►
From YouTube: 13 - Shifter
Description
Part of the NERSC New User Training on September 28, 2022.
Please see https://www.nersc.gov/users/training/events/new-user-training-sept2022/ for the training day agenda and presentation slides.
A
All
right
so
I'm
going
to
talk
to
you
today
about
using
containers
at
nurse
today
that
mean
shifter
in
the
future.
That
will
mean
podman.
So
I'll
talk
to
you
a
little
bit
about
what
that
means.
A
My
objective
is
to
convince
you
that
containers
are
cool
and
if
you
haven't
tried
them,
I
encourage
you
to
do
so,
so
you
may
have
heard
about
containers,
maybe
on
Twitter
or
just
from
your
collaborators,
but
you
might
be
wondering
like
what
is
all
this
fuss
about
so
in
the
last
10
years
or
so,
the
use
of
containers
has
grown
enormously.
A
This
this
plot,
I'm,
showing
you
is,
is
some
Consulting
research
firms,
estimation
of
how
much
money
is
generated
by
containers.
I
know,
that's
not
like
a
great
proxy
for
how
many
are
in
use
or
how
useful
they
are.
But
here
you
go
the
data
start
in
2015
and
are
pretty
much
going
linearly.
So
somebody
out
there
thinks
containers
are
valuable
and
I
agree.
A
So
people
who
are
using
the
cloud
you
know
so
AWS
Azure,
find
containers
really
useful
for
standing
up
microservices
running
any
kind
of
pipeline
containers
are
super
good
for,
for
that
kind
of
thing,
they're
being
run
inside
services
like
kubernetes.
A
Probably
a
lot
of
what
you
interact
with
on
the
Internet
is
running
containers
under
the
hood.
So
that's
great!
Why
are
we
talking
about
them
today?
Many
of
the
things
that
make
containers
really
useful
also
can
help
us
as
HPC
users
too.
So
that's
that's
what
I
hope
to
show
you
for
anybody
who
doesn't
know
what
a
container
is,
because
it
is
kind
of
a
weird,
nebulous
concept
if
you're
familiar
with
a
virtual
machine.
A
So
maybe,
if
you
have
a
Linux
system
and
you
need
to
run
some
windows
software,
you
might
boot
up
a
virtual
machine
inside
to
give
you
access
to
that
other
OS
I'm,
not
a
virtual
machine
expert,
but
it
basically
means
that
you
need
a
whole
copy
of
your
operating
system.
In
order
to
to
do
that,
a
container
is
a
little
bit
different
because
it
it
can
share
the
kernel
of
the
host
system.
A
So
on
promoter
you
know
we
have
a
Linux
kernel
and
any
container
that
you
bring
onto
the
system
is
is
going
to
share
what
we
already
have
on
promoter.
So
what
does
that
mean?
Containers
are
much
more
lightweight
than
a
virtual
machine.
They
can
still
be
big
depending
on
what
what
you've
got
in
them,
but
you
know
we're
on
the
order
of
you
know
a
few
gigabytes
for
the
smallest
one
is
up
to
you,
know
10
or
15.,
so
you
know
manageable.
A
You
can
build
a
container
on
your
laptop,
for
example,
and
take
it
to
a
brand
new
system
like
Pro
Mudder
and
that's
what
makes
them
really
powerful.
You
can
kind
of
pack
up
your
software
and
not
have
to
be
rebuilding
all
the
time.
So
that's
that's
kind
of
in
a
nutshell.
With
containers
do
so
who
can
benefit
from
containers?
I
would
argue
pretty
much
everybody
here
today,
but
just
some
of
the
pain
points
that
they
can
help
address
are
rebuilding
software.
A
I,
don't
know
about
you
guys.
Maybe
you
really
like
rebuilding
software,
but
it
can
be
time
consuming
if
your
system
has
an
OS
upgrade
like
we
do
periodically
at
nurse,
you
may
need
to
rebuild
you
know
for
moving
your
software.
Obviously
you
need
to
rebuild
so
that's
one
use
case.
