singularity

• general
  • website http://singularity.lbl.gov
  • hub https://singularity-hub.org
  • talk "Singularity: Containers for Science, Reproducibility, and HPC" https://youtu.be/DA87Ba2dpNM

• warning
  • if you are running singularity-2.4 on a centos7.2 host, you could have kernel panic if you use ROOT TMD5 and load your host dir

• installation
  • refer to installation instruction and the latest version is recommend.
  • singularity-2.4 can run singularity-2.3 images and has many new features and we should use it instead of 2.3 whenever possible
  • On redhat-kind linux, build an rpm first and install it. at least "squashfs-tools,automake,rpm-build,libtool" are needed to build it.
  • On windows and Mac, the official way just running a small linux virtual machine with virtualbox, but the virtual box is not good for graphic application. The better alternative is to use a good but not so small linux virtual machine. If you have one already, use it. If not, see below to download an existing one.

• a centos virtualbox virtual machine to run singularity and docker
  • download and install virtualbox https://www.virtualbox.org/wiki/Downloads
  • It's nice, but not a must, to run singularity image in shared folder because it keeps the virtual machine size small. Vmware's shared folder doesn't work for this, but virtualbox does
  • download the machine at http://www.phy.duke.edu/~zz81/package/CentOS7_x86_64_20171030.ova (a centos7.4 with latest update on 20171030 and singularity-2.4.2 and latest docker installed)
  • import the virtual machine into virtualbox refer to [https://askubuntu.com/questions/588426/how-to-export-and-import-virtualbox-vm-images

]

• • set up a shared folder with name "share" in the machine setting and put the singularity image into the shared folder on host
  • boot up the linux virtual machine and login with both "root" and user "user" password are "111111"
  • mount the shared folder "sudo mount -t vboxsf -o uid=$uid,gid=$gid share share" and use /home/user/share" as your working dir, then you can test singularity
  • use the installed singularity and docker, or update docker by yum or singularity by compile from source if you want

• singularity at jlab as 2018/02/28
  • jlab farm and ifarm has singularity-2.3.1 installed as default
  • on ifarm1402, you can also test singularity-2.4.2 and singularity-2.3.2 by using module with "module load singularity-2.4.2" or "module load singularity-2.3.2" and "module rm singularity-2.4.2" or "module rm singularity-2.3.2". They are not on farm nodes, so we can't run jobs yet

• test singularity
  • cd some_where_with_enough_space
  • "setenv http_proxy http://jprox.jlab.org:8082" "setenv https_proxy http://jprox.jlab.org:8082" if you are on jlab ifarm
  • setenv SINGULARITY_CACHEDIR ./ (change cache dir from default ~/.singularity, MUST do at jlab ifarm with very limited space at hom)
  • singularity pull docker://godlovedc/lolcow
  • singularity run lolcow.img
  • setenv PYTHONHTTPSVERIFY 0 (sometime needed to bypass singularity hub certificate check)
  • singularity pull shub://GodloveD/lolcow
  • singularity run GodloveD-lolcow-master-latest.simg

docker

• • at centos
    • install the new version 17.* from docker repo, not old 1.* from centos extras repo
    • you have to run start docker daemon first [see how to start and auto start it https://docs.docker.com/config/daemon/systemd/], then run "sudo docker run hello-world" to test
    • if your host is within jlab network but not jlab level1 or level2 linux, mostly likely you will encounter error like "x509: certificate signed by unknown authority" because jlab gateway hijack site certificate with its own. We can solve this by mimic a jlab maitianed system as follows
      • copy all files under /etc/pki/ca-trust/source/anchors/ from a jlab system like ifarm to your system
      • run "update-ca-trust","service docker stop","service docker start" as root
      • refer to https://github.com/moby/moby/issues/8849 for some discussion
  • images are at /var/lib/docker/overlay2
  • at windows
    • docker for windows requires latest window 10 pro 64bit and hyper-V on relative new CPU. docker will enable hyper-V which is disabled by default. Then your virtualbox and vmware (maybe) will stop working by crashing your windows, refer to https://docs.docker.com/docker-for-windows/install/#what-to-know-before-you-install
    • images as one file at "C:\Users\Public\Documents\Hyper-V\Virtual hard disks\"
  • release space by https://stackoverflow.com/questions/44288901/how-to-force-docker-to-release-storage-space-after-manual-delete-of-file-in-volu

log

questions and comments should go to Zhiwen Zhao zwzhao at jlab.org