Question 1

udocker vs Docker: which is better for HPC clusters?

Accepted Answer

udocker excels in HPC clusters where Docker is restricted, as it runs rootlessly in user space, but it lacks Docker's full isolation and security, so it's not ideal for multi-tenant or production use. Docker is better for environments where admin access and robust container management are available.

Question 2

How to install udocker without sudo on a shared server?

Accepted Answer

Download the Python script or use pip install udocker, then run it from your home directory. The tools and libraries are automatically deployed under $HOME/.udocker with no privileges needed, as per the installation instructions.

Question 3

Can udocker run TensorFlow containers with GPU support?

Accepted Answer

Yes, use the --nvidia flag with udocker setup to enable GPU passthrough, provided the host has NVIDIA drivers. This allows GPGPU applications to run, but performance may vary compared to native Docker.

Question 4

What are the security risks of using udocker?

Accepted Answer

udocker offers minimal isolation, so containers run with the user's privileges and can access host filesystems. It should not be used for untrusted containers, as noted in the security warnings, to avoid compromising the user environment.

Question 5

How to mount a host directory in udocker?

Accepted Answer

Use the -v flag similar to Docker, e.g., udocker run -v /host/path:/container/path. However, depending on the execution engine, mounting may have restrictions or behave differently, so check the documentation for mode-specific details.

Question 6

Does udocker work on ARM64 systems?

Accepted Answer

Yes, you can pull ARM64 containers by specifying --platform=linux/arm64, but ensure the execution engine supports it on your host architecture. Compatibility may vary with older Linux distributions.

Question 7

Why can't I debug with strace in udocker?

Accepted Answer

With the PRoot engine, strace and similar debugging tools won't work because they conflict with PRoot's tracing mechanism. You may need to switch to another execution mode like runc or avoid debugging tools that rely on system call tracing.

udocker

What is udocker?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions