BwUniCluster2.0/Containers

From bwHPC Wiki
< BwUniCluster2.0
Revision as of 15:26, 24 June 2021 by S Braun (talk | contribs) (Created page with " == Containers on HPC systems == To date, only few container runtime environments integrate well with HPC environments due to security concerns and differing assumptions in...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Containers on HPC systems

To date, only few container runtime environments integrate well with HPC environments due to security concerns and differing assumptions in some areas.

For example native Docker environments require elevated privileges, which is not an option on shared HPC resources. Docker's "rootless mode" is also currently not supported on our HPC systems because it does not support necessary features such as cgroups resource controls, security profiles, overlay networks, furthermore GPU passthrough is difficult. Necessary subuid (newuidmap) and subgid (newgidmap) settings may impose security issues.

On HoreKa Enroot and Singularity are supported.

Further rootless container runtime environments (Podman, …) might be supported in the future, depending on how support for e.g. network interconnects, security features and HPC file systems develops.

Retrieved from "https://wiki.bwhpc.de/wiki/index.php?title=BwUniCluster2.0/Containers&oldid=8888"