Mate Desktop in a Singularity container?

At the moment, we have allocated a number of the compute nodes in our cluster as “desktop nodes” for running Mate Desktop sessions and have created custom images for them that include all of the desktop packages. We normally do not install such packages on our compute nodes in order to avoid “bloat” and ensure higher performance. What we would like to do, though, is to allow our users to run the Mate Desktop as a Singularity container so that it could, at least in theory, run on any compute node in our cluster without our having to install all of the many desktop packages on each one, since those would be installed in the container image. Has anyone already done this who would be willing to share some how-to info? (We are currently running OOD v1.5.5, btw.)

Thank you,

Richard

Perhaps the person in this topic below has, but what comes with the RPM doesn’t have it enabled by default.

I have however recently opened this ticket because I think it’s a fairly good idea, I just haven’t gotten around to working on it yet.

Yes, we do. The modifications are very minimal. Basically, it’s another copy of /var/www/ood/apps/sys/bc_desktop called something else (we added _container to ours), and then modifying both the submit.yml.erb and the script.sh.erb files for it. We also do not have the VNC server installed in the image, so we work around that as well.

Basically, for submit.yml.erb, all we do is load the Singularity environment module and make another alteration to $PATH as well as define $WEBSOCKIFY_CMD as we also don’t have that installed in our image. Then in templates/script.sh.erb, all we do is change the command in the way it’s described in the above quote. We pass some command line flags to Singularity, but those are site-specific bind mounts, and are as likely to be handled by singuality.conf as need to be handled that way.

Do you already have the Singularity image? That part I didn’t personally work on, but I bet the definition for it is laying around somewhere. Seems like it’s probably just installing the “MATE Desktop” or similar group, though, and perhaps the scheduler?

We haven’t built the image yet. I’m still very much on the learning curve with regard to containerization. It is most likely that I’ll be building a container in a Docker Swarm environment, once I have access, then copying the container to our HPC cluster and running it with Singularity. I’m hoping I can just install the same packages we added to the images we used to deploy our custom desktop images. I just wanted to find out if it was actually doable, since I’d seen no discussion of it yet in discourse. I’m hoping we can take this approach and avoid bloating our compute nodes with all the “pretty” packages that user desktop interfaces tend to require. Thanks!

I don’t think you’ll have much trouble, and in fact I would not bother with all of that personally. My start looks like this:

Bootstrap: yum
OSVersion: 7
#DistType: centos
MirrorURL: http://mirror.centos.org/centos-%{OSVERSION}/%{OSVERSION}/os/$basearch/
Include: yum

%post   
    yum -y install epel-release
    yum -y groupinstall 'MATE Desktop'
    yum -y groupinstall 'Compatibility Libraries'
    yum -y install https://github.com/openhpc/ohpc/releases/download/v1.3.GA/ohpc-release-1.3-1.el7.x86_64.rpm
    yum -y install evince eog
    yum -y install glx-utils
    yum -y install systemd-libs
    yum -y install ohpc-slurm-client lmod-ohpc
    <followed by lots of mkdir for local bind mounts>

That’s a pretty basic Singularity definition file, but it’s most of what’s involved. Then it’s just a "singularity build containerfilename.sif containerdef.def (where the latter is a file containing similar to the above). What’s left for me is rationalizing the outcome of that with what’s in the current image, and then seeing if it works with our current setup/why not.