Update from Gregory Kurtzer on Singularity’s Push into FS and the Enterprise

By John Russell

September 11, 2018

Editor’s note: Container technology is hardly new but it has undergone rapid evolution in the HPC space in recent years to accommodate traditional science workloads and HPC systems requirements. While Docker containers continue to dominate in the enterprise, other variants are becoming important and one alternative with distinctly HPC roots – Singularity – is making an enterprise push targeting advanced scale workload inclusive of HPC. Singularity got its start at Lawrence Berkeley National lab in 2015 as an open source effort and found near-immediate traction within the HPC community.  

Today, Singularity remains open source but is overseen by start-up company, SyLabs, headed by Gregory Kurtzer who led development of Singularity at LBNL (see HPCwire article, Singularity HPC Container Start-Up – Sylabs – Emerges from Stealth). SyLabs offers a supported version of Singularity and, as mentioned, has turned its attention to the enterprise. In conjunction with the HPC on Wall Street conference taking place this week in New York City, HPCwire asked Kurtzer for an update on advanced container technology progress in the enterprise with a focus on Singularity’s progress and the specific needs of financial services sector, which has long been a leader in adopting HPC and advanced scale systems. 

HPCwire: Greg, maybe provide a quick refresher snapshot of container technology and distinguish it from VMs, and touch on the important characteristics of HPC/advanced scale containers.

Gregory Kurtzer: HPC and what we call EPC (Enterprise Performance Compute) focused applications require direct integration with the host operating system and underlying hardware. In contrast, services require isolation from each other and from the host’s resources. Singularity is designed to mitigate security issues when running containers as non-root, and thus blur the line between host and container. Singularity is also highly performant on both startup and teardown and will completely get out of the way, allowing the application to execute without any interference from the container runtime.

HPCwire: Filling out the container ecosystem a bit, explain the role of deployment/management tools such as Kubernetes or other tools such as job schedulers.

Gregory Kurtzer

Kurtzer: Job schedulers have been part of the core ecosystem on HPC for a long time. Now, with the advent of containers on HPC, we are seeing both HPC and EPC users interested in deployment tools, such as Kubernetes/Kubeflow, for their compute workloads. But the container ecosystem demands more than what a job scheduler offers; now users want to build their containers asynchronously, store them in a clear and verifiably reproducible way, and run their workloads on a different set of resources across multiple resources. These tools now play a big role for users trying to move their workloads between onprem and the cloud.

HPCwire: Looking at the traditional HPC environment (academia and government) and enterprise and financial service sector in particular, how do the container use patterns/needs differ and where are they similar?

Kurtzer: In academia and government, the HPC ecosystem consists of a wide variety of use cases, ranging from massively parallel tightly coupled MPI based applications to single threaded, interpreted based workloads (scripts). The EPC and financial services sector tend to generally have more serial based workloads, but given that all of these are focused on performance and compute, many of them have a very similar nature to the needs of academic and government HPC.

This means that the financial sector resources may not have InfiniBand for interprocess communication, or a parallel file system, but they do need low latency networks usually with TCP offloading for HFT requirements. Additionally, they need to manage unprivileged users and resource management with scheduling as a traditional HPC resource would, but they also need to handle orchestration, CI/CD, DevOps, policy compliance, and change management with validation of their workflows. Singularity is uniquely designed for this.

HPCwire: Security is an issue that is often flagged with Docker and one that’s obviously important in the FS world. What are the security challenges container technology presents and how are they best solved?

Singularity is unique in how it handles security, privilege, and user access. Designed to allow untrusted users to run untrusted containers but in a trusted way, Singularity allows non-root users the ability to run containers while locking their privilege within the container. Singularity actually blocks privilege escalation attempts within the container, so from a security point of view, it is safer for users to run applications from within Singularity.

This use case is not limited to just HPC. Imagine being able to run any service through a container without ever being root, and mitigating to ensure that anything running inside that container can never become root.

