SlideShare a Scribd company logo
SINGULARITY P1
Containers for Science, Reproducibility and Mobility
Presented By:
Gregory M. Kurtzer
HPC Systems Architect
Lawrence Berkeley National Lab
gmkurtzer@lbl.gov
http://singularity.lbl.gov/
CONTAINERS IN HPC: SINGULARITY
CONTAINERS …
CONTAINERS IN HPC: SINGULARITY
CONTAINERS IN HPC: SINGULARITY
CONTAINERS: WHAT ARE THEY?
In a nutshell:
Containers are encapsulations of system environments
…
(and a means to use it)
CONTAINERS IN HPC: SINGULARITY
CONTAINERS IN HPC: SINGULARITY
CONTAINERS IN HPC: SINGULARITY
HOW DOES INDUSTRY MAKE USE OF CONTAINERS?
CONTAINERS IN HPC: SINGULARITY
CONTAINERS IN HPC: SINGULARITY
CONTAINERS IN HPC: SINGULARITY
CONTAINERS IN HPC: SINGULARITY
CONTAINERS IN HPC: SINGULARITY
CONTAINERS IN HPC: SINGULARITY
BUT WHAT ABOUT SCIENCE?
WHAT IS THE SCIENTIFIC USE CASE?
CONTAINERS IN HPC: SINGULARITY
CONTAINERS: PRIMARY USE CASES
▸Reproducibility!
▸Extreme mobility of compute (portability)
▸Provides the users, developers and engineers FREEDOM!
▸ Can easily leverage other people’s work
▸ Changes the software distribution and dependency paradigm
▸ Depending on application and use-case, simple extreme scalability
▸ Containers are in many ways the next logical progression from virtual machines
CONTAINERS IN HPC: SINGULARITY
CONTAINERS: DOCKER
▸ Docker is the most well known container platform
▸ Designed for network service virtualization
▸ Facilitates workflow of creating, maintaining and distributing containers
▸ Containers are highly reproducible
▸ Scientists have jumped on the bandwagon because it seems to have solved
their requirements
▸ User demand is high, interest is high, buzzworthiness is very high!
CONTAINERS IN HPC: SINGULARITY
SO WHY DON’T WE SEE HPC CENTERS INTEGRATING DOCKER ON
THEIR RESOURCES?
CONTAINERS IN HPC: SINGULARITY
DOCKER IN HPC: THE PROBLEM
▸ Docker emulates a virtual machine in many aspects (e.g. users can escalate to root)
▸ Non-authorized users having root access to any of our production networks is considered a security breech
▸ To mitigate this security issue, networks must be isolated for Docker access
▸ Precludes access to InfiniBand high performance networks and optimized storage platforms
▸ Typical solution is a virtual cluster within a physical cluster, but without high performance-ness (removed HP from HPC leaving just C)
▸ Docker uses a root owned daemon that users can control by means of a writable socket (users control root process)?!
▸ What ACLs are in place, are they enough to trust? Can we control or fine tune them?
▸ No native GPU support. We need to hack Docker, or/also integrate Docker-Nvidia?
▸ No reasonable support or timeline for MPI… MPI developers estimate this milestone for at least 2 years from now!
▸ Can not limit access to local file systems, especially when user can achieve root inside container, this breaks all file locally mounted file system security
▸ Doesn’t support production distributions/kernels (RHEL7 not even completely supported yet)!
▸ Incompatibilities with existing scheduling and resource manager paradigms:
▸ Root owned Docker daemon is outside the reach and control of the resource manager
▸ MPI/parallel job runs become increasingly complex due to virtual ad-hoc networking assignments
▸ Docker is built, maintained, and emphasized for the enterprise, not HPC
▸ Patches to help make Docker/runC/RKT a better solution for HPC have been submitted … but most have not been accepted!
CONTAINERS IN HPC: SINGULARITY
DOCKER IN HPC: SUMMARY
Lots of technical implementation problems!
The buzz around Docker on HPC is years old and scientists have been begging,
but no HPC centers have integrated a full featured Docker solution on their
traditional HPC systems.
HPC is not the appropriate use-case or interest for the Docker community
CONTAINERS IN HPC: SINGULARITY
SO… WHAT IS THE NEED?
▸ Reproducibility and archival software and environment stacks
▸ Mobility of Compute (portable, sharable, distributable container images)
▸ User defined and controlled environments (BYOE)
▸ Integratable with existing shared infrastructures and scheduling subsystems
▸ Properly make use of the existing high performance physical hardware
▸ Must support running as the user to facilitate scheduling and MPI workflows
▸ Make use of all of the work that has been done in Docker so far
▸ We needed it yesterday (so it must be compatible with today’s technology)!
CONTAINERS IN HPC: SINGULARITY
SINGULARITY: HELLO WORLD.
CONTAINERS IN HPC: SINGULARITY
SINGULARITY DESIGN GOALS
▸ Architected specifically for scientific reproducibility, “Mobility of Compute” and HPC
▸ Single file based container images: facilitates modification, distribution, and
execution
▸ No sys-admin, architectural or workflow changes necessary to run Singularity
▸ Compatibility with existing shared/multi-tenant computational resources
▸ Maintain user credentials (inside user == outside user)
▸ Separation between the container and the host can be blurred to leverage host’s resources
▸ We don’t have to virtualize everything, we can pick and choose as needed
CONTAINERS IN HPC: SINGULARITY
HOW DOES IT WORK?
CONTAINERS IN HPC: SINGULARITY
User contexts are always maintained when the container is launched (if it is
launched by a particular user, the programs inside will be running as that user)
with no escalation pathway within the container! Thus….
If you want to be root inside of the container,
you must first be root outside of the container
SINGULARITY: PERMISSIONS, ACCESS AND PRIVILEGE
CONTAINERS IN HPC: SINGULARITY
SINGULARITY: WORKFLOW
Root/Superuser
▸ Create a new container
▸ Bootstrap/install container
▸ System (container) modifications
Regular User
➡ singularity shell …
➡ singularity exec …
➡ singularity run …
Copy image
Share image
End Point the User Controls Shared Computational Resource
CONTAINERS IN HPC: SINGULARITY
SINGULARITY: CREATE THE CONTAINER
$ sudo singularity create —size 2048 /tmp/Centos-7.img
CONTAINERS IN HPC: SINGULARITY
SINGULARITY: BOOTSTRAP/INSTALL THE CONTAINER
$ sudo singularity bootstrap /tmp/Centos-7.img centos.def
CONTAINERS IN HPC: SINGULARITY
SINGULARITY: NOW WE HAVE A CONTAINER…
$ singularity shell /tmp/Centos-7.img
$ singularity exec /tmp/Centos-7.img echo “Hello World”
$ singularity run /tmp/Centos-7.img
CONTAINERS IN HPC: SINGULARITY
SINGULARITY: LAUNCHING A CONTAINER
▸ Singularity sets up the container environment and creates the necessary
namespaces and execv()s the application(s) within the container
▸ Directories, files and other resources are shared from the host into the
container (as allowed by the system administrator)
▸ All expected I/O is passed through the container: pipes, program arguments,
stdout, stdin, stderr and X11
▸ When the application(s) finish their foreground execution process, the
container and namespaces collapse and vanish cleanly
CONTAINERS IN HPC: SINGULARITY
SINGULARITY: A PEEK INTO THE CONTAINER
$ cat /etc/redhat-release
cat: /etc/redhat-release: No such file or directory
$ singularity shell /tmp/Centos-7.img
Singularity: Invoking an interactive shell within container...



Singularity.Centos-7.img> cat /etc/redhat-release
CentOS Linux release 7.2.1511 (Core)
CONTAINERS IN HPC: SINGULARITY
SINGULARITY: MODIFY CONTAINER
$ sudo singularity shell —writable /tmp/Centos-7.img
Singularity: Invoking an interactive shell within container...



Singularity.Centos-7.img> yum install …
CONTAINERS IN HPC: SINGULARITY
SINGULARITY: COPY MY PROGRAMS INTO CONTAINER
$ sudo singularity copy /tmp/Centos-7.img script.py /usr/bin/
$ singularity exec /tmp/Centos-7.img /usr/bin/script.py
CONTAINERS IN HPC: SINGULARITY
CONTAINERS IN HPC: SINGULARITY
SINGULARITY: EXTREME MOBILITY AND PORTABILITY
CONTAINERS IN HPC: SINGULARITY
SINGULARITY: EXTREME MOBILITY AND PORTABILITY
CONTAINERS IN HPC: SINGULARITY
SINGULARITY: CONTAINER IS ALWAYS THE SAME ON THE INSIDE
$ cat /etc/redhat-release
cat: /etc/redhat-release: No such file or directory
$ singularity exec /tmp/Centos-7.img cat /etc/redhat-release
CentOS Linux release 7.2.1511 (Core)
CONTAINERS IN HPC: SINGULARITY
SINGULARITY VERSION 2.2 IS AVAILABLE NOW!
HTTP://SINGULARITY.LBL.GOV/
CONTAINERS IN HPC: SINGULARITY
SINGULARITY: WHO’S USING IT / NAME DROPS / BANDWAGON
▸ Texas Advanced Computing Center: 462,462 cores / Stampede
▸ GSI Helmholtz Center for Ion Research: 300,000 cores / GreenCube
▸ National Institute of Health: 54,000 cores / Biowulf
▸ UFIT Research Computing at University of Florida: 51,000 cores / HiPerGator
▸ San Diego Supercomputing Center: 50,000 cores / Comet and Gordon
▸ Lawrence Berkeley National Laboratory: 30,000 cores / Lawrencium
▸ Holland Computing Center at UNL/LHC: 14,000 cores / Crane and Tusker
CONTAINERS IN HPC: SINGULARITY
SINGULARITY HUB: REPRODUCIBLE SCIENCE EXPOSED!
CONTAINERS IN HPC: SINGULARITY
QUESTIONS?
CONTAINERS IN HPC: SINGULARITY
HTTPS://GITHUB.COM/SINGULARITYWARE/INTEL-HPC-DEVCON
SINGULARITY: INTRODUCTION TO SINGULARITY WORKSHOP (1)
CONTAINERS IN HPC: SINGULARITY
HTTPS://LAB.PORTABLE-HPC.NET/
SINGULARITY: LOG INTO AWS COMPUTE INSTANCES
CONTAINERS IN HPC: SINGULARITY
INSTALLATION OF SINGULARITY
CONTAINERS IN HPC: SINGULARITY
# Required to build Singularity
$ sudo yum groupinstall “Development Tools”
# Download and build Singularity from the GitHub master branch
$ mkdir ~/git
$ cd ~/git
$ git clone https://github.com/singularityware/singularity.git
$ cd singularity
$ ./autogen.sh
$ ./configure
$ make dist
$ rpmbuild -ta singularity-2.2.tar.gz
# Install the newly build Singularity RPM package
$ sudo yum install $HOME/rpmbuild/RPMS/x86_64/singularity-2.2-0.1.el7.centos.x86_64.rpm
# Install dependencies for bootstrapping a Debian container
$ sudo yum install epel-release
$ sudo yum install debootstrap
SINGULARITY: INSTALLATION
CONTAINERS IN HPC: SINGULARITY
$ singularity help
USAGE: singularity [global options...] <command> [command options...] ...
GLOBAL OPTIONS:
-d --debug Print debugging information
-h --help Display usage summary
-q --quiet Only print errors
--version Show application version
-v --verbose Increase verbosity +1
-x --sh-debug Print shell wrapper debugging information
GENERAL COMMANDS:
help Show additional help for a command
CONTAINER USAGE COMMANDS:
exec Execute a command within container
run Launch a runscript within container
shell Run a Bourne shell within container
test Execute any test code defined within container
… snip …
SINGULARITY: CLI OVERVIEW
CONTAINERS IN HPC: SINGULARITY
$ singularity shell docker://ubuntu:latest
library/ubuntu:latest
Downloading layer: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4
Downloading layer: sha256:668604fde02e75dddb4b44c80d4ce20baaac4832c41c3a945f4a236cd7d2f164
Downloading layer: sha256:2879a7ad31445fe2cea410b8ba76704003c11ee05c0a4d32d1113009ea1a1aae
Downloading layer: sha256:de413bb911fd848383ef2e5068a42c258c898d6ee869fb441fb2391eb327b576
Downloading layer: sha256:fc19d60a83f11bbddc7bd2dfca6095b49100314bfde61d83729112a6b6e11d48
Downloading layer: sha256:6bbedd9b76a496816d86a0af731ea984f40467ef8fb23be752f801cb80436ac6
Singularity: Invoking an interactive shell within container…
Singularity.ubuntu:latest> cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=16.04
DISTRIB_CODENAME=xenial
DISTRIB_DESCRIPTION="Ubuntu 16.04.1 LTS”
Singularity.ubuntu:latest> which apt-get
/usr/bin/apt-get
Singularity.ubuntu:latest> exit
SINGULARITY: CONTAINER TEST FROM DOCKER HUB
CONTAINERS IN HPC: SINGULARITY
CREATING/BOOTSTRAPPING A NEW CONTAINER
CONTAINERS IN HPC: SINGULARITY
$ cat examples/debian.def
# Copyright (c) 2015-2016, Gregory M. Kurtzer. All rights reserved.
#
# "Singularity" Copyright (c) 2016, The Regents of the University of California,
# through Lawrence Berkeley National Laboratory (subject to receipt of any
# required approvals from the U.S. Dept. of Energy). All rights reserved.
BootStrap: debootstrap
OSVersion: stable
MirrorURL: http://ftp.us.debian.org/debian/
%runscript
echo "This is what happens when you run the container..."
%post
echo "Hello from inside the container"
apt-get update
apt-get -y install vim
SINGULARITY: BOOTSTRAP DEFINITION/RECIPE
CONTAINERS IN HPC: SINGULARITY
$ sudo singularity create /tmp/Debian.img
Creating a new image with a maximum size of 768MiB...
Executing image create helper
Formatting image with ext3 file system
Done.
$ ls -l /tmp/Debian.img
-rwxr-xr-x. 1 root root 805306399 Nov 5 07:22 /tmp/Debian.img
$ /tmp/Debian.img
ERROR : Container does not have a valid /bin/sh
ABORT : Retval = 255
SINGULARITY: NEW IMAGE CREATION
CONTAINERS IN HPC: SINGULARITY
$ sudo singularity bootstrap /tmp/Debian.img examples/debian.def
Bootstrap initialization
Checking bootstrap definition
Executing Prebootstrap module
Executing Bootstrap 'debootstrap' module
… snip …
Processing /usr/share/vim/addons/doc
Setting up vim (2:7.4.488-7) ...
update-alternatives: using /usr/bin/vim.basic to provide /usr/bin/vim (vim) in auto mode
update-alternatives: using /usr/bin/vim.basic to provide /usr/bin/vimdiff (vimdiff) in auto mode
update-alternatives: using /usr/bin/vim.basic to provide /usr/bin/rvim (rvim) in auto mode
update-alternatives: using /usr/bin/vim.basic to provide /usr/bin/rview (rview) in auto mode
update-alternatives: using /usr/bin/vim.basic to provide /usr/bin/vi (vi) in auto mode
update-alternatives: using /usr/bin/vim.basic to provide /usr/bin/view (view) in auto mode
update-alternatives: using /usr/bin/vim.basic to provide /usr/bin/ex (ex) in auto mode
update-alternatives: using /usr/bin/vim.basic to provide /usr/bin/editor (editor) in auto mode
Processing triggers for libc-bin (2.19-18+deb8u6) ...
Done.
SINGULARITY: BOOTSTRAP
CONTAINERS IN HPC: SINGULARITY
USING THE CONTAINERS
CONTAINERS IN HPC: SINGULARITY
# Notice the PS output is now in a new process namespace
$ singularity exec -p /tmp/Debian.img ps auxf
# What happens when Contained? Create some files in your home, are they persistent?
$ singularity shell --contain /tmp/Debian.img
# Contain but define a new directory to use for your home
$ singularity shell --contain --home ~/git /tmp/Debian.img
# User defined bind points. What happens if you specify a bind point that doesn’t exist? What
# about if you bind ontop of a system location (e.g. /bin/)?
$ singularity shell --bind /tmp:/opt /tmp/Debian.img
# How is the shell environment transposed into the container?
$ singularity exec /tmp/Debian.img env
$ singularity exec /tmp/Debian.img env | wc -l
$ env -i singularity exec /tmp/Debian.img env | wc -l
$ env -i FOO=BAR singularity exec /tmp/Debian.img env
SINGULARITY: USAGE AND OPTION EXAMPLES
CONTAINERS IN HPC: SINGULARITY
$ singularity shell /tmp/Debian.img
Singularity: Invoking an interactive shell within container...
Singularity.Debian.img> uname -a
Linux ip-172-31-20-175 3.10.0-327.28.2.el7.x86_64 #1 SMP Wed Aug 3 11:11:39 UTC 2016 x86_64 GNU/
Linux
Singularity.Debian.img> whoami
gmk
Singularity.Debian.img> pwd
/home/gmk/git/singularity
Singularity.Debian.img> ./configure
checking build system type... x86_64-unknown-linux-gnu
checking host system type... x86_64-unknown-linux-gnu
checking target system type... x86_64-unknown-linux-gnu
checking for a BSD-compatible install... /usr/bin/install -c
… snip …
configure: error: in `/home/gmk/git/singularity':
configure: error: no acceptable C compiler found in $PATH
See `config.log' for more details
Singularity.Debian.img> exit
SINGULARITY: USING YOUR NEW CONTAINER
CONTAINERS IN HPC: SINGULARITY
$ singularity exec /tmp/Debian.img uname -a
Linux ip-172-31-20-175 3.10.0-327.28.2.el7.x86_64 #1 SMP Wed Aug 3 11:11:39 UTC 2016 x86_64 GNU/
Linux
$ singularity exec /tmp/Debian.img whoami
gmk
$ singularity exec /tmp/Debian.img pwd
/home/gmk/git/singularity
$ singularity exec /tmp/Debian.img ./configure
checking build system type... x86_64-unknown-linux-gnu
checking host system type... x86_64-unknown-linux-gnu
checking target system type... x86_64-unknown-linux-gnu
checking for a BSD-compatible install... /usr/bin/install -c
… snip …
configure: error: in `/home/gmk/git/singularity':
configure: error: no acceptable C compiler found in $PATH
See `config.log' for more details
$ singularity run /tmp/Debian.img
This is what happens when you run the container...
$ /tmp/Debian.img
This is what happens when you run the container...
SINGULARITY: USING YOUR NEW CONTAINER
CONTAINERS IN HPC: SINGULARITY
$ singularity exec /tmp/Debian.img python —version
/.exec: line 3: exec: python: not found
$ sudo singularity exec --writable /tmp/Debian.img apt-get -y install python
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following extra packages will be installed:
file libexpat1 libffi6 libmagic1 libpython-stdlib libpython2.7-minimal libpython2.7-stdlib
libsqlite3-0 libssl1.0.0 mime-support python-minimal python2.7 python2.7-minimal
… snip …
Setting up libpython-stdlib:amd64 (2.7.9-1) ...
Setting up python (2.7.9-1) ...
Setting up file (1:5.22+15-2+deb8u2) ...
Processing triggers for libc-bin (2.19-18+deb8u6) ...
$ singularity exec /tmp/Debian.img python --version
Python 2.7.9
SINGULARITY: CHANGING YOUR CONTAINER
CONTAINERS IN HPC: SINGULARITY
$ cat ~/hello.py
#!/usr/bin/python
import sys
print("Hello World: The Python version is %s.%s.%s" % sys.version_info[:3])
$ python ~/hello.py
Hello World: The Python version is 2.7.5
$ singularity exec /tmp/Debian.img python ~/hello.py
Hello World: The Python version is 2.7.9
$ cat ~/hello.py | singularity exec /tmp/Debian.img python
Hello World: The Python version is 2.7.9
$ singularity exec docker://python:latest /usr/local/bin/python ~/hello.py
library/python:latest
Downloading layer: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4
Downloading layer: sha256:0a587a7fabdab20075256ed13afc7a39228dba7e9aaf0835c10860fe5abc1bd7
Downloading layer: sha256:d96297b6dc069127b12c63f533f253436496380a42c4a48d3702327ab028f275
Downloading layer: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4
Downloading layer: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4
… snip …
Hello World: The Python version is 3.5.2
SINGULARITY: MORE CONTAINER AWESOMENESS
CONTAINERS IN HPC: SINGULARITY
WORKFLOWS/RUNSCRIPTS
CONTAINERS IN HPC: SINGULARITY
$ cat examples/debian.def
# Copyright (c) 2015-2016, Gregory M. Kurtzer. All rights reserved.
#
# "Singularity" Copyright (c) 2016, The Regents of the University of California,
# through Lawrence Berkeley National Laboratory (subject to receipt of any
# required approvals from the U.S. Dept. of Energy). All rights reserved.
BootStrap: debootstrap
OSVersion: stable
MirrorURL: http://ftp.us.debian.org/debian/
%runscript
for i in $@; do
grep "$i" /etc/services
done
%post
echo "Hello from inside the container"
apt-get update
apt-get -y install netbase
SINGULARITY: BOOTSTRAP DEFINITION/RECIPE (EDIT THE EXAMPLE FILE)
Edit Here
CONTAINERS IN HPC: SINGULARITY
$ sudo singularity create -F /tmp/Debian-workflow.img
Creating a new image with a maximum size of 768MiB...
Executing image create helper
Formatting image with ext3 file system
Done.
$ sudo singularity bootstrap /tmp/Debian-workflow.img examples/debian.def
Bootstrap initialization
Checking bootstrap definition
Executing Prebootstrap module
Executing Bootstrap 'debootstrap' module
… snip …
Setting up libisccfg-export90 (1:9.9.5.dfsg-9+deb8u6) ...
Setting up libirs-export91 (1:9.9.5.dfsg-9+deb8u6) ...
Setting up iproute2 (3.16.0-2) ...
Setting up ifupdown (0.7.53.1) ...
Creating /etc/network/interfaces.
Setting up isc-dhcp-common (4.3.1-6+deb8u2) ...
Setting up isc-dhcp-client (4.3.1-6+deb8u2) ...
Setting up libxtables10 (1.4.21-2+b1) ...
Setting up netbase (5.3) ...
Processing triggers for libc-bin (2.19-18+deb8u6) ...
Processing triggers for systemd (215-17+deb8u5) ...
Done.
SINGULARITY: BOOTSTRAP
CONTAINERS IN HPC: SINGULARITY
$ singularity run /tmp/Debian-workflow.img ^http
http 80/tcp www # WorldWideWeb HTTP
http 80/udp # HyperText Transfer Protocol
https 443/tcp # http protocol over TLS/SSL
https 443/udp
http-alt 8080/tcp webcache # WWW caching service
http-alt 8080/udp
$ ls -l /tmp/Debian-workflow.img
-rwxr-xr-x. 1 root root 805306399 Nov 5 07:22 /tmp/Debian-workflow.img
$ sudo mv /tmp/Debian-workflow.img /usr/local/bin/service_lookup
$ service_lookup ^ftp ^smtp
ftp-data 20/tcp
ftp 21/tcp
ftps-data 989/tcp # FTP over SSL (data)
ftps 990/tcp
smtp 25/tcp mail
SINGULARITY: EXECUTING THE RUNSCRIPT
CONTAINERS IN HPC: SINGULARITY
SINGULARITY: EXTREME MOBILITY AND PORTABILITY
CONTAINERS IN HPC: SINGULARITY
$ cat examples/contrib/debian85-tensorflow-0.10.def
BootStrap: debootstrap
OSVersion: stable
MirrorURL: http://ftp.us.debian.org/debian/
%runscript
exec /usr/bin/python
%post
apt-get update
apt-get -y install vim python-pip python-dev
pip install --upgrade https://storage.googleapis.com/tensorflow/linux/cpu/tensorflow-0.10.0-
cp27-none-linux_x86_64.whl
%test
# This runs usually less then 30 minutes depending on your host type
python -m tensorflow.models.image.mnist.convolutional
SINGULARITY: TENSORFLOW
CONTAINERS IN HPC: SINGULARITY
$ sudo singularity create --size 4096 /tmp/Tensor.img
Creating a new image with a maximum size of 4096MiB...
Executing image create helper
Formatting image with ext3 file system
Done.
$ sudo singularity bootstrap /tmp/Tensor.img examples/contrib/debian85-tensorflow-0.10.def
Bootstrap initialization
Checking bootstrap definition
Executing Prebootstrap module
W: Cannot check Release signature; keyring file not available /usr/share/keyrings/debian-archive-
keyring.gpg
I: Retrieving Release
I: Retrieving Packages
… snip …
Minibatch loss: 1.603, learning rate: 0.006302
Minibatch error: 0.0%
Validation error: 0.9%
Test error: 0.8%
Done.
SINGULARITY: TENSORFLOW
CONTAINERS IN HPC: SINGULARITY
DISCUSSION AND QUESTIONS
SINGULARITY P1
Containers for Science, Reproducibility and Mobility
Presented By:
Gregory M. Kurtzer
HPC Systems Architect
Lawrence Berkeley National Lab
gmkurtzer@lbl.gov
http://singularity.lbl.gov/

