udocker is a user-space tool for executing Docker containers without root privileges, designed for environments where Docker is unavailable or root access is restricted. It allows non-privileged users to pull and run containers, making it suitable for batch systems, clusters, and grid infrastructures.

How It Works

udocker executes containers by creating a chroot-like environment using extracted container filesystems. It supports multiple execution backends, including PRoot, Fakechroot, runc, crun, and Singularity, abstracting away the underlying implementation details. This approach allows it to function across a wide range of Linux distributions and kernel versions without requiring system-level installations or privileges.

Quick Start & Requirements

• Install by downloading the udocker binary and placing it in your PATH.
• Requires Python 2.7 or Python >= 3.6.
• Supports NVIDIA GPGPU applications.
• Documentation: udocker documentation

Highlighted Details

• Supports a subset of Docker commands (pull, run, create, etc.).
• Can execute containers with GPU support.
• Compatible with both Python 2.7 and Python 3.
• Offers multiple execution modes (PRoot, Fakechroot, runc, crun, Singularity) for flexibility.

Maintenance & Community

• Developed by INDIGO-DataCloud and supported by various EU H2020 projects.
• Active development and community support are implied by project funding and acknowledgments.

Licensing & Compatibility

• udocker's license requires adherence to the licenses of its bundled external tools and libraries. Specific license details are in the installation manual.
• Commercial use is permitted, but users must comply with all included licenses.

Limitations & Caveats

• Operations requiring actual root privileges (e.g., listening on privileged ports, mounting filesystems) are not possible.
• Debugging tools like strace may not work with the PRoot engine.
• Fakechroot modes require shared libraries compiled against the container's libc.
• runc/crun modes require kernels with user namespaces enabled.
• Singularity mode requires Singularity to be installed separately.