You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
### Notice to all Singularity users, contributors, and collaborators
8
+
9
+
This is an important announcement from Greg Kurtzer, founder and lead developer of Singularity.
10
+
11
+
Singularity continues to gain popularity and traction very quickly. This growth has been extremely demanding on my time and is outpacing my ability to sustain the broad amount of use cases for the rapidly expanding community with me working on it only part time. In order to meet this rapidly expanding growth, I have created a new organization, SingularityWare, LLC, which is dedicated to further developing Singularity, supporting the associated open source community and growing the project. To facilitate this, I have partnered with a company, RStor, Inc.
12
+
13
+
RStor is not only interested in the success of Singularity, as an open source, scientific enabling platform, but they are bringing their own very compelling and much needed cloud based storage/RDM platform to market. A partnership like this (containerized computing coupled with a cloud based storage platform) offers a very exciting and synergistic value to research computing.
14
+
15
+
In addition to continuing my leadership of Singularity (and the new LLC), I will be maintaining my association with Lawrence Berkeley National Laboratory, as a scientific advisor as well as continuing other efforts I am associated with (e.g. Warewulf and OpenHPC).
16
+
17
+
This means that I now have the resources and ability to both offer support for Singularity and hire key developers, and I would like to invite interested people to send me your resume! I am looking to hire both part time and full time staff engineers as well as University collaborations to fund interns, graduates and postdocs for Singularity development and relevant involvement.
18
+
19
+
Aside from additional resources, dedication, attention, and growth, the overall direction of the project will remain the same.
20
+
21
+
If you have any questions, comments or want to be part of this exciting new endeavor, please feel free to contact me directly.
Copy file name to clipboardExpand all lines: pages/docs/user-docs/user-guide.md
+3-3Lines changed: 3 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -10,9 +10,9 @@ This document will cover the usage of Singularity, working with containers, and
10
10
## Welcome to Singularity!
11
11
Singularity is a container solution created by necessity for scientific and application driven workloads.
12
12
13
-
Over the past decade and a half, virtualization has gone from an engineering toy to a global infrastructure necessity and the evolution of enabling technologies has flourished. Most recently, we have seen the introduction of the latest spin on virtualization... "containers". People's general conception of containers carry the heredity of it's lineage and thus has influenced it's features and use cases. This is both a good and a bad thing...
13
+
Over the past decade and a half, virtualization has gone from an engineering toy to a global infrastructure necessity and the evolution of enabling technologies has flourished. Most recently, we have seen the introduction of the latest spin on virtualization... "containers". People's general conception of containers carry the heredity of its lineage and thus has influenced its features and use cases. This is both a good and a bad thing...
14
14
15
-
For the industry at the forefront of the virtualization front this is a good thing. The enterprise and web enabled cloud requirements are very much in alignment with the feature set of virtual machines, and thus the predeceasing container technologies, but this does not bode as well for the scientific world and specifically the high performance computation (HPC) use case. While there are many overlapping features of these two fields, they differ in ways that make a shared implementation generally incompatible. While some have been able to leverage custom built resources that can operate on a lower performance scale, a proper integration is difficult and perhaps impossible with today's technology.
15
+
For the industry at the forefront of the virtualization front this is a good thing. The enterprise and web enabled cloud requirements are very much in alignment with the feature set of virtual machines, and thus the preceding container technologies, but this does not bode as well for the scientific world and specifically the high performance computation (HPC) use case. While there are many overlapping features of these two fields, they differ in ways that make a shared implementation generally incompatible. While some have been able to leverage custom built resources that can operate on a lower performance scale, a proper integration is difficult and perhaps impossible with today's technology.
16
16
17
17
Scientists are a resourceful bunch and many of the features which exist both purposefully and incidentally via commonly used container technologies are not only desired, they are required for scientific use cases. This is the necessity which drove the creation of Singularity and articulated its four primary functions:
18
18
@@ -56,7 +56,7 @@ This is one of Singularities defining characteristics. It allows a user (that ma
56
56
57
57
To mitigate security concerns like this, Singularity limits one's ability to escalate permission inside a container. For example, if I do not have root access on the target system, I should not be able to escalate my privileges within the container to root either. This is semi-antagonistic to Singularity's 3rd tenant; allowing the users to have freedom of their own environments. Because if a user has the freedom to create and manipulate their own container environment, surely they know how to escalate their privileges to root within that container. Possible means could be setting the root user's password, or enabling themselves to have sudo access. For these reasons, Singularity prevents user context escalation within the container, and thus makes it possible to run user supplied containers on shared infrastructures.
58
58
59
-
But this mitigation dictates the Singularity workflow. If user's need to be root in order to make changes to their containers, then they need to have an endpoint (a local workstation, laptop, or server) where they have root access. Considering almost everybody at least has a laptop, this is not an unreasonable or unmanageable mitigation, but it must be defined and articulated.
59
+
But this mitigation dictates the Singularity workflow. If a user needs to be root in order to make changes to their containers, then they need to have an endpoint (a local workstation, laptop, or server) where they have root access. Considering almost everybody at least has a laptop, this is not an unreasonable or unmanageable mitigation, but it must be defined and articulated.
0 commit comments