More Related Content

What's hot

Comparison between OCFS2 and GFS2
Comparison between OCFS2 and GFS2Comparison between OCFS2 and GFS2
Comparison between OCFS2 and GFS2
Gang He
 
Kubernetes GitOps featuring GitHub, Kustomize and ArgoCD
Kubernetes GitOps featuring GitHub, Kustomize and ArgoCDKubernetes GitOps featuring GitHub, Kustomize and ArgoCD
Kubernetes GitOps featuring GitHub, Kustomize and ArgoCD
Sunnyvale
 
Comparing Next-Generation Container Image Building Tools
 Comparing Next-Generation Container Image Building Tools Comparing Next-Generation Container Image Building Tools
Comparing Next-Generation Container Image Building Tools
Akihiro Suda
 
Implementing generic JNI hardware control for Kotlin based app on AOSP
Implementing generic JNI hardware control for Kotlin based app on AOSPImplementing generic JNI hardware control for Kotlin based app on AOSP
Implementing generic JNI hardware control for Kotlin based app on AOSP
Cheng Wig
 
Head First to Container&Kubernetes
Head First to Container&KubernetesHead First to Container&Kubernetes
Head First to Container&Kubernetes
HungWei Chiu
 
Linux Preempt-RT Internals
Linux Preempt-RT InternalsLinux Preempt-RT Internals
Linux Preempt-RT Internals
哲豪 康哲豪
 
GitHub Actions with Node.js
GitHub Actions with Node.jsGitHub Actions with Node.js
GitHub Actions with Node.js
Stefan Stölzle
 
Diving Through The Layers: Investigating runc, containerd, and the Docker eng...
Diving Through The Layers: Investigating runc, containerd, and the Docker eng...Diving Through The Layers: Investigating runc, containerd, and the Docker eng...
Diving Through The Layers: Investigating runc, containerd, and the Docker eng...
Phil Estes
 
Introduzione a Docker (Maggio 2017) [ITA]
Introduzione a Docker (Maggio 2017) [ITA]Introduzione a Docker (Maggio 2017) [ITA]
Introduzione a Docker (Maggio 2017) [ITA]
Valerio Radice
 
Steering the Course with Helm
Steering the Course with HelmSteering the Course with Helm
Steering the Course with Helm
Dirk Jablonski
 
Open ebs 101
Open ebs 101Open ebs 101
Open ebs 101
LibbySchulze
 
Introduction to Containers and Docker
Introduction to Containers and DockerIntroduction to Containers and Docker
Introduction to Containers and Docker
Fayçal Bziou
 
Ansible presentation
Ansible presentationAnsible presentation
Ansible presentation
Kumar Y
 
Rootless Containers
Rootless ContainersRootless Containers
Rootless Containers
Akihiro Suda
 
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxConAnatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
Jérôme Petazzoni
 
ACRN vMeet-Up EU 2021 - shared memory based inter-vm communication introduction
ACRN vMeet-Up EU 2021 - shared memory based inter-vm communication introductionACRN vMeet-Up EU 2021 - shared memory based inter-vm communication introduction
ACRN vMeet-Up EU 2021 - shared memory based inter-vm communication introduction
Project ACRN
 
How to Choose a Software Update Mechanism for Embedded Linux Devices
How to Choose a Software Update Mechanism for Embedded Linux DevicesHow to Choose a Software Update Mechanism for Embedded Linux Devices
How to Choose a Software Update Mechanism for Embedded Linux Devices
Leon Anavi
 
Docker Container Security
Docker Container SecurityDocker Container Security
Docker Container Security
Suraj Khetani
 
Qemu Introduction
Qemu IntroductionQemu Introduction
Qemu Introduction
Chiawei Wang
 
Seccomp Profiles and you: A practical guide.
Seccomp Profiles and you: A practical guide.Seccomp Profiles and you: A practical guide.
Seccomp Profiles and you: A practical guide.
Duffie Cooley
 

What's hot (20)

Comparison between OCFS2 and GFS2
Comparison between OCFS2 and GFS2Comparison between OCFS2 and GFS2
Comparison between OCFS2 and GFS2
 
Kubernetes GitOps featuring GitHub, Kustomize and ArgoCD
Kubernetes GitOps featuring GitHub, Kustomize and ArgoCDKubernetes GitOps featuring GitHub, Kustomize and ArgoCD
Kubernetes GitOps featuring GitHub, Kustomize and ArgoCD
 
Comparing Next-Generation Container Image Building Tools
 Comparing Next-Generation Container Image Building Tools Comparing Next-Generation Container Image Building Tools
Comparing Next-Generation Container Image Building Tools
 
Implementing generic JNI hardware control for Kotlin based app on AOSP
Implementing generic JNI hardware control for Kotlin based app on AOSPImplementing generic JNI hardware control for Kotlin based app on AOSP
Implementing generic JNI hardware control for Kotlin based app on AOSP
 
Head First to Container&Kubernetes
Head First to Container&KubernetesHead First to Container&Kubernetes
Head First to Container&Kubernetes
 
Linux Preempt-RT Internals
Linux Preempt-RT InternalsLinux Preempt-RT Internals
Linux Preempt-RT Internals
 
GitHub Actions with Node.js
GitHub Actions with Node.jsGitHub Actions with Node.js
GitHub Actions with Node.js
 
Diving Through The Layers: Investigating runc, containerd, and the Docker eng...
Diving Through The Layers: Investigating runc, containerd, and the Docker eng...Diving Through The Layers: Investigating runc, containerd, and the Docker eng...
Diving Through The Layers: Investigating runc, containerd, and the Docker eng...
 
Introduzione a Docker (Maggio 2017) [ITA]
Introduzione a Docker (Maggio 2017) [ITA]Introduzione a Docker (Maggio 2017) [ITA]
Introduzione a Docker (Maggio 2017) [ITA]
 
Steering the Course with Helm
Steering the Course with HelmSteering the Course with Helm
Steering the Course with Helm
 
Open ebs 101
Open ebs 101Open ebs 101
Open ebs 101
 
Introduction to Containers and Docker
Introduction to Containers and DockerIntroduction to Containers and Docker
Introduction to Containers and Docker
 
Ansible presentation
Ansible presentationAnsible presentation
Ansible presentation
 
Rootless Containers
Rootless ContainersRootless Containers
Rootless Containers
 
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxConAnatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
 
ACRN vMeet-Up EU 2021 - shared memory based inter-vm communication introduction
ACRN vMeet-Up EU 2021 - shared memory based inter-vm communication introductionACRN vMeet-Up EU 2021 - shared memory based inter-vm communication introduction
ACRN vMeet-Up EU 2021 - shared memory based inter-vm communication introduction
 
How to Choose a Software Update Mechanism for Embedded Linux Devices
How to Choose a Software Update Mechanism for Embedded Linux DevicesHow to Choose a Software Update Mechanism for Embedded Linux Devices
How to Choose a Software Update Mechanism for Embedded Linux Devices
 
Docker Container Security
Docker Container SecurityDocker Container Security
Docker Container Security
 
Qemu Introduction
Qemu IntroductionQemu Introduction
Qemu Introduction
 
Seccomp Profiles and you: A practical guide.
Seccomp Profiles and you: A practical guide.Seccomp Profiles and you: A practical guide.
Seccomp Profiles and you: A practical guide.
 

Similar to Introduction to High-Performance Computing (HPC) Containers and Singularity*

Containers for Science and High-Performance Computing
Containers for Science and High-Performance ComputingContainers for Science and High-Performance Computing
Containers for Science and High-Performance Computing
Dmitry Spodarets
 
State of Containers and the Convergence of HPC and BigData
State of Containers and the Convergence of HPC and BigDataState of Containers and the Convergence of HPC and BigData
State of Containers and the Convergence of HPC and BigData
inside-BigData.com
 
Kubernetes the deltatre way the basics - introduction to containers and orc...
Kubernetes the deltatre way   the basics - introduction to containers and orc...Kubernetes the deltatre way   the basics - introduction to containers and orc...
Kubernetes the deltatre way the basics - introduction to containers and orc...
Rauno De Pasquale
 
Containers - Portable, repeatable user-oriented application delivery. Build, ...
Containers - Portable, repeatable user-oriented application delivery. Build, ...Containers - Portable, repeatable user-oriented application delivery. Build, ...
Containers - Portable, repeatable user-oriented application delivery. Build, ...
Walid Shaari
 
Cluster Management _ kubernetes MADIHA HARIFI
Cluster Management _ kubernetes MADIHA HARIFICluster Management _ kubernetes MADIHA HARIFI
Cluster Management _ kubernetes MADIHA HARIFI
Harifi Madiha
 
Evolution of Linux Containerization
Evolution of Linux Containerization Evolution of Linux Containerization
Evolution of Linux Containerization
WSO2
 
Evoluation of Linux Container Virtualization
Evoluation of Linux Container VirtualizationEvoluation of Linux Container Virtualization
Evoluation of Linux Container Virtualization
Imesh Gunaratne
 
OpenHPC: Community Building Blocks for HPC Systems
OpenHPC: Community Building Blocks for HPC SystemsOpenHPC: Community Building Blocks for HPC Systems
OpenHPC: Community Building Blocks for HPC Systems
inside-BigData.com
 
Containers - Portable, repeatable user-oriented application delivery. Build, ...
Containers - Portable, repeatable user-oriented application delivery. Build, ...Containers - Portable, repeatable user-oriented application delivery. Build, ...
Containers - Portable, repeatable user-oriented application delivery. Build, ...
Walid Shaari
 
Intro to containerization
Intro to containerizationIntro to containerization
Intro to containerization
Balint Pato
 
Singularity Containers for Scientific Compute
Singularity Containers for Scientific ComputeSingularity Containers for Scientific Compute
Singularity Containers for Scientific Compute
Vanessa S
 
Understanding Kubernetes
Understanding KubernetesUnderstanding Kubernetes
Understanding Kubernetes
Tu Pham
 
IAU workshop 2018 day one
IAU workshop 2018 day oneIAU workshop 2018 day one
IAU workshop 2018 day one
Walid Shaari
 
Kubernetes 101 Workshop
Kubernetes 101 WorkshopKubernetes 101 Workshop
First steps on CentOs7
First steps on CentOs7First steps on CentOs7
First steps on CentOs7
Marc Cortinas Val
 
Scientific Computing @ Fred Hutch
Scientific Computing @ Fred HutchScientific Computing @ Fred Hutch
Scientific Computing @ Fred Hutch
Dirk Petersen
 
Docker-v3.pdf
Docker-v3.pdfDocker-v3.pdf
Docker-v3.pdf
Bruno Cornec
 
Dev opsec dockerimage_patch_n_lifecyclemanagement_
Dev opsec dockerimage_patch_n_lifecyclemanagement_Dev opsec dockerimage_patch_n_lifecyclemanagement_
Dev opsec dockerimage_patch_n_lifecyclemanagement_
kanedafromparis
 
Microservices, Containers and Docker
Microservices, Containers and DockerMicroservices, Containers and Docker
Microservices, Containers and Docker
Ioannis Papapanagiotou
 
Docker orchestration voxxed days berlin 2016
Docker orchestration   voxxed days berlin 2016Docker orchestration   voxxed days berlin 2016
Docker orchestration voxxed days berlin 2016
Grzegorz Duda
 

Similar to Introduction to High-Performance Computing (HPC) Containers and Singularity* (20)

Containers for Science and High-Performance Computing
Containers for Science and High-Performance ComputingContainers for Science and High-Performance Computing
Containers for Science and High-Performance Computing
 
State of Containers and the Convergence of HPC and BigData
State of Containers and the Convergence of HPC and BigDataState of Containers and the Convergence of HPC and BigData
State of Containers and the Convergence of HPC and BigData
 
Kubernetes the deltatre way the basics - introduction to containers and orc...
Kubernetes the deltatre way   the basics - introduction to containers and orc...Kubernetes the deltatre way   the basics - introduction to containers and orc...
Kubernetes the deltatre way the basics - introduction to containers and orc...
 
Containers - Portable, repeatable user-oriented application delivery. Build, ...
Containers - Portable, repeatable user-oriented application delivery. Build, ...Containers - Portable, repeatable user-oriented application delivery. Build, ...
Containers - Portable, repeatable user-oriented application delivery. Build, ...
 
Cluster Management _ kubernetes MADIHA HARIFI
Cluster Management _ kubernetes MADIHA HARIFICluster Management _ kubernetes MADIHA HARIFI
Cluster Management _ kubernetes MADIHA HARIFI
 
Evolution of Linux Containerization
Evolution of Linux Containerization Evolution of Linux Containerization
Evolution of Linux Containerization
 
Evoluation of Linux Container Virtualization
Evoluation of Linux Container VirtualizationEvoluation of Linux Container Virtualization
Evoluation of Linux Container Virtualization
 
OpenHPC: Community Building Blocks for HPC Systems
OpenHPC: Community Building Blocks for HPC SystemsOpenHPC: Community Building Blocks for HPC Systems
OpenHPC: Community Building Blocks for HPC Systems
 
Containers - Portable, repeatable user-oriented application delivery. Build, ...
Containers - Portable, repeatable user-oriented application delivery. Build, ...Containers - Portable, repeatable user-oriented application delivery. Build, ...
Containers - Portable, repeatable user-oriented application delivery. Build, ...
 
Intro to containerization
Intro to containerizationIntro to containerization
Intro to containerization
 
Singularity Containers for Scientific Compute
Singularity Containers for Scientific ComputeSingularity Containers for Scientific Compute
Singularity Containers for Scientific Compute
 
Understanding Kubernetes
Understanding KubernetesUnderstanding Kubernetes
Understanding Kubernetes
 
IAU workshop 2018 day one
IAU workshop 2018 day oneIAU workshop 2018 day one
IAU workshop 2018 day one
 
Kubernetes 101 Workshop
Kubernetes 101 WorkshopKubernetes 101 Workshop
Kubernetes 101 Workshop
 
First steps on CentOs7
First steps on CentOs7First steps on CentOs7
First steps on CentOs7
 
Scientific Computing @ Fred Hutch
Scientific Computing @ Fred HutchScientific Computing @ Fred Hutch
Scientific Computing @ Fred Hutch
 
Docker-v3.pdf
Docker-v3.pdfDocker-v3.pdf
Docker-v3.pdf
 
Dev opsec dockerimage_patch_n_lifecyclemanagement_
Dev opsec dockerimage_patch_n_lifecyclemanagement_Dev opsec dockerimage_patch_n_lifecyclemanagement_
Dev opsec dockerimage_patch_n_lifecyclemanagement_
 
Microservices, Containers and Docker
Microservices, Containers and DockerMicroservices, Containers and Docker
Microservices, Containers and Docker
 
Docker orchestration voxxed days berlin 2016
Docker orchestration   voxxed days berlin 2016Docker orchestration   voxxed days berlin 2016
Docker orchestration voxxed days berlin 2016
 

More from Intel® Software

AI for All: Biology is eating the world & AI is eating Biology
AI for All: Biology is eating the world & AI is eating Biology AI for All: Biology is eating the world & AI is eating Biology
AI for All: Biology is eating the world & AI is eating Biology
Intel® Software
 
Python Data Science and Machine Learning at Scale with Intel and Anaconda
Python Data Science and Machine Learning at Scale with Intel and AnacondaPython Data Science and Machine Learning at Scale with Intel and Anaconda
Python Data Science and Machine Learning at Scale with Intel and Anaconda
Intel® Software
 
Streamline End-to-End AI Pipelines with Intel, Databricks, and OmniSci
Streamline End-to-End AI Pipelines with Intel, Databricks, and OmniSciStreamline End-to-End AI Pipelines with Intel, Databricks, and OmniSci
Streamline End-to-End AI Pipelines with Intel, Databricks, and OmniSci
Intel® Software
 
AI for good: Scaling AI in science, healthcare, and more.
AI for good: Scaling AI in science, healthcare, and more.AI for good: Scaling AI in science, healthcare, and more.
AI for good: Scaling AI in science, healthcare, and more.
Intel® Software
 
Software AI Accelerators: The Next Frontier | Software for AI Optimization Su...
Software AI Accelerators: The Next Frontier | Software for AI Optimization Su...Software AI Accelerators: The Next Frontier | Software for AI Optimization Su...
Software AI Accelerators: The Next Frontier | Software for AI Optimization Su...
Intel® Software
 
Advanced Techniques to Accelerate Model Tuning | Software for AI Optimization...
Advanced Techniques to Accelerate Model Tuning | Software for AI Optimization...Advanced Techniques to Accelerate Model Tuning | Software for AI Optimization...
Advanced Techniques to Accelerate Model Tuning | Software for AI Optimization...
Intel® Software
 
Reducing Deep Learning Integration Costs and Maximizing Compute Efficiency| S...
Reducing Deep Learning Integration Costs and Maximizing Compute Efficiency| S...Reducing Deep Learning Integration Costs and Maximizing Compute Efficiency| S...
Reducing Deep Learning Integration Costs and Maximizing Compute Efficiency| S...
Intel® Software
 
AWS & Intel Webinar Series - Accelerating AI Research
AWS & Intel Webinar Series - Accelerating AI ResearchAWS & Intel Webinar Series - Accelerating AI Research
AWS & Intel Webinar Series - Accelerating AI Research
Intel® Software
 
Intel Developer Program
Intel Developer ProgramIntel Developer Program
Intel Developer Program
Intel® Software
 
