NAME 名称

podman-container-clone - Create a copy of an existing container
podman-container-clone - 创建现有容器的副本

SYNOPSIS 概要

podman container clone [options] container name image
podman container clone [选项] 容器名称 镜像

DESCRIPTION 描述

podman container clone creates a copy of a container, recreating the original with an identical configuration. This command takes three arguments: the first being the container ID or name to clone, the second argument in this command can change the name of the clone from the default of $ORIGINAL_NAME-clone, and the third is a new image to use in the cloned container.
podman container clone 创建容器的副本,重新创建具有相同配置的原始容器。此命令需要三个参数:第一个是要克隆的容器 ID 或名称,此命令中的第二个参数可以更改克隆的名称,从默认值 $ORIGINAL_NAME-clone,第三个参数是在克隆容器中使用的新镜像。

OPTIONS 选项

--blkio-weight=weight --blkio-weight=权重 ¶

Block IO relative weight. The weight is a value between 10 and 1000.
块 IO 相对权重。权重的取值范围为 10 到 1000。

This option is not supported on cgroups V1 rootless systems.
此选项不支持 cgroups V1 无根系统。

--blkio-weight-device=device:weight
--blkio-weight-device=设备:权重 ¶

Block IO relative device weight.
块 IO 相对设备权重。

--cpu-period=limit

Set the CPU period for the Completely Fair Scheduler (CFS), which is a duration in microseconds. Once the container’s CPU quota is used up, it will not be scheduled to run until the current period ends. Defaults to 100000 microseconds.
设置完全公平调度器(CFS)的 CPU 周期,单位为微秒。一旦容器的 CPU 配额用完,它将不会被调度运行,直到当前周期结束。默认为 100000 微秒。

On some systems, changing the resource limits may not be allowed for non-root users. For more details, see https://github.com/containers/podman/blob/main/troubleshooting.md#26-running-containers-with-resource-limits-fails-with-a-permissions-error
在某些系统上,非 root 用户可能无法更改资源限制。有关更多详细信息,请参阅 https://github.com/containers/podman/blob/main/troubleshooting.md#26-running-containers-with-resource-limits-fails-with-a-permissions-error

This option is not supported on cgroups V1 rootless systems.
此选项不支持 cgroups V1 无根系统。

If none is specified, the original container’s cpu period is used
如果未指定,则使用原始容器的 CPU 周期。

--cpu-quota=limit

Limit the CPU Completely Fair Scheduler (CFS) quota.
限制 CPU 完全公平调度器(CFS)的配额。

Limit the container’s CPU usage. By default, containers run with the full CPU resource. The limit is a number in microseconds. If a number is provided, the container is allowed to use that much CPU time until the CPU period ends (controllable via --cpu-period).
限制容器的 CPU 使用率。默认情况下,容器以完整的 CPU 资源运行。限制是以微秒为单位的数字。如果提供了一个数字,容器可以使用那么多的 CPU 时间,直到 CPU 周期结束(可通过 --cpu-period 控制)。

On some systems, changing the resource limits may not be allowed for non-root users. For more details, see https://github.com/containers/podman/blob/main/troubleshooting.md#26-running-containers-with-resource-limits-fails-with-a-permissions-error
在某些系统上,非 root 用户可能无法更改资源限制。有关更多详细信息,请参阅 https://github.com/containers/podman/blob/main/troubleshooting.md#26-running-containers-with-resource-limits-fails-with-a-permissions-error

This option is not supported on cgroups V1 rootless systems.
此选项不支持 cgroups V1 无根系统。

If none is specified, the original container’s CPU quota are used.
如果未指定,则使用原始容器的 CPU 配额。

--cpu-rt-period=microseconds
--cpu-rt-period=微秒 ¶

Limit the CPU real-time period in microseconds.
限制 CPU 实时周期为微秒。

Limit the container’s Real Time CPU usage. This option tells the kernel to restrict the container’s Real Time CPU usage to the period specified.
限制容器的实时 CPU 使用率。此选项告诉内核将容器的实时 CPU 使用率限制在指定的周期内。

This option is only supported on cgroups V1 rootful systems.
该选项仅在 cgroups V1 根系统上受支持。

If none is specified, the original container’s CPU runtime period is used.
如果未指定,则使用原始容器的 CPU 运行时周期。

--cpu-rt-runtime=microseconds
--cpu-rt-runtime=微秒 ¶

Limit the CPU real-time runtime in microseconds.
以微秒为单位限制 CPU 的实时运行时间。

Limit the containers Real Time CPU usage. This option tells the kernel to limit the amount of time in a given CPU period Real Time tasks may consume. Ex: Period of 1,000,000us and Runtime of 950,000us means that this container can consume 95% of available CPU and leave the remaining 5% to normal priority tasks.
限制容器的实时 CPU 使用率。此选项告诉内核限制在给定 CPU 周期内实时任务可以消耗的时间量。例如:周期为 1,000,000 微秒,运行时间为 950,000 微秒意味着此容器可以消耗可用 CPU 的 95%,并将剩余的 5% 留给正常优先级任务。

The sum of all runtimes across containers cannot exceed the amount allotted to the parent cgroup.
所有容器中的运行时间总和不能超过分配给父 cgroup 的数量。

This option is only supported on cgroups V1 rootful systems.
此选项仅在 cgroups V1 rootful 系统上受支持。

--cpu-shares, -c=shares
--cpu-shares, -c=份额 ¶

CPU shares (relative weight).
CPU 份额(相对权重)。

By default, all containers get the same proportion of CPU cycles. This proportion can be modified by changing the container’s CPU share weighting relative to the combined weight of all the running containers. Default weight is 1024.
默认情况下,所有容器获得相同比例的 CPU 周期。可以通过修改容器的 CPU 份额权重相对于所有运行容器的组合权重来修改此比例。默认权重为 1024。

The proportion only applies when CPU-intensive processes are running. When tasks in one container are idle, other containers can use the left-over CPU time. The actual amount of CPU time varies depending on the number of containers running on the system.
仅当运行 CPU 密集型进程时,比例才适用。当一个容器中的任务处于空闲状态时,其他容器可以使用剩余的 CPU 时间。实际的 CPU 时间量取决于系统上运行的容器数量。

For example, consider three containers, one has a cpu-share of 1024 and two others have a cpu-share setting of 512. When processes in all three containers attempt to use 100% of CPU, the first container receives 50% of the total CPU time. If a fourth container is added with a cpu-share of 1024, the first container only gets 33% of the CPU. The remaining containers receive 16.5%, 16.5% and 33% of the CPU.
例如,考虑三个容器,一个的 cpu-share 为 1024,另外两个的 cpu-share 设置为 512。当所有三个容器中的进程尝试使用 CPU 的 100% 时,第一个容器将获得总 CPU 时间的 50%。如果添加一个 cpu-share 为 1024 的第四个容器,则第一个容器只能获得 CPU 的 33%。其余容器分别获得 CPU 的 16.5%,16.5% 和 33%。

On a multi-core system, the shares of CPU time are distributed over all CPU cores. Even if a container is limited to less than 100% of CPU time, it can use 100% of each individual CPU core.
在多核系统上,CPU 时间的份额分布在所有 CPU 核心上。即使容器被限制在少于 100% 的 CPU 时间,它仍然可以使用每个单独的 CPU 核心的 100%。

For example, consider a system with more than three cores. If the container C0 is started with --cpu-shares=512 running one process, and another container C1 with --cpu-shares=1024 running two processes, this can result in the following division of CPU shares:
例如,考虑一个具有三个以上核心的系统。如果容器 C0 使用 --cpu-shares=512 启动并运行一个进程,另一个容器 C1 使用 --cpu-shares=1024 启动并运行两个进程,这可能导致 CPU 分配如下:

