--
You received this message because you are subscribed to the Google Groups "singularity" group.
To unsubscribe from this group and stop receiving emails from it, send an email to singularity+unsubscribe@lbl.gov.
To unsubscribe from this group and stop receiving emails from it, send an email to singularity...@lbl.gov.
--
You received this message because you are subscribed to the Google Groups "singularity" group.
To unsubscribe from this group and stop receiving emails from it, send an email to singularity+unsubscribe@lbl.gov.
To unsubscribe from this group and stop receiving emails from it, send an email to singularity+unsubscribe@lbl.gov.
To unsubscribe from this group and stop receiving emails from it, send an email to singularity...@lbl.gov.
--
You received this message because you are subscribed to a topic in the Google Groups "singularity" group.
To unsubscribe from this topic, visit https://groups.google.com/a/lbl.gov/d/topic/singularity/syLcsIWWzdo/unsubscribe.
To unsubscribe from this group and all its topics, send an email to singularity+unsubscribe@lbl.gov.
--
You received this message because you are subscribed to a topic in the Google Groups "singularity" group.
To unsubscribe from this topic, visit https://groups.google.com/a/lbl.gov/d/topic/singularity/syLcsIWWzdo/unsubscribe.
To unsubscribe from this group and all its topics, send an email to singularity+unsubscribe@lbl.gov.
BrianThank you for the response. The purpose of a significant part of our software package is to decide what jobs are necessary and submit them. I imagine this is not such an unusual potential use case.Cheers,
On Sun, Jul 16, 2017 at 6:46 PM, Paolo Di Tommaso <paolo.d...@gmail.com> wrote:
A better approach is to separate the application logic from the scheduling logic, by doing that you will be able to isole your job executions with singularity and submit them to SLURM or any other cluster.Hope it helps.pOn Sun, Jul 16, 2017 at 8:44 PM, Brian Puchala <bpuc...@umich.edu> wrote:Hi,--
I'm trying to familiarize myself with how Singularity might work for our application. We have components that submit additional jobs through the host job manager (TORQUE or SLURM). Is it possible to run these within their own container? Is there an example that shows how?
Thanks!
You received this message because you are subscribed to the Google Groups "singularity" group.
To unsubscribe from this group and stop receiving emails from it, send an email to singularity...@lbl.gov.
--
You received this message because you are subscribed to a topic in the Google Groups "singularity" group.
To unsubscribe from this topic, visit https://groups.google.com/a/lbl.gov/d/topic/singularity/syLcsIWWzdo/unsubscribe.
To unsubscribe from this group and all its topics, send an email to singularity...@lbl.gov.
singularity pull docker://centos:7
# create a place for the host programs I need and copy them over
# because our home directories are always bound no additional
# bind commands are needed when starting the container
mkdir -p ~/.local/host/bin
cp /usr/local/bin/qstat ~/.local/host/bin
# etc.
# ends up with:
$ tree /home/bpuchala/.local/host/bin
/home/bpuchala/.local/host/bin
├── qalter
├── qdel
├── qhold
├── qrls
├── qselect
├── qstat
└── qsub
# create a place for the host libs I need:
mkdir -p ~/.local/host/lib
# use ldd on the programs inside and outside the container to
# find which libraries need to be copied.
# inside container
singularity shell centos-7.img
> ldd /home/bpuchala/.local/host/bin/qstat
> ldd /home/bpuchala/.local/host/bin/qstat
linux-vdso.so.1 => (0x00007ffc5cf42000)
libtorque.so.2 => not found
libtcl8.5.so => not found
...
$ ldd /usr/local/bin/qstat
linux-vdso.so.1 => (0x00007fff90391000)
libtorque.so.2 => /usr/local/lib/libtorque.so.2 (0x00002b2567edb000)
libtcl8.5.so => /lib64/libtcl8.5.so (0x00002b2568808000)
...
# Ends up with:
$ tree /home/bpuchala/.local/host/lib
/home/bpuchala/.local/host/lib
├── libhwloc.so.5
├── libltdl.so.7
├── libnuma.so.1
├── libtcl8.5.so
└── libtorque.so.2
# test job submission and management from inside container:
singularity shell centos-7.img
# set PATH inside the container to find host programs we copied
export PATH=$HOME/.local/host/bin:$PATH
# set LD_LIBRARY_PATH inside the container find host libs we copied
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$HOME/.local/host/lib
# test
qstatqsub ~/submit_scripts/hello_world.sh
--
You received this message because you are subscribed to the Google Groups "singularity" group.
To unsubscribe from this group and stop receiving emails from it, send an email to singularity+unsubscribe@lbl.gov.
>> email to singularity+unsubscribe@lbl.gov.
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "singularity" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to singularity+unsubscribe@lbl.gov.
--
You received this message because you are subscribed to the Google Groups "singularity" group.
To unsubscribe from this group and stop receiving emails from it, send an email to singularity+unsubscribe@lbl.gov.
>> email to singularity+unsubscribe@lbl.gov.
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "singularity" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to singularity+unsubscribe@lbl.gov.
--
You received this message because you are subscribed to the Google Groups "singularity" group.
To unsubscribe from this group and stop receiving emails from it, send an email to singularity+unsubscribe@lbl.gov.
--
You received this message because you are subscribed to the Google Groups "singularity" group.
To unsubscribe from this group and stop receiving emails from it, send an email to singularity...@lbl.gov.
To view this discussion on the web visit https://groups.google.com/a/lbl.gov/d/msgid/singularity/f1439ab0-7af2-4f0a-a6dd-6a606f52e977%40lbl.gov.
If you do something like this, you probably want to set up a restricted set of keys to use for this purpose. This is easy to do by prepending the command that is allowed for that specific key to the line for it in the authorized_keys file with “command=…” option, forcing the key to be limited to executing the given command. You can also use “from=…” to ensure this is coming from your host and not just anywhere. The full list of things you can force to be in effect when that key is used to connect via ssh is available in the man pages for sshd (man 8 ssh and search for the proper section by typing /AUTHORIZED_KEYS (return)).Note you can make the forced command to be a wrapper script that sets up the logic of what you are trying to do, including locations fo input and output files, etc. Just be sure not to invoke a command that contains any ability to escape to a shell, which would eliminate he advantage of using the forced command.There’s more on this topic in chapter 8 of the”Reilly book "SSH, The Secure Shell: The Definitive Guide” by Daniel Barrett and Richard Silverman, or chapter 12 of "“SSH Mastery: OpenSSH, PuTTY, Certificates, Tunnels, and Keys” by Michael W. Lucas. Note I am not advocating for ssh automation in this case, but if you’re going to use it, it would probably be good to use some of he features of ssh to set up a more restricted environment rather than leave keys around that can get into your account if they get loose in the world.
Alan
To unsubscribe from this group and stop receiving emails from it, send an email to singu...@lbl.gov.