什么是singularity容器
Singularity是勞倫斯伯克利國家實驗室專門為大規模、跨節點HPC和DL工作負載而開發的容器化技術。具備輕量級、快速部署、方便遷移等諸多優勢,且支持從Docker鏡像格式轉換為Singularity鏡像格式。除了兼容docker的鏡像之外,singularity還有一個不太明顯的優勢:可以通過非root帳號來拉起容器,這樣對於某些安全性要求比較高的場景來說還是有用途的。
環境准備
目前singularity支持了redhat系列Linux發行版的二進制安裝,這里我們使用的基礎系統是CentOS:
[root@centos /]# cat /etc/redhat-release
CentOS Linux release 8.3.2011
安裝配置epel擴展源
首先我們需要更新所有的系統軟件:
[root@centos /]# yum update -y
CentOS Linux 8 - AppStream 1.1 MB/s | 6.3 MB 00:05
CentOS Linux 8 - BaseOS 1.7 MB/s | 2.3 MB 00:01
Dependencies resolved.
Nothing to do.
Complete!
安裝epel擴展源:
[root@centos /]# yum install -y epel-release
Last metadata expiration check: 0:00:22 ago on Wed 13 Jan 2021 09:24:36 AM UTC.
Dependencies resolved.
============================================================================================================================================================================================================================================
Package Architecture Version Repository Size
============================================================================================================================================================================================================================================
Installing:
epel-release noarch 8-8.el8 extras 23 k
Transaction Summary
============================================================================================================================================================================================================================================
Install 1 Package
Total download size: 23 k
Installed size: 32 k
Downloading Packages:
epel-release-8-8.el8.noarch.rpm 140 kB/s | 23 kB 00:00
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 34 kB/s | 23 kB 00:00
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : epel-release-8-8.el8.noarch 1/1
Running scriptlet: epel-release-8-8.el8.noarch 1/1
Verifying : epel-release-8-8.el8.noarch 1/1
Installed:
epel-release-8-8.el8.noarch
Complete!
安裝好epel源之后,需要再次更新系統軟件:
[root@centos /]# yum update -y
Extra Packages for Enterprise Linux Modular 8 - x86_64 9.2 kB/s | 527 kB 00:57
Extra Packages for Enterprise Linux 8 - x86_64 10 kB/s | 8.8 MB 14:46
Last metadata expiration check: 0:00:19 ago on Wed 13 Jan 2021 09:26:09 AM UTC.
Dependencies resolved.
============================================================================================================================================================================================================================================
Package Architecture Version Repository Size
============================================================================================================================================================================================================================================
Upgrading:
epel-release noarch 8-10.el8 epel 22 k
Transaction Summary
============================================================================================================================================================================================================================================
Upgrade 1 Package
Total download size: 22 k
Downloading Packages:
epel-release-8-10.el8.noarch.rpm 7.8 kB/s | 22 kB 00:02
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 6.1 kB/s | 22 kB 00:03
warning: /var/cache/dnf/epel-05da96c052a128d8/packages/epel-release-8-10.el8.noarch.rpm: Header V4 RSA/SHA256 Signature, key ID 2f86d6a1: NOKEY
Extra Packages for Enterprise Linux 8 - x86_64 1.6 MB/s | 1.6 kB 00:00
Importing GPG key 0x2F86D6A1:
Userid : "Fedora EPEL (8) <epel@fedoraproject.org>"
Fingerprint: 94E2 79EB 8D8F 25B2 1810 ADF1 21EA 45AB 2F86 D6A1
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-8
Key imported successfully
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Running scriptlet: epel-release-8-10.el8.noarch 1/1
Upgrading : epel-release-8-10.el8.noarch 1/2
Cleanup : epel-release-8-8.el8.noarch 2/2
Running scriptlet: epel-release-8-8.el8.noarch 2/2
Verifying : epel-release-8-10.el8.noarch 1/2
Verifying : epel-release-8-8.el8.noarch 2/2
Upgraded:
epel-release-8-10.el8.noarch
Complete!
配置epel國內鏡像源
使用默認的源地址去下載軟件的話,有可能會導致下載速度緩慢甚至下載失敗。這里推薦使用華為的國內鏡像源地址,配置方法如下:
[root@centos /]# sed -i "s/#baseurl/baseurl/g" /etc/yum.repos.d/epel.repo
[root@centos /]# sed -i "s/metalink/#metalink/g" /etc/yum.repos.d/epel.repo
[root@centos /]# sed -i "s@https\?://download.fedoraproject.org/pub@https://mirrors.huaweicloud.com@g" /etc/yum.repos.d/epel.repo
再次更新所有源:
[root@centos /]# yum update -y
Extra Packages for Enterprise Linux 8 - x86_64 5.9 MB/s | 8.8 MB 00:01
Last metadata expiration check: 0:00:02 ago on Wed 13 Jan 2021 09:55:51 AM UTC.
Dependencies resolved.
Nothing to do.
Complete!
使用yum安裝singularity
到這里為止,基本的環境配置就完成了,可以正式開始singularity的安裝:
[root@centos /]# yum install -y singularity
Last metadata expiration check: 0:00:59 ago on Wed 13 Jan 2021 09:55:51 AM UTC.
Dependencies resolved.
============================================================================================================================================================================================================================================
Package Architecture Version Repository Size
============================================================================================================================================================================================================================================
Installing:
singularity x86_64 3.7.0-1.el8 epel 42 M
Transaction Summary
============================================================================================================================================================================================================================================
Install 1 Package
Total download size: 42 M
Installed size: 138 M
Downloading Packages:
singularity-3.7.0-1.el8.x86_64.rpm 3.4 MB/s | 42 MB 00:12
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 3.4 MB/s | 42 MB 00:12
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : singularity-3.7.0-1.el8.x86_64 1/1
Running scriptlet: singularity-3.7.0-1.el8.x86_64 1/1
Verifying : singularity-3.7.0-1.el8.x86_64 1/1
Installed:
singularity-3.7.0-1.el8.x86_64
Complete!
可以通過如下方式來驗證singularity是否安裝成功,並且查看版本號:
[root@centos /]# singularity --version
singularity version 3.7.0-1.el8
singualrity的基本使用方法
首先我們可以通過軟件自身的help來查看軟件支持的功能:
[root@centos /]# singularity --help
Linux container platform optimized for High Performance Computing (HPC) and
Enterprise Performance Computing (EPC)
Usage:
singularity [global options...]
Description:
Singularity containers provide an application virtualization layer enabling
mobility of compute via both application and environment portability. With
Singularity one is capable of building a root file system that runs on any
other Linux system where Singularity is installed.
Options:
-c, --config string specify a configuration file (for root or
unprivileged installation only) (default
"/etc/singularity/singularity.conf")
-d, --debug print debugging information (highest verbosity)
-h, --help help for singularity
--nocolor print without color output (default False)
-q, --quiet suppress normal output
-s, --silent only print errors
-v, --verbose print additional information
--version version for singularity
Available Commands:
build Build a Singularity image
cache Manage the local cache
capability Manage Linux capabilities for users and groups
config Manage various singularity configuration (root user only)
delete Deletes requested image from the library
exec Run a command within a container
help Help about any command
inspect Show metadata for an image
instance Manage containers running as services
key Manage OpenPGP keys
oci Manage OCI containers
plugin Manage Singularity plugins
pull Pull an image from a URI
push Upload image to the provided URI
remote Manage singularity remote endpoints, keyservers and OCI/Docker registry credentials
run Run the user-defined default command within a container
run-help Show the user-defined help for an image
search Search a Container Library for images
shell Run a shell within a container
sif siftool is a program for Singularity Image Format (SIF) file manipulation
sign Attach digital signature(s) to an image
test Run the user-defined tests within a container
verify Verify cryptographic signatures attached to an image
version Show the version for Singularity
Examples:
$ singularity help <command> [<subcommand>]
$ singularity help build
$ singularity help instance start
For additional help or support, please visit https://www.sylabs.io/docs/
這里可以看到跟docker的接口還是有較大區別的,但是容器的本質還是基於namespace和cgroup的隔離方案,這點上都是大同小異。由於本文的主要目的在於介紹singularity的安裝,這里不詳細展開singularity的使用介紹,僅簡單介紹一個使用的案例:適用singularity搭建一個ubuntu的容器環境。
- 首先我們創建一個容器沙箱,這里用的基礎鏡像還是從dockerhub獲取的ubuntu基礎鏡像
[root@centos /]# singularity build --sandbox ubuntu docker://ubuntu
INFO: Starting build...
Getting image source signatures
Copying blob da7391352a9b done
Copying blob 14428a6d4bcd skipped: already exists
Copying blob 2c2d948710f2 [--------------------------------------] 0.0b / 0.0b
Copying config aa23411143 done
Writing manifest to image destination
Storing signatures
2021/01/14 01:20:39 info unpack layer: sha256:da7391352a9bb76b292a568c066aa4c3cbae8d494e6a3c68e3c596d34f7c75f8
2021/01/14 01:20:39 info unpack layer: sha256:14428a6d4bcdba49a64127900a0691fb00a3f329aced25eb77e3b65646638f8d
2021/01/14 01:20:39 info unpack layer: sha256:2c2d948710f21ad82dce71743b1654b45acb5c059cf5c19da491582cef6f2601
INFO: Creating sandbox directory...
INFO: Build complete: ubuntu
- 在執行結束后可以在當期目錄下生成一個名為
ubuntu的目錄,通過拉起該目錄為容器,可以修改鏡像配置,制作自己的容器鏡像
[root@centos /]# singularity shell -w ubuntu
- 修改完配置之后,可以將該沙箱
build成一個鏡像文件
[root@centos /]# singularity build ubuntu-base.sif ubuntu/
INFO: Starting build...
INFO: Creating SIF file...
INFO: Build complete: ubuntu-base.sif
- 創建好
sif鏡像之后,會在本地生成一個sif文件,可通過該sif文件拉起一個容器,這里我們可以用一個非root帳號來拉起
[dechin@centos /]# singularity shell ubuntu.sif
這里我們不過多贅述容器的使用方法,后續會出一些源碼安裝的方案以及更多的使用和配置場景。
版權聲明
本文首發鏈接為:https://www.cnblogs.com/dechinphy/p/singularity-install.html
作者ID:DechinPhy
更多原著文章請參考:https://www.cnblogs.com/dechinphy/