1singularity(1) singularity(1)
2
6 singularity-run - Run the user-defined default command within a con‐
7 tainer
8
12 singularity run [run options...]
13
17 This command will launch a Singularity container and execute a run‐
18 script
19 if one is defined for that container. The runscript is a metadata
20 file within
21 the container that contains shell commands. If the file is present
22 (and
23 executable) then this command will execute that file within the con‐
24 tainer
25 automatically. All arguments following the container name will be
26 passed
27 directly to the runscript.
28 singularity run accepts the following container formats:
31 *.sif Singularity Image Format (SIF). Native to Singular‐
34 ity 3.0+
35 *.sqsh SquashFS format. Native to Singularity 2.4+
38 *.img ext3 format. Native to Singularity versions < 2.4.
41 directory/ sandbox format. Directory containing a valid root
44 file
45 system and optionally Singularity meta-data.
46 instance://* A local running instance of a container. (See the
49 instance
50 command group.)
51 library://* A SIF container hosted on a Library
54 (default https://cloud.sylabs.io/library)
55 docker://* A Docker/OCI container hosted on Docker Hub or an‐
58 other
59 OCI registry.
60 shub://* A container hosted on Singularity Hub.
63 oras://* A SIF container hosted on an OCI registry that sup‐
66 ports
67 the OCI Registry As Storage (ORAS) specification.
68
72 --add-caps="" a comma separated capability list to add
73 --allow-setuid[=false] allow setuid binaries in container (root
76 only)
77 --app="" set an application to run inside a container
80 --apply-cgroups="" apply cgroups from file for container processes
83 (root only)
84 -B, --bind=[] a user-bind path specification. spec has the format
87 src[:dest[:opts]], where src and dest are outside and inside paths. If
88 dest is not given, it is set equal to src. Mount options ('opts') may
89 be specified as 'ro' (read-only) or 'rw' (read/write, which is the de‐
90 fault). Multiple bind paths can be given by a comma separated list.
91 -e, --cleanenv[=false] clean environment before running container
94 -c, --contain[=false] use minimal /dev and empty other directories
97 (e.g. /tmp and $HOME) instead of sharing filesystems from your host
98 -C, --containall[=false] contain not only file systems, but also
101 PID, IPC, and environment
102 --disable-cache[=false] dont use cache, and dont create cache
105 --dns="" list of DNS server separated by commas to add in re‐
108 solv.conf
109 --docker-login[=false] login to a Docker Repository interactively
112 --drop-caps="" a comma separated capability list to drop
115 --env=[] pass environment variable to contained process
118 --env-file="" pass environment variables from file to contained
121 process
122 -f, --fakeroot[=false] run container in new user namespace as uid
125 0
126 --fusemount=[] A FUSE filesystem mount specification of the form
129 ': ' - where is 'container' or 'host', specifying where the mount will
130 be performed ('container-daemon' or 'host-daemon' will run the FUSE
131 process detached). is the path to the FUSE executable, plus options
132 for the mount. is the location in the container to which the FUSE
133 mount will be attached. E.g. 'container:sshfs 10.0.0.1:/ /sshfs'. Im‐
134 plies --pid.
135 -h, --help[=false] help for run
138 -H, --home="/builddir" a home directory specification. spec can
141 either be a src path or src:dest pair. src is the source path of the
142 home directory outside the container and dest overrides the home direc‐
143 tory within the container.
144 --hostname="" set container hostname
147 -i, --ipc[=false] run container in a new IPC namespace
150 --keep-privs[=false] let root user keep privileges in container
153 (root only)
154 -n, --net[=false] run container in a new network namespace (sets
157 up a bridge network interface by default)
158 --network="bridge" specify desired network type separated by com‐
161 mas, each network will bring up a dedicated interface inside container
162 --network-args=[] specify network arguments to pass to CNI plugins
165 --no-home[=false] do NOT mount users home directory if /home is
168 not the current working directory
169 --no-init[=false] do NOT start shim process with --pid
172 --no-mount=[] disable one or more mount xxx options set in singu‐
175 larity.conf
176 --no-privs[=false] drop all privileges from root user in con‐
179 tainer)
180 --no-umask[=false] do not propagate umask to the container, set
183 default 0022 umask
184 --nohttps[=false] do NOT use HTTPS with the docker:// transport
187 (useful for local docker registries without a certificate)
188 --nonet[=false] disable VM network handling
191 --nv[=false] enable experimental Nvidia support
194 -o, --overlay=[] use an overlayFS image for persistent data stor‐
197 age or as read-only layer of container
198 --passphrase[=false] prompt for an encryption passphrase
201 --pem-path="" enter an path to a PEM formated RSA key for an en‐
204 crypted container
205 -p, --pid[=false] run container in a new PID namespace
208 --pwd="" initial working directory for payload process inside the
211 container
212 --rocm[=false] enable experimental Rocm support
215 -S, --scratch=[] include a scratch directory within the container
218 that is linked to a temporary dir (use -W to force location)
219 --security=[] enable security features (SELinux, Apparmor, Sec‐
222 comp)
223 -u, --userns[=false] run container in a new user namespace, allow‐
226 ing Singularity to run completely unprivileged on recent kernels. This
227 disables some features of Singularity, for example it only works with
228 sandbox images.
229 --uts[=false] run container in a new UTS namespace
232 --vm[=false] enable VM support
235 --vm-cpu="1" number of CPU cores to allocate to Virtual Machine
238 (implies --vm)
239 --vm-err[=false] enable attaching stderr from VM
242 --vm-ip="dhcp" IP Address to assign for container usage. Defaults
245 to DHCP within bridge network.
246 --vm-ram="1024" amount of RAM in MiB to allocate to Virtual Ma‐
249 chine (implies --vm)
250 -W, --workdir="" working directory to be used for /tmp, /var/tmp
253 and $HOME (if -c/--contain was also used)
254 -w, --writable[=false] by default all Singularity containers are
257 available as read only. This option makes the file system accessible as
258 read/write.
259 --writable-tmpfs[=false] makes the file system accessible as
262 read-write with non persistent data (with overlay support only)
263
267 # Here we see that the runscript prints "Hello world: "
268 $ singularity exec /tmp/debian.sif cat /singularity
269 #!/bin/sh
270 echo "Hello world: "
271 # It runs with our inputs when we run the image
273 $ singularity run /tmp/debian.sif one two three
274 Hello world: one two three
275 # Note that this does the same thing
277 $ ./tmp/debian.sif one two three
278
283 singularity(1)
284
288 26-May-2021 Auto generated by spf13/cobra
289Auto generated by spf13/cobra May 2021 singularity(1)