Apptainer

From UFRC
Jump to navigation Jump to search

Description

apptainer website  

Apptainer/Singularity is the most widely used container system for HPC. It is designed to execute applications at bare-metal performance while being secure, portable, and 100% reproducible.

Apptainer is 100% Docker and OCI (Open Containers Initiative) compatible (but easier to use).

Apptainer intuitively allows non-privileged users to run any containerized application.

The single-file SIF container format allows you to reproducibly build, share, and archive your workload from workstations, to HPC, to the edge. Secure

Apptainer runs "rootless" and prohibits privilege escalation within the container; users are the same inside and outside the container.

Apptainer's security architecture allows you to securely leverage GPUs, FPGAs, high-speed networks, and filesystems.

Environment Modules

Run module spider apptainer to find out what environment modules are available for this application.

System Variables

  • HPC_APPTAINER_DIR - installation directory
  • TMPDIR - temporary files directory
    • If users load container runtime on a login node before submitting a job or set TMPDIR before the submission the resulting TMPDIR will be carried into the job overriding HPG's normal mechanisms as usual and the job TMPDIR will be set to /scratch/local/$JOBID. If the container runtime is loaded before the job is submitted and TMPDIR is not set it will be set to $(pwd)/tmp by the module load. Users should not use /tmp when they run analyses on HiPerGator as /tmp is configured to be small and can be easily filled up causing a node to fail. See more at Temporary Directories.


Additional Information

User Documentation

Admin Documentation

HiPerGator Usage Examples

Pull a container from Docker Hub

$ apptainer pull docker://godlovedc/lolcow

The above will result in a lolcow_latest.sif container image creation. You can run the default program from that container with

$ apptainer run lolcow_latest.sif

or execute a particular binary of your choosing with

$ apptainer exec lolcow_latest.sif ls

or even create a shell in the software environment provided by the container with

$ apptainer shell lolcow_latest.sif

Run directly with Docker Hub URL

If it’s the first time you have run or pulled the container it will be downloaded and translated. If you have run or pulled the container before, it will be run from your cache.

$ apptainer run docker://godlovedc/lolcow 

Build an Apptainer Container from Docker

To run "build" instead of "run":

$ apptainer build lolcow.sif docker://godlovedc/lolcow
$ apptainer run lolcow.sif

Converting Dockerfile to sif

You can install Docker Desktop on your (Windows) computer to build a sif file from a Dockerfile.

1. Download the Dockerfile to a local folder in your desktop.

2. Open a terminal, such as CMD as administrator and run:

  > docker build --rm -t name_your_image_file C:\directory\where\Dockerifle\is\
  > docker save -o name_your_file.tar your_image_file

This will save the Docker image to a tarball file.

3. Upload the tarball to HPC using SFTP or another transfer method, then use apptainer to convert the docker tarball to an apptainer container by running:

  $ module load apptainer
  $ apptainer build the-name-you-want.sif docker-archive://the-name-you-want.tar


See User and Admin documentation for more information on how to create and use HPC containers.