October 8th, 2018 — SyLabs today introduced Singularity version 3.0 of its container software platform targeting HPC and advanced enterprise workloads. The latest release provides access to an expanded suite of resources, including Remote Builder, Container Library, and Key Management services. Singularity 3.0 also features several platform enhancements, including Singularity Image Format (SIF), cryptographically signed and verifiable container images, base code rewrite into Go/C, enhanced instance support, and networking management for containers
Singularity, first developed in the HPC world, has been mounting a push into the enterprise. In today’s announcement, SyLabs emphasized Singularity 3.0’s robustness for AI and data analytics workloads.
“These applications carry data-intensive workloads that demand HPC-like resources but satisfy the enterprise’s need to create predictable container environments for a substantially growing number of AI-driven use-cases,” said Greg Kurtzer, SyLabs CEO. “We expect to see a substantial uptake in the already existing 25,000 users spread around the world at major universities and government institutions as a result of Singularity 3.0.”
New services highlighted include:
- Remote Builder Services– Enables users to safely build containers in secure, isolated environments without the need for root access to that system. With no elevated administrative privileges required, system administrators receive a turnkey solution that streamlines container creation for all Singularity users. This service is available on- premises or in the cloud.
- Container Library Services– Delivers a repository to host Singularity containers. Users can manage, store, and share containers in public and private directories, or share private containers with other users via a generated link. Available as a cloud service, or for on-premises deployment, the Container Library optimizes the management and storage of containers within your organization.
- Key Management Services– Ensures container signing and validation services to Singularity and the Container Library. These key-signing and verification services eliminate the risk of unknowingly downloading and running compromised containers, greatly enhancing an organization’s ability to restrict the types of containers that are allowed to run on a cluster.”
Also new with 3.0, the Singularity Image Format (SIF) is now the default packaging mechanism for each container runtime. “SIF brings cryptographic signing and validation to Singularity and underpins the functionality behind an expanded ecosystem of resources. Every Singularity container can now have cryptographically signed and evolvable overlays to enable a controls-compliant workflow throughout the container runtime process,” according SyLabs.
SyLabs reports enhancements to Singularity’s base code, much of it rewritten in Go. “As most container tools are written in this programming language, Singularity will be able to leverage a variety of new features that would have taken much longer to implement with the more traditional C, Python, and BASH architectures. This change ensures that Singularity moves to a modern, compiled architecture, while also eliminating run-time dependencies and ensures a consistent experience across all platforms,” according to the company.
Of note, Lenovo supports Singularity as part of its Lenovo Intelligent Computing Orchestration (LiCO) and the company posted a blog today describing their joint work, “Lenovo and Singularity teams have collaborated for over two years around a common vision of lightweight containers that are flexible, (different OS and/or library environment) but can deliver performance that is equal or close to native OS performance. The Singularity container is tailor-made for HPC application delivery while delivering the highest performance where needed, like deep learning training AI workloads. It works well with job schedulers, can use all the networking setup available and can import existing containers like Docker. Working in conjunction with Barcelona Supercomputing Center (BSC), Lenovo demonstrated that MPI applications running in Singularity containers outperformed Docker or KVM environments.”
Link to Sylabs release:
Link to Lenovo blog: