Singularity is Now Apptainer: Containers for HPC With Full Software Supply Chain Security
The Apptainer Story:
The Keyword Here is Cross-Pollination
With private-sector companies taking on more and more compute- and data-intensive activities like artificial intelligence, machine learning (AI/ML), and big data analytics, a long overdue cross-pollination is happening between so-called “High Performance Computing” or HPC (think: government labs doing fundamental scientific research) and the enterprise.
“Traditionally, there hasn’t been much sharing of capabilities between enterprise, cloud, and hyperscale with HPC. HPC has been an isolated island and it’s time for that to change. Every sector of the ecosystem has value to bring to the table.”
— Gregory Kurtzer, CEO, CIQ and Creator of Singularity (now Apptainer)
Take Apptainer: the 100% open source, secure, performant application container system which began life as “Singularity.” It was created at Lawrence Berkeley National Laboratory (by our CEO, Gregory Kurtzer) as a direct, HPC-tailored response to Docker. And, in relatively short order, it became the dominant HPC container system.
Because of HPC’s flat architecture—we’ll spare you the whole story of Beowulf—there had to be a new container system that, unlike Docker, would not give everyone root access. (Yeah. Think about that.) So Apptainer is a container system that is designed to be used by non-privileged users an a shared system.
In essence, a deep concern for security is in the DNA of Apptainer. Security is, to be clear, not the only story here. But it’s an important one.
Apptainer: Verifiable “Buckets” with Just Enough Bits
Apptainer is designed to securely execute applications with bare-metal performance while being portable and 100% reproducible. An Apptainer container packages up whatever you need into a single, verifiable file. From small laboratory clusters all the way to massively-scalable HPC clusters, Apptainer provides:
Market-leading containers for HPC:
Apptainer runs on the majority of HPC systems worldwide and facilitates new and innovative HPC use cases.
Apptainer enables trust in your software supply chain via cryptographic key validation and encryption.
Portable jobs and environments:
Apptainer allows you to bring your environments anywhere, creating extreme portability from system to system.
Optimization for applications:
While many container systems are built, designed, and optimized for microservices, Apptainer is for applications and computational use cases.
What Can You Do with Apptainer?
Apptainer enables you to easily create and run containers that package up pieces of software in a way that’s portable and reproducible. You can use it to build a container on your laptop, then run it on one of the largest HPC clusters in the world, on a single server, on company clusters… the possibilities are endless.
Bottom line: because the container is just a single file, it can run on any kind of computing infrastructure or platform.
Thanks to Apptainer now being maintained by the Linux Foundation, the user base continues to expand and organizations across all industries and academia are using it. Apptainer’s optimizations in performance and parallelization make it ideal for use cases such as artificial intelligence, machine learning, and compute- and data-driven analytics. In short, the cross-pollination mentioned earlier is happening at a rapid and accelerating pace.
Security Is Worth a Bit More Emphasis
Okay, this will get semi-geeky. Intuitively, you already know that stuff that is smaller and simpler gives hackers less “surface area” to exploit. Big things with lots of moving parts? Easier for the dark side to find something to unscrew or screw with.
So, version 1.1.0 of Apptainer delivers a smaller attack surface area with the implementation of a fully rootless container runtime. Which means? Apptainer no longer installs a setuid-root portion by default. Common operations can now be executed with only unprivileged user namespaces.
View CIQ Webinars
Learn how CIQ-sponsored technologies power cutting-edge research in life sciences, electronic design automation (EDA), AI, machine learning, and modeling. If enterprise infrastructure is your interest, our experts join industry and community leaders to take deep dives into operating system provisioning, automation, containerization, and scaling.
Read the CIQ Blog
We don’t hide our excitement for open source technologies and how they’re changing the world we live in. Read about new product releases, expert tips on how to use Rocky Linux, Apptainer, Warewulf, and more. But be warned: this is not an opinion-free zone. CIQ employees freely express their viewpoints in ways that can be challenging, interesting, and always illuminating.
With bare metal performance and end-to-end security, Apptainer is the leading open source container system for HPC and many other use cases. It’s also portable and 100% reproducible.
Find out why businesses, research organization and academic organizations around the world use Apptainer. The next step is just a click away.
Get Apptainer Service & Support from The Source.
Let us know a bit about yourself. We’ll contact you soon.