Apptainer (Singularity) containers

last update: July 22, 2024

Introduction

Apptainer (Singularity) is one of the container virtualization programs and thus have many common features with the other ones. However, there are some important differences between singularity and others (such as Docker), since Apptainer is explicitly focused on HPC systems. For example, non-root users can use containers without complicated prerequisites and GPUs can be used easily in Apptainer.

Contents of this page will be added from time to time.

Container Image

Apptainer can also use Docker image (NOT ALWAYS, though). Docker images on NVIDIA NGC are available for example. Here is an example to build an image for apptainer (singularity) from docker one.

$ apptainer pull docker://nvcr.io/nvidia/pytorch:23.11-py3

Other References:

Building Container Image

You can build Apptainer image on ccfep from the definition file. An example definition is shown below (referred to as ubuntu24_04.def). The base environment of this container is Ubuntu 24.04. Miniforge will be installed in /opt and some of packages will be added in base environment of it. The conda environment will be loaded when loading image (%environment).

Bootstrap: docker
From: ubuntu:24.04

%post
  apt-get -y update
  apt-get -y upgrade
  apt-get -y install \
    build-essential \
    wget \
    bzip2 \
    git
  apt-get -y clean
  wget -c https://github.com/conda-forge/miniforge/releases/latest/download/Miniforge3-Linux-x86_64.sh
  /bin/sh Miniforge3-Linux-x86_64.sh -bfp /opt/miniforge
  /opt/miniforge/bin/conda shell.bash hook > /opt/miniforge/conda_init.sh
  . /opt/miniforge/conda_init.sh
  conda install opencv numpy scipy scikit-learn jax
  conda install pytest pandas sphinx curl glib glob2 isort pango
  conda install path pathlib2 pathtools psutil cmake
  conda install jupyterlab eigen boost transformers boost-cpp
  conda install h5py markdown matplotlib
  conda install scikit-image sqlite jupyter
  # show list to review
  conda list

%environment
  . /opt/miniforge/conda_init.sh

%labels
  Author RCCS
  Version 0.0.1

%help
  Sample python environment for RCCS supercomputer system.

%runscript
 

You can create the apptainer image (.sif) with the following command (--fakeroot option is automatically added).

$ apptainer build ubuntu24_04.sif ubuntu24_04.def

You can launch shell inside the container.

$ apptainer shell ubuntu24_04.sif
(base) python
Python 3.10.14 | packaged by conda-forge | (main, Mar 20 2024, 12:45:18) [GCC 12.3.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>>

You can exec command from the outside of the container.

$ apptainer exec ubuntu24_04.sif gcc -dumpfullversion
13.2.0
$ apptainer exec ubuntu24_04.sif head -3 /etc/os-release
PRETTY_NAME="Ubuntu Noble Numbat (development branch)"
NAME="Ubuntu"
VERSION_ID="24.04"

Notes

  • Similar sample files are available in /apl/apptainer/sample-ubuntu24.04/ directory.
  • For GPUs, GPU driver of the host will be used.
    • You need to add --nv option when loading container. (e.g. apptainer run --nv (sif filename))
    • If container requires newer GPU driver than the host one, it will result in error.
    • You may need to verify the required and installed GPU driver (or CUDA) versions.
  • You can run intra-node parallel MPI program easily and effectively with the MPI environment installed in the container.
  • It is not easy to run inter-node parallel MPI program, since it depends on things outside the container. Still it is possible to run MPI programs.
    • Mpirun command would launch multiple singularity (apptainer) commands.
    • MPI environments inside and outside of the container should be the same (or compatible?).
    • It may be difficult to get good performance. (Launching multiple container instances may not be a negligible load.)
    • It is better to avoid inter-node MPI parallel runs with singularity/apptainer if you can.
  • Your home directory will be mounted automatically. You don't need to add /home in --bind.
  • If you want to use applications installed under /apl together with container ones, you may need to add --bind /apl:/apl option.
    • e.g. apptainer run --bind /apl:/apl --nv (sif filename)
    • You may also need /gwork in some cases.