Enabling rootless Linux Containers in multi-user environments: the udocker tool
This addresses the need for secure and flexible container execution in multi-user environments, such as scientific computing, by providing a rootless solution.
The paper tackles the problem of executing Linux containers in user mode without root privileges, presenting udocker, a tool that enables this capability. The result is a tool demonstrated through practical applications with scientific codes, including single-core, MPI parallel, and GPGPU executions.
Containers are increasingly used as means to distribute and run Linux services and applications. In this paper we describe the architectural design and implementation of udocker, a tool which enables the user to execute Linux containers in user mode. We also present a few practical applications, using a range of scientific codes characterized by different requirements: from single core execution to MPI parallel execution and execution on GPGPUs.