1singularity(1) singularity(1)
2
6 singularity-run - Run the user-defined default command within a con‐
7 tainer
8
12 singularity run [run options...]
13
17 This command will launch a Singularity container and execute a run‐
18 script
19 if one is defined for that container. The runscript is a metadata
20 file within
21 the container that contains shell commands. If the file is present
22 (and
23 executable) then this command will execute that file within the con‐
24 tainer
25 automatically. All arguments following the container name will be
26 passed
27 directly to the runscript.
28 singularity run accepts the following container formats:
31 *.sif Singularity Image Format (SIF). Native to Singular‐
34 ity 3.0+
35 *.sqsh SquashFS format. Native to Singularity 2.4+
38 *.img ext3 format. Native to Singularity versions < 2.4.
41 directory/ sandbox format. Directory containing a valid root
44 file
45 system and optionally Singularity meta-data.
46 instance://* A local running instance of a container. (See the
49 instance
50 command group.)
51 library://* A SIF container hosted on a Library
54 (default https://cloud.sylabs.io/library)
55 docker://* A Docker/OCI container hosted on Docker Hub or an‐
58 other
59 OCI registry.
60 shub://* A container hosted on Singularity Hub.
63 oras://* A SIF container hosted on an OCI registry that sup‐
66 ports
67 the OCI Registry As Storage (ORAS) specification.
68
72 --add-caps="" a comma separated capability list to add
73 --allow-setuid[=false] allow setuid binaries in container (root
76 only)
77 --app="" set an application to run inside a container
80 --apply-cgroups="" apply cgroups from file for container processes
83 (root only)
84 -B, --bind=[] a user-bind path specification. spec has the format
87 src[:dest[:opts]], where src and dest are outside and inside paths. If
88 dest is not given, it is set equal to src. Mount options ('opts') may
89 be specified as 'ro' (read-only) or 'rw' (read/write, which is the de‐
90 fault). Multiple bind paths can be given by a comma separated list.
91 --blkio-weight=0 Block IO relative weight in range 10-1000, 0 to
94 disable
95 --blkio-weight-device=[] Device specific block IO relative weight
98 -e, --cleanenv[=false] clean environment before running container
101 --compat[=false] apply settings for increased OCI/Docker compati‐
104 bility. Infers --containall, --no-init, --no-umask, --no-eval,
105 --writable-tmpfs.
106 -c, --contain[=false] use minimal /dev and empty other directories
109 (e.g. /tmp and $HOME) instead of sharing filesystems from your host
110 -C, --containall[=false] contain not only file systems, but also
113 PID, IPC, and environment
114 --cpu-shares=-1 CPU shares for container
117 --cpus="" Number of CPUs available to container
120 --cpuset-cpus="" List of host CPUs available to container
123 --cpuset-mems="" List of host memory nodes available to container
126 --disable-cache[=false] dont use cache, and dont create cache
129 --dns="" list of DNS server separated by commas to add in re‐
132 solv.conf
133 --docker-host="" specify a custom Docker daemon host
136 --docker-login[=false] login to a Docker Repository interactively
139 --drop-caps="" a comma separated capability list to drop
142 --env=[] pass environment variable to contained process
145 --env-file="" pass environment variables from file to contained
148 process
149 -f, --fakeroot[=false] run container in new user namespace as uid
152 0
153 --fusemount=[] A FUSE filesystem mount specification of the form
156 ': ' - where is 'container' or 'host', specifying where the mount will
157 be performed ('container-daemon' or 'host-daemon' will run the FUSE
158 process detached). is the path to the FUSE executable, plus options
159 for the mount. is the location in the container to which the FUSE
160 mount will be attached. E.g. 'container:sshfs 10.0.0.1:/ /sshfs'. Im‐
161 plies --pid.
162 -h, --help[=false] help for run
165 -H, --home="/builddir" a home directory specification. spec can
168 either be a src path or src:dest pair. src is the source path of the
169 home directory outside the container and dest overrides the home direc‐
170 tory within the container.
171 --hostname="" set container hostname. Infers --uts.
