Enable Control Group v2 for podman to display container’s resource usage statistics.
Display Linux distribution.
$ lsb_release -a
No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu Impish Indri (development branch) Release: 21.10 Codename: impish
Update package index.
$ sudo apt update
Install podman.
$ sudo apt install podman
Display basic podman information. Notice that the cgroupVersion is set to v1.
$ podman info
host:
arch: amd64
buildahVersion: 1.21.0
cgroupControllers: []
cgroupManager: cgroupfs
cgroupVersion: v1
conmon:
package: 'conmon: /usr/bin/conmon'
path: /usr/bin/conmon
version: 'conmon version 2.0.25, commit: unknown'
cpus: 2
distribution:
distribution: ubuntu
version: "21.10"
eventLogger: journald
hostname: ubuntu-impish
idMappings:
gidmap:
- container_id: 0
host_id: 1000
size: 1
- container_id: 1
host_id: 100000
size: 65536
uidmap:
- container_id: 0
host_id: 1000
size: 1
- container_id: 1
host_id: 100000
size: 65536
kernel: 5.13.0-14-generic
linkmode: dynamic
memFree: 360980480
memTotal: 1018318848
ociRuntime:
name: runc
package: 'runc: /usr/sbin/runc'
path: /usr/sbin/runc
version: |-
runc version 1.0.1-0ubuntu2
spec: 1.0.2-dev
go: go1.16.5
libseccomp: 2.5.1
os: linux
remoteSocket:
path: /run/user/1000/podman/podman.sock
security:
apparmorEnabled: false
capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCA
P,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
rootless: true
seccompEnabled: true
seccompProfilePath: /usr/share/containers/seccomp.json
selinuxEnabled: false
serviceIsRemote: false
slirp4netns:
executable: /usr/bin/slirp4netns
package: 'slirp4netns: /usr/bin/slirp4netns'
version: |-
slirp4netns version 1.0.1
commit: 6a7b16babc95b6a3056b33fb45b74a6f62262dd4
libslirp: 4.4.0
swapFree: 0
swapTotal: 0
uptime: 37m 36.58s
registries: {}
store:
configFile: /home/vagrant/.config/containers/storage.conf
containerStore:
number: 0
paused: 0
running: 0
stopped: 0
graphDriverName: overlay
graphOptions: {}
graphRoot: /home/vagrant/.local/share/containers/storage
graphStatus:
Backing Filesystem: extfs
Native Overlay Diff: "false"
Supports d_type: "true"
Using metacopy: "false"
imageStore:
number: 0
runRoot: /run/user/1000/containers
volumePath: /home/vagrant/.local/share/containers/storage/volumes
version:
APIVersion: 3.2.1
Built: 0
BuiltTime: Thu Jan 1 00:00:00 1970
GitCommit: ""
GoVersion: go1.16.2
OsArch: linux/amd64
Version: 3.2.1
Pull an image.
$ podman pull docker.io/library/mariadb
Trying to pull docker.io/library/mariadb:latest... Getting image source signatures Copying blob e8aad5ad91b4 done Copying blob c9acfbaed0bf done Copying blob c0eb3de6044a done Copying blob 7275e59ecb3d done Copying blob bc1fe3865c9c done Copying blob 35807b77a593 done Copying blob 91c9aaf2ea87 done Copying blob 63117ccbd0ec done Copying blob 2118d7479e34 done Copying blob 6bd89e50398a done Copying config 6b01262bc7 done Writing manifest to image destination Storing signatures 6b01262bc78060dbf916a65219ccfeeac74a6b9c44340044cb709c0d3b148440
Run an image in the background.
$ podman run --detach --name mariadb -e MARIADB_RANDOM_ROOT_PASSWORD=true mariadb
3ed597e915d300794d56e71d91c5f743aadb86ca21c3e1c63c24e92bd2d11bc5
Inspect container stats.
$ podman stats mariadb
Error: stats is not supported in rootless mode without cgroups v2
This error was expected as podman clearly stated that it is using cgroupVersion v1.
This can be also determined by missing cgroup.controllers file or crgoup filesystem.
$ cat /sys/fs/cgroup/cgroup.controllers
cat: /sys/fs/cgroup/cgroup.controllers: No such file or directory
$ stat -c %T -f /sys/fs/cgroup
tmpfs
To enable Control Group v2 alter boot options to append systemd.unified_cgroup_hierarchy=1 parameter.
