apptainer

apptainer [global options] command [command options]

Apptainer is a container platform designed for High Performance Computing (HPC), scientific computing, and AI/ML workloads. Unlike Docker, it runs containers without requiring root privileges and integrates seamlessly with existing HPC schedulers like Slurm, PBS, and SGE.
Containers are stored as single SIF (Singularity Image Format) files, making them highly portable. Apptainer supports pulling containers from Docker Hub, OCI registries, and the Sylabs Container Library.
Key features include GPU and MPI support, cryptographic container signing, overlay filesystems for persistent storage, and OCI runtime compatibility.

/etc/apptainer/apptainer.conf

System-wide configuration controlling security options, bind paths, mount behavior, and resource limits.

Per-user directory for cached images, keys, and remote endpoint configurations.

build

Build a container from a definition file or base image

Execute a command within a container

Run the container's default runscript

Start an interactive shell in the container

Download a container image from a registry

Upload a container to a registry

Display container metadata

Manage running container instances

Cryptographically sign a container

Verify a container's cryptographic signature

SIF files require significant disk space and are immutable once built. Modifications require rebuilding or using overlay filesystems. Some Docker containers may not work perfectly due to differences in how user namespaces and permissions are handled.

Apptainer originated as Singularity, created in 2015 by Gregory Kurtzer at Lawrence Berkeley National Laboratory. In 2021, the Linux Foundation adopted the project and rebranded it as Apptainer to ensure vendor-neutral governance. The project has become the de facto standard for container computing in HPC environments.

docker(1), podman(1), buildah(1)