Update Hands-on.md

566d882f · Josef Hrabal · 31a2bead · 566d882f
Commit 566d882f authored Oct 16, 2019 by Josef Hrabal
--- a/Singularity/Hands-on.md
+++ b/Singularity/Hands-on.md
@@ -77,81 +77,84 @@ r30u05n797

 ## Build Singularity Image from Docker Hub

-* Build CentOS/8.0.1905 image from docker hub.
+* Build CentOS/8.0 image from docker hub

 ```console
-$ singularity build centos8.sif docker://centos:8.0.1905
+$ singularity build centos8.sif docker://centos:8
 ```

 * Try our new container

 ```console
-$ singularity exec centos cat /etc/redhat-release
+$ singularity exec centos8.sif cat /etc/redhat-release
 CentOS Linux release 8.0.1905 (Core) 
 ```

+## Cloud Library
+
+The Cloud Library is the place to push your containers to the cloud so other users can download, verify, and use the containers.
+
+Sylabs also provides a Remote Builder, used to build your containers containers without root access within the cloud.
+
+* Create account at **https://cloud.sylabs.io**
+* Generate access token **Your account** -> **Access Tokens**
+* Save generated access token to **~/.singularity/sylabs-token**
+* Try Remote Builder access with simple definition file
+
+
+simple.def:
+```
+Bootstrap: docker
+From: busybox:latest
+```
+
+```
+$ singularity build --remote simple.sif simple.def
+```
+
 ## Build own Singularity Image

-* [ ] Use **Ubuntu 16.04** from  **docker** repository as image base.
-* [ ] Add **%help** section.
-* [ ] Add information about author to the **%labels** section.
-* [ ] Add **%setup** section and create two files. One inside and one outside of the container.
-* [ ] In **%files** section copy file we created outside of the container to the inside of it.
-* [ ] Add **%environment** section and set some varables.
-* [ ] Update the package lists and install **fortune** applications in **%post** section.
-* [ ] Make **/srv** writable for all users.
-* [ ] Write **%runscript** that use previously installed application.
-* [ ] Make **%test** script and ensure that applications are installed correctly.
+* [ ] Use **Ubuntu 16.04** from  **docker** repository as image base
+* [ ] Add **%help** section
+* [ ] Add information about author to the **%labels** section
+* [ ] Add **%setup** section and create a random file
+* [ ] In **%files** section copy file we created outside of the container to the inside of it
+* [ ] Add **%environment** section and set some varables
+* [ ] Update the package lists and install **fortune** applications in **%post** section
+* [ ] Make **/srv** writable for all users
+* [ ] Write **%runscript** that use previously installed application (use full paths)
+* [ ] Make **%test** script and ensure that applications are installed correctly

 You can build your image by **sudo singularity build myimage.sif ubuntu.def** or **singularity build --remote myimage.sif ubuntu.def**.

+Template:
 ```
 Bootstrap: docker
-From: Ubuntu:16.04
+From:

 %help
-    This is my first container.
+    <help here>

 %setup
-    touch ${SINGULARITY_ROOTFS}/salomon.txt
-    touch anselm.txt
+    <setup here>

 %post
-    apt-get -y update
-    apt-get -y install fortune cowsay
+    <post here>

 %files
-    anselm.txt
+    <files here>

 %labels
-    Maintainer hra0031
-    Version v1.0
+    <labels here>

 %environment
-    COURSE="Productivity tools for High Performance Computing"
-    VENUE="VSB - Technical University Ostrava, IT4Innovations building, room 207"
-    export COURSE VENUE
+    <environment variables here>

 %runscript
-    fortune | cowsay
+    <runscript here>

 %test
-    /usr/games/cowsay "Hello"
-    /usr/games/fortune
-```
-
-## Apps in Singularity Image
-
-* [ ] Add to existing bootstrap file 2 SCI-F apps. One for **fortune** app and one for **cowsay** app.
-* [ ] Rebuild your image and test SCI-F apps by **singularity run --app _appname_ myimage.img**.
-* [ ] Try stdin and stdout to SCI-F apps by **singularity run --app fortune myimage.img | singularity run --app cowsay myimage.img**.
-
-```
-%apprun fortune
-    fortune
-
-%apprun cowsay
-    cowsay -f gnu
+    <tests here>
 ```

 ## Persistent Overlays
@@ -169,3 +172,58 @@ mkfs.ext3 myoverlay.ext3
 singularity shell --overlay myoverlay.ext3 myimage.sif
 ```

+## Apps in Singularity Image
+
+Add to existing definition file 2 SCI-F apps: **toilet** and **cowsay**
+
+* [ ] In **%appinstall** section install app
+* [ ] Create runscripts for both apps in **%apprun** section
+* [ ] Use **-f gnu** parameters for *cowsay*
+* [ ] Use **-f mono12 -F metal** parameters for *toilet*
+* [ ] Rebuild your image
+* [ ] Try both apps
+* [ ] Try stdin and stdout to the apps
+
+Template:
+```
+%appinstall <name>
+    <install script here>
+
+%apprun <name>
+    <run script here>
+```
+
+```
+singularity run myimage.sif | singularity run --app <appname> myimage.sif
+```
+
+## Signing and Verifying Containers
+
+Singularity 3.0 introduces the abilities to create and manage PGP keys and use them to sign and verify containers. This provides a trusted method for Singularity users to share containers. It ensures a bit-for-bit reproduction of the original container as the author intended it.
+
+* Pull image from library and ensure they are bit-for-bit reproductions of the original image
+
+```
+$ singularity pull library://busybox:latest
+$ singularity verify busybox_latest.sif
+```
+
+* [ ] Generate own PGP key
+* [ ] List keys and copy **fingerprint** of your key
+* [ ] Push your key to Cloud Library (email address must match)
+* [ ] Search your key in Cloud Library
+* [ ] Sign your image with your key
+* [ ] Verify your image
+* [ ] Create new project in Cloud Library: **Singularity Library** -> **Create a new Project**
+* [ ] Push your image to your new project
+
+```
+$ singularity key newpair
+$ singularity key list
+$ singularity key push 135E426D67D8416DE1D6AC7FFED5BBA38EE0DC4A
+$ singularity key search <name>
+
+$ singularity sign myimage.sif
+$ singularity verify myimage.sif
+$ singularity push myimage.sif library://your-name/project-dir/my-container:latest
+```