Reproducible computational environments using containers: Introduction to Apptainer/Singularity: Glossary

Apptainer is a container platform designed by and for scientists.

Apptainer has a different security model to other container platforms, one of the key reasons that it is well suited to HPC and cluster environments. User inside the container = user outside.

Apptainer/Singularity has its own container image format (SIF).

Use apptainer --version or singularity --version to know what you are using and to communicate it if asking for support

A container can be started from a local .sif or directly with the URL of the image.

Apptainer is also compatible with Docker images, providing access to the large collection of images hosted by Docker Hub.

Get a shell inside of your container with apptainer shell <path/URL to image>

Execute a command inside of your container with apptainer exec <path/URL> <command>

Bind outside directories with --bind

Apptainer caches downloaded images so that an unchanged image isn’t downloaded again when it is requested using the apptainer pull command.

You can free up space in the cache by removing all locally cached images or by specifying individual images to remove.

The command build is the basic tool for the creation of containers.

A sandbox is a writable directory where containers can be built interactively.

Superuser permissions are required to build containers if you need to install packages or manipulate the operating system.

Use interactive builds only for development and tests, use definition files for production or publicly distributed containers.

An Apptainer definition file provides an easy way to build and deploy containers.

Bind mounts allow reading and writing files within the container.

In Apptainer, you have same owner and permissions for files inside and outside the container.

Some paths are mounted by default by Apptainer.

Additional directories to bind can be defined using the --bind option or the environment variable $SINGULARITY_BIND.

Apptainer images containing MPI applications can be built on one platform and then run on another (e.g. an HPC cluster) if the two platforms have compatible MPI implementations.

When running an MPI application within a Apptainer container, use the MPI executable on the host system to launch an Apptainer container for each process.

Think about parallel application performance requirements and how where you build/run your image may affect that.

Instances allow to setup services via Apptainer images or definition files.

Code provided in Jupyter notebooks can be accompanied by a Apptainer image with the environment needed for its execution, ensuring the reproducibility of the results.