Update from Gregory Kurtzer on Singularity’s Push into FS and the Enterprise

By John Russell

September 11, 2018

Editor’s note: Container technology is hardly new but it has undergone rapid evolution in the HPC space in recent years to accommodate traditional science workloads and HPC systems requirements. While Docker containers continue to dominate in the enterprise, other variants are becoming important and one alternative with distinctly HPC roots – Singularity – is making an enterprise push targeting advanced scale workload inclusive of HPC. Singularity got its start at Lawrence Berkeley National lab in 2015 as an open source effort and found near-immediate traction within the HPC community.  

Today, Singularity remains open source but is overseen by start-up company, SyLabs, headed by Gregory Kurtzer who led development of Singularity at LBNL (see HPCwire article, Singularity HPC Container Start-Up – Sylabs – Emerges from Stealth). SyLabs offers a supported version of Singularity and, as mentioned, has turned its attention to the enterprise. In conjunction with the HPC on Wall Street conference taking place this week in New York City, HPCwire asked Kurtzer for an update on advanced container technology progress in the enterprise with a focus on Singularity’s progress and the specific needs of financial services sector, which has long been a leader in adopting HPC and advanced scale systems. 

HPCwire: Greg, maybe provide a quick refresher snapshot of container technology and distinguish it from VMs, and touch on the important characteristics of HPC/advanced scale containers.

Gregory Kurtzer: HPC and what we call EPC (Enterprise Performance Compute) focused applications require direct integration with the host operating system and underlying hardware. In contrast, services require isolation from each other and from the host’s resources. Singularity is designed to mitigate security issues when running containers as non-root, and thus blur the line between host and container. Singularity is also highly performant on both startup and teardown and will completely get out of the way, allowing the application to execute without any interference from the container runtime.

HPCwire: Filling out the container ecosystem a bit, explain the role of deployment/management tools such as Kubernetes or other tools such as job schedulers.

Gregory Kurtzer

Kurtzer: Job schedulers have been part of the core ecosystem on HPC for a long time. Now, with the advent of containers on HPC, we are seeing both HPC and EPC users interested in deployment tools, such as Kubernetes/Kubeflow, for their compute workloads. But the container ecosystem demands more than what a job scheduler offers; now users want to build their containers asynchronously, store them in a clear and verifiably reproducible way, and run their workloads on a different set of resources across multiple resources. These tools now play a big role for users trying to move their workloads between onprem and the cloud.

HPCwire: Looking at the traditional HPC environment (academia and government) and enterprise and financial service sector in particular, how do the container use patterns/needs differ and where are they similar?

Kurtzer: In academia and government, the HPC ecosystem consists of a wide variety of use cases, ranging from massively parallel tightly coupled MPI based applications to single threaded, interpreted based workloads (scripts). The EPC and financial services sector tend to generally have more serial based workloads, but given that all of these are focused on performance and compute, many of them have a very similar nature to the needs of academic and government HPC.

This means that the financial sector resources may not have InfiniBand for interprocess communication, or a parallel file system, but they do need low latency networks usually with TCP offloading for HFT requirements. Additionally, they need to manage unprivileged users and resource management with scheduling as a traditional HPC resource would, but they also need to handle orchestration, CI/CD, DevOps, policy compliance, and change management with validation of their workflows. Singularity is uniquely designed for this.

HPCwire: Security is an issue that is often flagged with Docker and one that’s obviously important in the FS world. What are the security challenges container technology presents and how are they best solved?

Singularity is unique in how it handles security, privilege, and user access. Designed to allow untrusted users to run untrusted containers but in a trusted way, Singularity allows non-root users the ability to run containers while locking their privilege within the container. Singularity actually blocks privilege escalation attempts within the container, so from a security point of view, it is safer for users to run applications from within Singularity.

This use case is not limited to just HPC. Imagine being able to run any service through a container without ever being root, and mitigating to ensure that anything running inside that container can never become root.

But security is also rooted within trust. Singularity (as of version 3.0, which is slated to be released in early October), can support cryptographically signed containers. This means you can trust your container runtime environment. Furthermore, with the Sylabs keystore cloud service, you can verify containers and provide accountability back to the developer. Coupling that with the ability to revoke keys means we can limit the “blast radius” of a given exposure.

Between our security model and trusted environments, Singularity and Sylabs adds an entirely new layer of security to your existing environments.

HPCwire: What are some of the dominant HPC-related container use cases in FS you are seeing?

Kurtzer: We are seeing Singularity’s use cases in EPC and the financial sectors gaining momentum on data driven analytics, simulation, HFT (high frequency trading), and starting to see an uptake in AI for market prediction.

HPCwire: When we talked a little over a year ago, you said Singularity had only a smattering of commercial users. How has that changed and why?

Kurtzer:We have a public “Singularity Registry” in which people can voluntarily list their computational resources which support Singularity. Unsurprisingly it consists almost exclusively of academic and government non-classified systems; most commercial users do not list their resources there. So it is somewhat of a surprise to us every time we are contacted by a commercial organization that is already using Singularity. At this point, we have been contacted by large number of commercial end-users as well as hardware and software providers who are interested in working with us to satisfy the requests of their customers.

One of the motivators here has been on our release of SingularityPRO. SingularityPRO is a curated version of the open source codebase and thus it is made of 100 percent open source software. But, we give a 2-week priority of security updates to paying customers as well as make available the Sylabs Keystore for cryptographic validation of containers (a freemium service to open source users). Lastly, we offer commercial support, training materials, and professional services to PRO customers exclusively as we do not provide enterprise support on the open source codebase.

HPCwire: Can you comment on the growth of Singularity (and other HPC flavors of containers) in the enterprise broadly and perhaps its segments such as FS and manufacturing, etc.

Kurtzer: Singularity’s growth in the enterprise is like a step function, starting with the low hanging fruit of commercial HPC and EPC which introduces Singularity to these enterprises organizations. From there, we have seen that other groups within the organization are introduced to Singularity and love its ease of use, security differentiators, and the novel single-file container image format.

The biggest barrier so far has been the lack of compatibility with existing resources like Kubernetes; but we will soon be releasing a solution for exactly this, so stay tuned!

HPCwire: How is container technology well suited for FS, and what are the challenges?

Kurtzer: Container technology in general is changing the paradigm about what it means to package and distribute software. Singularity takes this to the next level. For example, the Singularity Image Format is to containers what RPM and DEB files are to source code. Our image format, modeled after the ELF binary format in Linux, offers flexibility, control, and cryptographic verification, and thus guaranteed immutability. This changes the DevOps paradigm and offers bit for bit reproducibility and trust.

But for financial services, there are other requirements that have historically made containerization a non-starter. For example, the networking layers of other container systems introduce too much latency for HFT and distributed workflows. Fortunately, Singularity, being designed for performance and compute, does not suffer the same outcome as Singularity does not introduce additional latencies in the network, memory, or IO subsystems.

HPCwire: What kinds of forthcoming container technology changes will help FS segment?

Kurtzer: Security is key as is trust via cryptographic signing and encryption. Additionally, integration with existing resources (Kubernetes, Kubeflow, Mesos), performance metrics, tighter integration into existing workflows, and leveraging a community with an already strong knowledge of the container space.

HPCwire: What’s ahead for container technology, in particular for HPC-capable container technology.

Kurtzer: We see PMIx being a big help for MPI and we are working with Mellanox to solve the OFED compatibility layer.

In terms of the container ecosystem, we are soon to release a Container Library and Marketplace for purchasing of premade containers. This will provide software providers the ability to have software vendors shipping their applications as signed Singularity containers.

