podman-top - Man Page
Display the running processes of a container
Synopsis
podman top [options] container [format-descriptors]
podman container top [options] container [format-descriptors]
Description
Display the running processes of the container. The format-descriptors are ps (1) compatible AIX format descriptors but extended to print additional information, such as the seccomp mode or the effective capabilities of a given process. The descriptors can either be passed as separated arguments or as a single comma-separated argument. Note that options and or flags of ps(1) can also be specified; in this case, Podman falls back to executing ps(1) from the host with the specified arguments and flags in the container namespace. If the container has the CAP_SYS_PTRACE capability then we will execute ps(1) in the container so it must be installed there. To extract host-related information, use the "h*" descriptors. For instance, podman top $name hpid huser to display the PID and user of the processes in the host context.
Options
--help, -h
Print usage statement
--latest, -l
Instead of providing the container name or ID, use the last created container. Note: the last started container can be from other users of Podman on the host machine. (This option is not available with the remote Podman client, including Mac and Windows (excluding WSL2) machines)
Format Descriptors
The following descriptors are supported in addition to the AIX format descriptors mentioned in ps (1):
args, capbnd, capeff, capinh, capprm, comm, etime, group, hgroup, hpid, huser, label, nice, pcpu, pgid, pid, ppid, rgroup, ruser, seccomp, state, time, tty, user, vsz
capbnd
Set of bounding capabilities. See capabilities (7) for more information.
capeff
Set of effective capabilities. See capabilities (7) for more information.
capinh
Set of inheritable capabilities. See capabilities (7) for more information.
capprm
Set of permitted capabilities. See capabilities (7) for more information.
hgroup
The corresponding effective group of a container process on the host.
hpid
The corresponding host PID of a container process.
huser
The corresponding effective user of a container process on the host.
label
Current security attributes of the process.
seccomp
Seccomp mode of the process (i.e., disabled, strict or filter). See seccomp (2) for more information.
state
Process state codes (e.g, R for running, S for sleeping). See proc(5) for more information.
stime
Process start time (e.g, "2019-12-09 10:50:36 +0100 CET).
Examples
By default, podman-top prints data similar to ps -ef.
$ podman top f5a62a71b07 USER PID PPID %CPU ELAPSED TTY TIME COMMAND root 1 0 0.000 20.386825206s pts/0 0s sh root 7 1 0.000 16.386882887s pts/0 0s sleep root 8 1 0.000 11.386886562s pts/0 0s vi
The output can be controlled by specifying format descriptors as arguments after the container.
$ podman top -l pid seccomp args %C PID SECCOMP COMMAND %CPU 1 filter sh 0.000 8 filter vi /etc/ 0.000
Podman falls back to executing ps(1) from the host in the container namespace if an unknown descriptor is specified.
$ podman top -l -- aux USER PID PPID %CPU ELAPSED TTY TIME COMMAND root 1 0 0.000 1h2m12.497061672s ? 0s sleep 100000
See Also
History
July 2018, Introduce format descriptors by Valentin Rothberg vrothberg@suse.com ⟨mailto:vrothberg@suse.com⟩
December 2017, Originally compiled by Brent Baude bbaude@redhat.com ⟨mailto:bbaude@redhat.com⟩
Referenced By
podman(1), podman-container(1), podman-pod-top(1), podman-remote(1).
The man page podman-container-top(1) is an alias of podman-top(1).