github.com/iqoqo/nomad@v0.11.3-0.20200911112621-d7021c74d101/website/pages/docs/drivers/external/singularity.mdx

github.com/iqoqo/nomad@v0.11.3-0.20200911112621-d7021c74d101/website/pages/docs/drivers/external/singularity.mdx (about)

     1  ---
     2  layout: docs
     3  page_title: 'Drivers: Singularity'
     4  sidebar_title: Singularity
     5  description: >-
     6    The Singularity task driver is used to run application containers using
     7    Singularity.
     8  ---
     9  
    10  # Singularity Driver
    11  
    12  Name: `Singularity`
    13  
    14  The `Singularity` driver provides an interface for using Singularity for running application
    15  containers. You can download the external Singularity driver [here][singularity-driver].
    16  
    17  ## Task Configuration
    18  
    19  ```hcl
    20  task "lolcow" {
    21    driver = "Singularity"
    22  
    23    config {
    24       # this example run an image from sylabs container library with the
    25       # canonical example of lolcow
    26       image = "library://sylabsed/examples/lolcow:latest"
    27       # command can be run, exec or test
    28       command = "run"
    29    }
    30  }
    31  ```
    32  
    33  The `Singularity` driver supports the following configuration in the job spec:
    34  
    35  - `image` - The Singularity image to run. It can be a local path or a supported URI.
    36  
    37    ```hcl
    38    config {
    39      image = "library://sylabsed/examples/lolcow:latest"
    40    }
    41    ```
    42  
    43  - `verbose` - (Optional) Enables extra verbosity in the Singularity runtime logging.
    44    Defaults to `false`.
    45  
    46    ```hcl
    47    config {
    48      verbose = "false"
    49    }
    50    ```
    51  
    52  - `debug` - (Optional) Enables extra debug output in the Singularity runtime
    53    logging. Defaults to `false`.
    54  
    55    ```hcl
    56    config {
    57      debug = "false"
    58    }
    59    ```
    60  
    61  - `command` - Singularity command action; can be `run`, `exec` or `test`.
    62  
    63    ```hcl
    64    config {
    65      command = "run"
    66    }
    67    ```
    68  
    69  - `args` - (Optional) Singularity command action arguments, when trying to pass arguments to `run`, `exec` or `test`.
    70    Multiple args can be given by a comma separated list.
    71  
    72    ```hcl
    73    config {
    74      args = [ "echo", "hello Cloud" ]
    75    }
    76    ```
    77  
    78  - [`binds`][bind] - (Optional) A user-bind path specification. This spec has the format `src[:dest[:opts]]`, where src and
    79    dest are outside and inside paths. If dest is not given, it is set equal to src.
    80    Mount options ('opts') may be specified as 'ro' (read-only) or 'rw' (read/write, which
    81    is the default). Multiple bind paths can be given by a comma separated list.
    82  
    83    ```hcl
    84    config {
    85      bind = [ "host/path:/container/path" ]
    86    }
    87    ```
    88  
    89  - [`overlay`][overlay] - (Optional) Singularity command action flag, to enable an overlayFS image for persistent data
    90    storage or as read-only layer of container. Multiple overlay paths can be given by a comma separated list.
    91  
    92    ```hcl
    93    config {
    94      overlay = [ "host/path/to/overlay" ]
    95    }
    96    ```
    97  
    98  - [`security`][security] - (Optional) Allows the root user to leverage security modules such as
    99    SELinux, AppArmor, and seccomp within your Singularity container.
   100    You can also change the UID and GID of the user within the container at runtime.
   101  
   102    ```hcl
   103    config {
   104      security = [ "uid:1000 " ]
   105    }
   106    ```
   107  
   108  - `contain` - (Optional) Use minimal `/dev` and empty other directories (e.g. /tmp and \$HOME) instead of sharing filesystems from your host.
   109  
   110    ```hcl
   111    config {
   112      contain = "false"
   113    }
   114    ```
   115  
   116  - `workdir` - (Optional) Working directory to be used for `/tmp`, `/var/tmp` and \$HOME (if -c/--contain was also used).
   117  
   118    ```hcl
   119    config {
   120      workdir = "/path/to/folder"
   121    }
   122    ```
   123  
   124  - `pwd` - (Optional) Initial working directory for payload process inside the container.
   125  
   126    ```hcl
   127    config {
   128      pwd = "/path/to/folder"
   129    }
   130    ```
   131  
   132  ## Networking
   133  
   134  Currently the `Singularity` driver only supports host networking. For more detailed instructions on how to set up networking options, please refer to the `Singularity` user guides [singularity-network]
   135  
   136  ## Client Requirements
   137  
   138  The `Singularity` driver requires the following:
   139  
   140  - 64-bit Linux host
   141  - The `linux_amd64` Nomad binary
   142  - The Singularity driver binary placed in the [plugin_dir][plugin_dir] directory.
   143  - [`Singularity`][singularity] v3.1.1+ to be installed
   144  
   145  ## Plugin Options ((#plugin_options))
   146  
   147  - `enabled` - The `Singularity` driver may be disabled on hosts by setting this option to `false` (defaults to `true`).
   148  
   149  - `singularity_cache` - The location in which all containers are stored (commonly defaults to `/var/lib/singularity`). See [`Singularity-cache`][singularity-cache] for more details.
   150  
   151  An example of using these plugin options with the new [plugin
   152  syntax][plugin] is shown below:
   153  
   154  ```hcl
   155  plugin "nomad-driver-Singularity" {
   156    config {
   157      enabled = true
   158      singularity_path = "/var/lib/singularity"
   159    }
   160  }
   161  ```
   162  
   163  Please note the plugin name should match whatever name you have specified for the external driver in the [plugin_dir][plugin_dir] directory.
   164  
   165  ## Client Attributes
   166  
   167  The `Singularity` driver will set the following client attributes:
   168  
   169  - `driver.singularity` - Set to `1` if Singularity is found and enabled on the host node.
   170  - `driver.singularity.version` - Version of `Singularity` e.g.: `3.1.0`.
   171  
   172  ## Resource Isolation
   173  
   174  This driver supports CPU and memory isolation via the `Singularity` cgroups feature. Network
   175  isolation is supported via `--net` and `--network` feature (Singularity v3.1.1+ required).
   176  
   177  [singularity-driver]: https://github.com/sylabs/nomad-driver-singularity
   178  [singularity_man]: https://linuxcontainers.org/Singularity/manpages/man5/Singularity.container.conf.5.html#lbAM
   179  [plugin]: /docs/configuration/plugin
   180  [plugin_dir]: /docs/configuration#plugin_dir
   181  [plugin-options]: #plugin_options
   182  [singularity]: https://github.com/sylabs/singularity
   183  [singularity-cache]: https://www.sylabs.io/guides/3.1/user-guide/appendix.html#c
   184  [bind]: https://www.sylabs.io/guides/3.1/user-guide/bind_paths_and_mounts.html
   185  [security]: https://www.sylabs.io/guides/3.1/user-guide/security_options.html
   186  [overlay]: https://www.sylabs.io/guides/3.1/user-guide/persistent_overlays.html
   187  [singularity-network]: https://www.sylabs.io/guides/3.1/user-guide/networking.html