HPCwire: It seems like heterogeneous architectures (CPU-Accelerator) are becoming a fact of life with processors diversity in particular – Intel, AMD, IBM/Power, ARM, RISCv – further complicating platform selection and use. How does this affect container technology and what challenges (port to processors, etc.) does it present? For example, which processors does Singularity support.

Kurtzer: There is no limit to which platforms can run compute-driven analytics. Because of this, we support everything possible, including GPU and interconnects. Also, the Singularity Image Format (SIF) contains metadata about what architectures it is built and optimized for such that orchestrators can easily glean insights from the container image itself for orchestration.

HPCwire: Do you expect a convergence between varying flavors?

Kurtzer: No. Options are good as each solution offers variety. There will always be Gnome and KDE, Vim and Emacs, Perl and Python, Docker and Singularity.

HPCwire: You’ve talked in the past about how containers potentially represent a paradigm change in the way applications are delivered; how is this playing out and what should we expect?

Kurtzer: 451 Research believes the application market space to grow to $1.6B in 2018 alone. If the market is growing that rapidly, support of the market needs to be there. Sylabs will be there to support it in terms of technology enhancements and services, including working with other open source projects to create solutions to cover a broad spectrum of customer problems.

Subscribe to HPCwire's Weekly Update!

Be the most informed person in the room! Stay ahead of the tech trends with industy updates delivered to you every week!

What’s New in HPC Research: Natural Gas, Precision Agriculture, Neural Networks and More

December 6, 2019

In this bimonthly feature, HPCwire highlights newly published research in the high-performance computing community and related domains. From parallel programming to exascale to quantum computing, the details are here. Read more…

By Oliver Peckham

On the Spack Track @SC19

December 5, 2019

At the annual supercomputing conference, SC19 in Denver, Colorado, there were Spack events each day of the conference. As a reflection of its grassroots heritage, nine sessions were planned by more than a dozen thought leaders from seven organizations, including three U.S. national Department of Energy (DOE) laboratories and Sylabs... Read more…

By Elizabeth Leake

Intel’s New Hyderabad Design Center Targets Exascale Era Technologies

December 3, 2019

Intel's Raja Koduri was in India this week to help launch a new 300,000 square foot design and engineering center in Hyderabad, which will focus on advanced computing technologies for the AI and exascale era. "Over th Read more…

By Tiffany Trader

AWS Debuts 7nm 2nd-Gen Graviton Arm Processor

December 3, 2019

The “x86 Big Bang,” in which market dominance of the venerable Intel CPU has exploded into fragments of processor options suited to varying workloads, has now encompassed CPUs offered by the leading public cloud serv Read more…

By Doug Black

Medical Imaging Gets an AI Boost

December 3, 2019

AI technologies incorporated into diagnostic imaging tools have proven useful in eliminating confirmation bias, often outperforming human clinicians who may bring their own prejudices. Another issue slowing progress is t Read more…

By George Leopold

AWS Solution Channel

Making High Performance Computing Affordable and Accessible for Small and Medium Businesses with HPC on AWS

High performance computing (HPC) brings a powerful set of tools to a broad range of industries, helping to drive innovation and boost revenue in finance, genomics, oil and gas extraction, and other fields. Read more…

IBM Accelerated Insights

AI Needs Intelligent HPC infrastructure

Artificial Intelligence (AI) has revolutionized entire industries and enables humanity to solve some of the most daunting challenges. To accomplish this, it requires massive amounts of data from heterogeneous sources that is processed it new ways that differs significantly from HPC applications. Read more…

Ride on the Wild Side – Squyres SC19 Mars Rovers Keynote

December 2, 2019

Reminding us of the deep and enabling connection between HPC and modern science is an important part of the SC Conference mission. And yes, HPC is a science itself. At SC19, Steve Squyres’ opening keynote recounting th Read more…

By John Russell

On the Spack Track @SC19

December 5, 2019

At the annual supercomputing conference, SC19 in Denver, Colorado, there were Spack events each day of the conference. As a reflection of its grassroots heritage, nine sessions were planned by more than a dozen thought leaders from seven organizations, including three U.S. national Department of Energy (DOE) laboratories and Sylabs... Read more…

By Elizabeth Leake

Intel’s New Hyderabad Design Center Targets Exascale Era Technologies

December 3, 2019

Intel's Raja Koduri was in India this week to help launch a new 300,000 square foot design and engineering center in Hyderabad, which will focus on advanced com Read more…

By Tiffany Trader

AWS Debuts 7nm 2nd-Gen Graviton Arm Processor

December 3, 2019

The “x86 Big Bang,” in which market dominance of the venerable Intel CPU has exploded into fragments of processor options suited to varying workloads, has n Read more…

By Doug Black

Ride on the Wild Side – Squyres SC19 Mars Rovers Keynote

December 2, 2019

Reminding us of the deep and enabling connection between HPC and modern science is an important part of the SC Conference mission. And yes, HPC is a science its Read more…

By John Russell

NSCI Update – Adapting to a Changing Landscape

December 2, 2019

It was November of 2017 when we last visited the topic of the National Strategic Computing Initiative (NSCI). As you will recall, the NSCI was started with an Executive Order (E.O. No. 13702), that was issued by President Obama in July of 2015 and was followed by a Strategic Plan that was released in July of 2016. The question for November of 2017... Read more…

By Alex R. Larzelere

Tsinghua University Racks Up Its Ninth Student Cluster Championship Win at SC19

November 27, 2019

Tsinghua University has done it again. At SC19 last week, the eight-time gold medal-winner team took home the top prize in the 2019 Student Cluster Competition Read more…

By Oliver Peckham

SC19: IBM Changes Its HPC-AI Game Plan

November 25, 2019

It’s probably fair to say IBM is known for big bets. Summit supercomputer – a big win. Red Hat acquisition – looking like a big win. OpenPOWER and Power processors – jury’s out? At SC19, long-time IBMer Dave Turek sketched out a different kind of bet for Big Blue – a small ball strategy, if you’ll forgive the baseball analogy... Read more…

By John Russell

How the Gordon Bell Prize Winners Used Summit to Illuminate Transistors

November 22, 2019

At SC19, the Association for Computing Machinery (ACM) awarded the prestigious Gordon Bell Prize to the Swiss Federal Institute of Technology (ETH) Zurich. The Read more…

By Oliver Peckham

Using AI to Solve One of the Most Prevailing Problems in CFD

October 17, 2019

How can artificial intelligence (AI) and high-performance computing (HPC) solve mesh generation, one of the most commonly referenced problems in computational engineering? A new study has set out to answer this question and create an industry-first AI-mesh application... Read more…

By James Sharpe

Cray Wins NNSA-Livermore ‘El Capitan’ Exascale Contract

August 13, 2019

Cray has won the bid to build the first exascale supercomputer for the National Nuclear Security Administration (NNSA) and Lawrence Livermore National Laborator Read more…

By Tiffany Trader

DARPA Looks to Propel Parallelism

September 4, 2019

As Moore’s law runs out of steam, new programming approaches are being pursued with the goal of greater hardware performance with less coding. The Defense Advanced Projects Research Agency is launching a new programming effort aimed at leveraging the benefits of massive distributed parallelism with less sweat. Read more…

By George Leopold

D-Wave’s Path to 5000 Qubits; Google’s Quantum Supremacy Claim

September 24, 2019

On the heels of IBM’s quantum news last week come two more quantum items. D-Wave Systems today announced the name of its forthcoming 5000-qubit system, Advantage (yes the name choice isn’t serendipity), at its user conference being held this week in Newport, RI. Read more…

By John Russell

Ayar Labs to Demo Photonics Chiplet in FPGA Package at Hot Chips

August 19, 2019

Silicon startup Ayar Labs continues to gain momentum with its DARPA-backed optical chiplet technology that puts advanced electronics and optics on the same chip Read more…

By Tiffany Trader

SC19: IBM Changes Its HPC-AI Game Plan

November 25, 2019

It’s probably fair to say IBM is known for big bets. Summit supercomputer – a big win. Red Hat acquisition – looking like a big win. OpenPOWER and Power processors – jury’s out? At SC19, long-time IBMer Dave Turek sketched out a different kind of bet for Big Blue – a small ball strategy, if you’ll forgive the baseball analogy... Read more…

By John Russell

Cray, Fujitsu Both Bringing Fujitsu A64FX-based Supercomputers to Market in 2020

November 12, 2019

The number of top-tier HPC systems makers has shrunk due to a steady march of M&A activity, but there is increased diversity and choice of processing compon Read more…

By Tiffany Trader

Crystal Ball Gazing: IBM’s Vision for the Future of Computing

October 14, 2019

Dario Gil, IBM’s relatively new director of research, painted a intriguing portrait of the future of computing along with a rough idea of how IBM thinks we’ Read more…

By John Russell

Leading Solution Providers

ISC 2019 Virtual Booth Video Tour

CRAY
CRAY
DDN
DDN
DELL EMC
DELL EMC
GOOGLE
GOOGLE
ONE STOP SYSTEMS
ONE STOP SYSTEMS
PANASAS
PANASAS
VERNE GLOBAL
VERNE GLOBAL

Intel Debuts New GPU – Ponte Vecchio – and Outlines Aspirations for oneAPI

November 17, 2019

Intel today revealed a few more details about its forthcoming Xe line of GPUs – the top SKU is named Ponte Vecchio and will be used in Aurora, the first plann Read more…

By John Russell

Kubernetes, Containers and HPC

September 19, 2019

Software containers and Kubernetes are important tools for building, deploying, running and managing modern enterprise applications at scale and delivering enterprise software faster and more reliably to the end user — while using resources more efficiently and reducing costs. Read more…

By Daniel Gruber, Burak Yenier and Wolfgang Gentzsch, UberCloud

Dell Ramps Up HPC Testing of AMD Rome Processors

October 21, 2019

Dell Technologies is wading deeper into the AMD-based systems market with a growing evaluation program for the latest Epyc (Rome) microprocessors from AMD. In a Read more…

By John Russell

AMD Launches Epyc Rome, First 7nm CPU

August 8, 2019

From a gala event at the Palace of Fine Arts in San Francisco yesterday (Aug. 7), AMD launched its second-generation Epyc Rome x86 chips, based on its 7nm proce Read more…

By Tiffany Trader

SC19: Welcome to Denver

November 17, 2019

A significant swath of the HPC community has come to Denver for SC19, which began today (Sunday) with a rich technical program. As is customary, the ribbon cutt Read more…

By Tiffany Trader

When Dense Matrix Representations Beat Sparse

September 9, 2019

In our world filled with unintended consequences, it turns out that saving memory space to help deal with GPU limitations, knowing it introduces performance pen Read more…

By James Reinders

With the Help of HPC, Astronomers Prepare to Deflect a Real Asteroid

September 26, 2019

For years, NASA has been running simulations of asteroid impacts to understand the risks (and likelihoods) of asteroids colliding with Earth. Now, NASA and the European Space Agency (ESA) are preparing for the next, crucial step in planetary defense against asteroid impacts: physically deflecting a real asteroid. Read more…

By Oliver Peckham

Cerebras to Supply DOE with Wafer-Scale AI Supercomputing Technology

September 17, 2019

Cerebras Systems, which debuted its wafer-scale AI silicon at Hot Chips last month, has entered into a multi-year partnership with Argonne National Laboratory and Lawrence Livermore National Laboratory as part of a larger collaboration with the U.S. Department of Energy... Read more…

By Tiffany Trader

  • arrow
  • Click Here for More Headlines
  • arrow
Do NOT follow this link or you will be banned from the site!
Share This