diff options
| author | Arun Isaac | 2026-02-12 13:41:59 +0000 |
|---|---|---|
| committer | Arun Isaac | 2026-02-12 13:41:59 +0000 |
| commit | 31c82db0b2c9d33f683d8c9323e13e89f7f11993 (patch) | |
| tree | 01722d220c349863c21a746305af3996d199fc66 | |
| parent | 1cbcbb58788a35b10a7a7555e6ebba2b666c3675 (diff) | |
| download | gn-machines-31c82db0b2c9d33f683d8c9323e13e89f7f11993.tar.gz | |
Add singularity installation scripts.
| -rwxr-xr-x | singularity-head-deploy.sh | 12 | ||||
| -rwxr-xr-x | singularity-worker-deploy.sh | 37 | ||||
| -rw-r--r-- | singularity.scm | 42 |
3 files changed, 91 insertions, 0 deletions
diff --git a/singularity-head-deploy.sh b/singularity-head-deploy.sh new file mode 100755 index 0000000..533224b --- /dev/null +++ b/singularity-head-deploy.sh @@ -0,0 +1,12 @@ +#! /bin/sh -xe + +## +## singularity deployment on octopus01 (the head node) +## + +## Install singularity in the same way as the worker nodes. +./singularity-worker-deploy.sh $(guix build -f singularity.scm) + +# Register garbage collector root to prevent `guix gc' from garbage +# collecting singularity. +sudo ln --force --symbolic /usr/local/bin/singularity /var/guix/gcroots diff --git a/singularity-worker-deploy.sh b/singularity-worker-deploy.sh new file mode 100755 index 0000000..d709758 --- /dev/null +++ b/singularity-worker-deploy.sh @@ -0,0 +1,37 @@ +#! /bin/sh -xe + +## +## singularity deployment on octopus worker nodes +## + +case $1 in + "") + echo "Usage: $0 SINGULARITY_STORE_ITEM" + exit 1 + ;; + *) + singularity=$1 + echo $singularity + ;; +esac + +# Symlink singularity executable. +sudo ln --force --symbolic $singularity/bin/singularity /usr/local/bin/singularity + +# To set up singularity, we imitate what the Guix +# singularity-service-type does. + +# Install setuid binaries. +sudo mkdir -p /usr/local/libexec/singularity/bin +for program in action mount start; +do + sudo cp $singularity/libexec/singularity/bin/$program-suid /usr/local/libexec/singularity/bin/singularity-$program-helper + sudo chmod u+s /usr/local/libexec/singularity/bin/singularity-$program-helper +done + +# Create the directories that Singularity 2.6 expects to find. +for directory in container final overlay session; +do + sudo mkdir -p /var/singularity/mnt/$directory + sudo chmod 755 /var/singularity/mnt/$directory +done diff --git a/singularity.scm b/singularity.scm new file mode 100644 index 0000000..9a4c0ce --- /dev/null +++ b/singularity.scm @@ -0,0 +1,42 @@ +(use-modules (gnu packages linux) + (guix download) + (guix packages)) + +(package + (inherit singularity) + (version (package-version singularity)) + (source (origin + (inherit (package-source singularity)) + (snippet + '(begin + ;; We put the singularity setuid binaries under + ;; /usr/local. The Guix package puts it under + ;; /run/privileged/bin. But, we cannot do that since + ;; /run is mounted noexec on octopus. + (substitute* (find-files "libexec/cli" "\\.exec$") + (("\\$SINGULARITY_libexecdir/singularity/bin/([a-z]+)-suid" + _ program) + (string-append "/usr/local/libexec/singularity/bin/singularity-" + program "-helper"))) + + ;; The remaining snippet code below is copied from the + ;; Guix package. + + ;; Do not create directories in /var. + (substitute* "Makefile.in" + (("\\$\\(MAKE\\) .*install-data-hook") "")) + + ;; The original source overrides PATH so that it + ;; points to /bin, /usr/local/bin, etc., which + ;; obviously doesn't work on Guix System. Leave PATH + ;; unchanged so we refer to the installed Coreutils, + ;; grep, etc. + (substitute* "bin/singularity.in" + (("^PATH=.*" all) + (string-append "#" all "\n"))) + + ;; These squashfs mount options are apparently no + ;; longer supported since Linux-libre 5.4.5. + (substitute* "src/lib/image/squashfs/mount.c" + (("\"errors=remount-ro\"") + "NULL"))))))) |