Intel AIDC Houston Summit - Overview Slides
Intel AIDC Houston Summit - Overview SlidesIntel AIDC Houston Summit - Overview Slides
Intel AIDC Houston Summit - Overview Slides
Intel® Software
 
AIDC NY: BODO AI Presentation - 09.19.2019
AIDC NY: BODO AI Presentation - 09.19.2019AIDC NY: BODO AI Presentation - 09.19.2019
AIDC NY: BODO AI Presentation - 09.19.2019
Intel® Software
 
AIDC NY: Applications of Intel AI by QuEST Global - 09.19.2019
AIDC NY: Applications of Intel AI by QuEST Global - 09.19.2019AIDC NY: Applications of Intel AI by QuEST Global - 09.19.2019
AIDC NY: Applications of Intel AI by QuEST Global - 09.19.2019
Intel® Software
 
Advanced Single Instruction Multiple Data (SIMD) Programming with Intel® Impl...
Advanced Single Instruction Multiple Data (SIMD) Programming with Intel® Impl...Advanced Single Instruction Multiple Data (SIMD) Programming with Intel® Impl...
Advanced Single Instruction Multiple Data (SIMD) Programming with Intel® Impl...
Intel® Software
 
Build a Deep Learning Video Analytics Framework | SIGGRAPH 2019 Technical Ses...
Build a Deep Learning Video Analytics Framework | SIGGRAPH 2019 Technical Ses...Build a Deep Learning Video Analytics Framework | SIGGRAPH 2019 Technical Ses...
Build a Deep Learning Video Analytics Framework | SIGGRAPH 2019 Technical Ses...
Intel® Software
 
Bring Intelligent Motion Using Reinforcement Learning Engines | SIGGRAPH 2019...
Bring Intelligent Motion Using Reinforcement Learning Engines | SIGGRAPH 2019...Bring Intelligent Motion Using Reinforcement Learning Engines | SIGGRAPH 2019...
Bring Intelligent Motion Using Reinforcement Learning Engines | SIGGRAPH 2019...
Intel® Software
 
RenderMan*: The Role of Open Shading Language (OSL) with Intel® Advanced Vect...
RenderMan*: The Role of Open Shading Language (OSL) with Intel® Advanced Vect...RenderMan*: The Role of Open Shading Language (OSL) with Intel® Advanced Vect...
RenderMan*: The Role of Open Shading Language (OSL) with Intel® Advanced Vect...
Intel® Software
 
AIDC India - AI on IA
AIDC India  - AI on IAAIDC India  - AI on IA
AIDC India - AI on IA
Intel® Software
 
AIDC India - Intel Movidius / Open Vino Slides
AIDC India - Intel Movidius / Open Vino SlidesAIDC India - Intel Movidius / Open Vino Slides
AIDC India - Intel Movidius / Open Vino Slides
Intel® Software
 
AIDC India - AI Vision Slides
AIDC India - AI Vision SlidesAIDC India - AI Vision Slides
AIDC India - AI Vision Slides
Intel® Software
 
Enhance and Accelerate Your AI and Machine Learning Solution | SIGGRAPH 2019 ...
Enhance and Accelerate Your AI and Machine Learning Solution | SIGGRAPH 2019 ...Enhance and Accelerate Your AI and Machine Learning Solution | SIGGRAPH 2019 ...
Enhance and Accelerate Your AI and Machine Learning Solution | SIGGRAPH 2019 ...
Intel® Software
 

More from Intel® Software (20)

AI for All: Biology is eating the world & AI is eating Biology
AI for All: Biology is eating the world & AI is eating Biology AI for All: Biology is eating the world & AI is eating Biology
AI for All: Biology is eating the world & AI is eating Biology
 
Python Data Science and Machine Learning at Scale with Intel and Anaconda
Python Data Science and Machine Learning at Scale with Intel and AnacondaPython Data Science and Machine Learning at Scale with Intel and Anaconda
Python Data Science and Machine Learning at Scale with Intel and Anaconda
 
Streamline End-to-End AI Pipelines with Intel, Databricks, and OmniSci
Streamline End-to-End AI Pipelines with Intel, Databricks, and OmniSciStreamline End-to-End AI Pipelines with Intel, Databricks, and OmniSci
Streamline End-to-End AI Pipelines with Intel, Databricks, and OmniSci
 
AI for good: Scaling AI in science, healthcare, and more.
AI for good: Scaling AI in science, healthcare, and more.AI for good: Scaling AI in science, healthcare, and more.
AI for good: Scaling AI in science, healthcare, and more.
 
Software AI Accelerators: The Next Frontier | Software for AI Optimization Su...
Software AI Accelerators: The Next Frontier | Software for AI Optimization Su...Software AI Accelerators: The Next Frontier | Software for AI Optimization Su...
Software AI Accelerators: The Next Frontier | Software for AI Optimization Su...
 
Advanced Techniques to Accelerate Model Tuning | Software for AI Optimization...
Advanced Techniques to Accelerate Model Tuning | Software for AI Optimization...Advanced Techniques to Accelerate Model Tuning | Software for AI Optimization...
Advanced Techniques to Accelerate Model Tuning | Software for AI Optimization...
 
Reducing Deep Learning Integration Costs and Maximizing Compute Efficiency| S...
Reducing Deep Learning Integration Costs and Maximizing Compute Efficiency| S...Reducing Deep Learning Integration Costs and Maximizing Compute Efficiency| S...
Reducing Deep Learning Integration Costs and Maximizing Compute Efficiency| S...
 
AWS & Intel Webinar Series - Accelerating AI Research
AWS & Intel Webinar Series - Accelerating AI ResearchAWS & Intel Webinar Series - Accelerating AI Research
AWS & Intel Webinar Series - Accelerating AI Research
 
Intel Developer Program
Intel Developer ProgramIntel Developer Program
Intel Developer Program
 
Intel AIDC Houston Summit - Overview Slides
Intel AIDC Houston Summit - Overview SlidesIntel AIDC Houston Summit - Overview Slides
Intel AIDC Houston Summit - Overview Slides
 
AIDC NY: BODO AI Presentation - 09.19.2019
AIDC NY: BODO AI Presentation - 09.19.2019AIDC NY: BODO AI Presentation - 09.19.2019
AIDC NY: BODO AI Presentation - 09.19.2019
 
AIDC NY: Applications of Intel AI by QuEST Global - 09.19.2019
AIDC NY: Applications of Intel AI by QuEST Global - 09.19.2019AIDC NY: Applications of Intel AI by QuEST Global - 09.19.2019
AIDC NY: Applications of Intel AI by QuEST Global - 09.19.2019
 
Advanced Single Instruction Multiple Data (SIMD) Programming with Intel® Impl...
Advanced Single Instruction Multiple Data (SIMD) Programming with Intel® Impl...Advanced Single Instruction Multiple Data (SIMD) Programming with Intel® Impl...
Advanced Single Instruction Multiple Data (SIMD) Programming with Intel® Impl...
 
Build a Deep Learning Video Analytics Framework | SIGGRAPH 2019 Technical Ses...
Build a Deep Learning Video Analytics Framework | SIGGRAPH 2019 Technical Ses...Build a Deep Learning Video Analytics Framework | SIGGRAPH 2019 Technical Ses...
Build a Deep Learning Video Analytics Framework | SIGGRAPH 2019 Technical Ses...
 
Bring Intelligent Motion Using Reinforcement Learning Engines | SIGGRAPH 2019...
Bring Intelligent Motion Using Reinforcement Learning Engines | SIGGRAPH 2019...Bring Intelligent Motion Using Reinforcement Learning Engines | SIGGRAPH 2019...
Bring Intelligent Motion Using Reinforcement Learning Engines | SIGGRAPH 2019...
 
RenderMan*: The Role of Open Shading Language (OSL) with Intel® Advanced Vect...
RenderMan*: The Role of Open Shading Language (OSL) with Intel® Advanced Vect...RenderMan*: The Role of Open Shading Language (OSL) with Intel® Advanced Vect...
RenderMan*: The Role of Open Shading Language (OSL) with Intel® Advanced Vect...
 
AIDC India - AI on IA
AIDC India  - AI on IAAIDC India  - AI on IA
AIDC India - AI on IA
 
AIDC India - Intel Movidius / Open Vino Slides
AIDC India - Intel Movidius / Open Vino SlidesAIDC India - Intel Movidius / Open Vino Slides
AIDC India - Intel Movidius / Open Vino Slides
 
AIDC India - AI Vision Slides
AIDC India - AI Vision SlidesAIDC India - AI Vision Slides
AIDC India - AI Vision Slides
 
Enhance and Accelerate Your AI and Machine Learning Solution | SIGGRAPH 2019 ...
Enhance and Accelerate Your AI and Machine Learning Solution | SIGGRAPH 2019 ...Enhance and Accelerate Your AI and Machine Learning Solution | SIGGRAPH 2019 ...
Enhance and Accelerate Your AI and Machine Learning Solution | SIGGRAPH 2019 ...
 

Recently uploaded

Use Cases & Benefits of RPA in Manufacturing in 2024.pptx
Use Cases & Benefits of RPA in Manufacturing in 2024.pptxUse Cases & Benefits of RPA in Manufacturing in 2024.pptx
Use Cases & Benefits of RPA in Manufacturing in 2024.pptx
SynapseIndia
 
Opencast Summit 2024 — Opencast @ University of Münster
Opencast Summit 2024 — Opencast @ University of MünsterOpencast Summit 2024 — Opencast @ University of Münster
Opencast Summit 2024 — Opencast @ University of Münster
Matthias Neugebauer
 
"Mastering Graphic Design: Essential Tips and Tricks for Beginners and Profes...
"Mastering Graphic Design: Essential Tips and Tricks for Beginners and Profes..."Mastering Graphic Design: Essential Tips and Tricks for Beginners and Profes...
"Mastering Graphic Design: Essential Tips and Tricks for Beginners and Profes...
Anant Gupta
 
leewayhertz.com-AI agents for healthcare Applications benefits and implementa...
leewayhertz.com-AI agents for healthcare Applications benefits and implementa...leewayhertz.com-AI agents for healthcare Applications benefits and implementa...
leewayhertz.com-AI agents for healthcare Applications benefits and implementa...
alexjohnson7307
 
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
Priyanka Aash
 
The Role of IoT in Australian Mobile App Development - PDF Guide
The Role of IoT in Australian Mobile App Development - PDF GuideThe Role of IoT in Australian Mobile App Development - PDF Guide
The Role of IoT in Australian Mobile App Development - PDF Guide
Shiv Technolabs
 
EuroPython 2024 - Streamlining Testing in a Large Python Codebase
EuroPython 2024 - Streamlining Testing in a Large Python CodebaseEuroPython 2024 - Streamlining Testing in a Large Python Codebase
EuroPython 2024 - Streamlining Testing in a Large Python Codebase
Jimmy Lai
 
