1podman-update(1)            General Commands Manual           podman-update(1)
2
3
4

NAME

6       podman-update - Updates the cgroup configuration of a given container
7
8

SYNOPSIS

10       podman update [options] container
11
12
13       podman container update [options] container
14
15

DESCRIPTION

17       Updates  the cgroup configuration of an already existing container. The
18       currently supported options are a subset of the podman  create/run  re‐
19       source  limits  options.  These new options are non-persistent and only
20       last for the current execution of the container; the configuration will
21       be  honored  on its next run.  This means that this command can only be
22       executed on an already running container and the changes made  will  be
23       erased the next time the container is stopped and restarted, this is to
24       ensure immutability.  This command takes one argument, a container name
25       or ID, alongside the resource flags to modify the cgroup.
26
27

OPTIONS

29   --blkio-weight=weight
30       Block IO relative weight. The weight is a value between 10 and 1000.
31
32
33       This option is not supported on cgroups V1 rootless systems.
34
35
36   --blkio-weight-device=device:weight
37       Block IO relative device weight.
38
39
40   --cpu-period=limit
41       Set  the CPU period for the Completely Fair Scheduler (CFS), which is a
42       duration in microseconds. Once the container's CPU quota is used up, it
43       will not be scheduled to run until the current period ends. Defaults to
44       100000 microseconds.
45
46
47       On some systems, changing the resource limits may not  be  allowed  for
48       non-root  users.  For  more  details,  see  https://github.com/contain
49       ers/podman/blob/main/troubleshooting.md#26-running-containers-with-re‐
50       source-limits-fails-with-a-permissions-error
51
52
53       This option is not supported on cgroups V1 rootless systems.
54
55
56   --cpu-quota=limit
57       Limit the CPU Completely Fair Scheduler (CFS) quota.
58
59
60       Limit  the  container's  CPU usage. By default, containers run with the
61       full CPU resource. The limit is a number in microseconds. If  a  number
62       is  provided,  the  container will be allowed to use that much CPU time
63       until the CPU period ends (controllable via --cpu-period).
64
65
66       On some systems, changing the resource limits may not  be  allowed  for
67       non-root  users.  For  more  details,  see  https://github.com/contain
68       ers/podman/blob/main/troubleshooting.md#26-running-containers-with-re‐
69       source-limits-fails-with-a-permissions-error
70
71
72       This option is not supported on cgroups V1 rootless systems.
73
74
75   --cpu-rt-period=microseconds
76       Limit the CPU real-time period in microseconds.
77
78
79       Limit the container's Real Time CPU usage. This option tells the kernel
80       to restrict the container's Real Time CPU usage to  the  period  speci‐
81       fied.
82
83
84       This option is only supported on cgroups V1 rootful systems.
85
86
87   --cpu-rt-runtime=microseconds
88       Limit the CPU real-time runtime in microseconds.
89
90
91       Limit  the containers Real Time CPU usage. This option tells the kernel
92       to limit the amount of time in a given CPU period Real Time  tasks  may
93       consume.  Ex: Period of 1,000,000us and Runtime of 950,000us means that
94       this container could consume 95% of available CPU and leave the remain‐
95       ing 5% to normal priority tasks.
96
97
98       The  sum of all runtimes across containers cannot exceed the amount al‐
99       lotted to the parent cgroup.
100
101
102       This option is only supported on cgroups V1 rootful systems.
103
104
105   --cpu-shares, -c=shares
106       CPU shares (relative weight).
107
108
109       By default, all containers get the same proportion of CPU cycles.  This
110       proportion  can  be  modified  by  changing  the  container's CPU share
111       weighting relative to the combined weight of all the  running  contain‐
112       ers.  Default weight is 1024.
113
114
115       The  proportion  will  only apply when CPU-intensive processes are run‐
116       ning.  When tasks in one container are idle, other containers  can  use
117       the left-over CPU time. The actual amount of CPU time will vary depend‐
118       ing on the number of containers running on the system.
119
120
121       For example, consider three containers, one has a cpu-share of 1024 and
122       two others have a cpu-share setting of 512. When processes in all three
123       containers attempt to use 100% of CPU, the first  container  would  re‐
124       ceive  50% of the total CPU time. If a fourth container is added with a
125       cpu-share of 1024, the first container only gets 33% of  the  CPU.  The
126       remaining containers receive 16.5%, 16.5% and 33% of the CPU.
127
128
129       On a multi-core system, the shares of CPU time are distributed over all
130       CPU cores. Even if a container is limited to  less  than  100%  of  CPU
131       time, it can use 100% of each individual CPU core.
132
133
134       For example, consider a system with more than three cores.  If the con‐
135       tainer C0 is started with --cpu-shares=512 running one process, and an‐
136       other  container  C1 with --cpu-shares=1024 running two processes, this
137       can result in the following division of CPU shares:
138
139
140       ┌────┬───────────┬─────┬──────────────┐
141PID container CPU CPU share    
142       ├────┼───────────┼─────┼──────────────┤
143       │100 │ C0        │ 0   │ 100% of CPU0 │
144       ├────┼───────────┼─────┼──────────────┤
145       │101 │ C1        │ 1   │ 100% of CPU1 │
146       ├────┼───────────┼─────┼──────────────┤
147       │102 │ C1        │ 2   │ 100% of CPU2 │
148       └────┴───────────┴─────┴──────────────┘
149
150       On some systems, changing the resource limits may not  be  allowed  for
151       non-root  users.  For  more  details,  see  https://github.com/contain
152       ers/podman/blob/main/troubleshooting.md#26-running-containers-with-re‐
153       source-limits-fails-with-a-permissions-error
154
155
156       This option is not supported on cgroups V1 rootless systems.
157
158
159   --cpus=number
160       Number of CPUs. The default is 0.0 which means no limit. This is short‐
161       hand for --cpu-period and --cpu-quota,  so  you  may  only  set  either
162       --cpus or --cpu-period and --cpu-quota.
163
164
165       On  some  systems,  changing the CPU limits may not be allowed for non-
166       root users. For more  details,  see  https://github.com/containers/pod
167       man/blob/main/troubleshooting.md#26-running-containers-with-resource-
168       limits-fails-with-a-permissions-error
169
170
171       This option is not supported on cgroups V1 rootless systems.
172
173
174   --cpuset-cpus=number
175       CPUs in which to allow execution. Can be specified as a comma-separated
176       list  (e.g.  0,1),  as  a  range (e.g. 0-3), or any combination thereof
177       (e.g. 0-3,7,11-15).
178
179
180       On some systems, changing the resource limits may not  be  allowed  for
181       non-root  users.  For  more  details,  see  https://github.com/contain
182       ers/podman/blob/main/troubleshooting.md#26-running-containers-with-re‐
183       source-limits-fails-with-a-permissions-error
184
185
186       This option is not supported on cgroups V1 rootless systems.
187
188
189   --cpuset-mems=nodes
190       Memory nodes (MEMs) in which to allow execution (0-3, 0,1). Only effec‐
191       tive on NUMA systems.
192
193
194       If there are four memory nodes  on  the  system  (0-3),  use  --cpuset-
195       mems=0,1  then processes in the container will only use memory from the
196       first two memory nodes.
197
198
199       On some systems, changing the resource limits may not  be  allowed  for
200       non-root  users.  For  more  details,  see  https://github.com/contain
201       ers/podman/blob/main/troubleshooting.md#26-running-containers-with-re‐
202       source-limits-fails-with-a-permissions-error
203
204
205       This option is not supported on cgroups V1 rootless systems.
206
207
208   --device-read-bps=path:rate
209       Limit  read  rate  (in  bytes per second) from a device (e.g. --device-
210       read-bps=/dev/sda:1mb).
211
212
213       On some systems, changing the resource limits may not  be  allowed  for
214       non-root  users.  For  more  details,  see  https://github.com/contain
215       ers/podman/blob/main/troubleshooting.md#26-running-containers-with-re‐
216       source-limits-fails-with-a-permissions-error
217
218
219       This option is not supported on cgroups V1 rootless systems.
220
221
222   --device-read-iops=path:rate
223       Limit read rate (in IO operations per second) from a device (e.g. --de‐
224       vice-read-iops=/dev/sda:1000).
225
226
227       On some systems, changing the resource limits may not  be  allowed  for
228       non-root  users.  For  more  details,  see  https://github.com/contain
