Skip to content

Important Information

Mounting External Directories

Apptainer is setup in our cluster so that it will automatically mount for you the directories /opt (which contains optional applications), /shared (which contains your home directory, and other shared directories) and /scratch (which contains /scratch for your scratch files). However these directories must already exist in your container! So ensure they are created by including the following commands within the %setup section of your container definition file:

%setup
    mkdir -p ${APPTAINER_ROOTFS}/opt
    mkdir -p ${APPTAINER_ROOTFS}/scratch
    mkdir -p ${APPTAINER_ROOTFS}/shared

In the Apptainer documentation this is covered under the section on Bind Paths and Mounts. This “Binding” allows you to map directories on your host system to directories within your container using bind mounts. This allows you to read and write data on the host system with ease.

Best Practices for Build Recipes

  • Always include a %help section.
  • Build containers from a recipe instead of a sandbox that has been manually changed. This ensures better reproducibility and your less likely to end up with a “black box” container.
  • Install packages, programs, data, and files into operating system locations and not
    /home, /tmp, or other directories that might be “binded” over.
  • Files in containers should never be owned by actual users, they should always be owned by a system account.
  • Make your container modular by using apps. Shared dependencies (between apps) can go under %post.

This is a link to the older Singularity site which has some good “Best Practices for Build Recipes” https://singularity-userdoc.readthedocs.io/en/latest/container_recipes.html

FAQ

Do you need administrator privileges to use Apptainer?

Answer:
If you already have a container (whether Apptainer or Docker) ready to go, you can use the run, shell, and import commands without root access. If you want to build a new container image from scratch it must be built and configured on a host where you have root access. This can be a physical system or a system running on a virtual machine. And of course once you have built that container image it can be used on a system where you do not have root access as long as Apptainer has been installed there.

Can Apptainer support daemon processes?

Answer:
If you start a process daemon, it will exist on your host’s network. This means you can run a web server, or any other daemon, from within a container and access it directly from your host.