PID

container

CPU

CPU share CPU 分配

100

C0

0

100% of CPU0 CPU0 的 100%

101

C1

1

100% of CPU1 CPU1 的 100%

102

C1

2

100% of CPU2 CPU2 的 100%

On some systems, changing the resource limits may not be allowed for non-root users. For more details, see https://github.com/containers/podman/blob/main/troubleshooting.md#26-running-containers-with-resource-limits-fails-with-a-permissions-error
在某些系统上,非 root 用户可能无法更改资源限制。有关更多详细信息,请参阅 https://github.com/containers/podman/blob/main/troubleshooting.md#26-running-containers-with-resource-limits-fails-with-a-permissions-error

This option is not supported on cgroups V1 rootless systems.
此选项不支持 cgroups V1 无根系统。

If none are specified, the original container’s CPU shares are used.
如果未指定任何值,则使用原始容器的 CPU 份额。

--cpus

Set a number of CPUs for the container that overrides the original containers CPU limits. If none are specified, the original container’s Nano CPUs are used.
设置容器的 CPU 数量,覆盖原始容器的 CPU 限制。如果未指定,则使用原始容器的 Nano CPUs。

This is shorthand for --cpu-period and --cpu-quota, so only --cpus or either both the --cpu-period and --cpu-quota options can be set.
这是 --cpu-period 和 --cpu-quota 的简写,因此只能设置 --cpus 或者同时设置 --cpu-period 和 --cpu-quota 选项中的一个。

This option is not supported on cgroups V1 rootless systems.
此选项不支持 cgroups V1 无根系统。

--cpuset-cpus=number

CPUs in which to allow execution. Can be specified as a comma-separated list (e.g. 0,1), as a range (e.g. 0-3), or any combination thereof (e.g. 0-3,7,11-15).
允许执行的 CPU。可以指定为逗号分隔的列表(例如 0,1),作为范围(例如 0-3),或两者的任意组合(例如 0-3,7,11-15)。

On some systems, changing the resource limits may not be allowed for non-root users. For more details, see https://github.com/containers/podman/blob/main/troubleshooting.md#26-running-containers-with-resource-limits-fails-with-a-permissions-error
在某些系统上,非 root 用户可能无法更改资源限制。有关更多详细信息,请参阅 https://github.com/containers/podman/blob/main/troubleshooting.md#26-running-containers-with-resource-limits-fails-with-a-permissions-error

This option is not supported on cgroups V1 rootless systems.
此选项不支持 cgroups V1 无根系统。

If none are specified, the original container’s CPUset is used.
如果未指定,则使用原始容器的 CPUset。

--cpuset-mems=nodes

Memory nodes (MEMs) in which to allow execution (0-3, 0,1). Only effective on NUMA systems.
允许执行的内存节点(MEMs)(0-3, 0,1)。仅在 NUMA 系统上有效。

If there are four memory nodes on the system (0-3), use --cpuset-mems=0,1 then processes in the container only uses memory from the first two memory nodes.
如果系统上有四个内存节点(0-3),则使用--cpuset-mems=0,1,然后容器中的进程仅使用来自前两个内存节点的内存。

On some systems, changing the resource limits may not be allowed for non-root users. For more details, see https://github.com/containers/podman/blob/main/troubleshooting.md#26-running-containers-with-resource-limits-fails-with-a-permissions-error
在某些系统上,非 root 用户可能无法更改资源限制。有关更多详细信息,请参阅 https://github.com/containers/podman/blob/main/troubleshooting.md#26-running-containers-with-resource-limits-fails-with-a-permissions-error

This option is not supported on cgroups V1 rootless systems.
此选项不支持 cgroups V1 无根系统。

If none are specified, the original container’s CPU memory nodes are used.
如果未指定任何节点,则使用原始容器的 CPU 内存节点。

--destroy

Remove the original container that we are cloning once used to mimic the configuration.
一旦用于模拟配置,删除我们正在克隆的原始容器。