IPLOOK Remote-Sensing Satellite Solution
IPLOOK Remote-Sensing Satellite SolutionIPLOOK Remote-Sensing Satellite Solution
IPLOOK Remote-Sensing Satellite Solution
IPLOOK Networks
 
Google I/O Extended Harare Merged Slides
Google I/O Extended Harare Merged SlidesGoogle I/O Extended Harare Merged Slides
Google I/O Extended Harare Merged Slides
Google Developer Group - Harare
 
Tirana Tech Meetup - Agentic RAG with Milvus, Llama3 and Ollama
Tirana Tech Meetup - Agentic RAG with Milvus, Llama3 and OllamaTirana Tech Meetup - Agentic RAG with Milvus, Llama3 and Ollama
Tirana Tech Meetup - Agentic RAG with Milvus, Llama3 and Ollama
Zilliz
 
Vertex AI Agent Builder - GDG Alicante - Julio 2024
Vertex AI Agent Builder - GDG Alicante - Julio 2024Vertex AI Agent Builder - GDG Alicante - Julio 2024
Vertex AI Agent Builder - GDG Alicante - Julio 2024
Nicolás Lopéz
 
July Patch Tuesday
July Patch TuesdayJuly Patch Tuesday
July Patch Tuesday
Ivanti
 
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
aslasdfmkhan4750
 
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
Priyanka Aash
 
Introduction-to-the-IAM-Platform-Implementation-Plan.pptx
Introduction-to-the-IAM-Platform-Implementation-Plan.pptxIntroduction-to-the-IAM-Platform-Implementation-Plan.pptx
Introduction-to-the-IAM-Platform-Implementation-Plan.pptx
313mohammedarshad
 
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdfBT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
Neo4j
 
Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
sunilverma7884
 
How Social Media Hackers Help You to See Your Wife's Message.pdf
How Social Media Hackers Help You to See Your Wife's Message.pdfHow Social Media Hackers Help You to See Your Wife's Message.pdf
How Social Media Hackers Help You to See Your Wife's Message.pdf
HackersList
 
RPA In Healthcare Benefits, Use Case, Trend And Challenges 2024.pptx
RPA In Healthcare Benefits, Use Case, Trend And Challenges 2024.pptxRPA In Healthcare Benefits, Use Case, Trend And Challenges 2024.pptx
RPA In Healthcare Benefits, Use Case, Trend And Challenges 2024.pptx
SynapseIndia
 
Types of Weaving loom machine & it's technology
Types of Weaving loom machine & it's technologyTypes of Weaving loom machine & it's technology
Types of Weaving loom machine & it's technology
ldtexsolbl
 

Recently uploaded (20)

Use Cases & Benefits of RPA in Manufacturing in 2024.pptx
Use Cases & Benefits of RPA in Manufacturing in 2024.pptxUse Cases & Benefits of RPA in Manufacturing in 2024.pptx
Use Cases & Benefits of RPA in Manufacturing in 2024.pptx
 
Opencast Summit 2024 — Opencast @ University of Münster
Opencast Summit 2024 — Opencast @ University of MünsterOpencast Summit 2024 — Opencast @ University of Münster
Opencast Summit 2024 — Opencast @ University of Münster
 
"Mastering Graphic Design: Essential Tips and Tricks for Beginners and Profes...
"Mastering Graphic Design: Essential Tips and Tricks for Beginners and Profes..."Mastering Graphic Design: Essential Tips and Tricks for Beginners and Profes...
"Mastering Graphic Design: Essential Tips and Tricks for Beginners and Profes...
 
leewayhertz.com-AI agents for healthcare Applications benefits and implementa...
leewayhertz.com-AI agents for healthcare Applications benefits and implementa...leewayhertz.com-AI agents for healthcare Applications benefits and implementa...
leewayhertz.com-AI agents for healthcare Applications benefits and implementa...
 
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
 
The Role of IoT in Australian Mobile App Development - PDF Guide
The Role of IoT in Australian Mobile App Development - PDF GuideThe Role of IoT in Australian Mobile App Development - PDF Guide
The Role of IoT in Australian Mobile App Development - PDF Guide
 
EuroPython 2024 - Streamlining Testing in a Large Python Codebase
EuroPython 2024 - Streamlining Testing in a Large Python CodebaseEuroPython 2024 - Streamlining Testing in a Large Python Codebase
EuroPython 2024 - Streamlining Testing in a Large Python Codebase
 
IPLOOK Remote-Sensing Satellite Solution
IPLOOK Remote-Sensing Satellite SolutionIPLOOK Remote-Sensing Satellite Solution
IPLOOK Remote-Sensing Satellite Solution
 
Google I/O Extended Harare Merged Slides
Google I/O Extended Harare Merged SlidesGoogle I/O Extended Harare Merged Slides
Google I/O Extended Harare Merged Slides
 
Tirana Tech Meetup - Agentic RAG with Milvus, Llama3 and Ollama
Tirana Tech Meetup - Agentic RAG with Milvus, Llama3 and OllamaTirana Tech Meetup - Agentic RAG with Milvus, Llama3 and Ollama
Tirana Tech Meetup - Agentic RAG with Milvus, Llama3 and Ollama
 
Vertex AI Agent Builder - GDG Alicante - Julio 2024
Vertex AI Agent Builder - GDG Alicante - Julio 2024Vertex AI Agent Builder - GDG Alicante - Julio 2024
Vertex AI Agent Builder - GDG Alicante - Julio 2024
 
July Patch Tuesday
July Patch TuesdayJuly Patch Tuesday
July Patch Tuesday
 
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
 
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
 
Introduction-to-the-IAM-Platform-Implementation-Plan.pptx
Introduction-to-the-IAM-Platform-Implementation-Plan.pptxIntroduction-to-the-IAM-Platform-Implementation-Plan.pptx
Introduction-to-the-IAM-Platform-Implementation-Plan.pptx
 
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdfBT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
 
Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
 
How Social Media Hackers Help You to See Your Wife's Message.pdf
How Social Media Hackers Help You to See Your Wife's Message.pdfHow Social Media Hackers Help You to See Your Wife's Message.pdf
How Social Media Hackers Help You to See Your Wife's Message.pdf
 
RPA In Healthcare Benefits, Use Case, Trend And Challenges 2024.pptx
RPA In Healthcare Benefits, Use Case, Trend And Challenges 2024.pptxRPA In Healthcare Benefits, Use Case, Trend And Challenges 2024.pptx
RPA In Healthcare Benefits, Use Case, Trend And Challenges 2024.pptx
 
Types of Weaving loom machine & it's technology
Types of Weaving loom machine & it's technologyTypes of Weaving loom machine & it's technology
Types of Weaving loom machine & it's technology
 

Introduction to High-Performance Computing (HPC) Containers and Singularity*

  • 1. SINGULARITY P1 Containers for Science, Reproducibility and Mobility Presented By: Gregory M. Kurtzer HPC Systems Architect Lawrence Berkeley National Lab gmkurtzer@lbl.gov http://singularity.lbl.gov/
  • 2. CONTAINERS IN HPC: SINGULARITY CONTAINERS …
  • 3. CONTAINERS IN HPC: SINGULARITY
  • 4. CONTAINERS IN HPC: SINGULARITY CONTAINERS: WHAT ARE THEY? In a nutshell: Containers are encapsulations of system environments … (and a means to use it)
  • 5. CONTAINERS IN HPC: SINGULARITY
  • 6. CONTAINERS IN HPC: SINGULARITY
  • 7. CONTAINERS IN HPC: SINGULARITY HOW DOES INDUSTRY MAKE USE OF CONTAINERS?
  • 8. CONTAINERS IN HPC: SINGULARITY
  • 9. CONTAINERS IN HPC: SINGULARITY
  • 10. CONTAINERS IN HPC: SINGULARITY
  • 11. CONTAINERS IN HPC: SINGULARITY
  • 12. CONTAINERS IN HPC: SINGULARITY
  • 13. CONTAINERS IN HPC: SINGULARITY BUT WHAT ABOUT SCIENCE? WHAT IS THE SCIENTIFIC USE CASE?
  • 14. CONTAINERS IN HPC: SINGULARITY CONTAINERS: PRIMARY USE CASES ▸Reproducibility! ▸Extreme mobility of compute (portability) ▸Provides the users, developers and engineers FREEDOM! ▸ Can easily leverage other people’s work ▸ Changes the software distribution and dependency paradigm ▸ Depending on application and use-case, simple extreme scalability ▸ Containers are in many ways the next logical progression from virtual machines
  • 15. CONTAINERS IN HPC: SINGULARITY CONTAINERS: DOCKER ▸ Docker is the most well known container platform ▸ Designed for network service virtualization ▸ Facilitates workflow of creating, maintaining and distributing containers ▸ Containers are highly reproducible ▸ Scientists have jumped on the bandwagon because it seems to have solved their requirements ▸ User demand is high, interest is high, buzzworthiness is very high!
  • 16. CONTAINERS IN HPC: SINGULARITY SO WHY DON’T WE SEE HPC CENTERS INTEGRATING DOCKER ON THEIR RESOURCES?
  • 17. CONTAINERS IN HPC: SINGULARITY DOCKER IN HPC: THE PROBLEM ▸ Docker emulates a virtual machine in many aspects (e.g. users can escalate to root) ▸ Non-authorized users having root access to any of our production networks is considered a security breech ▸ To mitigate this security issue, networks must be isolated for Docker access ▸ Precludes access to InfiniBand high performance networks and optimized storage platforms ▸ Typical solution is a virtual cluster within a physical cluster, but without high performance-ness (removed HP from HPC leaving just C) ▸ Docker uses a root owned daemon that users can control by means of a writable socket (users control root process)?! ▸ What ACLs are in place, are they enough to trust? Can we control or fine tune them? ▸ No native GPU support. We need to hack Docker, or/also integrate Docker-Nvidia? ▸ No reasonable support or timeline for MPI… MPI developers estimate this milestone for at least 2 years from now! ▸ Can not limit access to local file systems, especially when user can achieve root inside container, this breaks all file locally mounted file system security ▸ Doesn’t support production distributions/kernels (RHEL7 not even completely supported yet)! ▸ Incompatibilities with existing scheduling and resource manager paradigms: ▸ Root owned Docker daemon is outside the reach and control of the resource manager ▸ MPI/parallel job runs become increasingly complex due to virtual ad-hoc networking assignments ▸ Docker is built, maintained, and emphasized for the enterprise, not HPC ▸ Patches to help make Docker/runC/RKT a better solution for HPC have been submitted … but most have not been accepted!
  • 18. CONTAINERS IN HPC: SINGULARITY DOCKER IN HPC: SUMMARY Lots of technical implementation problems! The buzz around Docker on HPC is years old and scientists have been begging, but no HPC centers have integrated a full featured Docker solution on their traditional HPC systems. HPC is not the appropriate use-case or interest for the Docker community
  • 19. CONTAINERS IN HPC: SINGULARITY SO… WHAT IS THE NEED? ▸ Reproducibility and archival software and environment stacks ▸ Mobility of Compute (portable, sharable, distributable container images) ▸ User defined and controlled environments (BYOE) ▸ Integratable with existing shared infrastructures and scheduling subsystems ▸ Properly make use of the existing high performance physical hardware ▸ Must support running as the user to facilitate scheduling and MPI workflows ▸ Make use of all of the work that has been done in Docker so far ▸ We needed it yesterday (so it must be compatible with today’s technology)!
  • 20. CONTAINERS IN HPC: SINGULARITY SINGULARITY: HELLO WORLD.
  • 21. CONTAINERS IN HPC: SINGULARITY SINGULARITY DESIGN GOALS ▸ Architected specifically for scientific reproducibility, “Mobility of Compute” and HPC ▸ Single file based container images: facilitates modification, distribution, and execution ▸ No sys-admin, architectural or workflow changes necessary to run Singularity ▸ Compatibility with existing shared/multi-tenant computational resources ▸ Maintain user credentials (inside user == outside user) ▸ Separation between the container and the host can be blurred to leverage host’s resources ▸ We don’t have to virtualize everything, we can pick and choose as needed
  • 22. CONTAINERS IN HPC: SINGULARITY HOW DOES IT WORK?
  • 23. CONTAINERS IN HPC: SINGULARITY User contexts are always maintained when the container is launched (if it is launched by a particular user, the programs inside will be running as that user) with no escalation pathway within the container! Thus…. If you want to be root inside of the container, you must first be root outside of the container SINGULARITY: PERMISSIONS, ACCESS AND PRIVILEGE
  • 24. CONTAINERS IN HPC: SINGULARITY SINGULARITY: WORKFLOW Root/Superuser ▸ Create a new container ▸ Bootstrap/install container ▸ System (container) modifications Regular User ➡ singularity shell … ➡ singularity exec … ➡ singularity run … Copy image Share image End Point the User Controls Shared Computational Resource
  • 25. CONTAINERS IN HPC: SINGULARITY SINGULARITY: CREATE THE CONTAINER $ sudo singularity create —size 2048 /tmp/Centos-7.img
  • 26. CONTAINERS IN HPC: SINGULARITY SINGULARITY: BOOTSTRAP/INSTALL THE CONTAINER $ sudo singularity bootstrap /tmp/Centos-7.img centos.def
  • 27. CONTAINERS IN HPC: SINGULARITY SINGULARITY: NOW WE HAVE A CONTAINER… $ singularity shell /tmp/Centos-7.img $ singularity exec /tmp/Centos-7.img echo “Hello World” $ singularity run /tmp/Centos-7.img
  • 28. CONTAINERS IN HPC: SINGULARITY SINGULARITY: LAUNCHING A CONTAINER ▸ Singularity sets up the container environment and creates the necessary namespaces and execv()s the application(s) within the container ▸ Directories, files and other resources are shared from the host into the container (as allowed by the system administrator) ▸ All expected I/O is passed through the container: pipes, program arguments, stdout, stdin, stderr and X11 ▸ When the application(s) finish their foreground execution process, the container and namespaces collapse and vanish cleanly
  • 29. CONTAINERS IN HPC: SINGULARITY SINGULARITY: A PEEK INTO THE CONTAINER $ cat /etc/redhat-release cat: /etc/redhat-release: No such file or directory $ singularity shell /tmp/Centos-7.img Singularity: Invoking an interactive shell within container...
 
