Merge pull request Singularity-tutorial#7 from GodloveD/create-toc

organizing content and adding full TOC

Author: GodloveD

00-introduction/README.md

@@ -0,0 +1,89 @@
+# Introduction
+
+## What IS a software container anyway? (And what's it good for?)
+
+A container allows you to stick an application and all of its dependencies into a single package.  This makes your application portable, shareable, and reproducible.
+
+Containers foster portability and reproducibility because they package **ALL** of an applications dependencies... including its own tiny operating system!
+
+This means your application won't break when you port it to a new environment. Your app brings its environment with it.
+
+Here are some examples of things you can do with containers:
+
+- Package an analysis pipeline so that it runs on your laptop, in the cloud, and in a high performance computing (HPC) environment to produce the same result.
+- Publish a paper and include a link to a container with all of the data and software that you used so that others can easily reproduce your results.
+- Install and run an application that requires a complicated stack of dependencies with a few keystrokes.
+- Create a pipeline or complex workflow where each individual program is meant to run on a different operating system.
+
+## How do containers differ from virtual machines (VMs)
+
+Containers and VMs are both types of virtualization.  But it's important to understand the differences between the two and know when to use each.
+
+**Virtual Machines** install every last bit of an operating system (OS) right down to the core software that allows the OS to control the hardware (called the _kernel_).  This means that VMs:
+- Are complete in the sense that you can use a VM to interact with your computer via a different OS.
+- Are extremely flexible.  For instance you an install a Windows VM on a Mac using software like [VirtualBox](https://www.virtualbox.org/wiki/VirtualBox).  
+- Are slow and resource hungry.  Every time you start a VM it has to bring up an entirely new OS.
+
+**Containers** share a kernel with the host OS.  This means that Containers:
+- Are less flexible than VMs.  For example, a Linux container must be run on a Linux host OS.  (Although you can mix and match distributions.)  In practice, containers are only extensively developed on Linux.
+- Are much faster and lighter weight than VMs.  A container may be just a few MB.
+- Start and stop quickly and are suitable for running single apps.
+
+Because of their differences, VMs and containers serve different purposes and should be favored under different circumstances.  
+- VMs are good for long running interactive sessions where you may want to use several different applications.  (Checking email on Outlook and using Microsoft Word and Excel).
+- Containers are better suited to running one or two applications, often non-interactively, in their own custom environments.
+
+## Docker
+
+[Docker](https://www.docker.com/) is currently the most widely used container software.  It has several strengths and weaknesses that make it a good choice for some projects but not for others.
+
+**philosophy**
+
+Docker is built for running multiple containers on a single system and it allows containers to share common software features for efficiency.  It also seeks to fully isolate each container from all other containers and from the host system.  
+
+Docker assumes that you will be a root user.  Or that it will be OK for you to elevate your privileges if you are not a root user.
+See https://docs.docker.com/engine/security/security/#docker-daemon-attack-surface for details.
+
+**strengths**
+
+- Mature software with a large user community
+- [Docker Hub](https://hub.docker.com/)!
+    - A place to build and host your containers
+    - Fully integrated into core Docker
+    - Over 100,000 pre-built containers
+    - Provides an ecosystem for container orchestration
+- Rich feature set
+
+**weaknesses**
+
+- Difficult to learn
+    - Hidden innards 
+    - Complex container model (layers)
+- Not architected with security in mind
+- Not built for HPC (but good for cloud) 
+
+Docker shines for DevOPs teams providing cloud-native micro-services to users.
+
+## Singularity
+
+[Singularity](http://singularity.lbl.gov/) is a relatively new container software invented by Greg Kurtzer while at Lawrence Berkley National labs and now developed by his company [Sylabs](sylabs.io).  It was developed with security, scientific software, and HPC systems in mind.  
+
+**philosophy**
+
+Singularity assumes ([more or less](http://containers-ftw.org/SCI-F/)) that each application will have its own container.  It does not seek to fully isolate containers from one another or the host system. 
+
+Singularity assumes that you will have a build system where you are the root user, but that you will also have a production system where you may or may not be the root user. 
+
+**strengths**
+- Easy to learn and use (relatively speaking)
+- Approved for HPC ([installed on some of the biggest HPC systems in the world](http://singularity.lbl.gov/citation-registration#clusters))
+- Can convert Docker containers to Singularity and run containers directly from Docker Hub
+- [Singularity Container Services](https://cloud.sylabs.io/home)!
+    - A place to build and share your containers securely
+
+<b>weaknesses</b>
+- Younger and less mature than Docker
+- Smaller user community (as of now)
+- Under active development (must keep up with new changes) 
+
+Singularity shines for scientific software running in an HPC environent.  We will use it for the remainder of the class.

