-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
User Interface Question #1732
Comments
I'm having a lot of trouble with this - I can't get basic commands to do binds to work. Could you please help? It's stopping me from progressing with runc. |
Your issue isn't related to rootless containers or permissions (your setup looks okay at first glance in that respect). You can run effectively all commands as an unprivileged user (assuming you have a The issue you're hitting is related to terminals. #1730 is working on adding some documentation about this incredibly common pitfall. The short version is "if you're using |
I'm not sure what you mean by "custom bind" or "with an exec", can you clarify what those mean? |
I'll have to read more carefully though the terminal documentation (my brain starts to shut down at this time) but I can quickly answer your second questions! I am coming at runc from the perspective of a docker or singularity user, for which a container looks like an executable, and a "run" command is simply executing some special script in the container. I'll do my best to put this into the way I (possibly wrongly) understand runc so far! So I'm starting with a project directory, and in it I've generated a
What I can do pretty easily is cd into the project folder, and then use runc run to "shell" inside:
This is great! Now what I've lost in dumping these layers is the custom logic for some entry point. It's ok, I could call the entry point script directly from here:
but oops, when I was running this command in other container places, there was an expectation about a particular directory (on my local machine) being bound as a volume to my container. So I would have wanted to run the container and do something like:
And I would want to be able to tell anyone using this container "just bind your data, wherever it is on your host, to this folder in the container and it will run as you want!" (This is the custom bind) But then there is this other custom configuration file that must be in the present working directory when the run starts, so I would want to set that too:
for Singularity this is To answer part II of the question, the exec is just doing all that, but without the interaction. Not ever "entering" the container. so instead it would look like this:
So generally of the form runc exec I apologize for mis-ordering of the above - but I hope this illustrates my example! Thank you so much for your help, I'm totally new to runc and hoping to pick it up! |
@vsoch have you tried editing the |
derp, nope haven't looked much at it... \facepalm let me do that now :) |
okay, so possibly some tiny progress. I thought it would be easier to move all the files I need in my context to be in the same root where I have the rootfs and config.json. I then added a bind to one of those folders (relative is ok?) it looks like this:
and I'm getting an error there is no such device:
I had seen this before and I just needed to create the /scif/data folder, but now I definitely have it. I am thinking - something to do with the type of bind, or permission, or using a relative path or enviroinment variable for the --root? Also I was trying some of the options like
|
@vsoch You need to make the mount look more like this (ENODEV is the error that
(Note the "type" and "options" fields. I know that that the "type" being "bind" doesn't make much sense from a Unix perspective -- but this is currently a long-standing bug in runc. You can also use As for |
oh that's so helpful! Woohoo #1, we have data!
And now I see the sections in the config for environment, entrypoint, and directory. Wow this is really powerful! I can control the entire container but also the runtime specifics just by way of different config files! If It's ok with you I'd like to leave this open for one more day while I test different interactive (and commands run from outside) the container. Thank you for the help so far!! |
No problem. If you like a more in-depth explanation of precisely what knobs are available in |
Update! I was able to get every command working for runc --> https://github.com/sci-f/snakemake.scif/blob/container-friends/README.md#run-the-workflow and once the general workflow clicked it was really quite intuitive. This is awesome! Thank you again so much. Closing issue. |
heyo runc! I am getting the hang of using the client, and am at the step of creating a rootless container:
and then I shell inside, and this is good ;) My questions are
I think that should be enough to accomplish what I want - when I follow the same instruction provided for the (non rootless) containers, I can't seem to get it working, eg:
Is there a subset of commands that must be root? (e.g., creation and then can run without root?) or are the rootless containers limited in some way? Also, if there is a docs page that explains all this, please point me there - I went through the main repo readme and then couldn't find the answer so I came here. Thank you!
The text was updated successfully, but these errors were encountered: