Singularity Containers

today we'll talk about the singularity right so you you might have heard the earlier that this from time to time these years because it become becomes very popular and it's a very powerful container tools that can help you research on the HPC and give you um much Freedom you would like on on the HPC classes as a user I mean you mean you don't have any rude or pseudo privilege you will then find that you you will gain some sort of reasons with Singularity when you run your programs on the HPC so that's the pro part and the progress for using Singularity so if you wish to know more about it welcome to learn it with me today okay so here's this is the first first thing I would like to talk so why why we use singularity so uh if you are HPC users no matter you are new or old or for old for many years and you you may find that on your typical super computer clusters you cannot use some uh commonly use a popular Linux command to install softwares like you cannot use Young or you cannot use application as as you you are doing you know every day on your on your Linux PC because you don't have sudo or root and you you might need to update some system libraries if you found those libraries are out of date on on that HTC cluster you can you cannot just update them because you you you don't have uh you're not as a season means and also sometimes you want to share your work down on the HPC uh on your HPC clusters with your lab Lab members or your colleagues and want them to to repeat your your what you are doing so to see if they can reproduce the results you have done and that means you you need to tell them how to do the uh every step that you they need to follow to install and use your program and you use your input but the data might might have too too many uh steps or or features that they need to follow and catch up and uh of course you can you can ask the HPC support staff for help they are asking them to to to install something with with young or is update some seasoned libraries but usually from the user support point of view we we cannot just simply update or install those softwares into a system pass because that might change out our fundamentals the the the fundamental things uh software stack and the effects are other softwares that has been installed so usually we we don't we we don't have uh upgrade our system libraries and we don't install stuff by by Young or app gather for for uh uh for our software just as you request s oh as a as a HPC user you may need a tool that can make software installation much easier so you need you need a tool that can let you run young or have to get and you a tool that can let you freely update any season libraries for the software and the sometimes you you might need a you might just need a software that is already built and shareable in in some free reports and the singularity is that is that software so it offers it offers those features I just mentioned and uh it uh you cannot uh it has a free uh it's it has a Linux distribution and it can let you do it by yourself other than asking any HPC uh support staff for help as long as you know some base similarity uh Singularity knowledge you you know how to do it by yourself and you once you have you have the you have a similarity image you can share it with your colleagues so they they can use that image to run your uh what you have built and the be able to reproduce what you are done very easily so let's review the linear system architecture to make sure how Singularity works so on every HPC classes or every pieces there is a hardware of course and uh apps the hardware there's there's a lineage kernel the Linux kernel is for you to make sure every Hardware is powered on and connects to each other and they they are functional but you also need some uh some others above the kernel which is the five season so uh each Lines season has a fine season you you will need you will need your own file system in order to run anything from the HPC clusters or on on the Linux PC and then you add those applications you need into the into the some some place in in the Five Five Seasons so so now with singularity we have uh or any other container Technologies we have a container launcher based on the native buy season and then we launch our container tools to build uh to have a container that has uh has its own Five Seasons and then we build applications on those five seasons so in that inside that container you will have more uh much more freedom uh than than on the native Five Seasons which you usually you don't have any suit or root privilege okay but so how how about Singularity so Singularity is the software providing the container for the HPC environment so you you might have uh you might have heard uh heard a daughter daughter is another container Technologies which is I think is the most popular container technology in the world also daughter can also provided the containers but inside the container inside the dark container it requires root to build those applications in the container which is not a good idea in the HPC environment because for security security reason root is not allowed when running container in the HPC environment so here's The Singularity container so container inside that Singularity container you don't need root to build those applications that's why we we choose to run Singularity on the HPC clusters and why we use Singularity let me add more tips here so it's not just a SQL tool for for counterilizing those software on HPC but Singularity can also have many features like natively support the HPC interconnects such as the infinity band and it can also support those GPU cards and it can support the MPI because that's very important and common features on the HPC clusters and the singularity can be shared and transported as a single container image so there's only one one image file to share once it's created and with that image you can just share it with uh with your colleagues or lab members and the wrong even on different clusters and the it can also uh it can also be integrated with many popular uh popular workload managers such as slum and some single active feature is 10 10 converted directly within within slum okay so here is the summary of why we use singularities so before Singularity you cannot use young or app get to install softwares and you cannot update system libraries such as gdpc for your applications and you can not easily share the workflow with colleagues to let them reproduce your test results but now with similarity you can use those young in-store or app get installed or even directly get the image from the developers so many developers know singularities and they they have built a single like image for their software and share shared with others or they they have some definition files to tell you how to build a singularity images or how to build a daughter image and uh then now now with Singularity you can build the image with a newer and preferred Linux distributions so for example uhpc clusters is running on red hat or Centos OS Center OS but now you you are Ubuntu user and you wish to use Ubuntu then in that Singularity container you can choose to run Ubuntu so that's up to you and it's usually works well and now you can of course you can share that image to to your colleagues now once once you have the image okay so I I have highlighted the word image here so what exactly is an image a image in in the container technology is a static file that includes your distributable code so that it has two features is immutable that means once it's created you cannot just change that image and it's portable so it it can run on on many other platforms or clusters or as long as long as the kernel are similar there is the the that is the limitation approach is about the kernel but other than that usually you you won't see any limitations about where where to run it and uh who can imagine a containery uh image as a game CD so once you you go on that CD you you can you can play games on your uh on your Xbox or on your or on your your friends at uh at sports so it's it it can play on other other places oh okay so that's the the first part I would like to introduce so why use uh similarities please let me know if you have questions and the comments so far before I move to the next uh next session you will we do have a couple questions yes please um One is a big knock against using containers and hpcs performance how can these concerns be addressed uh like the the the the the the the performance about the The Singularity on the htpc system uh let me see the if I I can I understand that the questions I guess uh I'm not quite sure if this is a Bitcoins or not because in in my in my in my own experience I I certainly I I didn't test every one every time every software in inside the singularity containers but the one I have tested I haven't found any significant performance loss when using the when when portal software in in the singularity in my in my own test of course my test is limited but my my not apply to air tools to everywhere but I I but I have a country confidence that many soft doors I I have seen one one uh I still have a similar performance inside the inside of the container so that's my answer uh if or if you have any specific examples uh to see the any performance loss welcome to let me know so I can I can take a look and see if uh you usually have a walk around or we have any solution for that uh I I hope I I I I I I tried my my best to answer this question and you've got a few others weighing in on that too um so we do have another question and this one came in uh let's see at 11 16. can non-linux OS be used like open BSD uh let me see uh that's that good question but a singularity can cannot directly running on other os's I mean you can you cannot directly run your own windows or cannot run your Mac OS and usually it only supporting running in the Linux environment but if you wish to run run similarity on your like on your Windows PC there's a workaround and I will mention this later so if you wish to write on your Mac OS there's a workaround you just need to build the Linux virtual machine or you you or use the similar Technologies to to let similarity around your PC all right next question at 11 19 what are the advantages of using Singularity over Docker besides the lack of necessary root privileges necessary for running Docker commands as you elude alluded to earlier that's that's a good question besides the security reason I mean the root I I've seen a singular in my in my opinion they they they are they are quite very similar they're very similar technology I'm not um I haven't been able to think about this carefully before but the the bottom line is if you are HPC user I mean running running I wish to have a container to use a container technology on the on the HPC clusters you you have to you have to choose Singularity I mean that's the that's the bottom line I mean I I haven't seen any data center that is open to us for Creative users uh opening for darker for running darker but those those data centers I know that are or allow users to run singularity I I think that that's money for the security reason right and that wraps up the current questions and everybody else is chiming into to support these so thank you everybody all right thank you everybody thank you for for trying uh for trying to to help so let me move to the next session so where where to build those Singularity container images because usually building those images require you to have sudo or root but you you usually don't have it unless HBC clusters so that's that's for uh that's true for at least for for those sdsc clusters like tscc or expense we don't give users uh sudo or root privilege or don't let the user build build similarity uh on our classes so they might there might be some other classes allow users to create a singularity containers directly under that but but you will need to consult their support staff to confirm so where to build those in uh containers exactly so it can be built on your PC or some local server where root permission is available also you you can try some Cloud platforms that can also provide free Singularity container services like the scilab scilab is actually it's a cloud platform uh provided by by Singularity and jet stream 2 if you uh if you have for this Cloud popular cloud cloud computing for for researchers there is just stream 2 is uh it's developed by uh in Indiana usable University and it's it's very popular and it is not just providing the singularity container services but it can use to to build singularities are the images okay so here is just some simple workflow how to use it uh how to use uh how to build Singularity so you just install it first of course on your PC and then you build the image on on the on your PC or on the cloud and then you upload your image to the super computer clusters and then run it so that's it one two three four is very simple and clear it's not nothing hard to to to understand I think here uh so how to install a singularity on your PC if you have a Linux or Os so you you can just use young or app get installed if you your learner's OS is new so usually singularity uh his pack has been packaged by by uh by by Debian already and or or you can choose install similarity from source and if you have a Mac OS you you can install and run through a Linux virtual machines and if your windows user you can also choose Linux virtual machine or you can just use the the the the WSL too so that's what I'm using on my Windows PC so once it uh once it Singularity has been installed it can used to build a image by The Singularity build command so this build command requires you to so yeah so here is I I just I just gave a example of the singularity build command and it's sudo Singularity build and then your your singular uh you Singularity image name and the word to where to build uh to pull the to contents for this image here at the end of this command begins with the daughter is uh it is the external resources where Singularity should download those pre-built images so in this example Singularity is trying to download some external resources from daughter and then build and transfer it to to the singularities that's that might be the most commonly uh resources you will use when building singularities and here the daughter it refers to the dot Hub and I I will mention this next so what is a daughter daughter heart the daughter Hub has the most uh container images in the world so you might heard that the daughter is is basically uh everyone everywhere in in the container in the container world so it can uh it saves many darker images contains and it can and you you can just go to go to there and search container images without a account you can just search what was that uh which software you need you usually you you if you are if you are lucky you can find the software you need but generally generally speaking please do not simply visit and search and then download instead please try go to your the software uh software manual or document or developer for the best container images because many developers have already mentioned those uh their official image places on their website for example on their GitHub so you just will visit their GitHub and they they have already already added those instructions about how to get a get their official Singularity image uh or daughter images there so you just follow that those instructions and get your image so once you decided which images together you can you can download uh you can let Singularity download those container images from the dark Hub with the format like this that I I uh I list the format format here so that won't take too much details but it should be easy to understand like retail similarity is from the dot Hub and then the two layers is about the username and the application name sometimes there there only be one name uh one layer as shown in the example and then a version 10 version 10 is tells uh tells similarity which word version uh we push version single actually should choose so here are some examples of this uh uh they start a DOT Hub can end and another source you can see to use it from immediate and media also have a have its own GPU cloud available for you to download some some images they tested officially so those images contains the GPU enabled applications and all nvida GPU labs it is a private registry but still on the docker hub it's it's free to use and you you can you just need a free Nvidia NGC account to search and pull those images and I list some details here and the format is a just a little bit different as I highlighted in red here you just need to add the nvidia's private registry that had uh here tags and then you can search those images build and build buildings similarity images called uh according to the to their tag and if you are bioinformatics machines you can you can consider to to gather your bio containers from from the bio containers so that's the name that's that's that's his name and the the tag I highlighted in red in the in the example is is a is there you need it's you there you need research study you can just add the search Once you search the text and uh find WhatsApp uh what what you need you can then building your simulator images with uh with this format under besides directly building uh Building images from from those uh from those dot Hub or a media or bio containers usually you will need to create your own definition files we we call it recipe so that can also be done by the singularity build command and the here in this example I build a singularity image called Elfin dot s image from a fine for the singularity dot Alpha flow so those Alpha photo is the singularity the alpha fold is the recipe name and you can name it uh you you can name it and anything you you want and user you can use use the recipe when you you want to modify a existing image or you build an image from scratch or you want to add new features to this to your image it can it can be very flexible once you you got to know how it works and most image and the most image should be customized for better run on the cluster that's my that's my opinion and you can for example you can add Banning points and what is The Binding point that we can talk to talk about this later or you can set up any necessary environment variable designed for your cluster and YouTube you can uh you can use your recipe as a record about how you build your image so next time you want to build another uh image or you want to modify your image you can just modify your your USB and rebuild it so and also you can share your your recipe to others your building process so others can can just say very easily together and uh get how you build your image okay so here is an example of Singularity risk example of Singularity recipes so we have uh we have some head head flies here is is a bootstrap Docker means is uh is going to pull some resources from the dot Hub and from uh what what kind of what kind of format it needs it needs a Ubuntu 1604 and there are some labels that just gave some metadata information about this image and the next part is the post uh this this part is the main part of the recipe is the download uh it it can download install config create a new directories and doing many other things at the image building time and any environment variables can be can also be said here if they are needed during the container building time and then the last part I in this example is the environment part this this environments are part defines the environment environmental variables that will be set at the wrong time so it's a it's something when you run your Singularity image what kind of environment variables will be uh will be excluded or will be loaded so here's a here are some other such uh surfings I I think is useful and like the files for example if you wish to copy files into the Container at the building time at the container building time you can add that that's that sessions to copy files to to some to some place in in inside the container from Five Seasons and the the Run script session can each you the command when running Singularity wrong and the test sessions can run some very based test at the very end of the the build process to validate the containers so how to finalize the recipe and uh here's here's some stories I I have been experience about for some some years and the single line so the singularity build may take like 10 minutes or even longer to build a moderate size container images so there will always be some uncertainties when running commands in in the recipes so for example I'm I'm sure we which young install or applicator installed can work or I'm unsure whether source code compilation can work and whether I'm not I might have some incorrect locations in the container five seconds Five Seasons or might I might have some typos or incorrect file name in the command lines that happens to me all the time when I am building Singularity images and the the bad news for me is the build process will be terminated immediately by any of the error mentioned about so if Singularity build command will be interrupted by those by by those arrows and you will have to fix your error and then drum Singularity build this so if the word flow is like like this like you you run you see those Arrow you fix those arrows and then you run those Singularity as data Singularity build recommend again and until you see your next Arrow and you fix your natural arrow and run again and you repeat that until every arrow is fixed that works from my pay to a lot a lot of time and my human mind even lose your patience so that's not that's not good so fortunately we with a recipe we might be able to overcome that that that uh that process so you can just choose the base container as a starting point and then create a a single line Houston rocks with the image that has the best desired tools so what is a Sandbox the sandbox is a container with a writable directory so it's usually is for you to test how how you build uh how you build the images and here is the examples single large I I have here singular attribute and then you you you will have a Sandbox for you to test the uh to test once they send sandbox is created you then end the sandbox with us command called Singularity show and then add the options writable and then test with the interactive commands like like just like what you are typing commands on on your PC or on your or on some other places and if you once you are in inside the sandbox you're typing commands every commands you you need to build that uh you to build your software if the command work you can add those commands into your final recipe if not you will see error on your screen so you you can you can you can fix those and those errors and then you try it try try to type the command again and if it was added to to you to your recipes and then once you get your final recipe you can just build your image with the final recipe so that's that's that that should be much better than than the the wrong Singularity Bill determined many times so here's the example of the how how to finalize the recipe and I I have some some very simple uh simple and basic containers created with the recipe on the left side it's just the empty Ubuntu 1604 and then I just created a stand boss with uh always this recipe and the end samples and for example I I then try to install gcc9 if this command app get installed gcc9 what's then I add that command line into the recipe into my recipe if it doesn't work for example it has some typos or if the word GCC version is too new to to be installed in 1 to 16 I will get some arrows and I I'm try I will then trying to fix that Arrow and and that's the that's the way we can um that's the way we build our Singularity image so just just a quick summary and a review so we use single attribute to build our Singularity image and it can can be from some some online online records for example from the docker Hub or Nvidia NGC or from the bio containers or you can create your own recipes and update your recipe and for it for your software and then finalize your recipe and then build your e-cigarette image so that's uh that's the singularity image build sessions I would like to introduce and I will stop here for any questions and let me know if you have questions here you will we do have one question um at 11 27 uh does sdsc also support appertainer if yes have you observed any difference between Singularity and appertainer okay that's a good question I I I would like to introduce the app trainer at the end of the sessions and I think we know that that obtainer is a is a fault of the singularity and the OWN and uh at the sdsc clusters right now we are using singularity I mean it's uh we we we don't have both I mean but we only have similarity so we um we we should sing variety because that's where you what we have using we have been using here for it for years and we we we don't plan to transfer to ad planners but they they should give very similar performance in general in my in my opinion I have my my myself I haven't tried applicant trainer too too much before on other places so that's my that's just my opinion uh great you will another question is come in um are we going to go over how to run these containers in slurm jobs on expanse oh there I I uh I've seen the week we have some we have some slurms examples of grapes are using using the singular uh using this uh using singularities for example I know the own expense there are uh when we're running Alpha phone we have a we have a slurm scripts example to show you how to use uh wrong Alpha for with Singularity so we have several examples uh examples like that on storm and uh actually on the next slide I I will uh well it might not be the right place to hear but we we have we're the only expands there there's a location where where we save those uh Singularity exams containers and examples all right that uh wraps up the current set of questions all right thank you so so he's uh so on the stsc classes exactly is in store uh at some some place but you don't have to remember those places but just use the Mojo Load to load the singularities for example on expense you just you load it with which uh with module but on tscc you don't even even have to you loaded below the singularity with module it's available by C4 okay so on the international well what will be an easy part I mean for for everyone now so we because most most of users I have made they don't even need to build their own images they just asked the HPC supports staff for help so once we the HPC support staff builds those images and then upload it to the classes those users are just wrong wrong those images so that's a very very easy easy work to for them to do so how we next we just learn some base usage of the uh how uh base how to use those images like like the one I'm showing here we can open a singularity Shield command so we can so we can end that Singularity image once we end it we can just type some command and now we are we know that we are inside a image and the and of course we can just run the singularity image with a singularity wrong command and oh and the one once once you run the command maybe with some some options flags on the arguments in certain the content container will run and give you the results you want and uh the next one is actually a command in the container so we use Singularity HQ to execute our com customer command within a container so that's last example I use that actually cast image and then I want to use the python inside that image to run my python script and this python command is inside the image but that Pi torch and needs price dot Pi dot python strip is out outside of the container so in this example I just want to use the python in uh inside inside the the singularity container to run my python script and of course those custom command needs to be in in the past in inside The Campaign which can be set in the environment section uh in in the recipe or it it might have been previewed inside the inside inside the container okay so next concept is about The Binding point so Singularity container prices and the native species and share the user's home directly but some directors and executables in the native Fashions do not exist in the container five seasons like what I have I am showing here in inside the blue is the native Five Seasons and the inside container is the inside the red is the container prices they are sharing your home but other other faces locations in inside uh in the fight system are not shared so for example on on the sdsc Clusters you have OCS and you have projects directly in the native five season but they they are not available by default inside the container prices so that's that requires you to add some binding point one running the singularity foreign version is is new it's like a like a 3.7 or later then probably you don't need to add uh add The Binding point in your recipe or when when you're building your similarity image but if you you're using relative version is old so then you you need to add a binding Point first in the inside of the recipe in the in the post sessions I I gave uh I gave a example here so like in in my recipe as I just make a directory of the osis and then make a directly about the projects and then use Rush use this recipe to create the the containers and add then later add the container runtime I uh I need to add a bind option to bind those containers as I am I'm showing in this example similarity is X and then Dash B and the osis and the comma and the projects so at the container runtime the student actually knows that we we need to apply these two binding points so these two locations will be will also be available available if we