CONTAINERIZING JOBS ON THE ACCRE CLUSTER WITH SINGULARITY

Similar documents
Docker for HPC? Yes, Singularity! Josef Hrabal

Presented By: Gregory M. Kurtzer HPC Systems Architect Lawrence Berkeley National Laboratory CONTAINERS IN HPC WITH SINGULARITY

Singularity: Containers for High-Performance Computing. Grigory Shamov Nov 21, 2017

Singularity: container formats

Introduction to Containers. Martin Čuma Center for High Performance Computing University of Utah

Introduction to Containers. Martin Čuma Center for High Performance Computing University of Utah

Introduction to containers

Travis Cardwell Technical Meeting

LSST software stack and deployment on other architectures. William O Mullane for Andy Connolly with material from Owen Boberg

Con$nuous Deployment with Docker Andrew Aslinger. Oct

Centre de Calcul de l Institut National de Physique Nucléaire et de Physique des Particules. Singularity overview. Vanessa HAMAR

Continuous integration & continuous delivery. COSC345 Software Engineering

Guest Shell. Finding Feature Information. Information About Guest Shell. Guest Shell Overview

CS197U: A Hands on Introduction to Unix

Arup Nanda VP, Data Services Priceline.com

Shifter at CSCS Docker Containers for HPC

USING NGC WITH GOOGLE CLOUD PLATFORM

Andrej Filipčič

Investigating Containers for Future Services and User Application Support

Automatic Dependency Management for Scientific Applications on Clusters. Ben Tovar*, Nicholas Hazekamp, Nathaniel Kremer-Herman, Douglas Thain

Oracle VM Workshop Applica>on Driven Virtualiza>on

docker & HEP: containerization of applications for development, distribution and preservation

ISLET: Jon Schipp, AIDE jonschipp.com. An Attempt to Improve Linux-based Software Training

Who is Docker and how he can help us? Heino Talvik

Singularity. Containers for Science

Containers. Pablo F. Ordóñez. October 18, 2018

Index. Bessel function, 51 Big data, 1. Cloud-based version-control system, 226 Containerization, 30 application, 32 virtualize processes, 30 31

Guest Shell. Finding Feature Information. Information About Guest Shell. Guest Shell Overview

Remote Workflow Enactment using Docker and the Generic Execution Framework in EUDAT

Opera&ng Systems: Principles and Prac&ce. Tom Anderson

[Docker] Containerization

Installing and Using Docker Toolbox for Mac OSX and Windows

UNIT 9 Introduction to Linux and Ubuntu

Basic UNIX. Jon K. Lærdahl, Structural Bioinforma cs

Implementing DPDK based Application Container Framework with SPP YASUFUMI OGAWA, NTT

Important DevOps Technologies (3+2+3days) for Deployment

The BioHPC Nucleus Cluster & Future Developments

Scientific Filesystem. Vanessa Sochat

EECS Software Tools. Lab 2 Tutorial: Introduction to UNIX/Linux. Tilemachos Pechlivanoglou

Docker A FRAMEWORK FOR DATA INTENSIVE COMPUTING

BEST PRACTICES FOR DOCKER

Containerizing GPU Applications with Docker for Scaling to the Cloud

Chapter 5 C. Virtual machines

Module 1: Virtualization. Types of Interfaces

Con$nuous Integra$on Development Environment. Kovács Gábor

Shifter: Fast and consistent HPC workflows using containers

Opportunities for container environments on Cray XC30 with GPU devices

Dockerized Tizen Platform

ovirt and Docker Integration

Singularity in CMS. Over a million containers served

CSC- Bioweek 2018 Using cpouta for cloud computing Kimmo Mattila, Shubham Kapoor, Ari-Matti Saren (Jukka Nousiainen)

Introduction to Containers

An introduction to Docker

P a g e 1. Teknologisk Institut. Online kursus k SysAdmin & DevOps Collection

Virtualization. Introduction. Why we interested? 11/28/15. Virtualiza5on provide an abstract environment to run applica5ons.