A
If
you
want
your
software
stack
to
be
stable
and
unaffected
by
changes
happening.
You
know,
outside
of
your
control.
Containers
are
great.
They
give
you.
You
know
your
own
environment
where
you're
the
admin.
Basically,
if
you
are
a
python
user
and
I
know
many
of
you
are
containers,
can
be
especially
helpful
for
you,
because
the
package
Imports
that
you're
doing
are
pretty
metadata
heavy
and
at
Large
Scale.
You
know
if
you're
running
you
know
several
hundred
nodes,
that
import
step
can
take
a
long
time.
A
Containers
can
help
you
we'll
talk
a
little
bit
more
about
that
and,
as
I
mentioned,
if
you
want
to
move
your
software
from
system
to
system,
it
doesn't
always
work,
but
a
lot
of
the
time
it
does
so
anyway,
a
lot
of
benefits
here
that
I
think
are
worse,
exploring.
A
So
for
anybody
who's
not
super
familiar
with
containers,
I
just
wanted
to
lay
out
a
little
bit
of
the
vocabulary
so
that
we
can
all
don't
want
to
lose
anybody.
So
you
may
have
heard
the
word
Docker
file.
A
There
are
different
Frameworks,
obviously
so
in
Singularity
it's
a
singularity
file,
but
a
Docker
file
is
just
a
text
file
where
you
kind
of
write
out
the
recipe
for
how
you
want
to
build
your
software
in
the
image
human
readable
this.
This
is
how
you
specify
what
you
want.
The
image
is
the
thing
that
gets
built
from
the
docker
file,
so
image
is
a
little
bit
different
than
container
you.
You
kind
of
hear
people
use
them
interchangeably,
but
they
they
do
have
slightly
different
meaning.
A
A
So
that's
that's
kind
of
the
difference.
So
the
container
is
the
running
instance
of
the
image
it's
what's
actually
doing.
You
know
the
calculation
it's
hooked
into
the
the
OS
talking
to
your
GPU,
so
the
runtime
is
the
framework
that
enables
your
container
to
run.
It
could
be
a
lot
of
things,
you're,
probably
familiar
with
Docker,
maybe
Singularity,
we'll
talk
about
podman
a
registry
is
a
place.
A
You
want
to
put
your
container
so
once
you've
finished
building
your
image,
you
probably
want
to
move
it
somewhere
like
promoter,
but
you've.
One
good
way
to
do
that
is
to
go
through
an
intermediate
registry,
so
it
could
be
Docker.
A
Hub
we've
got
several
at
nurse
I'll
talk
about,
and
finally
one
thing
I'll
talk
about
a
little
bit
later
is
something
called
the
volume
Mount
or
a
bind
Mount,
and
a
good
thing,
and
a
bad
thing
about
containers
is
that
they
are
their
own
little
universe
and
anything
that
you
didn't
put
in
the
image.
While
you
were
building
it,
isn't
there.
So
if,
if
you
have
a
big
data
set,
you
want
to
analyze
with
the
software
in
your
container
you're
going
to
need
to
give
your
container
access
to
these
images.
A
Usually,
what
that
means
is
that
you're
going
to
create
a
volume
Mount
at
runtime,
so
you're
going
to
say,
hey
this
directory,
where
my
images
are
I'm
going
to
mount
them
in,
so
my
software
can
access
them
so
anyway,
these
are
just
kind
of
some
important
vocab
words
to
know
in
the
world
of
containers.
A
Oh
all
right!
So
really,
we've
talked
a
lot
about
that.
You're,
probably
wondering
okay,
fine
like
how.
How
do
I
really
do
this
so
today,
at
nurse
the
container
run
time
that
we
support
is
called
shifter.
Shifter
is
a
lot
like
Docker
and
you
might
wonder
well,
like
I
I
like
doctor,
why
can't
I
just
use
Docker
a
few
reasons?
The
first
is
security,
so
inside
a
Docker
container,
you
can
become
root,
which
we
obviously
don't
want
on
a
shared
supercomputer
system.
A
It's
important
to
have
restricted
and
secure
permission.
So
that's
one
thing:
the
other
thing
is:
if
you
were
to
run
Docker,
it
wouldn't
have
any
capability
to
help.
You
run
at
Large
Scale,
which
hopefully
a
lot
of
you
want
to
do
given
that
you're
at
nurse.
So
there's
a
lot
of
kind
of
cool
things
under
the
hood
that
shifter
does
to
help
you
scale
up,
like
you
would
on
a
system
like
promoter
that
said,
shifter
looks
and
feels
a
lot
like
Docker.
A
So
a
good
way
to
get
started
is
just
to
learn,
install
and
kind
of
get
familiar
with
Docker
on
your
laptop
or
anywhere
that
you
have
access.
A
We
wrote
up
a
tutorial
called
the
shifter
for
beginners
tutorial.
It's
it's
basically
for
people
who
are
like
we
say
beginners,
and
it
will
walk
you
through
installing
Docker
and
and
running
building
and
running
your
first
container.
So
this
is
probably
the
best
way
that
you
can
get
started.
There's
a
lot
of
good
tutorial
material
out
there
for
Docker,
which
mostly
applies
to
shifter
foreign,
looks.
Like
so
I
said,
it's
plain
text.
Human
readable
I
pulled
this
one
straight
out
of
our
shifter
docs
page.
A
A
So
this
is
awesome,
I,
don't
know
if
any
of
you
have
installed
or
really
enjoy
installing
Ubuntu
great,
but
it's
nice
to
be
able
to
just
grab
something
and
start
to
build
on
top
because
we're
in
Ubuntu
we
can
go
ahead
and
use
the
Ubuntu
app
to
get
a
package
manager
to
install
whatever
we
want-
and
this
is
something
I
really
love
about
containers,
because
you
would
never
be
able
to
do
this
on
promoter
because
you're,
not
assistant
men,
but
in
a
container
you
are
the
assistant,
so
you
can
install
whatever
you
need
for
your
application.
A
So
in
this
case
we'll
get
some
compilers
and
we'll
get
Python
and
we'll
get
PIP
in
this
image.
We're
demonstrating
how
to
install
mpitch
to
eventually
use
MPI
on
promoter,
so
we're
building
mpitch
from
Source.
The
reason
we
do
that,
instead
of
app
to
getting
it,
is
because
I'll
talk
about
this
in
a
minute,
but
in
order
to
enable
fast,
create
optimized
and
Pitch
at
nurse
we're
going
to
swap
out
at
runtime
the
input
you
put
in
your
image,
so
that
doesn't
work
unless
you
build
it
like
we're
demonstrating.
A
So
we
build
and
page
I
mean
the
the
commands
of
the
W
get
the
the
tar
make
make
install.
Hopefully
that
looks
familiar
to
anybody.
Who's
done
any
building
of
packages
you
just
have
to
get
used
to
the
Docker
syntax,
but
otherwise
it's
just
it's
just
a
recipe
for
for
building
your
stack.
A
So
how
do
you
kind
of
choose
what
image
to
start
from,
or
how
do
you
write
this
Docker
file
for
a
lot
of
machine
learning
users?
You
can
kind
of
start
with
what
Nvidia
provides,
which
is
really
great.
So
it's
especially
for
deep
learning
users
containers
are
awesome.
They
should
work
I.
Think
for
the
most
part,
right
out
of
the
box.
Nurse
provides
some
images
that
have
a
little
bit
of
additional
stuff
inside
of
them.
A
I
think,
like
H5
Pi,
maybe
they'll
discuss
that
in
the
upcoming
deep
learning
talk
but
they'll
give
you
a
little
bit
of
extra
utility.
So
if
you
visit
some
of
these
links
here,
which
I
know
I
can't
show
you
right
now,
but
after
the
the
talk
when
we
post
the
slides,
we
also
have
kind
of
a
newer
repo
where
we're
putting
in
some
MPI
for
pi
some
open,
MPI
examples.
A
A
A
Okay,
as
I
said
once
you've
built
an
image
say
on
your
laptop
to
get
it
to
promoter.
You've
got
to
hop
through
a
registry,
so
there
are
a
couple
options
for
you.
You
can
use
Docker
Hub,
it's
public
everything
you
put
up
there
I
think
by
default
is
viewable
by
everyone.
So
don't
put
your
Nobel
prize
winning
work.
A
We
have
it's
generally
free
for
non-commercial
use,
so
I
know
they've
got
a
lot
of
Licensing
things
going
on,
but
I
think
for
for
all
of
you.
You
should
be.
Okay.
A
A
If
you
haven't
gone
through
spin
training
but
you'd
like
access,
you
can
submit
a
ticket
and-
and
we
can
enable
you-
so
please
don't
hesitate
to
ask
otherwise
we
have
our
older
registry.services.nurse.gov.
All
users
are
automatically
enabled
here,
but
this
is
going
to
be
deprecated
in
favor
of
registry.verse.gov.
A
So
you're
welcome
to
use
this,
but
you
should
be
aware
eventually
we're
gonna
we're
gonna
move
everybody
out
of
it
and
to
get
your
image,
then,
from
a
registry
on
to
nurse
you're
going
to
use
the
shifter
image
pool
utility
so
from
Docker
Hub,
it
would
just
be
Ubuntu
latest
from
registry.
You'll
have
to
do
a
shifter
image
login
and
then
you
can
pull
but
pretty
straightforward
to
to
get
your
image
onto
parameter.
A
All
right
so
I
said
Drifter
was
like
Docker
and
so
here's
some
of
the
kind
of
differences
you
should
be
aware
of
in
using
shifter.
So
we
we
try
to
be
helpful
for
nurse
users
and
we
kind
of
give
you
things
by
default
that
we
think
might
be
useful
for
you.
It's
not
transparent.
What
to
the
user,
which
is
not
great,
but
this
is
what
the
situation
is.
A
So
we
have
loaded
by
default
when
you
use
shifter
the
mpitch
module
and
the
GPU
module,
so
the
MP
module
is
loading
all
of
these
cray
libraries
and
just
in
case
you
want
to
swap
out
your
and
pitch
for
the
fast
gray
and
pitch
we're
making
that
available
to
you.
There
are
circumstances
where
you
may
not
want
this.
For
example,
if
you're
using
openmpi,
there
are
other
circumstances
where
it
could
cause
issues.
We've
sometimes
seen
jewlib
C
issues
happening.
A
Users
are
like
why?
Why
do
I
see
this
mpitch
thing
I'm,
not
even
using
mpitch?
A
The
reason
is
because
we're
inserting
it
and
if
maybe
the
OS
in
your
image
is
old,
you'll
you'll,
see
this
error
so
anyway
be
aware
that
this
is
what's
happening
and
if
you
want
to
disable
them,
you
totally.
Can
you
just
need
to
do
a
module
equals
none,
so
that
will
turn
them
all
off.
If,
for
some
reason
you
want
to
say
only
GPU,
you
could
do
a
dash
module
GPU.
A
So
if
you
want
to
learn
more
about
our
modules
and
and
what
they're
doing
you
can
visit
our
docs,
oh
and
one
last
thing,
if
you're
doing
a
Cuda
aware,
MPI
you'll
want
a
different
module.
So
this
is
our
Cuda
M
pitch.
So
this
is
if
you're
moving
Cuda
objects
with
MPI,
we'll
need
to
load
a
slightly
different
set
of
libraries
for
you
all
right,
so
how
to
use
shifter
in
a
job.
Pretty
straightforward,
you're
gonna
use
your
same
kind
of
s,
Alec,
syntax
that
you
would
for
an
interactive
job.
A
The
the
difference
is
this
Dash
Dash
image,
so
this
tells
slim
hey.
Please
get
my
shifter
image
ready
for
this
job
in
this
case
I'm
using
Ubuntu
latest,
but
you
could
put
in
whatever
you
want
and
then
once
your
node's
ready,
you
can
issue
an
S
run
command
shifter,
because
you've
already
requested
this
image
will
automatically
use
the
image
that
you've
asked
for
and
anything
that
follows
the
shifter
command
will
occur
inside
the
container,
so
pretty
pretty
easy.
A
Hopefully
it
looks
pretty
similar
in
a
batch
job,
so
we'll
just
change
around
the
S
Alex
Syntax
for
the
S
badge
directives.
So
we'll
have
the
image
request
up
here
and
then,
once
your
job
is
ready
to
go,
then
the
same
command
will
run
inside
your
container
and
you'll
just
submit
that,
like
you,
would
any
batch
script,
damn
it
hello.
A
Okay,
so
I'll
give
you
some
tips
here.
Some
of
these
are
inspired
by
kind
of
common
tickets
or
common
kind
of
user
questions.
Try
to
save
you
some
headache!
Oh
and
let
you
know
that
shifter
performance
can
be
really
good,
so
especially
python
users.
A
Shifter
can
be
especially
helpful
for
applications
that
are
really
using
a
lot
of
metadata
on
the
file
system.
So
how
does
this
work
part
of
the
major
engineering,
work
and
I?
Think
something
really
cool
about?
Shifter
is
the
way
that
it
handles
the
image.
A
That's
that's
the
format
that
it's
in
after
you
have
done
a
shifter
image
pull
and
then
during
your
job,
it's
on
our
luster,
our
high
performance
luster
file
system
via
a
read-only
squash
Mount,
and
that
basically
means
that
you
have
access
on
a
per
node
basis
to
all
of
the
information
in
your
image
in
this
really
fast
read-only
mount.
A
It
also
means
that
you're
not
subject
to
The
Wider
file
system
contention,
because
you
have
kind
of
your
own
private
access,
it's
sort
of
like
being
a
VIP
I
think
so,
how
does
that
benefit
you?
If
you're
doing
a
python
import,
Pi,
torch
and
pytorch
is
a
huge
Library.
It's
going
to
take
time
to
move
all
of
that
information.
A
You
know
from
the
file
system
to
each
node
in
your
job,
but
for
shifter
because
of
this
cool
read-only
Mount
the
you're
not
subject
to
all
the
same
metadata
contention.
So
the
plot
here
is
from
the
shifter
paper
from
2015.
Basically,
you
could
ignore
the
two
lvms
these
are
performed
in
Docker,
but
the
five
bars
to
the
left
were
done
on
Corey,
and
you
can
see
that
for
the
first
access,
so
thinking
about
the
first
time
you
import
a
package.
A
How
long
does
it
take
and
you
can
see?
Shifter
is
pretty
much
the
fastest.
The
data
warp
is
the
burst
buffer,
but
anyway,
really
good
and
robust
performance,
especially
for
python
foreign
place
for
users.
Is
the
volume
mounting
that
I
mentioned
at
the
beginning
of
the
talk,
so
getting
data,
or
maybe
like
say,
you're,
actively
developing
a
repository?
You
want
to
be
able
to
make
changes
without
having
to
rebuild
your
image.
The
best
way
to
do
that
is
via
a
volume
Mount.
A
So
you
can
take
files
that
exist
outside
your
image
and
mount
them
into
say
a
directory
called
Data.
If
this
goes
wrong,
you
might
see
something
that
looks
like
in
volume,
invalid
volume
map
or
by
Mount
failed.
So
there
are
a
couple
reasons
this
could
fail.
So
the
first
is
that
the
the
file
permissions
have
to
be
suitable
to
perform
the
bind
Mount
all
the
way
up
to
the
root
of
the
file
system,
so
like
for
a
a
shared
directory
like
on
the
community
file
system.
A
You
may
not,
oh
you
Pro,
you
don't
own
the
directory.
So
to
get
around
that,
you
may
need
to
do
a
set
F
ACL
command
to
change
the
permissions
so
that
shifter
is
able
to
perform
the
bind
mount.
A
Another
tricky
place
is
that
you
can't
create
more
than
one
level
of
directory
when
you
perform
the
Buy
Mount.
