Ask.Cyberinfrastructure

Why is Docker not widely used in multi-user cluster environments?

containers
docker
#1

I asked our System Administrator to install Docker so I could run some containers I downloaded from the web. However, I was told that it is not secure to install Docker on our cluster. What is the problem with it and is there any alternative?

CURATOR: Katia

0 Likes

#2

Docker containers need root privileges for full functionality which is not suitable for a shared HPC environment.
Singularity is a container solution for HPC and it allows working with containers as a regular user. Docker containers may be imported to run via Singularity. Visit https://singularity.lbl.gov/docs-docker to create a singularity image from the docker container. You should talk to your system admin to install singularity on compute nodes.

0 Likes

#3

A slight elaboration on Raminder’s answer: while a Docker container requires root access to create and deploy, Singularity needs root privileges for installation but containers can be created without root access. A Singularity user is at the same level inside and outside of a Singularity container.

0 Likes

#4

In addition to ave responses, Singularity also runs within the same PID thread, meaning, containers will run as the user, within the confines of the resource manager’s purview, and compatible with MPI and GPUs.

0 Likes