--device-read-bps=path:rate

Limit read rate (in bytes per second) from a device (e.g. --device-read-bps=/dev/sda:1mb).
限制从设备读取速率(以每秒字节数为单位)(例如 --device-read-bps=/dev/sda:1mb)。

On some systems, changing the resource limits may not be allowed for non-root users. For more details, see https://github.com/containers/podman/blob/main/troubleshooting.md#26-running-containers-with-resource-limits-fails-with-a-permissions-error
在某些系统上,非 root 用户可能无法更改资源限制。有关更多详细信息,请参阅 https://github.com/containers/podman/blob/main/troubleshooting.md#26-running-containers-with-resource-limits-fails-with-a-permissions-error

This option is not supported on cgroups V1 rootless systems.
此选项不支持 cgroups V1 无根系统。

--device-write-bps=path:rate

Limit write rate (in bytes per second) to a device (e.g. --device-write-bps=/dev/sda:1mb).
限制设备的写入速率(以每秒字节为单位)(例如 --device-write-bps=/dev/sda:1mb)。

On some systems, changing the resource limits may not be allowed for non-root users. For more details, see https://github.com/containers/podman/blob/main/troubleshooting.md#26-running-containers-with-resource-limits-fails-with-a-permissions-error
在某些系统上,非 root 用户可能无法更改资源限制。有关更多详细信息,请参阅 https://github.com/containers/podman/blob/main/troubleshooting.md#26-running-containers-with-resource-limits-fails-with-a-permissions-error

This option is not supported on cgroups V1 rootless systems.
此选项不支持 cgroups V1 无根系统。

--force, -f

Force removal of the original container that we are cloning. Can only be used in conjunction with --destroy.
强制删除我们正在克隆的原始容器。只能与 --destroy 一起使用。

--memory, -m=number[unit]
--memory, -m=数字[单位] ¶

Memory limit. A unit can be b (bytes), k (kibibytes), m (mebibytes), or g (gibibytes).
内存限制。单位可以是 b(字节)、k(基比字节)、m(兆比字节)或 g(吉比字节)。

Allows the memory available to a container to be constrained. If the host supports swap memory, then the -m memory setting can be larger than physical RAM. If a limit of 0 is specified (not using -m), the container’s memory is not limited. The actual limit may be rounded up to a multiple of the operating system’s page size (the value is very large, that’s millions of trillions).
允许限制容器可用的内存。如果主机支持交换内存,那么 -m 内存设置可以大于物理 RAM。如果指定了 0 的限制(不使用 -m),则容器的内存不受限制。实际限制可能会舍入到操作系统页面大小的倍数(该值非常大,是百万亿的数量级)。

This option is not supported on cgroups V1 rootless systems.
此选项不支持 cgroups V1 无根系统。

If no memory limits are specified, the original container’s memory limits are used.
如果未指定内存限制,则使用原始容器的内存限制。

--memory-reservation=number[unit]

Memory soft limit. A unit can be b (bytes), k (kibibytes), m (mebibytes), or g (gibibytes).
内存软限制。单位可以是 b(字节)、k(kibibytes)、m(mebibytes)或 g(gibibytes)。

After setting memory reservation, when the system detects memory contention or low memory, containers are forced to restrict their consumption to their reservation. So always set the value below --memory, otherwise the hard limit takes precedence. By default, memory reservation is the same as memory limit.
设置内存保留后,当系统检测到内存争用或低内存时,容器被强制限制其消耗到其保留值。因此,始终将值设置为低于--memory,否则硬限制优先。默认情况下,内存保留与内存限制相同。

This option is not supported on cgroups V1 rootless systems.
此选项不支持 cgroups V1 无根系统。

If unspecified, memory reservation is the same as memory limit from the container being cloned.
如果未指定,则内存保留与正在克隆的容器的内存限制相同。

--memory-swap=number[unit]

A limit value equal to memory plus swap. A unit can be b (bytes), k (kibibytes), m (mebibytes), or g (gibibytes).
一个等于内存加交换空间的限制值。单位可以是 b(字节)、k(kibibytes)、m(mebibytes)或 g(gibibytes)。

Must be used with the -m (--memory) flag. The argument value must be larger than that of -m (--memory) By default, it is set to double the value of --memory.
必须与 -m (--memory) 标志一起使用。参数值必须大于 -m (--memory) 的值。默认情况下,它设置为 --memory 值的两倍。

Set number to -1 to enable unlimited swap.
将数字设置为 -1 以启用无限交换。

This option is not supported on cgroups V1 rootless systems.
此选项不支持 cgroups V1 无根系统。

If unspecified, the container being cloned is used to derive the swap value.
如果未指定,则使用正在克隆的容器来推导交换值。

--memory-swappiness=number
--memory-swappiness=数字 ¶

Tune a container’s memory swappiness behavior. Accepts an integer between 0 and 100.
调整容器的内存交换行为。接受介于 0 和 100 之间的整数。

This flag is only supported on cgroups V1 rootful systems.
此标志仅在 cgroups V1 根系统上受支持。

--name --名称 ¶

Set a custom name for the cloned container. The default if not specified is of the syntax: <ORIGINAL_NAME>-clone
为克隆容器设置自定义名称。如果未指定,默认为以下语法:<ORIGINAL_NAME>-clone

--pod=name --pod=名称 ¶

Clone the container in an existing pod. It is helpful to move a container to an existing pod. The container joins the pod shared namespaces, losing its configuration that conflicts with the shared namespaces.
在现有的 Pod 中克隆容器。将容器移动到现有的 Pod 中是很有帮助的。容器加入 Pod 共享的命名空间,失去与共享命名空间冲突的配置。

--run

When set to true, this flag runs the newly created container after the clone process has completed, this specifies a detached running mode.
当设置为 true 时,此标志在克隆过程完成后运行新创建的容器,这指定了一个分离的运行模式。

EXAMPLES 示例

Clone specified container into a new container:
将指定容器克隆到一个新容器中:

# podman container clone d0cf1f782e2ed67e8c0050ff92df865a039186237a4df24d7acba5b1fa8cc6e7
6b2c73ff8a1982828c9ae2092954bcd59836a131960f7e05221af9df5939c584

Clone specified container into a newly named container:
将指定容器克隆到一个新命名的容器中:

# podman container clone --name=clone d0cf1f782e2ed67e8c0050ff92df865a039186237a4df24d7acba5b1fa8cc6e7
6b2c73ff8a1982828c9ae2092954bcd59836a131960f7e05221af9df5939c584

Replace specified container with selected resource constraints into a new container, removing original container:
将指定容器替换为具有选定资源约束的新容器,同时移除原始容器:

# podman container clone --destroy --cpus=5 d0cf1f782e2ed67e8c0050ff92df865a039186237a4df24d7acba5b1fa8cc6e7
6b2c73ff8a1982828c9ae2092954bcd59836a131960f7e05221af9df5939c584

Clone specified container giving a new name and then replacing the image of the original container with the specified image name:
克隆指定容器,给予新名称,然后用指定的镜像名称替换原始容器的镜像:

# podman container clone 2d4d4fca7219b4437e0d74fcdc272c4f031426a6eacd207372691207079551de new_name fedora
Resolved "fedora" as an alias (/etc/containers/registries.conf.d/shortnames.conf)
Trying to pull registry.fedoraproject.org/fedora:latest...
Getting image source signatures
Copying blob c6183d119aa8 done
Copying config e417cd49a8 done
Writing manifest to image destination
Storing signatures
5a9b7851013d326aa4ac4565726765901b3ecc01fcbc0f237bc7fd95588a24f9

SEE ALSO 参见 ¶

podman-create(1), cgroups(7)
podman-create(1),cgroups(7)

HISTORY 历史 ¶

January 2022, Originally written by Charlie Doern cdoern@redhat.com
2022 年 1 月,原作者 Charlie Doern cdoern@redhat.com 编写