podman-container-clone(1)

1podman-container-clone(1)   General Commands Manual  podman-container-clone(1)
2
3
4

NAME

6       podman-container-clone - Create a copy of an existing container
7
8

SYNOPSIS

10       podman container clone [options] container name image
11
12

DESCRIPTION

14       podman  container  clone  creates a copy of a container, recreating the
15       original with an identical configuration. This command takes three  ar‐
16       guments:  the first being the container ID or name to clone, the second
17       argument in this command can change the name of the clone from the  de‐
18       fault  of  $ORIGINAL_NAME-clone, and the third is a new image to use in
19       the cloned container.
20
21

OPTIONS

23   --blkio-weight=weight
24       Block IO relative weight. The weight is a value between 10 and 1000.
25
26
27       This option is not supported on cgroups V1 rootless systems.
28
29
30   --blkio-weight-device=device:weight
31       Block IO relative device weight.
32
33
34   --cpu-period=limit
35       Set the CPU period for the Completely Fair Scheduler (CFS), which is  a
36       duration in microseconds. Once the container's CPU quota is used up, it
37       will not be scheduled to run until the current period ends. Defaults to
38       100000 microseconds.
39
40
41       On  some  systems,  changing the resource limits may not be allowed for
42       non-root  users.  For  more  details,  see  https://github.com/contain‐
43       ers/podman/blob/main/troubleshooting.md#26-running-containers-with-re‐
44       source-limits-fails-with-a-permissions-error
45
46
47       This option is not supported on cgroups V1 rootless systems.
48
49
50       If none is specified, the original container's cpu period is used
51
52
53   --cpu-quota=limit
54       Limit the CPU Completely Fair Scheduler (CFS) quota.
55
56
57       Limit the container's CPU usage. By default, containers  run  with  the
58       full  CPU  resource. The limit is a number in microseconds. If a number
59       is provided, the container is allowed to use that much CPU  time  until
60       the CPU period ends (controllable via --cpu-period).
61
62
63       On  some  systems,  changing the resource limits may not be allowed for
64       non-root  users.  For  more  details,  see  https://github.com/contain‐
65       ers/podman/blob/main/troubleshooting.md#26-running-containers-with-re‐
66       source-limits-fails-with-a-permissions-error
67
68
69       This option is not supported on cgroups V1 rootless systems.
70
71
72       If none is specified, the original container's CPU quota are used.
73
74
75   --cpu-rt-period=microseconds
76       Limit the CPU real-time period in microseconds.
77
78
79       Limit the container's Real Time CPU usage. This option tells the kernel
80       to  restrict  the  container's Real Time CPU usage to the period speci‐
81       fied.
82
83
84       This option is only supported on cgroups V1 rootful systems.
85
86
87       If none is specified, the original container's CPU  runtime  period  is
88       used.
89
90
91   --cpu-rt-runtime=microseconds
92       Limit the CPU real-time runtime in microseconds.
93
94
95       Limit  the containers Real Time CPU usage. This option tells the kernel
96       to limit the amount of time in a given CPU period Real Time  tasks  may
97       consume.  Ex: Period of 1,000,000us and Runtime of 950,000us means that
98       this container can consume 95% of available CPU and leave the remaining
99       5% to normal priority tasks.
100
101
102       The  sum of all runtimes across containers cannot exceed the amount al‐
103       lotted to the parent cgroup.
104
105
106       This option is only supported on cgroups V1 rootful systems.
107
108
109   --cpu-shares, -c=shares
110       CPU shares (relative weight).
111
112
113       By default, all containers get the same proportion of CPU cycles.  This
114       proportion  can  be  modified  by  changing  the  container's CPU share
115       weighting relative to the combined weight of all the  running  contain‐
116       ers.  Default weight is 1024.
117
118
119       The  proportion  only applies when CPU-intensive processes are running.
120       When tasks in one container are idle,  other  containers  can  use  the
121       left-over  CPU  time. The actual amount of CPU time varies depending on
122       the number of containers running on the system.
123
124
125       For example, consider three containers, one has a cpu-share of 1024 and
126       two others have a cpu-share setting of 512. When processes in all three
127       containers attempt to use 100% of CPU, the first container receives 50%
128       of  the total CPU time. If a fourth container is added with a cpu-share
129       of 1024, the first container only gets 33% of the  CPU.  The  remaining
130       containers receive 16.5%, 16.5% and 33% of the CPU.
131
132
133       On a multi-core system, the shares of CPU time are distributed over all
134       CPU cores. Even if a container is limited to  less  than  100%  of  CPU
135       time, it can use 100% of each individual CPU core.
136
137
138       For example, consider a system with more than three cores.  If the con‐
139       tainer C0 is started with --cpu-shares=512 running one process, and an‐
140       other  container  C1 with --cpu-shares=1024 running two processes, this
141       can result in the following division of CPU shares:
142
143
144       ┌────┬───────────┬─────┬──────────────┐
145       │PID │ container │ CPU │ CPU share    │
146       ├────┼───────────┼─────┼──────────────┤
147       │100 │ C0        │ 0   │ 100% of CPU0 │
148       ├────┼───────────┼─────┼──────────────┤
149       │101 │ C1        │ 1   │ 100% of CPU1 │
150       ├────┼───────────┼─────┼──────────────┤
151       │102 │ C1        │ 2   │ 100% of CPU2 │
152       └────┴───────────┴─────┴──────────────┘
153
154       On some systems, changing the resource limits may not  be  allowed  for
155       non-root  users.  For  more  details,  see  https://github.com/contain‐
156       ers/podman/blob/main/troubleshooting.md#26-running-containers-with-re‐
157       source-limits-fails-with-a-permissions-error
158
159
160       This option is not supported on cgroups V1 rootless systems.
161
162
163       If none are specified, the original container's CPU shares are used.
164
165
