Revision as of 17:58, 15 March 2018

questions and comments should go to Zhiwen Zhao zwzhao at jlab.org

singularity

general
- website http://singularity.lbl.gov
- hub https://singularity-hub.org
- talk "Singularity: Containers for Science, Reproducibility, and HPC" https://youtu.be/DA87Ba2dpNM

warning
- if you are running singularity-2.4.x on a centos7.2 host, you could have kernel panic if you use ROOT TMD5 and load your host dir

installation
- refer to installation instruction and the latest version is recommend.
- singularity-2.4.x can run singularity-2.3.x images and has many new features and we should use it instead of 2.3.x whenever possible
- On redhat-kind linux, build an rpm first and install it. at least "squashfs-tools,automake,rpm-build,libtool" are needed to build it.
- On windows and Mac, the official way just running a small linux virtual machine with virtualbox, but the virtual machine is not good for graphic application. The better alternative is to use a good but not so small linux virtual machine. If you have one already, use it. If not, see below to download an existing one.

singularity at jlab as 2018/03/13
- jlab farm and ifarm has singularity-2.3.1 installed as default, it's too old, don't use it.
- other version is installed by "module", check what's available at /usr/local/singularity/ and load by "module load singularity-2.4.4" to use it, or stop using it by "module rm singularity-2.4.4"
- use ifarm1401 which auto bind /group /work /cache into any container by default

test singularity
- cd some_where_with_enough_space
- "setenv http_proxy http://jprox.jlab.org:8082" "setenv https_proxy http://jprox.jlab.org:8082" if you are on jlab ifarm
- setenv SINGULARITY_CACHEDIR ./ (change cache dir from default ~/.singularity, MUST do at jlab ifarm with very limited space at hom)
- singularity pull docker://godlovedc/lolcow
- singularity run lolcow.img
- setenv PYTHONHTTPSVERIFY 0 (sometime needed to bypass singularity hub certificate check)
- singularity pull shub://GodloveD/lolcow
- singularity run GodloveD-lolcow-master-latest.simg

docker

at centos
- install the new version 17.* from docker repo, not old 1.* from centos extras repo
- you have to run start docker daemon first [see how to start and auto start it https://docs.docker.com/config/daemon/systemd/], then run "sudo docker run hello-world" to test
- if your host is within jlab network but not jlab level1 or level2 linux, mostly likely you will encounter error like "x509: certificate signed by unknown authority" because jlab gateway hijack site certificate with its own. We can solve this by mimic a jlab maintained system as follows
  - do "yum install jlabca", if it fixed the problem, ignore steps below
  - copy all files under /etc/pki/ca-trust/source/anchors/ from a jlab system like ifarm to your system
  - run "update-ca-trust","service docker stop","service docker start" as root
  - refer to https://github.com/moby/moby/issues/8849 for some discussion
- images are at /var/lib/docker/overlay2
at windows
- docker for windows requires latest window 10 pro 64bit and hyper-V on relative new CPU. docker will enable hyper-V which is disabled by default. Then your virtualbox and vmware (maybe) will stop working by crashing your windows, refer to https://docs.docker.com/docker-for-windows/install/#what-to-know-before-you-install
- images as one file at "C:\Users\Public\Documents\Hyper-V\Virtual hard disks\"
release space by https://stackoverflow.com/questions/44288901/how-to-force-docker-to-release-storage-space-after-manual-delete-of-file-in-volu

a good linux virtual machine to run singularity and docker

a good linux virtual machine to run singularity and docker, centos7 made with virtualbox
- download and install virtualbox https://www.virtualbox.org/wiki/Downloads
- It's nice, but not a must, to run singularity image in shared folder because it keeps the virtual machine size small. Vmware's shared folder doesn't work for this, but virtualbox does
- download the machine at http://webhome.phy.duke.edu/~zz81/package/CentOS7_20180303.ova (a centos7 64bit with latest update on 20180303 and singularity-2.4.2 and latest docker installed)
- import the virtual machine into virtualbox refer to [https://askubuntu.com/questions/588426/how-to-export-and-import-virtualbox-vm-images
- boot up the linux virtual machine and login with user name "user" without password, just you know root password is "111111"
- use the installed singularity and docker, or update docker by yum or singularity by compile from source if you want
- set up a shared folder with name "share" in the machine setting and put any singularity images into the shared folder on host
- mount the shared folder "sudo mount -t vboxsf -o uid=$uid,gid=$gid share share" and use /home/user/share" as your working dir

@@ Line 32: / Line 32: @@
 =  docker =
-** at centos
+* at centos
-*** install the new version 17.* from docker repo, not old 1.* from centos extras repo
+** install the new version 17.* from docker repo, not old 1.* from centos extras repo
-*** you have to run start docker daemon first [see how to start and auto start it https://docs.docker.com/config/daemon/systemd/], then run "sudo docker run hello-world" to test
+** you have to run start docker daemon first [see how to start and auto start it https://docs.docker.com/config/daemon/systemd/], then run "sudo docker run hello-world" to test
-*** if your host is within jlab network but not jlab level1 or level2 linux, mostly likely you will encounter error like "x509: certificate signed by unknown authority" because jlab gateway hijack site certificate with its own. We can solve this by mimic a jlab maitianed system as follows
+** if your host is within jlab network but not jlab level1 or level2 linux, mostly likely you will encounter error like "x509: certificate signed by unknown authority" because jlab gateway hijack site certificate with its own. We can solve this by mimic a jlab maintained system as follows
-**** copy all files under /etc/pki/ca-trust/source/anchors/ from a jlab system like ifarm to your system
+*** do "yum install jlabca", if it fixed the problem, ignore steps below
-**** run "update-ca-trust","service docker stop","service docker start" as root
+*** copy all files under /etc/pki/ca-trust/source/anchors/ from a jlab system like ifarm to your system
-**** refer to https://github.com/moby/moby/issues/8849 for some discussion
+*** run "update-ca-trust","service docker stop","service docker start" as root
-**** images are at /var/lib/docker/overlay2
+*** refer to https://github.com/moby/moby/issues/8849 for some discussion
-** at windows
+** images are at /var/lib/docker/overlay2
-*** docker for windows requires latest window 10 pro 64bit and hyper-V on relative new CPU. docker will enable hyper-V which is disabled by default. Then your virtualbox and vmware (maybe) will stop working by crashing your windows, refer to https://docs.docker.com/docker-for-windows/install/#what-to-know-before-you-install
+* at windows
-*** images as one file at "C:\Users\Public\Documents\Hyper-V\Virtual hard disks\"
+** docker for windows requires latest window 10 pro 64bit and hyper-V on relative new CPU. docker will enable hyper-V which is disabled by default. Then your virtualbox and vmware (maybe) will stop working by crashing your windows, refer to https://docs.docker.com/docker-for-windows/install/#what-to-know-before-you-install
-** release space by https://stackoverflow.com/questions/44288901/how-to-force-docker-to-release-storage-space-after-manual-delete-of-file-in-volu
+** images as one file at "C:\Users\Public\Documents\Hyper-V\Virtual hard disks\"
+* release space by https://stackoverflow.com/questions/44288901/how-to-force-docker-to-release-storage-space-after-manual-delete-of-file-in-volu
 = a good linux virtual machine to run singularity and docker =

Difference between revisions of "Note about container"

Revision as of 17:58, 15 March 2018

singularity

docker

a good linux virtual machine to run singularity and docker

Navigation menu

Views

Personal tools

Navigation

Search

Tools