THE CONTAINER SYSTEM FOR SECURE HIGH PERFORMANCE COMPUTING
Apptainer/Singularity is the most widely used container system for HPC. It is designed to execute applications at bare-metal performance while being secure, portable, and 100% reproducible. Apptainer is an open-source project with a friendly community of developers and users. The user base continues to expand, with Apptainer/Singularity now used across industry and academia in many areas of work.
Create a new container including any application(s) or use an existing OCI/Docker container and secure it cryptographically to guarantee its contents.
Securely archive, distribute, share containers with others via container registeries, object stores, HTTP services, or shared storage.
Run workloads with the absolute guarantee of where the container came from and that it has not been tampered with or changed.
Singularity video tutorial, recorded by Ian Kaneshiro @ CIQ.
Absolute Trust and Security
Apptainer/Singularity is the only container system that supports public/private key signing, providing trust and guarantees of immutability.
Apptainer is 100% Docker and OCI (Open Containers Initiative) compatible (but easier to use).
Apptainer can encrypt containers and integrates with Vault and other secret management platforms to secure applications, models, and data.
The single-file SIF container format allows you to reproducibly build, share, and archive your workload from workstations, to HPC, to the edge.
Apptainer runs "rootless" and prohibits privilege escalation within the container; users are the same inside and outside the container.
Integration over isolation
Apptainer's security architecture allows you to securely leverage GPUs, FPGAs, high-speed networks, and filesystems.
Easy to Use
Apptainer intuitively allows non-privileged users to run any containerized application.
Apptainer/Singularity is by far the most utilized container system for performance-intensive computing!
Commercial support for Apptainer is officially provided by CIQ.