want to add a binding point of some files creating containers from the recipe we can create some empty files with the touch command first for example in in the recipe you start slash means Nvidia SMI so there will there will be a amplifier created in inside the container and then at the at the container runtime that command will be available inside the container and there's there's some some useful binding points for example inside uh in the for for example for the products tradables if you you need to eat to run those uh Cuda extrudables you can apply add and apply those spanning points inside your container and for example you you can add some binding point for reading some uh parameters or environment variables from your job scheduler and you can add some binding point for getting the SSH host piece and of course you you might you might be aware of that the singular high speed command is very long so you can make a simple batch script like the example I I have here so a simple strip can include a long Singularity command so at the wrong time you can just run this script instead instead of running data launch Singularity command and the options pass to The Container at the runtime are printed as a single string Isis is here and you can then run this back script and if you want to make a use of gpus you can you uh you can use the dash dash NV option to in to enable nvida gpus support which you usually works quite well for the images built from the media and DC and uh here is the applicant or stuff I want to add at last so single IP open source projects now uh was named to app Tanner so here are some histories of the singularity family and as you may know that open source project has been renamed to app Channel but the singularity family still exists and uh The Singularity uh Singularity products now is provided by scilabs and they offer several products like Singularity Community Edition similarity Pros similarity Enterprise Singularity container services which is a platform a cloud platform Services I think and what we have on our sdsc classes are still the singularity uh uh provided by sylab at the moment and the effect of the name change on using similarities on our cluster on our sdsc clusters uh basically no no effects because we we are using still using singularities and we choose to use Singularity Pro and uh it has been installed on tscc and expands so it's recommended to install Singularity provided by scilabs on your local machine if you want to uh try building similarity image inspired by yourself on your on your PC but the basic use of obtainer and singularity are almost the same as the user level so if you read their user user manual you use you you'll find that they are very similar to use if you're a user you probably you you won't feel many differences yes but other than the command it's different now you might need to to use the the command app channel to build your image or to access your image on your local machine and the other of course other classes may choose to use app planner uh I'm I'm not sure about other other uh other data centers uh clusters but you you can consult your class classes support staff to confirm okay here are the take-home message I I first introduced why we use singularities on on the HPC clusters right so you you will you your convenience and freedom you you need to build software you if you can now use uh choose your your own Linux distributions for example you can choose your the Ubuntu you like and you can choose choose install the world with after death or young or other other tools to install software and you you have uh you have a you have some choices when building your software inside the containers and then we talked about what is a singularity containers and how it works so it works as if you you are using some uh your you are building and using your applications inside uh container including the container file systems so one when you build and use your your applications or build your containers container images you are inside a container environment so you you just use uh you just use your tools you uh you have maybe your your quite will know how to build it build those data applications on your PC now you can just do almost the same thing when you build build that application inside your the inside the containers and that of course there's some different friends about uh there's there's some difference when building something inside the uh inside the the containers and then we thought about how to build the image with a recipe and how to build an image with uh directly from from those hubs from from the dark heart from the media NGC and uh if you you you don't don't want to build any Singularity images then the life might be will be much easier idea for you you're just wrong Singularity containers on the classes and we then then introduce how to run the singularity images and with the singularity command like Singularity Shield Singularity wrong and Singularity it's and usually one when the uh when when the contain uh when when the image was is created by the HTTP support staff they will upload that image to the cluster and let you know wrong and usually they know how to run it right so you can just use the command introduced by by by the support staff and then run your uh by the run and run your your run your applications accordingly that's uh that's uh that's the easiest way to use Singularity you even don't need to learn much more about Singularity patterns of course you if you learn what what's going on uh what I've introduced today I believe you will be benefited from uh from for learning uh knowing more than just um than just run us Singularity command and uh yeah I think that's what I I have today and the last slide is about the difference between the virtual machine and the container but that's it's just a point for your reference that thank you and please let me know if you have any other questions

2023-06-06 04:28

Other news