LBNL to address problems specific to HPC • Development began in October 2015 • First release April 2016 • User feedback, major changes and help from the community leads to 2.0 in June 2016 • Greg founds Sylabs.io January 1, 2018; already at 28 employees, product and revenue! • Sylabs developers completely overhaul code base, create a suite of cloud services, and release 3.0 October 8, 2018!
HPC architecture and workflows • Supports all known resource managers • Optimized for compute jobs and performance • Supports GPUs, IB, OmniPath, MPI, parallel file systems, production kernels, etc... • Users are themselves within the container • Allows users to “BYOE” • Blocks privilege escalation within the container
syntax, to its image format, the runtime, and compatibility with OCI and Docker, Singularity facilitates easy and intuitive onboarding. SIF can squashe, encapsulate and sign Docker and OCI image formats (encryption coming soon) Docker, OCI, etc... Singularity
of choice for compute based workloads like simulation and AI As of Singularity 2.x… • Millions container runs per day • Estimated user base of more than 25k • Installed on over 3 million sockets HPCWire Readers and Editors Choice Awards: • 2016: Top products to watch • 2017: Top products to watch • 2017: Best HPC Programming Tool/Tech The Uptake of Singularity has been even faster than CentOS!
shell centos-vim.sif $ singularity exec centos-vim.sif vim testfile.txt $ singularity run centos-vim.sif testfile.txt # Singularity containers are also executable, so you can ‘run’ them directly $ ./centos-vim.sif testfile.txt # You can move the container onto any other Linux system with Singularity installed, and use the container directly $ scp centos-vim.sif firstname.lastname@example.org: $ ssh email@example.com $ ./centos-vim.sif newtestfile.txt Example Usage of Singularity
keys found, autogenerate? [Y/n] y Enter your name (e.g., John Doe) : Greg Enter your email address (e.g., firstname.lastname@example.org) : email@example.com Enter optional comment (e.g., development keys) : demokeys Generating Entity and OpenPGP Key Pair... Done Enter encryption passphrase : … Uploaded key successfully! Enter key passphrase: Signature created and applied to centos-vim.sif $ Cryptographically signed containers
100.00% 35.00 MiB/s 3s $ singularity verify centos-vim_latest.sif Verifying image: centos-vim_latest.sif INFO: key missing, searching key server for KeyID: 58D8405A30E12DE6... INFO: key retreived successfully! Store new public key F56D95BD3AFAC6FA3423911A58D8405A30E12DE6? [Y/n] y Data integrity checked, authentic and signed by: Greg (demokeys) <firstname.lastname@example.org>, KeyID 58D8405A30E12DE6 $ Pulling and Validating a Container
other container projects. Easy to use packages from Kubernetes, Docker/Moby, OCI etc. No need to rebuild in Python or C. • Concurrency model of Go. • Go is easy to learn for developers coming from other languages. • We used CNI rather than creating our own networking stack.
server to communicate between C and Go binaries. • Forking in Go. Certain syscalls should not be called in a multi threaded application. • Not following Go Standards (packaging, internal) • Vendoring… dep, go mod, vendor/ • Packaging. Custom packaging tool makeit.
of packages for backend and system projects, cloud APIs. • go test - Easy standards and framework for setting up tests. • Easy to be productive in Go. Well designed language. • Go is opinionated (Good and Bad). Works well but you have to follow the standards. Easy to read other codebases.