1singularity(1) singularity(1)
2
3
4
6 singularity-run - Run the user-defined default command within a
7 container
8
9
10
12 singularity run [run options...] <container>
13
14
15
17 This command will launch a Singularity container and execute a
18 runscript
19 if one is defined for that container. The runscript is a metadata
20 file within
21 the container that contains shell commands. If the file is present
22 (and
23 executable) then this command will execute that file within the
24 container
25 automatically. All arguments following the container name will be
26 passed
27 directly to the runscript.
28
29
30 singularity run accepts the following container formats:
31
32
33 *.sif Singularity Image Format (SIF). Native to
34 Singularity 3.0+
35
36
37 *.sqsh SquashFS format. Native to Singularity 2.4+
38
39
40 *.img ext3 format. Native to Singularity versions < 2.4.
41
42
43 directory/ sandbox format. Directory containing a valid root
44 file
45 system and optionally Singularity meta-data.
46
47
48 instance://* A local running instance of a container. (See the
49 instance
50 command group.)
51
52
53 library://* A container hosted on a Library (default
54
55 ⟨https://cloud.sylabs.io/library)⟩
56
57
58 docker://* A container hosted on Docker Hub
59
60
61 shub://* A container hosted on Singularity Hub
62
63
64 oras://* A container hosted on a supporting OCI registry
65
66
67
69 --add-caps=""
70 a comma separated capability list to add
71
72
73 --allow-setuid[=false]
74 allow setuid binaries in container (root only)
75
76
77 --app=""
78 set an application to run inside a container
79
80
81 --apply-cgroups=""
82 apply cgroups from file for container processes (root only)
83
84
85 -B, --bind=[]
86 a user-bind path specification. spec has the format
87 src[:dest[:opts]], where src and dest are outside and inside paths. If
88 dest is not given, it is set equal to src. Mount options ('opts') may
89 be specified as 'ro' (read-only) or 'rw' (read/write, which is the
90 default). Multiple bind paths can be given by a comma separated list.
91
92
93 -e, --cleanenv[=false]
94 clean environment before running container
95
96
97 -c, --contain[=false]
98 use minimal /dev and empty other directories (e.g. /tmp and $HOME)
99 instead of sharing filesystems from your host
100
101
102 -C, --containall[=false]
103 contain not only file systems, but also PID, IPC, and environment
104
105
106 --disable-cache[=false]
107 dont use cache, and dont create cache
108
109
110 --dns=""
111 list of DNS server separated by commas to add in resolv.conf
112
113
114 --docker-login[=false]
115 login to a Docker Repository interactively
116
117
118 --drop-caps=""
119 a comma separated capability list to drop
120
121
122 -f, --fakeroot[=false]
123 run container in new user namespace as uid 0
124
125
126 -h, --help[=false]
127 help for run
128
129
130 -H, --home="/builddir"
131 a home directory specification. spec can either be a src path or
132 src:dest pair. src is the source path of the home directory outside
133 the container and dest overrides the home directory within the
134 container.
135
136
137 --hostname=""
138 set container hostname
139
140
141 -i, --ipc[=false]
142 run container in a new IPC namespace
143
144
145 --keep-privs[=false]
146 let root user keep privileges in container (root only)
147
148
149 -n, --net[=false]
150 run container in a new network namespace (sets up a bridge network
151 interface by default)
152
153
154 --network="bridge"
155 specify desired network type separated by commas, each network will
156 bring up a dedicated interface inside container
157
158
159 --network-args=[]
160 specify network arguments to pass to CNI plugins
161
162
163 --no-home[=false]
164 do NOT mount users home directory if home is not the current
165 working directory
166
167
168 --no-init[=false]
169 do NOT start shim process with --pid
170
171
172 --no-nv[=false]
173
174
175 --no-privs[=false]
176 drop all privileges from root user in container)
177
178
179 --nohttps[=false]
180 do NOT use HTTPS, for communicating with local docker registry
181
182
183 --nonet[=false]
184 Disable VM network handling
185
186
187 --nv[=false]
188 enable experimental Nvidia support
189
190
191 -o, --overlay=[]
192 use an overlayFS image for persistent data storage or as read-only
193 layer of container
194
195
196 --passphrase[=false]
197 Enter a passphrase for an encrypted contaner
198
199
200 --pem-path=""
201 Enter an path to a PEM formated RSA key for an encrypted container
202
203
204 -p, --pid[=false]
205 run container in a new PID namespace
206
207
208 --pwd=""
209 initial working directory for payload process inside the container
210
211
212 -S, --scratch=[]
213 include a scratch directory within the container that is linked to
214 a temporary dir (use -W to force location)
215
216
217 --security=[]
218 enable security features (SELinux, Apparmor, Seccomp)
219
220
221 -u, --userns[=false]
222 run container in a new user namespace, allowing Singularity to run
223 completely unprivileged on recent kernels. This disables some features
224 of Singularity, for example it only works with sandbox images.
225
226
227 --uts[=false]
228 run container in a new UTS namespace
229
230
231 --vm[=false]
232 enable VM support
233
234
235 --vm-cpu="1"
236 Number of CPU cores to allocate to Virtual Machine (implies --vm)
237
238
239 --vm-err[=false]
240 enable attaching stderr from VM
241
242
243 --vm-ip="dhcp"
244 IP Address to assign for container usage. Defaults to DHCP within
245 bridge network.
246
247
248 --vm-ram="1024"
249 Amount of RAM in MiB to allocate to Virtual Machine (implies --vm)
250
251
252 -W, --workdir=""
253 working directory to be used for /tmp, /var/tmp and $HOME (if
254 -c/--contain was also used)
255
256
257 -w, --writable[=false]
258 by default all Singularity containers are available as read only.
259 This option makes the file system accessible as read/write.
260
261
262 --writable-tmpfs[=false]
263 makes the file system accessible as read-write with non persistent
264 data (with overlay support only)
265
266
267
269 # Here we see that the runscript prints "Hello world: "
270 $ singularity exec /tmp/debian.sif cat /singularity
271 #!/bin/sh
272 echo "Hello world: "
273
274 # It runs with our inputs when we run the image
275 $ singularity run /tmp/debian.sif one two three
276 Hello world: one two three
277
278 # Note that this does the same thing
279 $ ./tmp/debian.sif one two three
280
281
282
283
285 singularity(1)
286
287
288
290 21-Oct-2019 Auto generated by spf13/cobra
291
292
293
294Auto generated by spf13/cobra Oct 2019 singularity(1)