原本Docker镜像挺好用的,但是最近做项目需要用到超算的集群,Docker无法在上面用,需要将Docker镜像转为singularity镜像,所以下面我就来谈谈如何安装singularity工具,并将docker镜像转为singularity镜像,最后运行singularity容器。
目录
- 一、安装singularity
- 1、安装依赖
- 2、安装GO
- 3、下载singularity
- 4、编译
- 二、创建singularity镜像文件
- 1、外部源下载镜像
- 2、本地源下载镜像
- 三、使用singularity
- 1、启动容器
- 2、查看已启动的容器
- 3、进入和退出交互式界面
- 4、删除容器
- 5、执行完退出
- 参考
一、安装singularity
1、安装依赖
sudo apt-get update
sudo apt-get install -y \
build-essential \
uuid-dev \
libgpgme-dev \
squashfs-tools \
libseccomp-dev \
wget \
pkg-config \
git \
cryptsetup-bin
2、安装GO
singularity使用Go编写,需要安装Go
在 https://golang.org/dl/ 下载合适版本的Go至 /usr/local。singularity3.0以上的版本需要下载Go 1.13以上的版本。比如我下载了go1.16.13.linux-amd64.tar.gz。下载完成后:
cd /usr/local
sudo tar -C /usr/local -xzf go1.16.13.linux-amd64.tar.gz
echo 'export GOPATH=${HOME}/go' >> ~/.bashrc
echo 'export PATH=/usr/local/go/bin:${PATH}:${GOPATH}/bin' >> ~/.bashrc
source ~/.bashrc
3、下载singularity
在https://github.com/sylabs/singularity/releases/查看需要的singularity的版本,然后把下载地址复制下来,选择一个空间大的盘,存下来:
wget https://github.com/sylabs/singularity/releases/download/v3.8.3/singularity-ce-3.8.3.tar.gz
tar -xzf singularity-ce-3.8.3.tar.gz
4、编译
cd singularity-ce-3.8.3
./mconfig --prefix=/opt/singularity # 安装到某个目录下,建议选一个空间足够大的
make -C ./builddir
sudo make -C ./builddir install
编译到这一步可能会报错,类似于:
GEN GO DEP /singularity/builddir/starter.d
go: github.com/AdamKorcz/go-fuzz-headers@v0.0.0-20210319161527-f761c2329661: Get "https://proxy.golang.org/github.com/%21adam%21korcz/go-fuzz-headers/@v/v0.0.0-20210319161527-f761c2329661.mod": dial tcp 216.58.200.241:443: i/o timeout
这里是proxy.golang.org
被墙了,需要把mlocal/frags/go_common_opts.mk
文件里的GOPROXY :=
这条设置进行修改,改成GOPROXY := https://goproxy.io,direct
。如果还不行再把shell环境变量也改下export GOPROXY=https://goproxy.io,direct
。
最后,如果输入singularity --help
,可以得到如下信息,说明singularity安装成功了。
Linux container platform optimized for High Performance Computing (HPC) and
Enterprise Performance Computing (EPC)
Usage:
singularity [global options...]
Description:
Singularity containers provide an application virtualization layer enabling
mobility of compute via both application and environment portability. With
Singularity one is capable of building a root file system that runs on any
other Linux system where Singularity is installed.
Options:
-c, --config string specify a configuration file (for root or
unprivileged installation only) (default
"/usr/local/etc/singularity/singularity.conf")
-d, --debug print debugging information (highest verbosity)
-h, --help help for singularity
--nocolor print without color output (default False)
-q, --quiet suppress normal output
-s, --silent only print errors
-v, --verbose print additional information
--version version for singularity
Available Commands:
build Build a Singularity image
cache Manage the local cache
capability Manage Linux capabilities for users and groups
completion generate the autocompletion script for the specified shell
config Manage various singularity configuration (root user only)
delete Deletes requested image from the library
exec Run a command within a container
help Help about any command
inspect Show metadata for an image
instance Manage containers running as services
key Manage OpenPGP keys
oci Manage OCI containers
overlay Manage an EXT3 writable overlay image
plugin Manage Singularity plugins
pull Pull an image from a URI
push Upload image to the provided URI
remote Manage singularity remote endpoints, keyservers and OCI/Docker registry credentials
run Run the user-defined default command within a container
run-help Show the user-defined help for an image
search Search a Container Library for images
shell Run a shell within a container
sif Manipulate Singularity Image Format (SIF) images
sign Attach digital signature(s) to an image
test Run the user-defined tests within a container
verify Verify cryptographic signatures attached to an image
version Show the version for Singularity
Examples:
$ singularity help <command> [<subcommand>]
$ singularity help build
$ singularity help instance start
For additional help or support, please visit https://www.sylabs.io/docs/
二、创建singularity镜像文件
1、外部源下载镜像
下载的指令有两条:一个是singularity build,另一个是singularity pull。
# 从Docker Hub下载:
singularity build ./jason-tensorflow.sif docker://tensorflow/tensorflow:latest-gpu
# 从Singularity Hub下载容器:
singularity pull hello.sif shub://vsoch/hello-world
# 从Container Library下载容器:
singularity build lolcow.sif library://sylabs-jms/testing/lolcow
2、本地源下载镜像
上面是从外部源下载镜像,但是很多时候我们希望的是自己本地的docker镜像能够转为singularity镜像,那么该如何做呢?