USING NGC WITH AZURE. DU _v01 September Setup Guide

Shifter and Singularity on Blue Waters

Introduction to Linux. Woo-Yeong Jeong Computer Systems Laboratory Sungkyunkwan University

BEST PRACTICES FOR DOCKER

Installation Manual and Quickstart Guide

Acronis Backup Version 11.5 Update 6 INSTALLATION GUIDE. For Linux Server APPLIES TO THE FOLLOWING PRODUCTS

Welcome to CS 449: Introduc3on to System So6ware. Instructor: Wonsun Ahn

Singularity - Containers for Scientific Computing ZID Workshop. Innsbruck Nov 2018

Background. IBM sold expensive mainframes to large organiza<ons. Monitor sits between one or more OSes and HW

Acronis Backup & Recovery 11.5

MySQL operations with Docker A quick guide for the uninitiated

INTRODUCTION TO THE CLUSTER

Containerized Cloud Scheduling Environment

Installing the Quantum ESPRESSO distribution

Midterm Presentation Schedule

Getting Started With Containers

bitcurator-access-webtools Quick Start Guide Last updated: May 8th, 2018 Release(s): and later

Downloading and installing Db2 Developer Community Edition on Red Hat Enterprise Linux Roger E. Sanders Yujing Ke Published on October 24, 2018

How to sleep *ght and keep your applica*ons running on IPv6 transi*on. The importance of IPv6 Applica*on Tes*ng

The Why and How of HPC-Cloud Hybrids with OpenStack

Preparing Your Google Cloud VM for W4705

Networks and Opera/ng Systems Chapter 21: Virtual Machine Monitors ( )

Table of Contents 1.1. Introduction. Overview of vsphere Integrated Containers 1.2

Setting Up U P D AT E D 1 / 3 / 1 6

OS Virtualization. Linux Containers (LXC)

Quick Start Guide to Compute Canada Cloud Service

Vagrant and Ansible. Two so2ware tools to create and manage your custom VMs

Red Hat Container Development Kit 3.0 Installation Guide

History of Java. Java was originally developed by Sun Microsystems star:ng in This language was ini:ally called Oak Renamed Java in 1995

Spring 2017 :: CSE 506. Introduction to. Virtual Machines. Nima Honarmand

Python based Data Science on Cray Platforms Rob Vesse, Alex Heye, Mike Ringenburg - Cray Inc C O M P U T E S T O R E A N A L Y Z E

Allowing Users to Run Services at the OLCF with Kubernetes

CloudFleet Documentation

Introduction to Linux

Background. IBM sold expensive mainframes to large organiza<ons. Monitor sits between one or more OSes and HW

Kaseya Fundamentals Workshop DAY TWO. Developed by Kaseya University. Powered by IT Scholars

Unit 2: Manage Files Graphically with Nautilus Objective: Manage files graphically and access remote systems with Nautilus

The TinyHPC Cluster. Mukarram Ahmad. Abstract

Oracle Report Manager - What are the Leading Prac6ces for It's Configura6on and U6liza6on? Session ID#: 14984

u-root: / with the convenience of scripting and the performance of compilation

CSCI 8530 Advanced Operating Systems. Part 19 Virtualization

Lab #5 Guide: Installing Ubuntu as a Virtual Machine

Docker und IBM Digital Experience in Docker Container

/ Cloud Computing. Recitation 5 February 14th, 2017

Quick Prototyping+CI with LXC and Puppet

Transcription:

CONTAINERIZING JOBS ON THE ACCRE CLUSTER WITH SINGULARITY

VIRTUAL MACHINE (VM) Uses so&ware to emulate an en/re computer, including both hardware and so&ware. Host Computer Virtual Machine Host Resources: CPU, Disk Space, RAM, Network, etc Host s resources carved off for VM VMs can be created with tools like VirtualBox, Vagrant, and VMware.

