- OCI Runtime Mode – with the new experimental ‘–oci’ mode, users can run containers from a native OCI on-disk layout, through a true OCI low-level runtime.
- PEM Key / X.509 Signing & Verification – PEM keys and X.509 certificates can now be used to sign and verify the images, providing a secure way to ensure that only authorized images are used. The addition of OCSP support also allows organizations to perform online checks to make sure that the images have not been revoked.
- Instance Resource Limits & Monitoring – SingularityCE 3.11 now has the ability to monitor and control the resources used by instances. A new `instance stats` command will show resource limits on systems that support starting the container in a cgroup. Limits can be applied with the `–cpu`, `–mem`, and other flags.
- Rootless Builds Without User Namespaces / ID Mapping – SingularityCE now allows users to build containers without being a root user or using a special user mapping system. This new “proot” flow makes unprivileged builds possible for many different definition files, and does not require special configurations to be in place on the host system.
Contributions to SingularityCE 3.11Shortly after the release of SingularityCE 3.10, we looked at the contributions that led to that new version, using vsoch’s excellent citelang analysis tool. Let’s use the same approach, running citelang against all the first-party code (including SIF, service clients, etc.) and documentation repositories that make up SingularityCE, and totaling the lines added or modified by each contributor:
SingularityCE 3.11 vs Apptainer 1.1For the SingularityCE 3.11 release we’ve again imported significantly less code from Apptainer than Apptainer imports from SingularityCE. This is to be expected, as we are taking a different path toward increased OCI compatibility and the expansion of unprivileged workflows. In addition, Sylabs drives almost all of the development of SIF (the Singularity Image Format), and the service client dependencies that are forked by Apptainer.
Join Our Mailing List
Delivering Enhanced OCI Compatibility, Customizable Workflows, and Strengthened SecuritySylabs, a global leader in providing tools and services for performance-intensive container technology, today announces the release of SingularityCE 4.1.0, the newest iteration of...
Sylabs Unveils 2024 Predictions for Advanced Container Technologies: Embracing Performance, AI, and Security
Sylabs has released its predictions for the industry’s landscape in 2024. The company forecasts significant advancements in key areas such as performance portability, artificial intelligence (AI) and AIOps workload management, adherence to FAIR principles,...
SingularityCE 4.0: Bridging HPC Performance with Enterprise Flexibility via OCI Interoperable Containers
Discover how SingularityCE 4.0 by Sylabs bridges the gap between high-performance computing and enterprise needs. Experience seamless OCI interoperability and enhanced GPU support.