 Singularity.Centos-7.img> cat /etc/redhat-release CentOS Linux release 7.2.1511 (Core)
  • 30. CONTAINERS IN HPC: SINGULARITY SINGULARITY: MODIFY CONTAINER $ sudo singularity shell —writable /tmp/Centos-7.img Singularity: Invoking an interactive shell within container...
 
 Singularity.Centos-7.img> yum install …
  • 31. CONTAINERS IN HPC: SINGULARITY SINGULARITY: COPY MY PROGRAMS INTO CONTAINER $ sudo singularity copy /tmp/Centos-7.img script.py /usr/bin/ $ singularity exec /tmp/Centos-7.img /usr/bin/script.py
  • 32. CONTAINERS IN HPC: SINGULARITY
  • 33. CONTAINERS IN HPC: SINGULARITY SINGULARITY: EXTREME MOBILITY AND PORTABILITY
  • 34. CONTAINERS IN HPC: SINGULARITY SINGULARITY: EXTREME MOBILITY AND PORTABILITY
  • 35. CONTAINERS IN HPC: SINGULARITY SINGULARITY: CONTAINER IS ALWAYS THE SAME ON THE INSIDE $ cat /etc/redhat-release cat: /etc/redhat-release: No such file or directory $ singularity exec /tmp/Centos-7.img cat /etc/redhat-release CentOS Linux release 7.2.1511 (Core)
  • 36. CONTAINERS IN HPC: SINGULARITY SINGULARITY VERSION 2.2 IS AVAILABLE NOW! HTTP://SINGULARITY.LBL.GOV/
  • 37. CONTAINERS IN HPC: SINGULARITY SINGULARITY: WHO’S USING IT / NAME DROPS / BANDWAGON ▸ Texas Advanced Computing Center: 462,462 cores / Stampede ▸ GSI Helmholtz Center for Ion Research: 300,000 cores / GreenCube ▸ National Institute of Health: 54,000 cores / Biowulf ▸ UFIT Research Computing at University of Florida: 51,000 cores / HiPerGator ▸ San Diego Supercomputing Center: 50,000 cores / Comet and Gordon ▸ Lawrence Berkeley National Laboratory: 30,000 cores / Lawrencium ▸ Holland Computing Center at UNL/LHC: 14,000 cores / Crane and Tusker
  • 38. CONTAINERS IN HPC: SINGULARITY SINGULARITY HUB: REPRODUCIBLE SCIENCE EXPOSED!
  • 39. CONTAINERS IN HPC: SINGULARITY QUESTIONS?
  • 40. CONTAINERS IN HPC: SINGULARITY HTTPS://GITHUB.COM/SINGULARITYWARE/INTEL-HPC-DEVCON SINGULARITY: INTRODUCTION TO SINGULARITY WORKSHOP (1)
  • 41. CONTAINERS IN HPC: SINGULARITY HTTPS://LAB.PORTABLE-HPC.NET/ SINGULARITY: LOG INTO AWS COMPUTE INSTANCES
  • 42. CONTAINERS IN HPC: SINGULARITY INSTALLATION OF SINGULARITY
  • 43. CONTAINERS IN HPC: SINGULARITY # Required to build Singularity $ sudo yum groupinstall “Development Tools” # Download and build Singularity from the GitHub master branch $ mkdir ~/git $ cd ~/git $ git clone https://github.com/singularityware/singularity.git $ cd singularity $ ./autogen.sh $ ./configure $ make dist $ rpmbuild -ta singularity-2.2.tar.gz # Install the newly build Singularity RPM package $ sudo yum install $HOME/rpmbuild/RPMS/x86_64/singularity-2.2-0.1.el7.centos.x86_64.rpm # Install dependencies for bootstrapping a Debian container $ sudo yum install epel-release $ sudo yum install debootstrap SINGULARITY: INSTALLATION
  • 44. CONTAINERS IN HPC: SINGULARITY $ singularity help USAGE: singularity [global options...] <command> [command options...] ... GLOBAL OPTIONS: -d --debug Print debugging information -h --help Display usage summary -q --quiet Only print errors --version Show application version -v --verbose Increase verbosity +1 -x --sh-debug Print shell wrapper debugging information GENERAL COMMANDS: help Show additional help for a command CONTAINER USAGE COMMANDS: exec Execute a command within container run Launch a runscript within container shell Run a Bourne shell within container test Execute any test code defined within container … snip … SINGULARITY: CLI OVERVIEW
  • 45. CONTAINERS IN HPC: SINGULARITY $ singularity shell docker://ubuntu:latest library/ubuntu:latest Downloading layer: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Downloading layer: sha256:668604fde02e75dddb4b44c80d4ce20baaac4832c41c3a945f4a236cd7d2f164 Downloading layer: sha256:2879a7ad31445fe2cea410b8ba76704003c11ee05c0a4d32d1113009ea1a1aae Downloading layer: sha256:de413bb911fd848383ef2e5068a42c258c898d6ee869fb441fb2391eb327b576 Downloading layer: sha256:fc19d60a83f11bbddc7bd2dfca6095b49100314bfde61d83729112a6b6e11d48 Downloading layer: sha256:6bbedd9b76a496816d86a0af731ea984f40467ef8fb23be752f801cb80436ac6 Singularity: Invoking an interactive shell within container… Singularity.ubuntu:latest> cat /etc/lsb-release DISTRIB_ID=Ubuntu DISTRIB_RELEASE=16.04 DISTRIB_CODENAME=xenial DISTRIB_DESCRIPTION="Ubuntu 16.04.1 LTS” Singularity.ubuntu:latest> which apt-get /usr/bin/apt-get Singularity.ubuntu:latest> exit SINGULARITY: CONTAINER TEST FROM DOCKER HUB
  • 46. CONTAINERS IN HPC: SINGULARITY CREATING/BOOTSTRAPPING A NEW CONTAINER
  • 47. CONTAINERS IN HPC: SINGULARITY $ cat examples/debian.def # Copyright (c) 2015-2016, Gregory M. Kurtzer. All rights reserved. # # "Singularity" Copyright (c) 2016, The Regents of the University of California, # through Lawrence Berkeley National Laboratory (subject to receipt of any # required approvals from the U.S. Dept. of Energy). All rights reserved. BootStrap: debootstrap OSVersion: stable MirrorURL: http://ftp.us.debian.org/debian/ %runscript echo "This is what happens when you run the container..." %post echo "Hello from inside the container" apt-get update apt-get -y install vim SINGULARITY: BOOTSTRAP DEFINITION/RECIPE
  • 48. CONTAINERS IN HPC: SINGULARITY $ sudo singularity create /tmp/Debian.img Creating a new image with a maximum size of 768MiB... Executing image create helper Formatting image with ext3 file system Done. $ ls -l /tmp/Debian.img -rwxr-xr-x. 1 root root 805306399 Nov 5 07:22 /tmp/Debian.img $ /tmp/Debian.img ERROR : Container does not have a valid /bin/sh ABORT : Retval = 255 SINGULARITY: NEW IMAGE CREATION
  • 49. CONTAINERS IN HPC: SINGULARITY $ sudo singularity bootstrap /tmp/Debian.img examples/debian.def Bootstrap initialization Checking bootstrap definition Executing Prebootstrap module Executing Bootstrap 'debootstrap' module … snip … Processing /usr/share/vim/addons/doc Setting up vim (2:7.4.488-7) ... update-alternatives: using /usr/bin/vim.basic to provide /usr/bin/vim (vim) in auto mode update-alternatives: using /usr/bin/vim.basic to provide /usr/bin/vimdiff (vimdiff) in auto mode update-alternatives: using /usr/bin/vim.basic to provide /usr/bin/rvim (rvim) in auto mode update-alternatives: using /usr/bin/vim.basic to provide /usr/bin/rview (rview) in auto mode update-alternatives: using /usr/bin/vim.basic to provide /usr/bin/vi (vi) in auto mode update-alternatives: using /usr/bin/vim.basic to provide /usr/bin/view (view) in auto mode update-alternatives: using /usr/bin/vim.basic to provide /usr/bin/ex (ex) in auto mode update-alternatives: using /usr/bin/vim.basic to provide /usr/bin/editor (editor) in auto mode Processing triggers for libc-bin (2.19-18+deb8u6) ... Done. SINGULARITY: BOOTSTRAP
  • 50. CONTAINERS IN HPC: SINGULARITY USING THE CONTAINERS
  • 51. CONTAINERS IN HPC: SINGULARITY # Notice the PS output is now in a new process namespace $ singularity exec -p /tmp/Debian.img ps auxf # What happens when Contained? Create some files in your home, are they persistent? $ singularity shell --contain /tmp/Debian.img # Contain but define a new directory to use for your home $ singularity shell --contain --home ~/git /tmp/Debian.img # User defined bind points. What happens if you specify a bind point that doesn’t exist? What # about if you bind ontop of a system location (e.g. /bin/)? $ singularity shell --bind /tmp:/opt /tmp/Debian.img # How is the shell environment transposed into the container? $ singularity exec /tmp/Debian.img env $ singularity exec /tmp/Debian.img env | wc -l $ env -i singularity exec /tmp/Debian.img env | wc -l $ env -i FOO=BAR singularity exec /tmp/Debian.img env SINGULARITY: USAGE AND OPTION EXAMPLES
