Releases: apptainer/singularity
Singularity 2.4 Release
This release is amazingly fantastic, and it is with pleasure that I announce the availability of Singularity version 2.4! There are some really fantastic updates, fixes, optimizations and coolness contained in this version and here is a brief summary of changes:
Image Generation:
- Singularity Build Command: Building an image is now more intuitive with the introduction of our build command. You don't need to worry about sizes or using create, or bootstrap, you just build!
- Compressed immutable images: By default the build command now creates compressed read only containers using squashfs
- Build Bases: Singularity now supports building additional base targets: local images, Singularity Hub, or the host operating system itself.
- SCI-F: A well documented solution for internal container modularity (http://containers-ftw.org/SCI-F/)
Runtime:
- Instances: By popular demand and bribery, we are bringing back persistent instance support. You can now start up a container instance and using a given name, you can connect to that instance, and it keeps running even when you exit!
- Network namespace: We are now using the network namespace to provide network isolation
- Persistent overlays: Using a persistent overlay, you can modify a container image and all changes are written to the overlay layer
- Cleanup and optimization of the Singularity image library
Thank you and have fun containerizing the world!
Singularity 2.3.2 Release
This dot release includes a fix for a change that Docker implemented to their registry RESTful API which broke compatibility with Singularity (among several other low minor fixes).
Many thanks to Vanessa Sochat for figuring it out and rushing the fix!
Singularity 2.3.1 Release
This release includes a fix for a High Severity security issue on older hosts, and other improvements and fixes to previous versions of Singularity.
Security Information:
A potential escalation pathway has been identified that may allow a malicious user to escalate their privileges on hosts that do not support the "PR_SET_NO_NEW_PRIVS" flag for the prctl()
system call. This release fixes this as well as several other identified bugs and potential race conditions.
Please report any additional bugs to:
https://github.com/singularityware/singularity/issues/new
Thank you!
Singularity 2.3 Released
It is with great pleasure that I announce the general availability of Singularity version 2.3! There are a massive number of fixes, updates, optimizations and awesomeness contained within this release, but here is a brief overview of the major changes you can expect to find in this release:
- Lots of backend library changes to accommodate a more flexible API
- Restructured Python backend
- Updated bootstrap backend to make it much more reliable
- Direct support for the awesome, the fantastic, Singularity-Hub!
- Ability to run additional commands without root privileges (e.g.
create
,import
,copy
,export
, etc..). - Added ability to
pull
images from Singularity Hub and Docker - Containers now have labels, and are
inspect
'able
And don't forget to have fun!
Singularity 2.2.1 Security Release
This release includes a fix for a Moderate Severity security issue, and other improvements to version 2.2.
Security information:
In versions of Singularity previous to 2.2.1, it was possible for a malicious user to create and manipulate specifically crafted raw devices within containers they own. Utilizing MS_NODEV as a container image mount option mitigates this potential vector of attack. As a result, this update should be implemented with high urgency. A big thanks to Mattias Wadenstein (@umu in Sweden) for identifying and reporting this issue!
Other improvements:
- Fixed some leaky file descriptors
- Cleaned up *printf() usage
- Catch if user's group is not properly defined
- Fixed Docker Hub redirects
Please report any additional bugs to:
https://github.com/singularityware/singularity/issues/new
Thank you!
Singularity 2.2 Release
It is with great pleasure that I announce the general availability of Singularity version 2.2! Here's what's in store for version 2.2 from your favorite Git clone, download, or distribution vendor:
- A complete rework of the back end source code to allow a much larger feature set, sanity, and facilitate contributions
- The ability to execute completely unprivileged (does not support Singularity images) (thanks to Brian Bockelman)
- Container execute by URI support (file, http, https, docker, etc..)
- Integration with the Docker Registry Remote API (thanks to Vanessa Sochat):
- stateless containers running ad-hoc
- bootstrapping
- importing
- OverlayFS support - Allows for automatic creation of bind points within containers at runtime (thanks to Amanda Duffy and Jarrod Johnson)
- Additional container formats supported (directories and archives)
- New bootstrap definition format to handle much more complicated and intuitive recipes
- All Singularity 2.x containers continue to be supported with this release.
Additionally I would like to extend thanks to the following organizations for being part of supporting scientific computing with Singularity:
Lawrence Berkeley National Labratory (http://scs.lbl.gov/)
Stanford University (https://srcc.stanford.edu/)
San Diego Supercomputing Center (http://www.sdsc.edu/)
University of Nebraska-Lincoln (http://www.unl.edu/)
Dartmouth (http://pbs.dartmouth.edu/)
Yale University (http://www.yale.edu/)
University Of Liverpool (http://www.liverpool.ac.uk/)
Texas Advanced Computing Center (https://www.tacc.utexas.edu/)
Open MPI (http://www.openmpi.org/)
Ontropos (http://www.ontropos.com/)
Lenovo (http://www.lenovo.com/)
Intel (http://www.intel.com/)
Amazon (https://aws.amazon.com/)
R Systems (http://rsystemsinc.com/)
Release tip: The best way to kill an idea is to take it to a meeting.
Singularity 2.1.2 Release
This is a bugfix release for the 2.x series, and includes fixes for:
- Kernel panic on corrupt images
- Fixes build warning
Release tip: Don't make snow angels at a dog park.
Singularity 2.1.1 Release
This is a bugfix release for the 2.x series, and includes fixes for:
- Contain option no longer maintains current working directory
- Remove need to obtain a shared lock on the image (was failing on some shared file systems)
- Move creation of a container's /environment to the beginning of the bootstrap (so it can be modified via a bootstrap definition file
Enjoy!
Singularity 2.1 Release
It is with great pleasure that I announce the general availability of Singularity version 2.1! This is the second release in the 2.x series and includes the following features over and above the previous release:
Feature additions:
- Configuration file for system administrator control over what Singularity features users are allowed to use
- Support for non Gnu LibC based distributions (e.g. Alpine Linux)
- Source file restructuring and refactoring
- Added message(), and enabled very verbose debugging
- Be smarter about when to avoid separation of the PID namespace
- Log container runs to syslog()
- Support custom container environments (via container:/environment)
- Sanitized source files for Flawfinder
Bug fixes:
- Fix bug with /run and /var directories being read only in some situations
- Fix lots of bootstrap definition issues
- Fixed issue with /dev/pts not being mounted within a container
- Resolved some issues with image file de-looping
- Fixed bugs related to very restrictive umasks set
Enjoy!
Singularity 2.0 Release
It is with great pleasure that I release the first Singularity version in the 2.x series. There are massive amounts of new features, but here are a few of the high level "at a glance" features:
- Support for non-root container contexts (user outside container, is same user inside container)
- Support of "live" container sparse image files
- Utilizing the operating system's build and dependency resolution subsystems (e.g. YUM, Apt, etc.)
- Support for Open MPI 2.1 (pre-release)
- Updates for usage with non-local file systems
- Performance optimizations
- Support for native X11
Among LOTS more!!!
Check out this version of Singularity, and let us know how it works for you!