- 利用官方提供的工具docker-registry,构建私有的镜像仓库,registry也是一个镜像,先把它下载下来。
docker pull registry
- 利用registry构建私有仓库
docker run -d -p 5000:5000 -v /opt/data/registry:/var/lib/registry registry
默认情况下,仓库会被创建在容器的 /var/lib/registry 目录下。可以通过 -v 参数来将镜像文件存放在本地的映射路径。例如上面的例子,将上传的镜像放到本地的 /opt/data/registry 目录。
- 仓库创建完之后,后续上传的镜像会被放在本地映射的目录下,如上,是映射到 /opt/data/registry 上。然后,标记你要转化的镜像再上传。
# 查看本地有哪些镜像
docker images
# 标记成带有地址(127.0.0.1:5000)的镜像
docker tag ubuntu:latest 127.0.0.1:5000/ubuntu:latest
# 上传镜像到本地仓库
docker push 127.0.0.1:5000/ubuntu:latest
- 上传完之后,利用curl查看仓库中的镜像
curl 127.0.0.1:5000/v2/_catalog
{"repositories":["ubuntu"]}
如果看到 {“repositories”:[“ubuntu”]} ,表明镜像已经成功被上传到本地仓库了。
- 如果你希望内网里的其他主机也能push或pull当前主机仓库中的镜像,那就需要将127.0.0.1:5000替换为本主机的地址,例如192.168.199.100:5000,但是这样直接修改会报错,因为docker默认不允许非https的方式推送镜像。我们可以通过修改docker的配置选项来取消这个限制。
vim /etc/docker/daemon.json
在其中加入"insecure-registries": [“192.168.199.100:5000”],如下所示。
{
"registry-mirrors": [
"https://cwoel6s9.mirror.aliyuncs.com"
],
"graph":"/data1/docker",
"storage-driver": "overlay",
"runtimes": {
"nvidia": {
"path": "nvidia-container-runtime",
"runtimeArgs": []
}
},
"insecure-registries": [
"192.168.199.100:5000"
]
}
- 重启docker服务
systemctl restart docker
三、使用singularity
1、启动容器
export SINGULARITY_TMPDIR=/home/user/tmp
export TMPDIR=/home/user/tmp
singularity instance start --nv -B /home:/home /home/user/singularity-images/image_name.sif container_name
singularity instance start
类似于docker run
,其他选项解析:
- 两行export更改临时文件夹位置,防止/tmp存储溢出,因为在启动容器的过程中,会生成比较大的临时文件,而主机上默认的/tmp的空间较小,容易导致存储溢出问题,从而无法启动容器;
- –nv 表示启动gpu支持;
- -B 表示挂载,多个挂载用逗号隔开;
- container_name是容器名。
2、查看已启动的容器
singularity instance list
3、进入和退出交互式界面
singularity shell instance://container_name
exit # 在容器中退出
4、删除容器
singularity instance stop container_name
5、执行完退出
singularity exec ubuntu.simg bash -c "pwd && id"
# output:
/home/admin
uid=1000(admin) gid=1000(admin) groups=1000(admin),10(wheel)
参考
[1] Ubuntu singularity安装 [2] Singularity日常使用 [3] 私有仓库 [4] 将本地docker镜像转为singularity镜像
[5] singularity基本用法