$ cat /etc/default/grub | grep GRUB_CMDLINE_LINUX=
GRUB_CMDLINE_LINUX=""
$ sudo sed -i -e 's/^GRUB_CMDLINE_LINUX=""/GRUB_CMDLINE_LINUX="systemd.unified_cgroup_hierarchy=1"/' /etc/default/grub
$ sudo update-grub
Sourcing file `/etc/default/grub' Sourcing file `/etc/default/grub.d/50-cloudimg-settings.cfg' Sourcing file `/etc/default/grub.d/init-select.cfg' Generating grub configuration file ... Found linux image: /boot/vmlinuz-5.13.0-14-generic Found initrd image: /boot/initrd.img-5.13.0-14-generic done
Reboot the operating system.
$ sudo reboot
Inspect cgroup filesystem.
$ stat -c %T -f /sys/fs/cgroup
cgroup2fs
Inspect cgroup.controllers file.
$ cat /sys/fs/cgroup/cgroup.controllers
cpuset cpu io memory hugetlb pids rdma misc
Inspect podman information.
$ podman info
host:
arch: amd64
buildahVersion: 1.21.0
cgroupControllers: []
cgroupManager: systemd
cgroupVersion: v2
conmon:
package: 'conmon: /usr/bin/conmon'
path: /usr/bin/conmon
version: 'conmon version 2.0.25, commit: unknown'
cpus: 2
distribution:
distribution: ubuntu
version: "21.10"
eventLogger: journald
hostname: ubuntu-impish
idMappings:
gidmap:
- container_id: 0
host_id: 1000
size: 1
- container_id: 1
host_id: 100000
size: 65536
uidmap:
- container_id: 0
host_id: 1000
size: 1
- container_id: 1
host_id: 100000
size: 65536
kernel: 5.13.0-14-generic
linkmode: dynamic
memFree: 380932096
memTotal: 1018318848
ociRuntime:
name: runc
package: 'runc: /usr/sbin/runc'
path: /usr/sbin/runc
version: |-
runc version 1.0.1-0ubuntu2
spec: 1.0.2-dev
go: go1.16.5
libseccomp: 2.5.1
os: linux
remoteSocket:
exists: true
path: /run/user/1000/podman/podman.sock
security:
apparmorEnabled: false
capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCA
P,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
rootless: true
seccompEnabled: true
seccompProfilePath: /usr/share/containers/seccomp.json
selinuxEnabled: false
serviceIsRemote: false
slirp4netns:
executable: /usr/bin/slirp4netns
package: 'slirp4netns: /usr/bin/slirp4netns'
version: |-
slirp4netns version 1.0.1
commit: 6a7b16babc95b6a3056b33fb45b74a6f62262dd4
libslirp: 4.4.0
swapFree: 0
swapTotal: 0
uptime: 32m 10.7s
registries: {}
store:
configFile: /home/vagrant/.config/containers/storage.conf
containerStore:
number: 1
paused: 0
running: 1
stopped: 0
graphDriverName: overlay
graphOptions: {}
graphRoot: /home/vagrant/.local/share/containers/storage
graphStatus:
Backing Filesystem: extfs
Native Overlay Diff: "false"
Supports d_type: "true"
Using metacopy: "false"
imageStore:
number: 2
runRoot: /run/user/1000/containers
volumePath: /home/vagrant/.local/share/containers/storage/volumes
version:
APIVersion: 3.2.1
Built: 0
BuiltTime: Thu Jan 1 00:00:00 1970
GitCommit: ""
GoVersion: go1.16.2
OsArch: linux/amd64
Version: 3.2.1
Now, you can simply display container statistics …
$ podman stats --no-stream mariadb
ID NAME CPU % MEM USAGE / LIMIT MEM % NET IO BLOCK IO PIDS 3ed597e915d3 mariadb 2.74% 98.21MB / 1.018GB 9.64% -- / -- -- / -- 9
… or export these as JSON.
$ podman stats --no-stream --format=json mariadb
[
{
"id": "3ed597e915d3",
"name": "mariadb",
"cpu_percent": "4.70%",
"mem_usage": "98.17MB / 1.018GB",
"mem_percent": "9.64%",
"net_io": "-- / --",
"block_io": "-- / --",
"pids": "8"
}
]