Portable containers with Singularity
Topics: Open cloud, Open networking, Edge AI
As we build more advanced technologies, complexity of the software that forms their backbone increases exponentially.
Some of this complexity can be balanced out with the reusability and portability offered by open source - it’s one of the reasons why Antmicro is so heavily engaged in building new, open-source based paradigms.
Separation of concerns and modularization, which can be introduced using containers, is another known way to encapsulate and manage software complexity, and by now container frameworks such as Docker have entered mainstream usage.
There are however many niche use cases, some of which is embedded systems development and those systems themselves, where containers are not as omni-present. New container frameworks are created to provide interesting alternative in these spaces, and one of the lesser known technologies which solves some of the cases we’ve come across is Singularity by Sylabs.
Singularity, while being relatively fresh, is already in heavy use in high-performance computing. Built specifically with reproducibility and portability in mind, it bases its design philosophy on files, which turns out to have some interesting implications - after all, files are an old, battle-proven and intuitive abstraction.
In Singularity, everything is a file you can manipulate and easily interact with - both the immutable Singularity image (in the Singularity Image File - SIF - format), as well as the persistent filesystem overlay (which can be a file or a directory).
Why it matters
The Continuous Integration paradigm is used extensively at Antmicro. We build, test and deploy our software solutions using isolated reproducible containerized environments. Sometimes, however, we come across a failed build and we need to pop the hood and look inside. Singularity makes this a breeze - just download the image file from the CI system to your machine, shell into it and get your hands dirty. Need to show the results to another developer? Send them your Singularity image file, it’s that quick and painless (of course, assuming you have a fast network connection, which you hopefully do if you’re working with software).
How we use it - portable containers
Singularity has a wide application in our operations. One of the more recent ones is the “container” feature found in Renode Cloud Environment (a sneak peek of which was included in the post describing how we test TSN in Zephyr). It enables quick testing of the pipelines on your local machine.
Each pipeline provides a container image with all the dependencies and tools bundled inside. The image can be run and disposed of after the work has been done.
Such is the circle of life: code, test, fix, deploy, locally or in the cloud. We have custom runners for our CI systems to facilitate builds on various architectures using Singularity as the isolated environment.
Singularity in CI and GPUs
Another use case for Singularity at Antmicro is related to our internal CI infrastructure. Some of our ARM runners are based on the NVIDIA Jetson AGX Xavier platform (which, in another context, we often use for our customer projects). Singularity natively supports general-purpose computing on GPUs, so we can run GPU-accelerated applications in our containers without using any special tricks and workarounds.
We went a step further and, on top of these functionalities, built another solution: using a Singularity container as the userspace layer of the operating system. This is comprised of an operating system that is “just enough” (e.g Buildroot), with the necessary hardware drivers and Singularity support. The rest of the development is focused on the container, which is entirely portable between machines using this system.
Remember that Singularity supports NVIDIA GPUs natively? You can throw only the necessary drivers and Singularity to the barebones OS layer and add OpenCV or CUDA (in versions needed by your AI app) to the container.
This gives you a solid layer with a stable kernel and hardware interface, which you will probably never have to worry about again, and a dynamic SIF image where you can add your GPU-accelerated applications.
How you can try it out
Without further ado, let’s try the basic functionality of Singularity.
We need to have a writable overlay filesystem, as we are going to want to make modifications to the image. This can be done by generating an empty file and setting up an ext3 file system.
$ dd if=/dev/zero of=overlay.img bs=1M count=200 && \ mkfs.ext3 overlay.img
A library with basic Singularity images (much like in the case of Docker with Docker Hub) is hosted online by the project’s maintainers, in the so-called Singularity Library. In this example we are going to use a basic image with Alpine Linux.
$ singularity pull library://library/default/alpine
If the download succeeded, we can shell into the container.
$ sudo singularity shell --overlay overlay.img \ alpine_latest.sif
The prompt will change. This indicates the switch from the local environment to the container environment.
Now we can, for example, install the GCC compiler. Note that it gets installed to the overlay image, the SIF file remains untouched.
Singularity> apk update && apk add build-base ... Singularity> gcc --version gcc (Alpine 8.3.0) 8.3.0 Copyright (C) 2018 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Containerized edge AI applications with Antmicro
Antmicro specializes in portable and open edge and cloud AI systems, and containerization is one of the key concepts we are building on to produce future-oriented solutions. Embedded devices and workflows require new approaches to manage complexity, and Singularity is a tool that can be used to help address some common problems we have been encountering in our work. In the 10 years of our existence, we have added AI capabilities to many use cases, spanning across medical, automotive, industrial, space, and more, and are constantly working to improve the tooling and ecosystem around embedded systems development using open source.
If you think our capability in terms of high-tech product development and lifecycle management are a good match for your project, reach out to us at firstname.lastname@example.org - we’ll be happy to architect and build your next-gen product with a software-driven mindset.