But security is also rooted within trust. Singularity (as of version 3.0, which is slated to be released in early October), can support cryptographically signed containers. This means you can trust your container runtime environment. Furthermore, with the Sylabs keystore cloud service, you can verify containers and provide accountability back to the developer. Coupling that with the ability to revoke keys means we can limit the “blast radius” of a given exposure.

Between our security model and trusted environments, Singularity and Sylabs adds an entirely new layer of security to your existing environments.

HPCwire: What are some of the dominant HPC-related container use cases in FS you are seeing?

Kurtzer: We are seeing Singularity’s use cases in EPC and the financial sectors gaining momentum on data driven analytics, simulation, HFT (high frequency trading), and starting to see an uptake in AI for market prediction.

HPCwire: When we talked a little over a year ago, you said Singularity had only a smattering of commercial users. How has that changed and why?

Kurtzer:We have a public “Singularity Registry” in which people can voluntarily list their computational resources which support Singularity. Unsurprisingly it consists almost exclusively of academic and government non-classified systems; most commercial users do not list their resources there. So it is somewhat of a surprise to us every time we are contacted by a commercial organization that is already using Singularity. At this point, we have been contacted by large number of commercial end-users as well as hardware and software providers who are interested in working with us to satisfy the requests of their customers.

One of the motivators here has been on our release of SingularityPRO. SingularityPRO is a curated version of the open source codebase and thus it is made of 100 percent open source software. But, we give a 2-week priority of security updates to paying customers as well as make available the Sylabs Keystore for cryptographic validation of containers (a freemium service to open source users). Lastly, we offer commercial support, training materials, and professional services to PRO customers exclusively as we do not provide enterprise support on the open source codebase.

HPCwire: Can you comment on the growth of Singularity (and other HPC flavors of containers) in the enterprise broadly and perhaps its segments such as FS and manufacturing, etc.

Kurtzer: Singularity’s growth in the enterprise is like a step function, starting with the low hanging fruit of commercial HPC and EPC which introduces Singularity to these enterprises organizations. From there, we have seen that other groups within the organization are introduced to Singularity and love its ease of use, security differentiators, and the novel single-file container image format.

The biggest barrier so far has been the lack of compatibility with existing resources like Kubernetes; but we will soon be releasing a solution for exactly this, so stay tuned!

HPCwire: How is container technology well suited for FS, and what are the challenges?

Kurtzer: Container technology in general is changing the paradigm about what it means to package and distribute software. Singularity takes this to the next level. For example, the Singularity Image Format is to containers what RPM and DEB files are to source code. Our image format, modeled after the ELF binary format in Linux, offers flexibility, control, and cryptographic verification, and thus guaranteed immutability. This changes the DevOps paradigm and offers bit for bit reproducibility and trust.

But for financial services, there are other requirements that have historically made containerization a non-starter. For example, the networking layers of other container systems introduce too much latency for HFT and distributed workflows. Fortunately, Singularity, being designed for performance and compute, does not suffer the same outcome as Singularity does not introduce additional latencies in the network, memory, or IO subsystems.

HPCwire: What kinds of forthcoming container technology changes will help FS segment?

Kurtzer: Security is key as is trust via cryptographic signing and encryption. Additionally, integration with existing resources (Kubernetes, Kubeflow, Mesos), performance metrics, tighter integration into existing workflows, and leveraging a community with an already strong knowledge of the container space.

HPCwire: What’s ahead for container technology, in particular for HPC-capable container technology.

Kurtzer: We see PMIx being a big help for MPI and we are working with Mellanox to solve the OFED compatibility layer.

In terms of the container ecosystem, we are soon to release a Container Library and Marketplace for purchasing of premade containers. This will provide software providers the ability to have software vendors shipping their applications as signed Singularity containers.

HPCwire: It seems like heterogeneous architectures (CPU-Accelerator) are becoming a fact of life with processors diversity in particular – Intel, AMD, IBM/Power, ARM, RISCv – further complicating platform selection and use. How does this affect container technology and what challenges (port to processors, etc.) does it present? For example, which processors does Singularity support.

