1singularity(1) singularity(1)
2
6 singularity-run - Run the user-defined default command within a
7 container
8
12 singularity run [run options...] <container>
13
17 This command will launch a Singularity container and execute a
18 runscript
19 if one is defined for that container. The runscript is a metadata
20 file within
21 the container that contains shell commands. If the file is present
22 (and
23 executable) then this command will execute that file within the
24 container
25 automatically. All arguments following the container name will be
26 passed
27 directly to the runscript.
28 singularity run accepts the following container formats:
31 *.sif Singularity Image Format (SIF). Native to
34 Singularity 3.0+
35 *.sqsh SquashFS format. Native to Singularity 2.4+
38 *.img ext3 format. Native to Singularity versions < 2.4.
41 directory/ sandbox format. Directory containing a valid root
44 file
45 system and optionally Singularity meta-data.
46 instance://* A local running instance of a container. (See the
49 instance
50 command group.)
51 library://* A container hosted on a Library (default
54 ⟨https://cloud.sylabs.io/library)⟩
56 docker://* A container hosted on Docker Hub
59 shub://* A container hosted on Singularity Hub
62
66 --add-caps=""
67 a comma separated capability list to add
68 --allow-setuid[=false]
71 allow setuid binaries in container (root only)
72 --app=""
75 set an application to run inside a container
76 --apply-cgroups=""
79 apply cgroups from file for container processes (root only)
80 -B, --bind=[]
83 a user-bind path specification. spec has the format
84 src[:dest[:opts]], where src and dest are outside and inside paths. If
85 dest is not given, it is set equal to src. Mount options ('opts') may
86 be specified as 'ro' (read-only) or 'rw' (read/write, which is the
87 default). Multiple bind paths can be given by a comma separated list.
88 -e, --cleanenv[=false]
91 clean environment before running container
92 -c, --contain[=false]
95 use minimal /dev and empty other directories (e.g. /tmp and $HOME)
96 instead of sharing filesystems from your host
97 -C, --containall[=false]
100 contain not only file systems, but also PID, IPC, and environment
101 --dns=""
104 list of DNS server separated by commas to add in resolv.conf
105 --docker-login[=false]
108 login to a Docker Repository interactively
109 --drop-caps=""
112 a comma separated capability list to drop
113 -h, --help[=false]
116 help for run
117 -H, --home="/builddir"
120 a home directory specification. spec can either be a src path or
121 src:dest pair. src is the source path of the home directory outside
122 the container and dest overrides the home directory within the
123 container.
124 --hostname=""
127 set container hostname
128 -i, --ipc[=false]
131 run container in a new IPC namespace
132 --keep-privs[=false]
135 let root user keep privileges in container (root only)
136 -n, --net[=false]
139 run container in a new network namespace (sets up a bridge network
140 interface by default)
141 --network="bridge"
144 specify desired network type separated by commas, each network will
145 bring up a dedicated interface inside container
146 --network-args=[]
149 specify network arguments to pass to CNI plugins
150 --no-home[=false]
153 do NOT mount users home directory if home is not the current
154 working directory
155 --no-init[=false]
158 do NOT start shim process with --pid
159 --no-privs[=false]
162 drop all privileges from root user in container
163 --nohttps[=false]
166 do NOT use HTTPS, for communicating with local docker registry
167 --nv[=false]
170 enable experimental Nvidia support
171 -o, --overlay=[]
174 use an overlayFS image for persistent data storage or as read-only
175 layer of container
176 -p, --pid[=false]
179 run container in a new PID namespace
180 --pwd=""
183 initial working directory for payload process inside the container
184 -S, --scratch=[]
187 include a scratch directory within the container that is linked to
188 a temporary dir (use -W to force location)
189 --security=[]
192 enable security features (SELinux, Apparmor, Seccomp)
193 -u, --userns[=false]
196 run container in a new user namespace, allowing Singularity to run
197 completely unprivileged on recent kernels. This disables some features
198 of Singularity, for example it only works with sandbox images.
199 --uts[=false]
202 run container in a new UTS namespace
203 --vm[=false]
206 enable VM support
207 --vm-cpu="1"
210 Number of CPU cores to allocate to Virtual Machine (implies --vm)
211 --vm-err[=false]
214 enable attaching stderr from VM
215 --vm-ram="1024"
218 Amount of RAM in MiB to allocate to Virtual Machine (implies --vm)
219 -W, --workdir=""
222 working directory to be used for /tmp, /var/tmp and $HOME (if
223 -c/--contain was also used)
224 -w, --writable[=false]
227 by default all Singularity containers are available as read only.
228 This option makes the file system accessible as read/write.
229 --writable-tmpfs[=false]
232 makes the file system accessible as read-write with non persistent
233 data (with overlay support only)
234
238 # Here we see that the runscript prints "Hello world: "
239 $ singularity exec /tmp/debian.sif cat /singularity
240 #!/bin/sh
241 echo "Hello world: "
242 # It runs with our inputs when we run the image
244 $ singularity run /tmp/debian.sif one two three
245 Hello world: one two three
246 # Note that this does the same thing
248 $ ./tmp/debian.sif one two three
249
254 singularity(1)
255
259 29-May-2019 Auto generated by spf13/cobra
260Auto generated by spf13/cobra May 2019 singularity(1)