Singularity: Simple, secure containers for compute-driven workloads

Container technology makes it easy to create highly portable and reproducible research environments. The Singularity container platform has a unique security model allowing untrusted users to run untrusted containers safely on multi-tenant systems. Singularity has a special file format (called the Singularity Image Format or SIF) for packaging and distributing containers. This format allows for novel features like cryptographic signing and verification of containers, extreme portability, and guaranteed reproducibility. The Singularity runtime supports both integration as well as isolation, making it easy to read and write data to the host system, leverage hardware like GPUs and high-speed interconnects, and integrate with batch schedulers like Slurm, PBS, LSF, UGE, etc. This emphasis on integration is part of the overall development philosophy: Singularity is intended to be a simple, secure, feature-rich container solution. Sylabs Inc. has developed SingularityPRO, a professionally curated and supported version of the open source offering as well as the Singularity Container Services, an end-to-end cloud hosted solution for creating and distributing trusted containers. Most top HPC centers use Singularity in production, and enterprise users are rapidly adopting this solution as well.