229       ers/podman/blob/main/troubleshooting.md#26-running-containers-with-re‐
230       source-limits-fails-with-a-permissions-error
231
232
233       This option is not supported on cgroups V1 rootless systems.
234
235
236   --device-write-bps=path:rate
237       Limit  write  rate  (in  bytes  per second) to a device (e.g. --device-
238       write-bps=/dev/sda:1mb).
239
240
241       On some systems, changing the resource limits may not  be  allowed  for
242       non-root  users.  For  more  details,  see  https://github.com/contain
243       ers/podman/blob/main/troubleshooting.md#26-running-containers-with-re‐
244       source-limits-fails-with-a-permissions-error
245
246
247       This option is not supported on cgroups V1 rootless systems.
248
249
250   --device-write-iops=path:rate
251       Limit  write rate (in IO operations per second) to a device (e.g. --de‐
252       vice-write-iops=/dev/sda:1000).
253
254
255       On some systems, changing the resource limits may not  be  allowed  for
256       non-root  users.  For  more  details,  see  https://github.com/contain
257       ers/podman/blob/main/troubleshooting.md#26-running-containers-with-re‐
258       source-limits-fails-with-a-permissions-error
259
260
261       This option is not supported on cgroups V1 rootless systems.
262
263
264   --memory, -m=number[unit]
265       Memory limit. A unit can be b (bytes), k (kibibytes), m (mebibytes), or
266       g (gibibytes).
267
268
269       Allows the memory available to a container to be  constrained.  If  the
270       host  supports  swap  memory,  then the -m memory setting can be larger
271       than physical RAM. If a limit of 0 is specified  (not  using  -m),  the
272       container's  memory  is not limited. The actual limit may be rounded up
273       to a multiple of the operating system's page size (the value  would  be
274       very large, that's millions of trillions).
275
276
277       This option is not supported on cgroups V1 rootless systems.
278
279
280   --memory-reservation=number[unit]
281       Memory  soft  limit.  A  unit  can  be  b  (bytes),  k  (kibibytes),  m
282       (mebibytes), or g (gibibytes).
283
284
285       After setting memory reservation, when the system detects  memory  con‐
286       tention or low memory, containers are forced to restrict their consump‐
287       tion to their reservation. So you should always  set  the  value  below
288       --memory,  otherwise  the  hard limit will take precedence. By default,
289       memory reservation will be the same as memory limit.
290
291
292       This option is not supported on cgroups V1 rootless systems.
293
294
295   --memory-swap=number[unit]
296       A limit value equal to memory plus swap.  A unit can be  b  (bytes),  k
297       (kibibytes), m (mebibytes), or g (gibibytes).
298
299
300       Must  be  used  with the -m (--memory) flag.  The argument value should
301       always be larger than that of
302        -m (--memory) By default, it is set to double the value of --memory.
303
304
305       Set number to -1 to enable unlimited swap.
306
307
308       This option is not supported on cgroups V1 rootless systems.
309
310
311   --memory-swappiness=number
312       Tune a container's memory swappiness behavior. Accepts an  integer  be‐
313       tween 0 and 100.
314
315
316       This flag is only supported on cgroups V1 rootful systems.
317
318

EXAMPLEs

320       update a container with a new cpu quota and period
321
322
323              podman update --cpus=5 myCtr
324
325
326
327       update a container with all available options for cgroups v2
328
329
330              podman update --cpus 5 --cpuset-cpus 0 --cpu-shares 123 --cpuset-mems 0 --memory 1G --memory-swap 2G --memory-reservation 2G --blkio-weight-device /dev/zero:123 --blkio-weight 123 --device-read-bps /dev/zero:10mb --device-write-bps /dev/zero:10mb --device-read-iops /dev/zero:1000 --device-write-iops /dev/zero:1000 ctrID
331
332
333
334       update a container with all available options for cgroups v1
335
336
337              podman update --cpus 5 --cpuset-cpus 0 --cpu-shares 123 --cpuset-mems 0 --memory 1G --memory-swap 2G --memory-reservation 2G --memory-swappiness 50 ctrID
338
339
340

SEE ALSO

342       podman(1), podman-create(1), podman-run(1)
343
344

HISTORY

346       August  2022,  Originally  written  by  Charlie Doern cdoern@redhat.com
347       ⟨mailto:cdoern@redhat.com⟩
348
349
350
351                                                              podman-update(1)
Impressum