Singularity brings the concept of containers to HPC systems, with containers that are purpose built and can include a simple binary and library stack or a complicated work flow that includes both network and file system access (or anything in between). The Singularity container images are then completely portable to any binary compatible version of Linux with the only dependency being Singularity running on the target system.
Singularity blocks privilege escalation within the container so if you want to be root inside the container, you first must be root outside the container. This usage paradigm mitigates many of the security concerns that exists with containers on multi-tenant shared resources. You can directly call programs inside the container from outside the container fully incorporating pipes, standard IO, file system access, X11, and MPI makes it easy to incorporate into your environment.
Singularity introduces new functionality into OpenHPC (afaik).
Latest stable version number
2.2 (Oct 11 2016)
Open-source license type
Singularity is released under a BSD license with 2 modifications. One of the modifications being that you may not use the names of any project members or contributors (namely UC or the US Department of Energy) to endorse or promote products or services derived from or using this software. And the other is that if you share modified code publicly (or with Berkeley National Laboratory), you will grant similar license terms on your “Enhancements” (see https://github.com/singularityware/singularity/blob/master/LICENSE for more details).
Relationship to component?
[ ] contributing developer
[x] user
[x] other
If other, please describe:
highly supportive member of the Singularity community
Build system
[x] autotools-based
[ ] CMake
[ ] other
If other, please describe:
Does the current build system support staged path installations?
For example: make install DESTIR=/tmp/foo (or equivalent)
[x] yes
[ ] no
Does component run in user space or are administrative credentials required?
[x] user space (using existing Singularity containers)
[x] admin (creating new or modifying existing Singularity containers, but this can be done anywhere, does not need to be on HPC resource itself)
Does component require post-installation configuration.
[ ] yes
[x] no
If yes, please describe briefly:
If component is selected, are you willing and able to collaborate with OpenHPC maintainers during the integration process?
[x] yes
[ ] no
Does the component include test collateral (e.g. regression/verification tests) in the publicly shipped source?
[x] yes
[ ] no
If yes, please briefly describe the intent and location of the tests.
make test runs the provided test.sh script that verifies various aspects of the singularity command
Does the component have additional software dependencies (beyond compilers/MPI) that are not part of standard Linux distributions?
[ ] yes
[x] no
If yes, please list the dependencies and associated licenses.
Does the component include online or installable documentation?
Thank you for the submission. The TSC has recommended acceptance of Singularity. The starting target for inclusion is to land on the OpenHPC 1.3.1 branch.
Software Name
Singularity
Public URL
http://singularity.lbl.gov/
Technical Overview
Singularity brings the concept of containers to HPC systems, with containers that are purpose built and can include a simple binary and library stack or a complicated work flow that includes both network and file system access (or anything in between). The Singularity container images are then completely portable to any binary compatible version of Linux with the only dependency being Singularity running on the target system.
Singularity blocks privilege escalation within the container so if you want to be root inside the container, you first must be root outside the container. This usage paradigm mitigates many of the security concerns that exists with containers on multi-tenant shared resources. You can directly call programs inside the container from outside the container fully incorporating pipes, standard IO, file system access, X11, and MPI makes it easy to incorporate into your environment.
Singularity introduces new functionality into OpenHPC (afaik).
Latest stable version number
2.2 (Oct 11 2016)
Open-source license type
Singularity is released under a BSD license with 2 modifications. One of the modifications being that you may not use the names of any project members or contributors (namely UC or the US Department of Energy) to endorse or promote products or services derived from or using this software. And the other is that if you share modified code publicly (or with Berkeley National Laboratory), you will grant similar license terms on your “Enhancements” (see https://github.com/singularityware/singularity/blob/master/LICENSE for more details).
Relationship to component?
If other, please describe:
highly supportive member of the Singularity community
Build system
If other, please describe:
Does the current build system support staged path installations? For example:
make install DESTIR=/tmp/foo
(or equivalent)Does component run in user space or are administrative credentials required?
Does component require post-installation configuration.
If yes, please describe briefly:
If component is selected, are you willing and able to collaborate with OpenHPC maintainers during the integration process?
Does the component include test collateral (e.g. regression/verification tests) in the publicly shipped source?
If yes, please briefly describe the intent and location of the tests.
make test
runs the providedtest.sh
script that verifies various aspects of thesingularity
commandDoes the component have additional software dependencies (beyond compilers/MPI) that are not part of standard Linux distributions?
If yes, please list the dependencies and associated licenses.
Does the component include online or installable documentation?
If available online, please provide URL.
[Optional]: Would you like to receive additional review feedback by email?
- [ ] yes - [x] no