00-installation/README.md renamed to 01-installation/README.md

@@ -1,4 +1,4 @@
-# Downloading and interacting with containers
+# Downloading and Interacting with Containers
 
 This section will be useful for container consumers. (i.e. those who really just want to use containers somebody else built.) The next chapter will explore topics more geared toward container producers (i.e. those who want/need to build containers from scratch).  
 

01-basic-usage/README.md renamed to 02-basic-usage/README.md

@@ -1,4 +1,4 @@
-# Building a basic container
+# Building a Basic Container
 
 In this section, we will build a brand new container similar to the lolcow container we've been using in the previous examples.
 

02-building/README.md renamed to 03-building/README.md

@@ -1,4 +1,4 @@
-# The Singularity ecosystem
+# The Singularity Ecosystem
 
 We've spent a lot of time on building and using your own containers so that you understand how Singularity works. Now let's talk more about the [Singularity Container Services](https://cloud.sylabs.io/home) and [Docker Hub](https://hub.docker.com/).  
 

03-the-ecosystem/README.md renamed to 04-the-ecosystem/README.md

@@ -1,4 +1,4 @@
-# Bind mounting host system directories into a container
+# Accessing Host Files with Bind Mounts
 
 It's possible to create and modify files on the host system from within the container. In fact, that's exactly what we did in the previous example when we created output files in our home directory.  
 

04-bind-mounts/README.md renamed to 05-bind-mounts/README.md

@@ -1,4 +1,4 @@
-# The Runscript: Making containerized apps behave like normal apps
+# The Runscript: Making Containerized Apps Behave Like Normal Apps
 
 Consider an application that takes one file as input, analyzes the data in the file, and produces another file as output. This is obviously a very common situation.
 

05-runscript/README.md renamed to 06-runscript/README.md

@@ -1,4 +1,4 @@
-# Faking a native app installation within a Singularity container
+# Faking a Native Installation within a Singularity Container
 
 How would you like to install an app with one more more commands inside of a Singularity container and then just forget it's in a container and use it like any other app?  
 

06-fake-installation/README.md renamed to 07-fake-installation/README.md

@@ -1,8 +1,33 @@
-# Singularity Instances
+# Miscellaneous Topics and FAQs
+
+## X11 and OpenGL
+
+You can use Singularity containers to display graphics through common protocols. To do this, you need to install the proper graphics stack within the Singularity container.  For instance if you want to display X11 graphics you must install `xorg` within your container.  In an Ubuntu container the command would look like this.  
+
+```
+$ apt-get install xorg
+```
+
+## GPU computing
+
+In Singularity v2.3+ the experimental `--nv` option will look for NVIDIA libraries on the host system and automatically bind mount them to the container so that GPUs work seamlessly. 
+
+## Using the network on the host system
+
+Network ports on the host system are accessible from within the container and work seamlessly.  For example, you could install ipython within a container, start a jupyter notebook instance, and then connect to that instance using a browser running outside of the container on the host system or from another host.  
+
+## A note on SUID programs and daemons
+
+Some programs need root privileges to run.  These often include services or daemons that start via the `init.d` or `system.d` systems and run in the background.  For instance, `sshd` the ssh daemon that listens on port 22 and allows another user to connect to your computer requires root privileges.  You will not be able to run it in a container unless you start the container as root.
+
+Other programs may set the SUID bit or capabilities to run as root or with elevated privileges without your knowledge. For instance, the well-known `ping` program actually runs with elevated privileges (and needs to since it sets up a raw network socket).  This program will not run in a container unless you are root in the container.
+
+
+## Long-running Instances
 
