rsnt_translations
56,430
edits
Apptainer: Difference between revisions
no edit summary
No edit summary |
No edit summary |
||
| Line 84: | Line 84: | ||
<!--T:140--> | <!--T:140--> | ||
|- | |- | ||
| <code>-C</code> || Isolates the running container from all | | <code>-C</code> || Isolates the running container from all filesystems as well as the parent PID, IPC, and environment. Using this option will require [[#Bind_Mounts|using bind mounts]] if access to filesystems outside of the container is needed. | ||
|- | |- | ||
| <code>-c</code> || Isolates the running container from most | | <code>-c</code> || Isolates the running container from most filesystems only using a minimal <code>/dev</code>, an empty <code>/tmp</code> directory, and an empty <code>/home</code> directory. Using this option will require [[#Bind_Mounts|using bind mounts]] if access to filesystems outside of the container is needed. | ||
|- | |- | ||
| <code>-e</code> || Cleans (some) shell environment variables before running container commands and applies settings for increased OCI/Docker compatibility. Using this option also implies the use of these options: <code>--containall</code>, <code>--no-init</code>, <code>--no-umask</code>, <code>--writable-tmpfs</code>. | | <code>-e</code> || Cleans (some) shell environment variables before running container commands and applies settings for increased OCI/Docker compatibility. Using this option also implies the use of these options: <code>--containall</code>, <code>--no-init</code>, <code>--no-umask</code>, <code>--writable-tmpfs</code>. | ||
| Line 92: | Line 92: | ||
<!--T:21--> | <!--T:21--> | ||
Another important option is the <code>-W</code> or <code>--workdir</code> option. On | Another important option is the <code>-W</code> or <code>--workdir</code> option. On our clusters and on most Linux systems, <code>/tmp</code> and similar filesystems use RAM, not disk space. Since jobs typically run on our clusters with limited RAM amounts, this can result in jobs getting killed because they consume too much RAM relative to what was requested for the job. A suitable workaround for this is to tell Apptainer to use a real disk location for its working directory (<code>workdir</code>). This is done by passing the <code>-W</code> option followed by a path to a disk location where Apptainer can read/write temporary files, etc. For example, to run a command called <code>myprogram</code> in an Apptainer container image called <code>myimage.sif</code> with its working directory set to <code>/path/to/a/workdir</code> in the filesystem, you would use | ||
<!--T:22--> | <!--T:22--> | ||
| Line 100: | Line 100: | ||
<!--T:23--> | <!--T:23--> | ||
where: | where: | ||
* | * <code>workdir</code> can be removed if there are no live containers using it. | ||
* When using Apptainer in an <code>salloc</code>, in an <code>sbatch</code> job, or when using [JupyterHub] on our clusters, use <code>${SLURM_TMPDIR}</code> for the | * When using Apptainer in an <code>salloc</code>, in an <code>sbatch</code> job, or when using [JupyterHub] on our clusters, use <code>${SLURM_TMPDIR}</code> for the <code>workdir</code> location, e.g., <code>-W ${SLURM_TMPDIR}</code>. | ||
** ASIDE: One should <b>not</b> be running programs (including Apptainer) on a login node. Use an interactive <code>salloc</code> job. | ** ASIDE: One should <b>not</b> be running programs (including Apptainer) on a login node. Use an interactive <code>salloc</code> job. | ||
* When using bind mounts, see the [[#Bind_Mounts|section on bind mounts]] below since not all | * When using bind mounts, see the [[#Bind_Mounts|section on bind mounts]] below since not all of our clusters are the same concerning the exact bind mounts needed to access <code>/home</code>, <code>/project</code>, and <code>/scratch</code>. | ||
==Using GPUs== <!--T:24--> | ==Using GPUs== <!--T:24--> | ||