So
you
can't
say
you
know,
pass
Foo
bar
unless
Foo
already
exists,
so
it's
like
the
equivalent
of
the
maker
Dash
p
command
that
you
can't
do
that,
so
that
that's
another
place,
you
just
want
to
make
sure
you're
not
trying
to
create
too
many
directories.
A
So
if
you
have
trouble
with
any
of
your
volume
mounting
check
out
our
troubleshooting
page,
we've
got
a
little
bit
more
info
and
then
we'll
show
you
how
to
use
the
set
of
ACL
command
to
fix
your
volume.
Mount
permissions.
A
Okay,
some
tips,
especially
for
open
MPI
users
and
Nvidia
deep
learning
users
are
in
this
category,
often
so,
as
I
said,
we're
loading
the
mpitch
module
by
default,
but
that's
not
helpful
for
you
if
you're
using
MPI,
so
you'll
want
to
turn
that
off.
If
you
want
to
do
that,
but
keep
GPU
support,
you
can
do
a
dash
dash
module
GPU.
A
One
additional
step
is
that
you're
going
to
want
to
suggest?
Are
you
going
to
need
to
tell
slurm
to
use
the
system
PMI
2
instead
of
the
create
PMI?
So
that's
what
we're
doing
here
with
this
dash
dash
MPI
is
pmi2
and
inside
shifter.
We
need
to
tell
it
module
none
in
this
case,
so
this
should
be
suitable
to
get
your
openmpi
running
correctly
on
Pro
motor
and,
of
course,
you'll
have
to
provide
your
own
openmpi
installation
in
your
image
or
use
use
an
Nvidia
image.
A
That
already
has
one
another
tricky
place.
Is
the
newest
Max?
Have
the
M1
architecture
so
arm,
which
is
not
x86
and
promoter
is
an
x86
system.
So,
if
you'd
like
to
build
an
image
on
your
laptop,
but
have
it
run
on
promoter
you're
going
to
need
to
do
what's
called
a
cross-platform
or
a
multi
or
Arch
build?
A
If
you
want
to
do
that,
you're
going
to
do
this,
Docker
build
X
create
this
is
creating
something
called
a
new
build
context,
which
is
what
is
needed
to
build
for
additional
os's.
So
in
this
example
here
in
our
new
build
context,
we're
building
for
both
an
AMD
64
architecture.
So
that's
that's
your
typical
x86
and
we're
also
building
for
an
arm
architecture.
A
So
that
would
be
something
for
your
Mac
M1.
You
do
the
build
and
the
push
in
the
same
command.
Usually
to
make
this
easier.
There
are
a
few
ways
that
this
can
go
badly.
I
don't
want
to
go
into
too
much
detail,
but
you'll
want
to
be
a
little
bit
careful
how
you
set
this
up
because
it
can
be
kind
of
messy
to
do
the
the
cross-platform
builds.
A
The
links
here
have
some
info
and
a
little
more
in
our
own
documentation,
okay,
but
in
general
for
any
shifter
problem.
I
think
this
applies
check
out.
The
help
command
I
was
using
shifter
for
a
long
time
before
I
ever
tried
shifter
help,
and
it's
got
a
lot
of
useful
info
packed
in
there.
So
check
that
out.
A
A
So
a
quick
check
for
that
would
be
on
your
own
system,
so
not
in
shifter,
but
in
Docker
try
running
with
the
user
permissions
500,
which
basically
replicates
what
shifter
will
do
once
your
image
gets
onto
the
system
if
it
fails
here.
This
is
a
good
indication
that
you're
going
to
need
to
rethink
how
your
image
was
built
and
make
sure
that
it
is
it's
not
trying
to
it
doesn't
assume
root
access
which
you
will
not
have
in
shifter.
A
Another
General
piece
of
troubleshooting
advice
is
that
you
can
always
kind
of
hop
into
your
running
container
to
see
what's
going
on,
I.
Do
this
all
the
time
so
in
an
interactive
job,
you
can
just
start
your
image
and
append
the
kind
of
shell
you
want
so
I'm,
A,
bash
user,
so
I
add
a
bin
bash
and
now
I'm
dropped
into
my
image.
I
can
look
to
see
you
know.
A
Is
this
the
version
I
expected
is
everything
linked
correctly
or,
if
you'd
like
to
do
that
using
slurm,
the
syntax
is
a
little
bit
different.
You
need
an
s-ron,
you
need
a
dash
dash
PTY,
but
otherwise
it's
the
same.
So
you
can
look
around
try
to
see
if
you
can
figure
out
what's
going
on
and
then
exit
will
get
you
back
out
of
your
container
all
right.
A
So
I
just
spent
a
long
time
telling
you
about
shifter
at
nurse,
but
the
real
plan
is
to
phase
out
shifter
in
favor
of
a
new
framework
called
podman.
So
I
wanted
to
just
give
you
a
preview
about
that
in
the
last
few
minutes
of
this,
hopefully
I'm
a
little
long.
Okay,
all
right
so
podman
is
an
open
container
initiative,
compliant
framework
developed
by
Red
Hat.
What
does
that
mean?
A
It
adheres
to
a
community
set
of
Standards
and
it
kind
of
looks
and
feels
a
lot
more
like
tools
like
Docker
that
you
may
be
used
to
where
shifter
kind
of
has
its
own
rules
to
some
extent
podman.
You
could
download
today
and
use
it
on
your
laptop,
so
there's
nothing
special
about
you
know
it
has
to
run
at
nurse.
The
really
cool
thing
about
podman
is
that
it
provides
something
called
rootless
containers.
A
So
that's
really
great
from
a
security
point
of
view,
because
it
means
that
the
container
doesn't
have
any
kind
of
special
permissions.
It
runs
as
the
user
and
it's
really
good
from
a
user
point
of
view,
because
inside
your
image
it
feels
to
you
like
you,
do
have
root
access.
So
there's
not
this
weird
situation.
A
We
currently
haven't
shifted
where
your
image
is
going
to
fail,
because
it
assumes
you
need
root,
that's
just
fine
in
podman,
so
it
does
it
achieves
that
through
this
cool
mapping
of
sub
UA,
so
GID
I
won't
go
into
that.
But
anyway,
the
thing
you
probably
care
about
the
most
is
that
this
is
going
to
give
you
the
ability
to
start
building
images
directly
on
promoter,
so
you
won't
have
to
build
on
your
laptop
anymore.
Finally,
you
can
just
build
red
and
Earth,
which
I
think
is
going
to
be
awesome.
A
Hot
man
isn't
going
to
work
out
of
the
box
on
a
system
like
nurse,
so
we've
been
doing
a
lot
of
hard
work
to
modify
it
so
that
it
will
run
smoothly
on
our
systems
and
deliver
the
same
kind
of
good
performance
that
you're
used
to
now
in
shifter.
Maybe
so
we're
gonna
do
the
same
kind
of
cool
squash,
Mount
trick
to
help
ensure
that
it
will
scale
and
be
fast
so
we're
not
gonna
yank
shifter
away
we're
going
to
run
both
of
them
alongside
Each
Other
Well.
A
We
hope
users
transition
over
to
podman,
we'll
start
inviting
early
users
soon,
there's
kind
of
a
philosophical
difference
between
shifter
and
podman
and
that
shifter
kind
of
does
things
for
you
without
you
asking
and
when
we
switch
to
podman
it's
going
to
be
the
opposite,
where
you
won't
have
anything.
A
A
Okay,
in
summary,
containers
have
a
lot
of
benefits
for
HPC
users.
If
you
haven't
tried
them,
please
give
them
a
shot.
They
can
be
really
powerful.
Shifter
is
our
current
container
framework
on
Corian
promoter.
If
you
want
to
learn
how
to
use
shifter,
our
docs
are
a
great
resource.
A
We
have
a
beginner
tutorial
that
is
set
up
just
for
you
and
if
you
get
stuck,
please
write
us
a
ticket,
so
we
can
help
you
and
finally,
we're
going
to
be
bringing
the
podman
container
framework
up
on
promoter
I
will
be
inviting
people
to
join
us.
So
thank
you
very
much.