  • 52. CONTAINERS IN HPC: SINGULARITY $ singularity shell /tmp/Debian.img Singularity: Invoking an interactive shell within container... Singularity.Debian.img> uname -a Linux ip-172-31-20-175 3.10.0-327.28.2.el7.x86_64 #1 SMP Wed Aug 3 11:11:39 UTC 2016 x86_64 GNU/ Linux Singularity.Debian.img> whoami gmk Singularity.Debian.img> pwd /home/gmk/git/singularity Singularity.Debian.img> ./configure checking build system type... x86_64-unknown-linux-gnu checking host system type... x86_64-unknown-linux-gnu checking target system type... x86_64-unknown-linux-gnu checking for a BSD-compatible install... /usr/bin/install -c … snip … configure: error: in `/home/gmk/git/singularity': configure: error: no acceptable C compiler found in $PATH See `config.log' for more details Singularity.Debian.img> exit SINGULARITY: USING YOUR NEW CONTAINER
  • 53. CONTAINERS IN HPC: SINGULARITY $ singularity exec /tmp/Debian.img uname -a Linux ip-172-31-20-175 3.10.0-327.28.2.el7.x86_64 #1 SMP Wed Aug 3 11:11:39 UTC 2016 x86_64 GNU/ Linux $ singularity exec /tmp/Debian.img whoami gmk $ singularity exec /tmp/Debian.img pwd /home/gmk/git/singularity $ singularity exec /tmp/Debian.img ./configure checking build system type... x86_64-unknown-linux-gnu checking host system type... x86_64-unknown-linux-gnu checking target system type... x86_64-unknown-linux-gnu checking for a BSD-compatible install... /usr/bin/install -c … snip … configure: error: in `/home/gmk/git/singularity': configure: error: no acceptable C compiler found in $PATH See `config.log' for more details $ singularity run /tmp/Debian.img This is what happens when you run the container... $ /tmp/Debian.img This is what happens when you run the container... SINGULARITY: USING YOUR NEW CONTAINER
  • 54. CONTAINERS IN HPC: SINGULARITY $ singularity exec /tmp/Debian.img python —version /.exec: line 3: exec: python: not found $ sudo singularity exec --writable /tmp/Debian.img apt-get -y install python Reading package lists... Done Building dependency tree Reading state information... Done The following extra packages will be installed: file libexpat1 libffi6 libmagic1 libpython-stdlib libpython2.7-minimal libpython2.7-stdlib libsqlite3-0 libssl1.0.0 mime-support python-minimal python2.7 python2.7-minimal … snip … Setting up libpython-stdlib:amd64 (2.7.9-1) ... Setting up python (2.7.9-1) ... Setting up file (1:5.22+15-2+deb8u2) ... Processing triggers for libc-bin (2.19-18+deb8u6) ... $ singularity exec /tmp/Debian.img python --version Python 2.7.9 SINGULARITY: CHANGING YOUR CONTAINER
  • 55. CONTAINERS IN HPC: SINGULARITY $ cat ~/hello.py #!/usr/bin/python import sys print("Hello World: The Python version is %s.%s.%s" % sys.version_info[:3]) $ python ~/hello.py Hello World: The Python version is 2.7.5 $ singularity exec /tmp/Debian.img python ~/hello.py Hello World: The Python version is 2.7.9 $ cat ~/hello.py | singularity exec /tmp/Debian.img python Hello World: The Python version is 2.7.9 $ singularity exec docker://python:latest /usr/local/bin/python ~/hello.py library/python:latest Downloading layer: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Downloading layer: sha256:0a587a7fabdab20075256ed13afc7a39228dba7e9aaf0835c10860fe5abc1bd7 Downloading layer: sha256:d96297b6dc069127b12c63f533f253436496380a42c4a48d3702327ab028f275 Downloading layer: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Downloading layer: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 … snip … Hello World: The Python version is 3.5.2 SINGULARITY: MORE CONTAINER AWESOMENESS
  • 56. CONTAINERS IN HPC: SINGULARITY WORKFLOWS/RUNSCRIPTS
  • 57. CONTAINERS IN HPC: SINGULARITY $ cat examples/debian.def # Copyright (c) 2015-2016, Gregory M. Kurtzer. All rights reserved. # # "Singularity" Copyright (c) 2016, The Regents of the University of California, # through Lawrence Berkeley National Laboratory (subject to receipt of any # required approvals from the U.S. Dept. of Energy). All rights reserved. BootStrap: debootstrap OSVersion: stable MirrorURL: http://ftp.us.debian.org/debian/ %runscript for i in $@; do grep "$i" /etc/services done %post echo "Hello from inside the container" apt-get update apt-get -y install netbase SINGULARITY: BOOTSTRAP DEFINITION/RECIPE (EDIT THE EXAMPLE FILE) Edit Here
  • 58. CONTAINERS IN HPC: SINGULARITY $ sudo singularity create -F /tmp/Debian-workflow.img Creating a new image with a maximum size of 768MiB... Executing image create helper Formatting image with ext3 file system Done. $ sudo singularity bootstrap /tmp/Debian-workflow.img examples/debian.def Bootstrap initialization Checking bootstrap definition Executing Prebootstrap module Executing Bootstrap 'debootstrap' module … snip … Setting up libisccfg-export90 (1:9.9.5.dfsg-9+deb8u6) ... Setting up libirs-export91 (1:9.9.5.dfsg-9+deb8u6) ... Setting up iproute2 (3.16.0-2) ... Setting up ifupdown (0.7.53.1) ... Creating /etc/network/interfaces. Setting up isc-dhcp-common (4.3.1-6+deb8u2) ... Setting up isc-dhcp-client (4.3.1-6+deb8u2) ... Setting up libxtables10 (1.4.21-2+b1) ... Setting up netbase (5.3) ... Processing triggers for libc-bin (2.19-18+deb8u6) ... Processing triggers for systemd (215-17+deb8u5) ... Done. SINGULARITY: BOOTSTRAP
  • 59. CONTAINERS IN HPC: SINGULARITY $ singularity run /tmp/Debian-workflow.img ^http http 80/tcp www # WorldWideWeb HTTP http 80/udp # HyperText Transfer Protocol https 443/tcp # http protocol over TLS/SSL https 443/udp http-alt 8080/tcp webcache # WWW caching service http-alt 8080/udp $ ls -l /tmp/Debian-workflow.img -rwxr-xr-x. 1 root root 805306399 Nov 5 07:22 /tmp/Debian-workflow.img $ sudo mv /tmp/Debian-workflow.img /usr/local/bin/service_lookup $ service_lookup ^ftp ^smtp ftp-data 20/tcp ftp 21/tcp ftps-data 989/tcp # FTP over SSL (data) ftps 990/tcp smtp 25/tcp mail SINGULARITY: EXECUTING THE RUNSCRIPT
  • 60. CONTAINERS IN HPC: SINGULARITY SINGULARITY: EXTREME MOBILITY AND PORTABILITY
  • 61. CONTAINERS IN HPC: SINGULARITY $ cat examples/contrib/debian85-tensorflow-0.10.def BootStrap: debootstrap OSVersion: stable MirrorURL: http://ftp.us.debian.org/debian/ %runscript exec /usr/bin/python %post apt-get update apt-get -y install vim python-pip python-dev pip install --upgrade https://storage.googleapis.com/tensorflow/linux/cpu/tensorflow-0.10.0- cp27-none-linux_x86_64.whl %test # This runs usually less then 30 minutes depending on your host type python -m tensorflow.models.image.mnist.convolutional SINGULARITY: TENSORFLOW
  • 62. CONTAINERS IN HPC: SINGULARITY $ sudo singularity create --size 4096 /tmp/Tensor.img Creating a new image with a maximum size of 4096MiB... Executing image create helper Formatting image with ext3 file system Done. $ sudo singularity bootstrap /tmp/Tensor.img examples/contrib/debian85-tensorflow-0.10.def Bootstrap initialization Checking bootstrap definition Executing Prebootstrap module W: Cannot check Release signature; keyring file not available /usr/share/keyrings/debian-archive- keyring.gpg I: Retrieving Release I: Retrieving Packages … snip … Minibatch loss: 1.603, learning rate: 0.006302 Minibatch error: 0.0% Validation error: 0.9% Test error: 0.8% Done. SINGULARITY: TENSORFLOW
  • 63. CONTAINERS IN HPC: SINGULARITY DISCUSSION AND QUESTIONS
  • 64. SINGULARITY P1 Containers for Science, Reproducibility and Mobility Presented By: Gregory M. Kurtzer HPC Systems Architect Lawrence Berkeley National Lab gmkurtzer@lbl.gov http://singularity.lbl.gov/