Sylabs Readies for Native OCI Compatibility with Release of SingularityCE 3.10

Reno, NV – May 18, 2022 – Sylabs, provider of tools and services for performance-intensive container technology, today announced that it has released SingularityCE 3.10. The newest update makes significant steps towards full OCI compatibility, giving Singularity the ability to natively run OCI-based container workflows. The release also adds functionality for resource limits using cgroups to give developers more control over the environments in which Singularity is being run.

“OCI-based container workflows are being increasingly adopted in HPC environments, and while Singularity has had a level of compatibility with OCI images, it often took extra steps that weren’t necessarily user-friendly,” said Adam Hughes, Chief Technology Officer at Sylabs. “Singularity users are telling us that what they really want is to simply be able to run any OCI image with Singularity without any issue. Our goal is to make Singularity the runtime you use to containerize HPC workloads, regardless of whether that’s in an OCI format to start with, or whether you’re using Singularity all across the chain. We want our users to feel like Singularity is able to cover the range of their needs for HPC and OCI-based workflows. Singularity users shouldn’t have to jump through hoops for compatibility across their workflows.”
Features of the 3.10 release include:
  • Support for unprivileged cgroups v2 resource limits and systemd cgroups management. Allows non-root users on modern Linux distributions to apply resource limits to containers with SingularityCE directly, rather than needing to rely on a job scheduler/resource manager to do so.
  • New command-line flags to set resource limits. Users can now easily apply CPU, memory, IO, and other limits on their containers from the command line, with flags compatible with the Docker CLI. No cgroups configuration files are required.
  • A new `–no-eval` flag makes SingularityCE treat environment variables and command line arguments the same way as Docker and other OCI runtimes, improving compatibility. This feature has been added to the `–compat` mode which provides a simple way to enable various Docker/OCI compatibility options with a single flag.
  • Experimental unprivileged SIF mounts with squashfuse. Run native SIF container images within an unprivileged user namespace, and without having to extract them to disk.
  • The `singularity oci` commands now use `runc` to execute containers in the OCI lifecycle. This is the first step in progressively introducing greater OCI compatibility to SingularityCE under our roadmap to 4.0.
  • Support for remote builds that contain a ‘%files’ section in the definition.

“These new features are big steps toward better compatibility with the OCI world, which will give Singularity greater utility across the entire spectrum of workloads,” said Dave Trudgian, Software Engineer at Sylabs and the lead developer within the Singularity ecosystem. “The release also introduces the ability for all users to apply RAM, CPU, and other resource limits directly to individual containers. This is very useful when developing and testing scientific software on your laptop or desktop. Benchmarking tasks becomes easier, and you can avoid your workstation grinding to a halt. It also allows balancing the needs of multiple containers within a single HPC job, optimizing for overall productivity.”

The SingularityCE 3.10 Release is available immediately, with download and documentation information available at https://sylabs.io/singularity/.