Containers Overview
Apptainer (formerly Singularity) is a container platform specifically
designed for HPC clusters. Containers package software in a way that is portable
and reproducible. Apptainer images are a single file called a Singularity Image
File (.sif file).
Apptainer images are read-only. To make changes to the container filesystem, consider building a new image. See Storage for instructions on using writable filesystems from Palmetto. :
Apptainer executes the container as your user, so you are limited to the same user privileges as on Palmetto.
Downloading pre-existing containers
Apptainer can download pre-existing Docker containers from a registry. Use the
pull or build command to download and build a .sif file. Use the
docker:// prefix for the image name.
apptainer pull docker://rockylinux:8
apptainer build rocky.sif docker://rockylinux:8
Running container images
There are 3 ways to execute commands inside the container: run, exec, and
shell.
apptainer run
run executes the default command for the image.
apptainer run rocky.sif <args>
apptainer exec
exec runs a custom command inside the container.
apptainer exec rocky.sif <command> <args>
apptainer shell
apptainer shell is documented here for completeness. It's recommended to use
apptainer run to launch a shell in the image.
shell starts a bash shell inside of the container image. The prompt will
change from the standard Palmetto prompt to Apptainer>
[username@node0001 ~]$ apptainer shell rocky.sif
Apptainer>
Storage
The container has it's own filesystem, but a few directories are mounted from Palmetto automatically:
$HOME$PWD
This differs from Docker where no directories are mounted by default.
To make a directory visible inside the container, use the -B flag to bind a
directory. The -B flag requires an argument in the form
/path/on/Palmetto:/path/inside/container.
apptainer shell -B $TMPDIR:$TMPDIR -B /scratch/$USER:/scratch/$USER rocky.sif
Graphical Applications
X windows based applications should work fine even when containerized and can be run on the Palmetto Desktop without problems. If an application makes use of OpenGL, then you may need to build VirtualGL into the container in order for the application to run without crashing.