Singularity 3.4.0 release, Linux application container

News 2019-09-05 11:17:03 views: null

Singularity is an open source container platform, designed to simplify, secure and fast. Singularity is optimized for EPC and HPC workloads, allowing untrusted users to run untrusted container in a credible way. 3.4.0 version has been released, this version emphasizes a feature: the ability to build and run an encrypted container.

The main new features of this version is the ability to build and run an encrypted container. These containers are at rest or in transit, even at runtime is encrypted.

In other words, Singularity container throughout its life cycle is still encrypted. When they were created, when they are at rest or in transmission around, even in the time to use them. Because they use the kernel space data decryption, decryption and therefore no cleaning rootfs upon termination. Specific updates are as follows:

  • New support for the use of RSA keys and cryptographic libraries to build and run an encrypted container
    • Add --pem-path based on the operation command option and RSA encryption in the build in container
    • Add --passphrase options build in container-based encryption and password operation command
    • Add SINGULARITY_ENCRYPTION_PEM_PATH and SINGULARITY_ENCRYPTION_PASSPHRASE environment variable to provide the same functionality as above
    • When the environment variable contains a secret, adding --encrypt options in build to build an encrypted container
  • The new flag --disable-cache prevents caching downloaded container
  • Added support for multi-line variables Singularity def file
  • Added support for "indexed" def file variables (such as arrays)
  • Added support for SUSE SLE products
  • Add a def-file variables: product, user, regcode, productpgp, registerurl, modules, otherurl (indexed)
  • Scs support structure tag library system more
  • Add --dry-run mark to cache clean
  • Add SINGULARITY_SYPGPDIR environment variable specifies the location of the data pgp key
  • When --vm runtime options, the option to add --nonet operation command to disable network
  • Add a --long-list flag in order to retain key search
  • Add a experimental, the hidden --fusemount flag, a command to transfer, in a container mounted on a file system 3 libfuse

Other changes :

  • remote add command now automatically tries to log and add the --no-login flag to disable this behavior
  • Download unsigned use the pull command vessel, no longer generates an error code
  • When the --force option is not running, cache clean command prompts the user before clearing
  • Shorten the default output key search command
  • pull in --allow-unsigned command is no longer used, will be removed in the future

For details, see the release notes:

https://github.com/sylabs/singularity/releases

Guess you like

Origin www.oschina.net/news/109611/singularity-3-4-0-released
Recommended
Ranking
error: (-215:Assertion failed) !_img.empty() in function ‘cv::imwrite‘
Database migration between Navicat servers
Minimum number of rotation of the array: Array
balenaEtcher for mac (make a boot disk software) v1.5.67
Custom processing serialization and deserialization in jackson
Mu-en-mask system development software
Mastering Regular Expressions
Find mileage Java--
Web pages can not directly concern the public micro-channel number how to do? A key to arouse public concern number of micro-channel solutions
[CodeForces - 739B] Alyona and a tree Tree + [difference] + bipartite
Daily
More
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)

Code World

© 2018 codetd.com