 Up to now all of our examples have run Singularity containers in the foreground.  But what if you want to run a service like a web server or a database in a Singularity container in the background? 
 
-## lolcow (useless) example
+### lolcow (useless) example
 In Singularity v2.4+, you can use the [`instance` command group](http://singularity.lbl.gov/docs-instances) to start and control container instances that run in the background.  To demonstrate, let's start an instance of our `lolcow.simg` container running in the background.
 
 ```
@@ -59,7 +84,7 @@ Stopping cow2 instance of /home/dave/lolcow.simg (PID=10855)
 Stopping cow3 instance of /home/dave/lolcow.simg (PID=10885)
 ```
 
-## nginx (useful) example
+### nginx (useful) example
 
 These examples are not very useful because `lolcow.simg` doesn't run any services.  Let's extend the example to something useful by running a local nginx web server in the background.  This command will download the official nginx image from Docker Hub and start it in a background instance called "web".  (The commands need to be executed as root so that nginx can run with the privileges it needs.)
 

07-misc/README.md

@@ -1,11 +1,9 @@
 # <b>Creating and running software containers with Singularity</b>
-### <i>How to use [Singularity](https://sylabs.io/guides/latest/user-guide/)! </i>
 
-## Table of Contents
+### <i>How to use [Singularity](https://sylabs.io/guides/latest/user-guide/)! </i>
 
-- [Installation](/00-installation)
 
-This is an introductory workshop on Singularity. It was originally taught by David Godlove at the [NIH HPC](https://hpc.nih.gov/), but the content has since been adapted to a general audience.  For more information about the topics covered here, see the following:
+This is an introductory workshop on Singularity. It was originally taught by [David Godlove](https://github.com/GodloveD) at the [NIH HPC](https://hpc.nih.gov/), but the content has since been adapted to a general audience.  For more information about the topics covered here, see the following:
 
 - [Singularity Home](https://sylabs.io/singularity/)
 - [Singularity on GitHub](https://github.com/singularityware/singularity)
@@ -15,90 +13,14 @@ This is an introductory workshop on Singularity. It was originally taught by Dav
 - [Singularity Container Services](https://cloud.sylabs.io/home)
 - [Docker Hub](https://hub.docker.com/)
 
