←back to thread

Apptainer: Application Containers for Linux

(apptainer.org)
106 points cl3misch | 4 comments | 26 Jun 25 09:45 UTC | HN request time: 0.813s | source
Show context
IshKebab ◴[26 Jun 25 10:42 UTC] No.44386057[source]
We tried to use this on our compute cluster for silicon design/verification. We gave up in the end and just went with the traditional TCL (now Lua) modules.

The problems are:

1. You can't have apptainers that use each other. The most common case was things like Make, GCC, Git etc. If Make is in a different apptainer to GCC then it won't work because as soon as you go into Make then it can't see GCC any more.

2. It doesn't work if any of your output artefacts depend on things inside the container. For example you use your GCC apptainer to compile a program. It appears to work, but when you run it you find it actually linked to something in the apptainer that isn't visible any more. This is also a problem for C headers.

3. We had constant issues with PATH getting messed up so you can't see things outside the apptainer that should have been available.

All in all it was a nice idea but ended up causing way more hassle than it was worth. It was much easier just to use an old OS (RHEL8) and get everything to work directly on that.

replies(5): >>44386967 #>>44387745 #>>44387848 #>>44389356 #>>44391642 #
1. 0xbadcafebee ◴[26 Jun 25 14:25 UTC] No.44387745[source]
You don't mix and match pieces of containers, just like you wouldn't mix and match binaries from different distributions of Linux.

You can use a container as a single environment in which to do development, and that works fine. But they are by definition an isolated environment with different dependencies than other containers. The result of compiling something in a container necessarily needs to end up in its own container.

...that said, you could use the exact same container base image, and make many different container images from it, and those files would be compatible (assuming you shipped all needed dependencies).

replies(1): >>44388799 #
2. IshKebab ◴[26 Jun 25 16:14 UTC] No.44388799[source]
> you wouldn't mix and match binaries from different distributions of Linux.

You can absolutely mix and match lots of different binaries from different sources on one Linux system. That's exactly what we're doing now with TCL modules.

> and make many different container images from it

Well yes, that's the problem. You end up either putting everything in one container (in which case why bother with a container?), or with a combinatorial explosion of every piece and version of software you might use.

TCL modules are better. They don't let you cheat like containers do, but in return you get a better system.

replies(1): >>44389837 #
3. 0xbadcafebee ◴[26 Jun 25 18:13 UTC] No.44389837[source]
> You can absolutely mix and match lots of different binaries from different sources on one Linux system. That's exactly what we're doing now with TCL modules.

Doing this across different Linux distributions is inherently prone to failure. I don't know about your TCL modules specifically, but unless you have an identical and completely reproducible software toolchain across multiple linux distributions, it's going to end with problems.

Honestly, it sounds like you just don't understand these systems and how they work. TCL modules aren't better than containers, this is like comparing apples and organgutans.

replies(1): >>44394212 #
4. IshKebab ◴[27 Jun 25 06:32 UTC] No.44394212{3}[source]
> Doing this across different Linux distributions is inherently prone to failure.

Sure if you just take binaries from one distro that link with libraries on that distro and try and run it on a different one... But that's not what we're doing. All of our TCL modules are either portable binaries (e.g. commercial software) or compiled from source.

> Honestly, it sounds like you just don't understand these systems and how they work.

I do, but well done for being patronising.

> TCL modules aren't better than containers,

They are better for our use case.

> this is like comparing apples and organgutans.

If apples and orangutans were potential solutions to a single problem why couldn't you compare them?