Kurtzer: There is no limit to which platforms can run compute-driven analytics. Because of this, we support everything possible, including GPU and interconnects. Also, the Singularity Image Format (SIF) contains metadata about what architectures it is built and optimized for such that orchestrators can easily glean insights from the container image itself for orchestration.

HPCwire: Do you expect a convergence between varying flavors?

Kurtzer: No. Options are good as each solution offers variety. There will always be Gnome and KDE, Vim and Emacs, Perl and Python, Docker and Singularity.

HPCwire: You’ve talked in the past about how containers potentially represent a paradigm change in the way applications are delivered; how is this playing out and what should we expect?

Kurtzer: 451 Research believes the application market space to grow to $1.6B in 2018 alone. If the market is growing that rapidly, support of the market needs to be there. Sylabs will be there to support it in terms of technology enhancements and services, including working with other open source projects to create solutions to cover a broad spectrum of customer problems.

Subscribe to HPCwire's Weekly Update!

Be the most informed person in the room! Stay ahead of the tech trends with industy updates delivered to you every week!

SC19’s HPC Impact Showcase Chair: AI + HPC a ‘Speed Train’

November 16, 2019

This year’s chair of the HPC Impact Showcase at the SC19 conference in Denver is Lori Diachin, who has spent her career at the spearhead of HPC. Currently deputy director for the U.S. Department of Energy’s (DOE) Read more…

By Doug Black

Microsoft Azure Adds Graphcore’s IPU

November 15, 2019

Graphcore, the U.K. AI chip developer, is expanding collaboration with Microsoft to offer its intelligent processing units on the Azure cloud, making Microsoft the first large public cloud vendor to offer the IPU designe Read more…

By George Leopold

At SC19: What Is UrgentHPC and Why Is It Needed?

November 14, 2019

The UrgentHPC workshop, taking place Sunday (Nov. 17) at SC19, is focused on using HPC and real-time data for urgent decision making in response to disasters such as wildfires, flooding, health emergencies, and accidents. We chat with organizer Nick Brown, research fellow at EPCC, University of Edinburgh, to learn more. Read more…

By Tiffany Trader

China’s Tencent Server Design Will Use AMD Rome

November 13, 2019

Tencent, the Chinese cloud giant, said it would use AMD’s newest Epyc processor in its internally-designed server. The design win adds further momentum to AMD’s bid to erode rival Intel Corp.’s dominance of the glo Read more…

By George Leopold

NCSA Industry Conference Recap – Part 1

November 13, 2019

Industry Program Director Brendan McGinty welcomed guests to the annual National Center for Supercomputing Applications (NCSA) Industry Conference, October 8-10, on the University of Illinois campus in Urbana (UIUC). One hundred seventy from 40 organizations attended the invitation-only, two-day event. Read more…

By Elizabeth Leake, STEM-Trek

AWS Solution Channel

Making High Performance Computing Affordable and Accessible for Small and Medium Businesses with HPC on AWS

High performance computing (HPC) brings a powerful set of tools to a broad range of industries, helping to drive innovation and boost revenue in finance, genomics, oil and gas extraction, and other fields. Read more…

IBM Accelerated Insights

Data Management – The Key to a Successful AI Project

 

Five characteristics of an awesome AI data infrastructure

[Attend the IBM LSF & HPC User Group Meeting at SC19 in Denver on November 19!]

AI is powered by data

While neural networks seem to get all the glory, data is the unsung hero of AI projects – data lies at the heart of everything from model training to tuning to selection to validation. Read more…

Cray, Fujitsu Both Bringing Fujitsu A64FX-based Supercomputers to Market in 2020

November 12, 2019

The number of top-tier HPC systems makers has shrunk due to a steady march of M&A activity, but there is increased diversity and choice of processing components with Intel Xeon, AMD Epyc, IBM Power, and Arm server ch Read more…

By Tiffany Trader

SC19’s HPC Impact Showcase Chair: AI + HPC a ‘Speed Train’

November 16, 2019

This year’s chair of the HPC Impact Showcase at the SC19 conference in Denver is Lori Diachin, who has spent her career at the spearhead of HPC. Currently Read more…

By Doug Black

Cray, Fujitsu Both Bringing Fujitsu A64FX-based Supercomputers to Market in 2020

November 12, 2019

The number of top-tier HPC systems makers has shrunk due to a steady march of M&A activity, but there is increased diversity and choice of processing compon Read more…

By Tiffany Trader

Intel AI Summit: New ‘Keem Bay’ Edge VPU, AI Product Roadmap

November 12, 2019

At its AI Summit today in San Francisco, Intel touted a raft of AI training and inference hardware for deployments ranging from cloud to edge and designed to support organizations at various points of their AI journeys. The company revealed its Movidius Myriad Vision Processing Unit (VPU)... Read more…

By Doug Black

IBM Adds Support for Ion Trap Quantum Technology to Qiskit

November 11, 2019

After years of percolating in the shadow of quantum computing research based on superconducting semiconductors – think IBM, Rigetti, Google, and D-Wave (quant Read more…

By John Russell

Tackling HPC’s Memory and I/O Bottlenecks with On-Node, Non-Volatile RAM

November 8, 2019

On-node, non-volatile memory (NVRAM) is a game-changing technology that can remove many I/O and memory bottlenecks and provide a key enabler for exascale. That’s the conclusion drawn by the scientists and researchers of Europe’s NEXTGenIO project, an initiative funded by the European Commission’s Horizon 2020 program to explore this new... Read more…

By Jan Rowell

MLPerf Releases First Inference Benchmark Results; Nvidia Touts its Showing

November 6, 2019

MLPerf.org, the young AI-benchmarking consortium, today issued the first round of results for its inference test suite. Among organizations with submissions wer Read more…

By John Russell

Azure Cloud First with AMD Epyc Rome Processors

November 6, 2019

At Ignite 2019 this week, Microsoft's Azure cloud team and AMD announced an expansion of their partnership that began in 2017 when Azure debuted Epyc-backed instances for storage workloads. The fourth-generation Azure D-series and E-series virtual machines previewed at the Rome launch in August are now generally available. Read more…

By Tiffany Trader

Nvidia Launches Credit Card-Sized 21 TOPS Jetson System for Edge Devices

November 6, 2019

Nvidia has launched a new addition to its Jetson product line: a credit card-sized (70x45mm) form factor delivering up to 21 trillion operations/second (TOPS) o Read more…

By Doug Black

Supercomputer-Powered AI Tackles a Key Fusion Energy Challenge

August 7, 2019

Fusion energy is the Holy Grail of the energy world: low-radioactivity, low-waste, zero-carbon, high-output nuclear power that can run on hydrogen or lithium. T Read more…

By Oliver Peckham

Using AI to Solve One of the Most Prevailing Problems in CFD

October 17, 2019

How can artificial intelligence (AI) and high-performance computing (HPC) solve mesh generation, one of the most commonly referenced problems in computational engineering? A new study has set out to answer this question and create an industry-first AI-mesh application... Read more…

By James Sharpe

Cray Wins NNSA-Livermore ‘El Capitan’ Exascale Contract

August 13, 2019

Cray has won the bid to build the first exascale supercomputer for the National Nuclear Security Administration (NNSA) and Lawrence Livermore National Laborator Read more…

By Tiffany Trader

DARPA Looks to Propel Parallelism

September 4, 2019

As Moore’s law runs out of steam, new programming approaches are being pursued with the goal of greater hardware performance with less coding. The Defense Advanced Projects Research Agency is launching a new programming effort aimed at leveraging the benefits of massive distributed parallelism with less sweat. Read more…

By George Leopold

AMD Launches Epyc Rome, First 7nm CPU

August 8, 2019

From a gala event at the Palace of Fine Arts in San Francisco yesterday (Aug. 7), AMD launched its second-generation Epyc Rome x86 chips, based on its 7nm proce Read more…