166   --cpus
167       Set a number of CPUs for the container that overrides the original con‐
168       tainers CPU limits. If none are  specified,  the  original  container's
169       Nano CPUs are used.
170
171
172       This  is  shorthand for --cpu-period and --cpu-quota, so only --cpus or
173       either both the --cpu-period and --cpu-quota options can be set.
174
175
176       This option is not supported on cgroups V1 rootless systems.
177
178
179   --cpuset-cpus=number
180       CPUs in which to allow execution. Can be specified as a comma-separated
181       list  (e.g.  0,1),  as  a  range (e.g. 0-3), or any combination thereof
182       (e.g. 0-3,7,11-15).
183
184
185       On some systems, changing the resource limits may not  be  allowed  for
186       non-root  users.  For  more  details,  see  https://github.com/contain‐
187       ers/podman/blob/main/troubleshooting.md#26-running-containers-with-re‐
188       source-limits-fails-with-a-permissions-error
189
190
191       This option is not supported on cgroups V1 rootless systems.
192
193
194       If none are specified, the original container's CPUset is used.
195
196
197   --cpuset-mems=nodes
198       Memory nodes (MEMs) in which to allow execution (0-3, 0,1). Only effec‐
199       tive on NUMA systems.
200
201
202       If there are four memory nodes  on  the  system  (0-3),  use  --cpuset-
203       mems=0,1  then  processes  in  the  container only uses memory from the
204       first two memory nodes.
205
206
207       On some systems, changing the resource limits may not  be  allowed  for
208       non-root  users.  For  more  details,  see  https://github.com/contain‐
209       ers/podman/blob/main/troubleshooting.md#26-running-containers-with-re‐
210       source-limits-fails-with-a-permissions-error
211
212
213       This option is not supported on cgroups V1 rootless systems.
214
215
216       If  none  are  specified, the original container's CPU memory nodes are
217       used.
218
219
220   --destroy
221       Remove the original container that we are cloning once  used  to  mimic
222       the configuration.
223
224
225   --device-read-bps=path:rate
226       Limit  read  rate  (in  bytes per second) from a device (e.g. --device-
227       read-bps=/dev/sda:1mb).
228
229
230       On some systems, changing the resource limits may not  be  allowed  for
231       non-root  users.  For  more  details,  see  https://github.com/contain‐
232       ers/podman/blob/main/troubleshooting.md#26-running-containers-with-re‐
233       source-limits-fails-with-a-permissions-error
234
235
236       This option is not supported on cgroups V1 rootless systems.
237
238
239   --device-write-bps=path:rate
240       Limit  write  rate  (in  bytes  per second) to a device (e.g. --device-
241       write-bps=/dev/sda:1mb).
242
243
244       On some systems, changing the resource limits may not  be  allowed  for
245       non-root  users.  For  more  details,  see  https://github.com/contain‐
246       ers/podman/blob/main/troubleshooting.md#26-running-containers-with-re‐
247       source-limits-fails-with-a-permissions-error
248
249
250       This option is not supported on cgroups V1 rootless systems.
251
252
253   --force, -f
254       Force  removal  of the original container that we are cloning. Can only
255       be used in conjunction with --destroy.
256
257
258   --memory, -m=number[unit]
259       Memory limit. A unit can be b (bytes), k (kibibytes), m (mebibytes), or
260       g (gibibytes).
261
262
263       Allows  the  memory  available to a container to be constrained. If the
264       host supports swap memory, then the -m memory  setting  can  be  larger
265       than  physical  RAM.  If  a limit of 0 is specified (not using -m), the
266       container's memory is not limited. The actual limit may be  rounded  up
267       to  a  multiple  of the operating system's page size (the value is very
268       large, that's millions of trillions).
269
270
271       This option is not supported on cgroups V1 rootless systems.
272
273
274       If no memory limits are specified, the original container's memory lim‐
275       its are used.
276
277
278   --memory-reservation=number[unit]
279       Memory  soft  limit.  A  unit  can  be  b  (bytes),  k  (kibibytes),  m
280       (mebibytes), or g (gibibytes).
281
282
283       After setting memory reservation, when the system detects  memory  con‐
284       tention or low memory, containers are forced to restrict their consump‐
285       tion to their reservation. So always set the value below --memory, oth‐
286       erwise  the hard limit takes precedence. By default, memory reservation
287       is the same as memory limit.
288
289
290       This option is not supported on cgroups V1 rootless systems.
291
292
293       If unspecified, memory reservation is the same as memory limit from the
294       container being cloned.
295
296
297   --memory-swap=number[unit]
298       A  limit  value  equal to memory plus swap.  A unit can be b (bytes), k
299       (kibibytes), m (mebibytes), or g (gibibytes).
300
301
302       Must be used with the -m (--memory) flag.  The argument value  must  be
303       larger than that of
304        -m (--memory) By default, it is set to double the value of --memory.
305
306
307       Set number to -1 to enable unlimited swap.
308
309
310       This option is not supported on cgroups V1 rootless systems.
311
312
313       If  unspecified,  the container being cloned is used to derive the swap
314       value.
315
316
317   --memory-swappiness=number
318       Tune a container's memory swappiness behavior. Accepts an  integer  be‐
319       tween 0 and 100.
320
321
322       This flag is only supported on cgroups V1 rootful systems.
323
324
325   --name
326       Set  a  custom name for the cloned container. The default if not speci‐
327       fied is of the syntax: <ORIGINAL_NAME>-clone
328
329
330   --pod=name
331       Clone the container in an existing pod.  It is helpful to move  a  con‐
332       tainer  to  an  existing pod.  The container joins the pod shared name‐
333       spaces, losing its configuration that conflicts with the  shared  name‐
334       spaces.
335
336
337   --run
338       When  set to true, this flag runs the newly created container after the
339       clone process has completed, this specifies a detached running mode.
340
341

EXAMPLES

343       # podman container clone d0cf1f782e2ed67e8c0050ff92df865a039186237a4df24d7acba5b1fa8cc6e7
344       6b2c73ff8a1982828c9ae2092954bcd59836a131960f7e05221af9df5939c584
345
346
347       # podman container clone --name=clone d0cf1f782e2ed67e8c0050ff92df865a039186237a4df24d7acba5b1fa8cc6e7
348       6b2c73ff8a1982828c9ae2092954bcd59836a131960f7e05221af9df5939c584
349
350
351       # podman container clone --destroy --cpus=5 d0cf1f782e2ed67e8c0050ff92df865a039186237a4df24d7acba5b1fa8cc6e7
352       6b2c73ff8a1982828c9ae2092954bcd59836a131960f7e05221af9df5939c584
353
354
355       # podman container clone 2d4d4fca7219b4437e0d74fcdc272c4f031426a6eacd207372691207079551de new_name fedora
356       Resolved "fedora" as an alias (/etc/containers/registries.conf.d/shortnames.conf)
357       Trying to pull registry.fedoraproject.org/fedora:latest...
358       Getting image source signatures
359       Copying blob c6183d119aa8 done
360       Copying config e417cd49a8 done
361       Writing manifest to image destination
362       Storing signatures
363       5a9b7851013d326aa4ac4565726765901b3ecc01fcbc0f237bc7fd95588a24f9
364
365
366

HISTORY

372       January 2022, Originally written  by  Charlie  Doern  cdoern@redhat.com
373       ⟨mailto:cdoern@redhat.com⟩
374
375
376
377                                                     podman-container-clone(1)

NAME

SYNOPSIS

DESCRIPTION

OPTIONS

EXAMPLES

SEE ALSO

HISTORY