1. A note about performance
Containers can create an easy, friendly user experience, but are typically not optimized for specific systems or hardware. A cost of this is that containerized applications often will not achieve the same performance as would natively built applications, which might, for example, call libraries optimized for the specific hardware and underlying architecture.
This isn't to say that it's not possible for a containerized application to achieve the same (or better) performance as a native application. Adding system-specific hardware libraries or dependencies to a container increase performance at the cost of portability.
2. Memory issues with large container images
When working with sufficiently large container images, you can run into memory issues. For example, you could have a process terminated by an Out of Memory (OOM) killer, or you could see "FATAL" error messages as shown here:
janeh@pascal32:/p/lustre1/janeh$ singularity build oom-build-030122.img docker://ecpe4s/e4s-gpu INFO: Starting build... Getting image source signatures (...) INFO: Creating SIF file... FATAL: While performing build: while creating squashfs: create command failed: exit status 1: Write failed because No space left on device FATAL ERROR:Failed to write to output filesystem FATAL ERROR:Failed to write to output filesystem
NOTE This example uses singularity, rather than podman, and that the possibility of memory issues when working with large container images exists for both. The threshold for encountering memory issues is lower when using podman and vfs together than it is for using either singularity or podman and overlayfs.
5. Incompatible architecture
When working with containerized applications, it's essential to ensure the container image's architecture aligns with the host system's architecture. Encountering the error:
standard_init_linux.go:211 exec user process caused exec format error
suggests that you're trying to run a container built for a different architecture than the host system's.
To resolve this, utilize a system that matches the architecture of the container image.