Add Singularity as a supported container
Description
Docker is great for the many reasons why it is gaining popularity. However, because it is falls flat in multi-tenant environments and has terrible security issues, my work has decided against it. Especially since those issues have no intention of being fixed upstream.
Enter Singularity
Singularity was designed with security in mind on multi-tenant systems; especially in High Performance Computing centers. In these environments, Docker simply doesn't work well and this is why Singularity is being adopted at an astounding rate in HPC centers all over the world. Singularity enables users to have full control of their environment. Because it is imaged based, it is possible to spin up dozens of instances off the same image with far less resources. It is a much simpler environment to work with for both administrator and user. It also plays VERY nicely with schedulers on HPC systems (part of the design) which means it is trivial to run as many instances as the HPC supports!
Proposal
I would like to see Singularity as a supported container instance.
Because Singularity is so simple, I have adjusted my CI on a project to just call the Singularity binary and container. It works, but it lacks the same level of integration that Docker currently has. I would ideally like something that is about the same level of support in the UI. Especially if I have to scale this out to my other users.
Links / references
- Singularity: http://singularity.lbl.gov/
- Good 30min podcast explaining Singularity: http://insidehpc.com/2016/09/singularity/
Lastly, my use case is quite simple (right now) and so I am certain there are many aspects of Gitlab/Docker that I do not fully understand which might make Singularity a bad fit. I would really like to hear thoughts and feedback from people who do understand that integration a lot more. My work is phasing out Docker for Singularity and we are seeing many other HPC centers do the same (or already have), but that doesn't mean it is a perfect fit in Gitlab. If it makes sense, I would like to see it as a supported container. If it doesn't, I would like to know why so that I know what to expect as I move forward.
Thank you.