-## What IS a software container anyway? (And what's it good for?)
-
-A container allows you to stick an application and all of its dependencies into a single package.  This makes your application portable, shareable, and reproducible.
-
-Containers foster portability and reproducibility because they package **ALL** of an applications dependencies... including its own tiny operating system!
-
-This means your application won't break when you port it to a new environment. Your app brings its environment with it.
-
-Here are some examples of things you can do with containers:
-
-- Package an analysis pipeline so that it runs on your laptop, in the cloud, and in a high performance computing (HPC) environment to produce the same result.
-- Publish a paper and include a link to a container with all of the data and software that you used so that others can easily reproduce your results.
-- Install and run an application that requires a complicated stack of dependencies with a few keystrokes.
-- Create a pipeline or complex workflow where each individual program is meant to run on a different operating system.
-
-## How do containers differ from virtual machines (VMs)
-
-Containers and VMs are both types of virtualization.  But it's important to understand the differences between the two and know when to use each.
-
-**Virtual Machines** install every last bit of an operating system (OS) right down to the core software that allows the OS to control the hardware (called the _kernel_).  This means that VMs:
-- Are complete in the sense that you can use a VM to interact with your computer via a different OS.
-- Are extremely flexible.  For instance you an install a Windows VM on a Mac using software like [VirtualBox](https://www.virtualbox.org/wiki/VirtualBox).  
-- Are slow and resource hungry.  Every time you start a VM it has to bring up an entirely new OS.
-
-**Containers** share a kernel with the host OS.  This means that Containers:
-- Are less flexible than VMs.  For example, a Linux container must be run on a Linux host OS.  (Although you can mix and match distributions.)  In practice, containers are only extensively developed on Linux.
-- Are much faster and lighter weight than VMs.  A container may be just a few MB.
-- Start and stop quickly and are suitable for running single apps.
-
-Because of their differences, VMs and containers serve different purposes and should be favored under different circumstances.  
-- VMs are good for long running interactive sessions where you may want to use several different applications.  (Checking email on Outlook and using Microsoft Word and Excel).
-- Containers are better suited to running one or two applications, often non-interactively, in their own custom environments.
-
-## Docker
-
-[Docker](https://www.docker.com/) is currently the most widely used container software.  It has several strengths and weaknesses that make it a good choice for some projects but not for others.
-
-**philosophy**
-
-Docker is built for running multiple containers on a single system and it allows containers to share common software features for efficiency.  It also seeks to fully isolate each container from all other containers and from the host system.  
-
-Docker assumes that you will be a root user.  Or that it will be OK for you to elevate your privileges if you are not a root user.
-See https://docs.docker.com/engine/security/security/#docker-daemon-attack-surface for details.
-
-**strengths**
-
-- Mature software with a large user community
-- [Docker Hub](https://hub.docker.com/)!
-    - A place to build and host your containers
-    - Fully integrated into core Docker
-    - Over 100,000 pre-built containers
-    - Provides an ecosystem for container orchestration
-- Rich feature set
-
-**weaknesses**
-
-- Difficult to learn
-    - Hidden innards 
-    - Complex container model (layers)
-- Not architected with security in mind
-- Not built for HPC (but good for cloud) 
-
-Docker shines for DevOPs teams providing cloud-native micro-services to users.
-
-## Singularity
-
-[Singularity](http://singularity.lbl.gov/) is a relatively new container software invented by Greg Kurtzer while at Lawrence Berkley National labs and now developed by his company [Sylabs](sylabs.io).  It was developed with security, scientific software, and HPC systems in mind.  
-
-**philosophy**
-
-Singularity assumes ([more or less](http://containers-ftw.org/SCI-F/)) that each application will have its own container.  It does not seek to fully isolate containers from one another or the host system. 
-
-Singularity assumes that you will have a build system where you are the root user, but that you will also have a production system where you may or may not be the root user. 
-
-**strengths**
-- Easy to learn and use (relatively speaking)
-- Approved for HPC ([installed on some of the biggest HPC systems in the world](http://singularity.lbl.gov/citation-registration#clusters))
-- Can convert Docker containers to Singularity and run containers directly from Docker Hub
-- [Singularity Container Services](https://cloud.sylabs.io/home)!
-    - A place to build and share your containers securely
-
-<b>weaknesses</b>
-- Younger and less mature than Docker
-- Smaller user community (as of now)
-- Under active development (must keep up with new changes) 
+## Table of Contents
 
-Singularity shines for scientific software running in an HPC environent.  We will use it for the remainder of the class.
+- [Introduction](/00-introduction)
+- [Installing Singularity](/01-installation)
+- [Downloading and Interacting with Containers](/02-basic-usage)
+- [Building a Basic Container](/03-building)
+- [The Singularity Ecosystem](/04-the-ecosystem)
+- [Accessing Host Files with Bind Mounts](/05-bind-mounts)
+- [The Runscript: Making Containerized Apps Behave Like Normal Apps](/06-runscript)
+- [Faking a Native Installation within a Singularity Container](/07-fake-installation)
+- [Miscellaneous Topics and FAQs](/08-misc)