1podman-top(1) General Commands Manual podman-top(1)
2
6 podman-top - Display the running processes of a container
7
10 podman top [options] container [format-descriptors]
11 podman container top [options] container [format-descriptors]
14
17 Display the running processes of the container. The format-descriptors
18 are ps (1) compatible AIX format descriptors but extended to print ad‐
19 ditional information, such as the seccomp mode or the effective capa‐
20 bilities of a given process. The descriptors can either be passed as
21 separated arguments or as a single comma-separated argument. Note that
22 options and or flags of ps(1) can also be specified; in this case, Pod‐
23 man falls back to executing ps(1) from the host with the specified ar‐
24 guments and flags in the container namespace. If the container has the
25 CAP_SYS_PTRACE capability then we will execute ps(1) in the container
26 so it must be installed there. To extract host-related information,
27 use the "h*" descriptors. For instance, podman top $name hpid huser to
28 display the PID and user of the processes in the host context.
29
32 --help, -h
33 Print usage statement
34 --latest, -l
37 Instead of providing the container name or ID, use the last created
38 container. Note: the last started container can be from other users of
39 Podman on the host machine. (This option is not available with the re‐
40 mote Podman client, including Mac and Windows (excluding WSL2) ma‐
41 chines)
42
45 The following descriptors are supported in addition to the AIX format
46 descriptors mentioned in ps (1):
47 args, capbnd, capeff, capinh, capprm, comm, etime, group, hgroup, hpid,
50 huser, label, nice, pcpu, pgid, pid, ppid, rgroup, ruser, seccomp,
51 state, time, tty, user, vsz
52 capbnd
55 Set of bounding capabilities. See capabilities (7) for more informa‐
58 tion.
59 capeff
62 Set of effective capabilities. See capabilities (7) for more informa‐
65 tion.
66 capinh
69 Set of inheritable capabilities. See capabilities (7) for more informa‐
72 tion.
73 capprm
76 Set of permitted capabilities. See capabilities (7) for more informa‐
79 tion.
80 hgroup
83 The corresponding effective group of a container process on the host.
86 hpid
89 The corresponding host PID of a container process.
92 huser
95 The corresponding effective user of a container process on the host.
98 label
101 Current security attributes of the process.
104 seccomp
107 Seccomp mode of the process (i.e., disabled, strict or filter). See
110 seccomp (2) for more information.
111 state
114 Process state codes (e.g, R for running, S for sleeping). See proc(5)
117 for more information.
118 stime
121 Process start time (e.g, "2019-12-09 10:50:36 +0100 CET).
124
127 By default, podman-top prints data similar to ps -ef:
128 $ podman top f5a62a71b07
131 USER PID PPID %CPU ELAPSED TTY TIME COMMAND
132 root 1 0 0.000 20.386825206s pts/0 0s sh
133 root 7 1 0.000 16.386882887s pts/0 0s sleep
134 root 8 1 0.000 11.386886562s pts/0 0s vi
135 The output can be controlled by specifying format descriptors as argu‐
139 ments after the container:
140 $ podman top -l pid seccomp args %C
143 PID SECCOMP COMMAND %CPU
144 1 filter sh 0.000
145 8 filter vi /etc/ 0.000
146 Podman falls back to executing ps(1) from the host in the container
150 namespace if an unknown descriptor is specified.
151 $ podman top -l -- aux
154 USER PID PPID %CPU ELAPSED TTY TIME COMMAND
155 root 1 0 0.000 1h2m12.497061672s ? 0s sleep 100000
156
160 podman(1), ps(1), seccomp(2), proc(5), capabilities(7)
161
164 July 2018, Introduce format descriptors by Valentin Rothberg vroth‐
165 berg@suse.com ⟨mailto:vrothberg@suse.com⟩
166 December 2017, Originally compiled by Brent Baude bbaude@redhat.com
169 ⟨mailto:bbaude@redhat.com⟩
170 podman-top(1)