By Tiffany Trader

D-Wave’s Path to 5000 Qubits; Google’s Quantum Supremacy Claim

September 24, 2019

On the heels of IBM’s quantum news last week come two more quantum items. D-Wave Systems today announced the name of its forthcoming 5000-qubit system, Advantage (yes the name choice isn’t serendipity), at its user conference being held this week in Newport, RI. Read more…

By John Russell

Ayar Labs to Demo Photonics Chiplet in FPGA Package at Hot Chips

August 19, 2019

Silicon startup Ayar Labs continues to gain momentum with its DARPA-backed optical chiplet technology that puts advanced electronics and optics on the same chip Read more…

By Tiffany Trader

Crystal Ball Gazing: IBM’s Vision for the Future of Computing

October 14, 2019

Dario Gil, IBM’s relatively new director of research, painted a intriguing portrait of the future of computing along with a rough idea of how IBM thinks we’ Read more…

By John Russell

Leading Solution Providers

ISC 2019 Virtual Booth Video Tour

CRAY
CRAY
DDN
DDN
DELL EMC
DELL EMC
GOOGLE
GOOGLE
ONE STOP SYSTEMS
ONE STOP SYSTEMS
PANASAS
PANASAS
VERNE GLOBAL
VERNE GLOBAL

Intel Confirms Retreat on Omni-Path

August 1, 2019

Intel Corp.’s plans to make a big splash in the network fabric market for linking HPC and other workloads has apparently belly-flopped. The chipmaker confirmed to us the outlines of an earlier report by the website CRN that it has jettisoned plans for a second-generation version of its Omni-Path interconnect... Read more…

By Staff report

Kubernetes, Containers and HPC

September 19, 2019

Software containers and Kubernetes are important tools for building, deploying, running and managing modern enterprise applications at scale and delivering enterprise software faster and more reliably to the end user — while using resources more efficiently and reducing costs. Read more…

By Daniel Gruber, Burak Yenier and Wolfgang Gentzsch, UberCloud

Dell Ramps Up HPC Testing of AMD Rome Processors

October 21, 2019

Dell Technologies is wading deeper into the AMD-based systems market with a growing evaluation program for the latest Epyc (Rome) microprocessors from AMD. In a Read more…

By John Russell

Rise of NIH’s Biowulf Mirrors the Rise of Computational Biology

July 29, 2019

The story of NIH’s supercomputer Biowulf is fascinating, important, and in many ways representative of the transformation of life sciences and biomedical res Read more…

By John Russell

Xilinx vs. Intel: FPGA Market Leaders Launch Server Accelerator Cards

August 6, 2019

The two FPGA market leaders, Intel and Xilinx, both announced new accelerator cards this week designed to handle specialized, compute-intensive workloads and un Read more…

By Doug Black

When Dense Matrix Representations Beat Sparse

September 9, 2019

In our world filled with unintended consequences, it turns out that saving memory space to help deal with GPU limitations, knowing it introduces performance pen Read more…

By James Reinders

With the Help of HPC, Astronomers Prepare to Deflect a Real Asteroid

September 26, 2019

For years, NASA has been running simulations of asteroid impacts to understand the risks (and likelihoods) of asteroids colliding with Earth. Now, NASA and the European Space Agency (ESA) are preparing for the next, crucial step in planetary defense against asteroid impacts: physically deflecting a real asteroid. Read more…

By Oliver Peckham

Cerebras to Supply DOE with Wafer-Scale AI Supercomputing Technology

September 17, 2019

Cerebras Systems, which debuted its wafer-scale AI silicon at Hot Chips last month, has entered into a multi-year partnership with Argonne National Laboratory and Lawrence Livermore National Laboratory as part of a larger collaboration with the U.S. Department of Energy... Read more…

By Tiffany Trader

  • arrow
  • Click Here for More Headlines
  • arrow
Do NOT follow this link or you will be banned from the site!
Share This