174 -i, --ipc[=false] run container in a new IPC namespace
177 --keep-privs[=false] let root user keep privileges in container
180 (root only)
181 --memory="" Memory limit in bytes
184 --memory-reservation="" Memory soft limit in bytes
187 --memory-swap="" Swap limit, use -1 for unlimited swap
190 --mount=[] a mount specification e.g. 'type=bind,source=/opt,des‐
193 tination=/hostopt'.
194 -n, --net[=false] run container in a new network namespace (sets
197 up a bridge network interface by default)
198 --network="bridge" specify desired network type separated by com‐
201 mas, each network will bring up a dedicated interface inside container
202 --network-args=[] specify network arguments to pass to CNI plugins
205 --no-eval[=false] do not shell evaluate env vars or OCI container
208 CMD/ENTRYPOINT/ARGS
209 --no-home[=false] do NOT mount users home directory if /home is
212 not the current working directory
213 --no-https[=false] use http instead of https for docker:// oras://
216 and library:///... URIs
217 --no-init[=false] do NOT start shim process with --pid
220 --no-mount=[] disable one or more 'mount xxx' options set in sin‐
223 gularity.conf, specify absolute destination path to disable a bind path
224 entry, or 'bind-paths' to disable all bind path entries.
225 --no-privs[=false] drop all privileges from root user in con‐
228 tainer)
229 --no-setgroups[=false] disable setgroups when entering --fakeroot
232 user namespace
233 --no-umask[=false] do not propagate umask to the container, set
236 default 0022 umask
237 --nv[=false] enable Nvidia support
240 --nvccli[=false] use nvidia-container-cli for GPU setup (experi‐
243 mental)
244 --oci[=false] Launch container with OCI runtime (experimental)
247 --oom-kill-disable[=false] Disable OOM killer
250 -o, --overlay=[] use an overlayFS image for persistent data stor‐
253 age or as read-only layer of container
254 --passphrase[=false] prompt for an encryption passphrase
257 --pem-path="" enter an path to a PEM formatted RSA key for an en‐
260 crypted container
261 -p, --pid[=false] run container in a new PID namespace
264 --pids-limit=0 Limit number of container PIDs, use -1 for unlim‐
267 ited
268 --pwd="" initial working directory for payload process inside the
271 container
272 --rocm[=false] enable experimental Rocm support
275 -S, --scratch=[] include a scratch directory within the container
278 that is linked to a temporary dir (use -W to force location)
279 --security=[] enable security features (SELinux, Apparmor, Sec‐
282 comp)
283 --sif-fuse[=false] attempt FUSE mount of SIF (unprivileged / user
286 namespace only) (experimental)
287 -u, --userns[=false] run container in a new user namespace, allow‐
290 ing Singularity to run completely unprivileged on recent kernels. This
291 disables some features of Singularity, for example it only works with
292 sandbox images.
293 --uts[=false] run container in a new UTS namespace
296 --vm[=false] enable VM support
299 --vm-cpu="1" number of CPU cores to allocate to Virtual Machine
302 (implies --vm)
303 --vm-err[=false] enable attaching stderr from VM
306 --vm-ip="dhcp" IP Address to assign for container usage. Defaults
309 to DHCP within bridge network.
310 --vm-ram="1024" amount of RAM in MiB to allocate to Virtual Ma‐
313 chine (implies --vm)
314 -W, --workdir="" working directory to be used for /tmp, /var/tmp
317 and $HOME (if -c/--contain was also used)
318 -w, --writable[=false] by default all Singularity containers are
321 available as read only. This option makes the file system accessible as
322 read/write.
323 --writable-tmpfs[=false] makes the file system accessible as read-
326 write with non persistent data (with overlay support only)
327
331 # Here we see that the runscript prints "Hello world: "
332 $ singularity exec /tmp/debian.sif cat /singularity
333 #!/bin/sh
334 echo "Hello world: "
335 # It runs with our inputs when we run the image
337 $ singularity run /tmp/debian.sif one two three
338 Hello world: one two three
339 # Note that this does the same thing
341 $ ./tmp/debian.sif one two three
342
347 singularity(1)
348
352 18-Sep-2023 Auto generated by spf13/cobra
353Auto generated by spf13/cobra Sep 2023 singularity(1)