, 16.5% and 33% of the CPU.
|
|
|
|
.PP
|
|
On a multi-core system, the shares of CPU time are distributed over all CPU
|
|
cores. Even if a container is limited to less than 100% of CPU time, it can
|
|
use 100% of each individual CPU core.
|
|
|
|
.PP
|
|
For example, consider a system with more than three cores.
|
|
If the container \fIC0\fP is started with \fB--cpu-shares=512\fP running one process,
|
|
and another container \fIC1\fP with \fB--cpu-shares=1024\fP running two processes,
|
|
this can result in the following division of CPU shares:
|
|
|
|
.TS
|
|
allbox;
|
|
l l l l
|
|
l l l l .
|
|
\fBPID\fP \fBcontainer\fP \fBCPU\fP \fBCPU share\fP
|
|
100 C0 0 100% of CPU0
|
|
101 C1 1 100% of CPU1
|
|
102 C1 2 100% of CPU2
|
|
.TE
|
|
|
|
.PP
|
|
On some systems, changing the resource limits may not be allowed for non-root
|
|
users. For more details, see
|
|
https://github.com/containers/podman/blob/main/troubleshooting.md#26-running-containers-with-resource-limits-fails-with-a-permissions-error
|
|
|
|
.PP
|
|
This option is not supported on cgroups V1 rootless systems.
|
|
|
|
.PP
|
|
If none are specified, the original container's CPU shares are used.
|
|
|
|
.SS \fB--cpus\fP
|
|
Set a number of CPUs for the container that overrides the original containers CPU limits. If none are specified, the original container's Nano CPUs are used.
|
|
|
|
.PP
|
|
This is shorthand
|
|
for \fB--cpu-period\fP and \fB--cpu-quota\fP, so only \fB--cpus\fP or either both the \fB--cpu-period\fP and \fB--cpu-quota\fP options can be set.
|
|
|
|
.PP
|
|
This option is not supported on cgroups V1 rootless systems.
|
|
|
|
.SS \fB--cpuset-cpus\fP=\fInumber\fP
|
|
CPUs in which to allow execution. Can be specified as a comma-separated list
|
|
(e.g. \fB0,1\fP), as a range (e.g. \fB0-3\fP), or any combination thereof
|
|
(e.g. \fB0-3,7,11-15\fP).
|
|
|
|
.PP
|
|
On some systems, changing the resource limits may not be allowed for non-root
|
|
users. For more details, see
|
|
https://github.com/containers/podman/blob/main/troubleshooting.md#26-running-containers-with-resource-limits-fails-with-a-permissions-error
|
|
|
|
.PP
|
|
This option is not supported on cgroups V1 rootless systems.
|
|
|
|
.PP
|
|
If none are specified, the original container's CPUset is used.
|
|
|
|
.SS \fB--cpuset-mems\fP=\fInodes\fP
|
|
Memory nodes (MEMs) in which to allow execution (0-3, 0,1). Only effective on
|
|
NUMA systems.
|
|
|
|
.PP
|
|
If there are four memory nodes on the system (0-3), use \fB--cpuset-mems=0,1\fP
|
|
then processes in the container only uses memory from the first
|
|
two memory nodes.
|
|
|
|
.PP
|
|
On some systems, changing the resource limits may not be allowed for non-root
|
|
users. For more details, see
|
|
https://github.com/containers/podman/blob/main/troubleshooting.md#26-running-containers-with-resource-limits-fails-with-a-permissions-error
|
|
|
|
.PP
|
|
This option is not supported on cgroups V1 rootless systems.
|
|
|
|
.PP
|
|
If none are specified, the original container's CPU memory nodes are used.
|
|
|
|
.SS \fB--destroy\fP
|
|
Remove the original container that we are cloning once used to mimic the configuration.
|
|
|
|
.SS \fB--device-read-bps\fP=\fIpath:rate\fP
|
|
Limit read rate (in bytes per second) from a device (e.g. \fB--device-read-bps=/dev/sda:1mb\fP).
|
|
|
|
.PP
|
|
On some systems, changing the resource limits may not be allowed for non-root
|
|
users. For more details, see
|
|
https://github.com/containers/podman/blob/main/troubleshooting.md#26-running-containers-with-resource-limits-fails-with-a-permissions-error
|
|
|
|
.PP
|
|
This option is not supported on cgroups V1 rootless systems.
|
|
|
|
.SS \fB--device-write-bps\fP=\fIpath:rate\fP
|
|
Limit write rate (in bytes per second) to a device (e.g. \fB--device-write-bps=/dev/sda:1mb\fP).
|
|
|
|
.PP
|
|
On some systems, changing the resource limits may not be allowed for non-root
|
|
users. For more details, see
|
|
https://github.com/containers/podman/blob/main/troubleshooting.md#26-running-containers-with-resource-limits-fails-with-a-permissions-error
|
|
|
|
.PP
|
|
This option is not supported on cgroups V1 rootless systems.
|
|
|
|
.SS \fB--force\fP, \fB-f\fP
|
|
Force removal of the original container that we are cloning. Can only be used in conjunction with \fB--destroy\fP\&.
|
|
|
|
.SS \fB--memory\fP, \fB-m\fP=\fInumber[unit]\fP
|
|
Memory limit. A \fIunit\fP can be \fBb\fP (bytes), \fBk\fP (kibibytes), \fBm\fP (mebibytes), or \fBg\fP (gibibytes).
|
|
|
|
.PP
|
|
Allows the memory available to a container to be constrained. If the host
|
|
supports swap memory, then the \fB-m\fP memory setting can be larger than physical
|
|
RAM. If a limit of 0 is specified (not using \fB-m\fP), the container's memory is
|
|
not limited. The actual limit may be rounded up to a multiple of the operating
|
|
system's page size (the value is very large, that's millions of trillions).
|
|
|
|
.PP
|
|
This option is not supported on cgroups V1 rootless systems.
|
|
|
|
.PP
|
|
If no memory limits are specified, the original container's memory limits are used.
|
|
|
|
.SS \fB--memory-reservation\fP=\fInumber[unit]\fP
|
|
Memory soft limit. A \fIunit\fP can be \fBb\fP (bytes), \fBk\fP (kibibytes), \fBm\fP (mebibytes), or \fBg\fP (gibibytes).
|
|
|
|
.PP
|
|
After setting memory reservation, when the system detects memory contention
|
|
or low memory, containers are forced to restrict their consumption to their
|
|
reservation. So always set the value below \fB--memory\fP, otherwise the
|
|
hard limit takes precedence. By default, memory reservation is the same
|
|
as memory limit.
|
|
|
|
.PP
|
|
This option is not supported on cgroups V1 rootless systems.
|
|
|
|
.PP
|
|
If unspecified, memory reservation is the same as memory limit from the
|
|
container being cloned.
|
|
|
|
.SS \fB--memory-swap\fP=\fInumber[unit]\fP
|
|
A limit value equal to memory plus swap.
|
|
A \fIunit\fP can be \fBb\fP (bytes), \fBk\fP (kibibytes), \fBm\fP (mebibytes), or \fBg\fP (gibibytes).
|
|
|
|
.PP
|
|
Must be used with the \fB-m\fP (\fB--memory\fP) flag.
|
|
The argument value must be larger than that of
|
|
\fB-m\fP (\fB--memory\fP) By default, it is set to double
|
|
the value of \fB--memory\fP\&.
|
|
|
|
.PP
|
|
Set \fInumber\fP to \fB-1\fP to enable unlimited swap.
|
|
|
|
.PP
|
|
This option is not supported on cgroups V1 rootless systems.
|
|
|
|
.PP
|
|
If unspecified, the container being cloned is used to derive
|
|
the swap value.
|
|
|
|
.SS \fB--memory-swappiness\fP=\fInumber\fP
|
|
Tune a container's memory swappiness behavior. Accepts an integer between \fI0\fP and \fI100\fP\&.
|
|
|
|
.PP
|
|
This flag is only supported on cgroups V1 rootful systems.
|
|
|
|
.SS \fB--name\fP
|
|
Set a custom name for the cloned container. The default if not specified is of the syntax: \fB<ORIGINAL_NAME>-clone\fP
|
|
|
|
.SS \fB--pod\fP=\fIname\fP
|
|
Clone the container in an existing pod. It is helpful to move a container to an
|
|
existing pod. The container joins the pod shared namespaces, losing its configuration
|
|
that conflicts with the shared namespaces.
|
|
|
|
.SS \fB--run\fP
|
|
When set to true, this flag runs the newly created container after the
|
|
clone process has completed, this specifies a detached running mode.
|
|
|
|
.SH EXAMPLES
|
|
Clone specified container into a new container:
|
|
|
|
.EX
|
|
# podman container clone d0cf1f782e2ed67e8c0050ff92df865a039186237a4df24d7acba5b1fa8cc6e7
|
|
6b2c73ff8a1982828c9ae2092954bcd59836a131960f7e05221af9df5939c584
|
|
.EE
|
|
|
|
.PP
|
|
Clone specified container into a newly named container:
|
|
|
|
.EX
|
|
# podman container clone --name=clone d0cf1f782e2ed67e8c0050ff92df865a039186237a4df24d7acba5b1fa8cc6e7
|
|
6b2c73ff8a1982828c9ae2092954bcd59836a131960f7e05221af9df5939c584
|
|
.EE
|
|
|
|
.PP
|
|
Replace specified container with selected resource constraints into a new container, removing original container:
|
|
|
|
.EX
|
|
# podman container clone --destroy --cpus=5 d0cf1f782e2ed67e8c0050ff92df865a039186237a4df24d7acba5b1fa8cc6e7
|
|
6b2c73ff8a1982828c9ae2092954bcd59836a131960f7e05221af9df5939c584
|
|
.EE
|
|
|
|
.PP
|
|
Clone specified container giving a new name and then replacing the image of the original container with the specified image name:
|
|
|
|
.EX
|
|
# podman container clone 2d4d4fca7219b4437e0d74fcdc272c4f031426a6eacd207372691207079551de new_name fedora
|
|
Resolved "fedora" as an alias (/etc/containers/registries.conf.d/shortnames.conf)
|
|
Trying to pull registry.fedoraproject.org/fedora:latest...
|
|
Getting image source signatures
|
|
Copying blob c6183d119aa8 done
|
|
Copying config e417cd49a8 done
|
|
Writing manifest to image destination
|
|
Storing signatures
|
|
5a9b7851013d326aa4ac4565726765901b3ecc01fcbc0f237bc7fd95588a24f9
|
|
.EE
|
|
|
|
.SH SEE ALSO
|
|
\fBpodman-create(1)\fP, \fBcgroups(7)\fP
|
|
|
|
.SH HISTORY
|
|
January 2022, Originally written by Charlie Doern cdoern@redhat.com
|
|
\[la]mailto:cdoern@redhat.com\[ra]
|