diff --git a/cmd/podman/common/create.go b/cmd/podman/common/create.go
index 5c4d903c7e..3af1f1f15c 100644
--- a/cmd/podman/common/create.go
+++ b/cmd/podman/common/create.go
@@ -370,6 +370,14 @@ func DefineCreateFlags(cmd *cobra.Command, cf *entities.ContainerCreateOptions,
 			"quiet", "q", false,
 			"Suppress output information when pulling images",
 		)
+		rdtClassFlagName := "rdt-class"
+		createFlags.StringVar(
+			&cf.IntelRdtClosID,
+			rdtClassFlagName, cf.IntelRdtClosID,
+			"Class of Service (COS) that the container should be assigned to",
+		)
+		_ = cmd.RegisterFlagCompletionFunc(rdtClassFlagName, AutocompletePullOption)
+
 		createFlags.BoolVar(
 			&cf.ReadOnly,
 			"read-only", podmanConfig.ContainersConfDefaultsRO.Containers.ReadOnly,
diff --git a/docs/source/markdown/options/rdt-class.md b/docs/source/markdown/options/rdt-class.md
new file mode 100644
index 0000000000..8a58be528e
--- /dev/null
+++ b/docs/source/markdown/options/rdt-class.md
@@ -0,0 +1,7 @@
+####> This option file is used in:
+####>   podman create, run
+####> If file is edited, make sure the changes
+####> are applicable to all of those.
+#### **--rdt-class**=*intel-rdt-class-of-service*
+
+Rdt-class sets the class of service (CLOS or COS) for the container to run in. Based on the Cache Allocation Technology (CAT) feature that is part of Intel's Resource Director Technology (RDT) feature set, all container processes will run within the pre-configured COS, representing a part of the cache. The COS has to be created and configured using a pseudo file system (usually mounted at `/sys/fs/resctrl`) that the resctrl kernel driver provides. Assigning the container to a COS requires root privileges and thus doesn't work in a rootless environment. Currently, the feature is only supported using `runc` as a runtime. See <https://docs.kernel.org/arch/x86/resctrl.html> for more details on creating a COS before a container can be assigned to it.
diff --git a/docs/source/markdown/podman-create.1.md.in b/docs/source/markdown/podman-create.1.md.in
index 0576675c5a..0c0b325b85 100644
--- a/docs/source/markdown/podman-create.1.md.in
+++ b/docs/source/markdown/podman-create.1.md.in
@@ -304,6 +304,8 @@ by having one container bind to localhost in the pod, and another connect to tha
 
 Suppress output information when pulling images
 
+@@option rdt-class
+
 @@option read-only
 
 @@option read-only-tmpfs
diff --git a/docs/source/markdown/podman-run.1.md.in b/docs/source/markdown/podman-run.1.md.in
index 018d8fe045..76e5ea5351 100644
--- a/docs/source/markdown/podman-run.1.md.in
+++ b/docs/source/markdown/podman-run.1.md.in
@@ -330,6 +330,8 @@ by having one container bind to localhost in the pod, and another connect to tha
 
 Suppress output information when pulling images
 
+@@option rdt-class
+
 @@option read-only
 
 @@option read-only-tmpfs
diff --git a/libpod/container_inspect_linux.go b/libpod/container_inspect_linux.go
index 2dae35922f..53fb04034b 100644
--- a/libpod/container_inspect_linux.go
+++ b/libpod/container_inspect_linux.go
@@ -21,8 +21,14 @@ func (c *Container) platformInspectContainerHostConfig(ctrSpec *spec.Spec, hostC
 	// there are things that require a major:minor to path translation.
 	var deviceNodes map[string]string
 
-	// Resource limits
 	if ctrSpec.Linux != nil {
+		if ctrSpec.Linux.IntelRdt != nil {
+			if ctrSpec.Linux.IntelRdt.ClosID != "" {
+				// container is assigned to a ClosID
+				hostConfig.IntelRdtClosID = ctrSpec.Linux.IntelRdt.ClosID
+			}
+		}
+		// Resource limits
 		if ctrSpec.Linux.Resources != nil {
 			if ctrSpec.Linux.Resources.CPU != nil {
 				if ctrSpec.Linux.Resources.CPU.Shares != nil {
diff --git a/libpod/define/container_inspect.go b/libpod/define/container_inspect.go
index de4f700fa4..879dd13959 100644
--- a/libpod/define/container_inspect.go
+++ b/libpod/define/container_inspect.go
@@ -567,6 +567,9 @@ type InspectContainerHostConfig struct {
 	IOMaximumBandwidth uint64 `json:"IOMaximumBandwidth"`
 	// CgroupConf is the configuration for cgroup v2.
 	CgroupConf map[string]string `json:"CgroupConf"`
+	// IntelRdtClosID defines the Intel RDT CAT Class Of Service (COS) that
+	// all processes of the container should run in.
+	IntelRdtClosID string `json:"IntelRdtClosID,omitempty"`
 }
 