ADVANTAGES OF VMS Tes/ng/development outside of produc/on context Overcome so&ware portability issues (e.g. OS- or processor architecture-related) Mul/ple computer systems can be run within a single bare metal computer Consolida/on and isola/on of applica/ons/services running on a single server VM recovery very simple through snapshokng Decreased hardware maintenance

CONTAINERS A container is similar to a VM but with the following important differences: Emulates just an opera/ng system, not the en/re system of underlying hardware Shares the underlying kernel of the host opera/ng system Requires fewer resources (e.g. generally requires less CPU cycles, disk space, and RAM than a VM) Generally faster boot and deployment /mes The most widely used containeriza=on tool in use today is Docker Allows Linux containers to be created that are isolated from the rest of the system Uses an image-based deployment model Allows access to the host s root filesystem By default, users can gain root access to a host s root filesystem from inside a Docker container

CONTAINERS IN SCIENTIFIC AND HIGH-PERFORMANCE COMPUTING Allowing root access in a shared environment is a non-starter Singularity is designed to overcome this problem Permissions inside a container are the same as those outside of the container Allows users to access their files that are stored outside the container Designed with performance in mind for HPC applica/ons Supports conversion of Docker images to Singularity images Installed on the ACCRE cluster!

TERMINOLOGY: IMAGE VS. CONTAINER Image A file that includes a virtual filesystem and so&ware installed onto that filesystem Typically build a single /me (on personal machine with root access) and use mul/ple /mes (on cluster) Immutable (i.e. does not change) Container A running instance of an image Possible to access files outside of container and to write new files to loca/ons outside of container Personal Linux Machine 1. Create & bootstrap image Image /home /scratch /data Image 2. Copy image to cluster Cluster 3. Launch container Container /home /scratch /data

TYPICAL SINGULARITY WORKFLOWS Singularity workflow 1: Build your own image Singularity workflow 2: Use exis/ng image Singularity workflow 3: Convert Docker image

TYPICAL SINGULARITY WORKFLOWS Singularity workflow 1: Build your own image Singularity workflow 2: Use exis/ng image Singularity workflow 3: Convert Docker image

SINGULARITY WORKFLOW 1: BUILD IT YOURSELF 1. Create image - Images are rela/vely large (on the order of 1GB or more depending on amount of so&ware needed). - Root access not required for this step. 2. Bootstrap image - Build image based on user-defined recipe in a.def file. Root access required! Personal Linux Box (w/ root access) 3. Run container from image - Use image (created in steps above) to launch container - This can be done anywhere Singularity is installed (e.g. ACCRE cluster) Shared Linux Environment (no root access) - The container can be run as many /mes as you d like

CREATING A SINGULARITY IMAGE singularity create ubuntu16.img Creates a blank image with a virtual filesystem Default image size is 768 MiB Requires root privileges to run (hence the sudo command) singularity create --size 2048 ubuntu16.img Creates image of size 2048 MiB (2 GiB or ~2.1 GB) Appropriate size depends on amount of so&ware to be installed Can also use the --force op/on to overwrite an image with a new blank one Singularity is currently only supported on Linux pla`orms. Installa/on is very straigh`orward but you need root access to a Linux box!

BOOTSTRAPPING AN IMAGE (1/3) DEFINITION FILE sudo singularity bootstrap ubuntu16.img Singularity Uses recipe in text defini/on file (called Singularity) to install OS and so&ware into image Requires root privileges to run (hence the sudo command) Crea/ng a defini/on file is the majority of the work when building a new image A defini/on file contains a header and mul/ple sec/ons Header Specifies informa/on about the Linux OS distribu/on you want installed Supports pulling from Docker Hub! For example: Bootstrap: docker From: ubuntu:latest... Header sec/on for Singularity file. Here, we are installing the latest version of Linux Ubuntu.

BOOTSTRAPPING AN IMAGE (2/3) - SECTIONS %runscript Commands that run each /me a container is launched using the singularity run subcommand O&en includes handling of command line arguments you want to pass to container %post Commands that run once inside container during bootstrap process So&ware installa/on commands go here %test Commands that test the proper func/on of the container Sec/on runs at the end of bootstrapping; disable w/ singularity bootstrap --notest Bootstrap: docker From: ubuntu:latest Example Singularity defini/on file. %runscript # Pass all args from singularity run to python3 interpreter exec python3 $@ %post # Enables access to ACCRE storage mkdir /scratch /data /gpfs21 /gpfs22 /gpfs23 /dors # Update apt-get s (Ubuntu package manager) package list apt-get -y update # Install Python3, Numpy, Nose, and GCC compiler apt-get -y install python3 python3-numpy python3-nose gcc vim %test # Run NumPy tests to verify it works python3 c import numpy as np; np.test()

BOOTSTRAPPING AN IMAGE (3/3) OTHER SECTIONS %files Used for copying files from outside of image to inside the container Runs once immediately a&er %post sec/on <source> <des/na/on> %setup Commands performed once outside container prior to %post sec/on Useful if %post sec/on needs files that live outside container %labels Define custom labels/aoributes for your container in this sec/on if desired %environment Define environment variables that should exist within running container <VARIABLE_NAME> <VALUE>

WORKING WITH LINUX PACKAGE MANAGERS Debian (e.g. Ubuntu) Linux distribu=ons : apt-get Red Hat (e.g. CentOS) Linux distribu=ons : yum apt-get install pkg1 pkg2 Install pkg1 and pkg2, as well as their dependencies Package names must be an exact match (case sensi/ve) Use y op/on to automate apt-cache search keyword Determine whether package is available to install Returns any package name containing the keyword apt-get update Downloads references to the latest versions of all packages and their dependencies Generally should be run prior to installing a new package apt-get upgrade Updates the versions of installed packages Need to run apt-get update first! apt-get dist-upgrade More intelligent version of apt-get upgrade Resolves complex dependency issues

RUNNING A CONTAINER (1/3) singularity run ubuntu16.img Runs recipe defined in %runscript sec/on of defini/on file O&en %runscript sec/on wrioen to accept command line arguments from the singularity run subcommand No root privilege required to run Excerpt from example Singularity defini/on file... %runscript python3 $@.. Running bmark.py through python3 interpreter in a Ubuntu 16 container. $ module load GCC Singularity $ singularity run ubuntu16.img bmark.py It s good prac/ce to define your most common workflows through a %runscript sec/on for reproducibility

RUNNING A CONTAINER (2/3) singularity exec ubuntu16.img foo.sh Runs an arbitrary command within the context of the container Unlike the run subcommand, you do not need to predefine a command within a sec/on of your defini/on file to use exec No root privilege required to run More than a single command can be bundled up in a bash script The run subcommand is generally preferred to exec $ module load GCC Singularity $ singularity exec ubuntu16.img python3 --version $ singularity exec ubuntu16.img which python3 $ singularity exec ubuntu16.img python3 bmark.py $ singularity exec ubuntu16.img bash commands.sh because the former provides beoer documenta/on & reproducibility.

RUNNING A CONTAINER (3/3) singularity shell ubuntu16.img Launch interac/ve shell session (REPL) within container Good for ini/al tes/ng and environment verifica/on No root privilege required to run, unless used with the --writable op/on, which allows you to write new data (e.g. install so&ware) that will persist to future instances of container image $ module load GCC Singularity $ singularity shell ubuntu16.img $ sudo singularity shell --writable ubuntu16.img Avoid using the --writable flag for tools intended for produc/on. The %post sec/on provides beoer documenta/on and reproducibility.

TYPICAL SINGULARITY WORKFLOWS Singularity workflow 1: Build your own image Singularity workflow 2: Use exis/ng image Singularity workflow 3: Convert Docker image

SINGULARITY WORKFLOW 2: USE EXISTING IMAGE 1. Import or pull image from the web - Image can be hosted on Docker Hub or Singularity Hub - No need to install Linux on your personal machine w/ root access! - Less flexible than bootstrapping, must use image as-is Shared Linux Environment (no root access) 2. Run container from image - Use image (created in steps above) to launch container - This can be done anywhere Singularity is installed (e.g. ACCRE cluster) - The container can be run as many /mes as you d like

DIRECT IMPORT/PULL OF EXISTING CONTAINERS You can import or pull images directly from Docker Hub or Singularity Hub Avoid reinven/ng the wheel singularity create ubuntu.img singularity import ubuntu.img docker://ubuntu:latest Creates a blank image with a virtual filesystem Copies image from Docker Hub into your local image singularity create ubuntu.img singularity import ubuntu.img shub://singularityhub:ubuntu Creates a blank image with a virtual filesystem Copies image from Singularity Hub into your local image singularity pull docker://ubuntu:latest Pulls image directly from Docker Hub with same name as remote image

TYPICAL SINGULARITY WORKFLOWS Singularity workflow 1: Build your own image Singularity workflow 2: Use exis/ng image Singularity workflow 3: Convert Docker image

SINGULARITY WORKFLOW 3: CONVERT DOCKER IMAGE 1. Convert Docker image to Singularity image Personal Machine with Docker installed - Singularity developers provide a Docker image specifically for conver/ng a Docker image to a Singularity image - Single Docker command (see next slide) 2. Run container from image - Use image (created in steps above) to launch container - This can be done anywhere Singularity is installed (e.g. ACCRE cluster) - The container can be run as many /mes as you d like Shared Linux Environment (no root access)

CONVERTING DOCKER IMAGES TO SINGULARITY IMAGES If you have Docker installed on your machine you can directly convert a Docker image to a Singularity image using the docker2singularity image docker run -v /var/run/docker.sock:/var/run/docker.sock \ -v path/to/my/singularity/images:/output --privileged -t --rm \ singularityware/docker2singularity ubuntu:16.04 Creates a Singularity image from ubuntu:16.04 image on Docker Hub Singularity image stored at path/to/my/singularity/images You can also import directly from a Docker image living on your local machine docker2singularity is a Docker image that lives on Docker Hub and is programmed to convert a Docker image to a Singularity image

TESTING A CONTAINER singularity test ubuntu16.img Runs recipe defined in %test sec/on of defini/on file Verifies that applica/on inside container is behaving as expected No root privilege required to run Excerpt from example Singularity defini/on file... %test python3 c import numpy as np; np.test()..

SNIFFING AN IMAGE singularity inspect ubuntu16.img Provides details about container Lists sec/ons of defini/on file Only supported in Singularity 2.3+ Examples: $ module load GCC Singularity $ singularity inspect --test ubuntu16.img $ singularity inspect --runscript ubuntu16.img $ singularity inspect --deffile ubuntu16.img $ singularity inspect --json ubuntu16.img

EXPORTING AN IMAGE singularity export ubuntu16.img > ubuntu16.tar Create compressed version of image Advantageous for large images especially that you wish to share and distribute with collaborators Be pa/ent Examples: $ module load GCC Singularity $ singularity export ubuntu16.img > ubuntu16.tar $ singularity export ubuntu16.img gzip -9 > ubuntu16.tar.gz

GOOD USE CASES FOR SINGULARITY I need a different/newer version of a library that is not installed on the cluster (e.g. a newer GLIBC, or a super old piece of so&ware needed for reproducibility reasons) I want to decouple my workflow from so&ware available on the cluster (Singularity becomes the only dependency!) to reduce the impact of OS/so&ware/library updates on the cluster I want to standardize my workflow across many different pla`orms I prefer a different flavor of Linux than CentOS / Red Hat Probably others?

ACCRE SOFTWARE MANAGEMENT BEST PRACTICES When to use sorware from LMOD (module load pkg1) Need results fast, rela/vely few dependencies, versions don t seem to maoer MPI, mul/threaded, and GPU apps more challenging to deploy from container Using commercial so&ware (e.g. Matlab, STATA, Intel compiler, etc.) When to install sorware locally (/home on cluster) So&ware (or specific version) not available through LMOD, need results fast, rela/vely few dependencies When to install tools into a Singularity image See reasons on previous slide Need stability and reliability

WRAPPING UP Singularity docs are excellent: hop://singularity.lbl.gov/user-guide Possible to wrap up MPI or GPU-based jobs in a Singularity container GPU-enabled Tensorflow image built here: hops://github.com/accre/singularity/tree/master/tensorflow-1.0-jupyter-gpu Containerizing your jobs on the cluster provides a number of benefits: Decouples your applica/on from so&ware installed on cluster (less prone to failure) Standard, mul/-pla`orm workflow No performance penalty A few images (and their defini/on files) available at /scratch/singularity Follow our Singularity GitHub repo: hops://github.com/accre/singularity

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback