1. Introduction
- This document describes how to build a Docker image with IMAS environment
- The build is divided into several steps, each in a separate executable file with sequential naming convention:
01-base
,02-ual
,03-kepler
,04-fc2k
,05-gui
,06-intel-mpi-mkl
and07-save
- Steps 2, 3 and 4 require access to a private SSH key to query git://git.iter.org
- The result of step 4 is a usable image with IMAS, Kepler and FC2K
- Step 5 is optional, it adds on top of Step 4 the GUI libraries and configurations to work with the container via VNC (remote desktop)
- Step 6 is optional, it adds Intel libraries
- Step 7 exports the result of step 4 and 5 into image archives (these can be transferred and loaded by Docker daemon or uDocker executable)
2. Buildah
- The building procedure is based on
buildah
- It is a standard compliant tool which allows building container images
2.1. Dependencies
buildah
: A tool that facilitates building OCI images
https://github.com/containers/buildahpython
2.2. Buildah configuration
Contents of
/etc/containers/registries.conf
:[registries.search] registries = ['docker.io', 'registry.fedoraproject.org', 'quay.io', 'registry.access.redhat.com', 'registry.centos.org']
2.3. Rootless mode
- You can build the image rootless when these requirements are met:
A kernel with support for User Namespaces (
CONFIG_USER_NS
) must be presentA
sysctl
setting must be presentkernel.unprivileged_userns_clone = 1
Create
/etc/subuid
and/etc/subgid
with the following content (replaceLOGIN
with a login of user able to build containers)LOGIN:100000:65536
3. Building procedure
3.1. Configuration
- All parameters are placed in
config
file - By default, almost all of parameters' values are blank, which means that the image builder will determine latest released tag (for each component separately) and use it automatically
- If you want to enforce specific tag or branch, please edit the config file accordingly
3.2. Steps
# step 2, 3 and 4 will ask for SSH private key
./01-base # from ubuntu/bionic creates imas/base
./02-ual # from imas/base creates imas/ual
./03-kepler # from imas/ual creates imas/kepler
./04-fc2k # from imas/kepler creates imas/fc2k
./05-gui # (optional) from imas/fc2k creates imas/gui (adds XFCE via VNC)
./06-intel-mpi-mkl # (optional) from imas/fc2k creates imas/mpi (adds Intel's MPI and MKL libraries)
./07-save # stores imas/fc2k and imas/gui as archive files in /tmp/
Limitations
- The IMAS environment is compiled in the container, so it uses only publicly available resources (+ source codes from git://git.iter.org)
- This means that
ifort
,pgf90
,nagfor
ormatlab
are unavailable and these settings are used:IMAS_IFORT=no
IMAS_G95=no
IMAS_NAGFOR=no
IMAS_PGI=no
IMAS_MATLAB=no
IMAS_MEX=no