 // Address represents an IP address.
diff --git a/pkg/domain/entities/pods.go b/pkg/domain/entities/pods.go
index 5c882a5ed3..c6bdc0f553 100644
--- a/pkg/domain/entities/pods.go
+++ b/pkg/domain/entities/pods.go
@@ -224,6 +224,7 @@ type ContainerCreateOptions struct {
 	Init               bool
 	InitContainerType  string
 	InitPath           string
+	IntelRdtClosID     string
 	Interactive        bool
 	IPC                string
 	Label              []string
diff --git a/pkg/specgen/generate/oci_linux.go b/pkg/specgen/generate/oci_linux.go
index 6dc1dc28bb..fa8cd4c24d 100644
--- a/pkg/specgen/generate/oci_linux.go
+++ b/pkg/specgen/generate/oci_linux.go
@@ -216,6 +216,12 @@ func SpecGenToOCI(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Runt
 		g.AddAnnotation(key, val)
 	}
 
+	if s.IntelRdt != nil {
+		if s.IntelRdt.ClosID != "" {
+			g.SetLinuxIntelRdtClosID(s.IntelRdt.ClosID)
+		}
+	}
+
 	if s.ResourceLimits != nil {
 		out, err := json.Marshal(s.ResourceLimits)
 		if err != nil {
diff --git a/pkg/specgen/specgen.go b/pkg/specgen/specgen.go
index eca9a9bcc3..9568ddc048 100644
--- a/pkg/specgen/specgen.go
+++ b/pkg/specgen/specgen.go
@@ -514,6 +514,10 @@ type ContainerNetworkConfig struct {
 
 // ContainerResourceConfig contains information on container resource limits.
 type ContainerResourceConfig struct {
+	// IntelRdt defines the Intel RDT CAT Class of Service (COS) that all processes
+	// of the container should run in.
+	// Optional.
+	IntelRdt *spec.LinuxIntelRdt `json:"intelRdt,omitempty"`
 	// ResourceLimits are resource limits to apply to the container.,
 	// Can only be set as root on cgroups v1 systems, but can be set as
 	// rootless as well for cgroups v2.
diff --git a/pkg/specgenutil/specgen.go b/pkg/specgenutil/specgen.go
index 3f6475a7e4..c15c560314 100644
--- a/pkg/specgenutil/specgen.go
+++ b/pkg/specgenutil/specgen.go
@@ -491,6 +491,12 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *entities.ContainerCreateOptions
 		s.Labels = labels
 	}
 
+	// Intel RDT CAT
+	if c.IntelRdtClosID != "" {
+		s.IntelRdt = &specs.LinuxIntelRdt{}
+		s.IntelRdt.ClosID = c.IntelRdtClosID
+	}
+
 	// ANNOTATIONS
 	annotations := make(map[string]string)
 
diff --git a/test/e2e/create_test.go b/test/e2e/create_test.go
index cfd9d6e7ef..2ec49b2794 100644
--- a/test/e2e/create_test.go
+++ b/test/e2e/create_test.go
@@ -75,6 +75,18 @@ var _ = Describe("Podman create", func() {
 		Expect(session).Should(Exit(125))
 	})
 
+	It("podman create adds rdt-class", func() {
+		session := podmanTest.Podman([]string{"create", "--rdt-class", "COS1", "--name", "rdt_test", ALPINE, "ls"})
+		session.WaitWithDefaultTimeout()
+		Expect(session).Should(ExitCleanly())
+		Expect(podmanTest.NumberOfContainers()).To(Equal(1))
+
+		check := podmanTest.Podman([]string{"inspect", "rdt_test"})
+		check.WaitWithDefaultTimeout()
+		data := check.InspectContainerToJSON()
+		Expect(data[0].HostConfig.IntelRdtClosID).To(Equal("COS1"))
+	})
+
 	It("podman create adds annotation", func() {
 		session := podmanTest.Podman([]string{"create", "--annotation", "HELLO=WORLD", "--name", "annotate_test", ALPINE, "ls"})
 		session.WaitWithDefaultTimeout()