Search code examples
dockerhpcdocker-registrysingularity-container

Creating Singularity container from local private docker registry

When creating a Singularity image from a Docker image, how do I correctly reference a Docker image in a local insecure private registry?

Using Singularity 2.2.1, attempted using specfile:

Bootstrap: docker
Registry: localhost:5000
From: tensorflow:latest

%runscript

    exec /usr/bin/python "$@"

%post

    echo "Post install stuffs!"

With the following results:

Executing Prebootstrap module
VERBOSE [U=0,P=22966]      message.c:52:init()                        : Set messagelevel to: 5
DEBUG   [U=0,P=22966]      get-section.c:66:main()                    : Iterating through /proc/mounts
Executing Bootstrap 'docker' module
From: tensorflow:latest
Registry: https://localhost:5000
library/tensorflow:latest
scope=repository:library/tensorflow:pull
URL: https://localhost:5000/v2/library/tensorflow/manifests/latest
Traceback (most recent call last):
  File "/usr/lib/x86_64-linux-gnu/singularity/python/cli.py", line 198, in <module>
    main()
  File "/usr/lib/x86_64-linux-gnu/singularity/python/cli.py", line 146, in main
    auth=doauth)
  File "/usr/lib/x86_64-linux-gnu/singularity/python/docker/api.py", line 156, in get_manifest
    response = api_get(base,headers=token,default_header=True)
  File "/usr/lib/x86_64-linux-gnu/singularity/python/utils.py", line 139, in api_get
    response = urllib2.urlopen(request)
  File "/usr/lib/python2.7/urllib2.py", line 154, in urlopen
    return opener.open(url, data, timeout)
  File "/usr/lib/python2.7/urllib2.py", line 429, in open
    response = self._open(req, data)
  File "/usr/lib/python2.7/urllib2.py", line 447, in _open
    '_open', req)
  File "/usr/lib/python2.7/urllib2.py", line 407, in _call_chain
    result = func(*args)
  File "/usr/lib/python2.7/urllib2.py", line 1241, in https_open
    context=self._context)
  File "/usr/lib/python2.7/urllib2.py", line 1198, in do_open
    raise URLError(err)
urllib2.URLError: <urlopen error [SSL: UNKNOWN_PROTOCOL] unknown protocol (_ssl.c:661)>
Executing Postbootstrap module
ERROR: Container does not contain the valid minimum requirement of /bin/sh
DEBUG   [U=0,P=22936]      fork.c:52:handle_sigchld()                 : Checking child pids: 22941 22941

Singularity is making an assumption about HTTPS on the private registry.

Thanks, Piers.

Solution

  • In answer to my own question - it turns out that I need to do two things:

    • explicitly add http:// to the local registry URL
    • prefix the Docker image name with "/" so that it doesn't get prepended with "/library/"

    Example specfile:

    Bootstrap: docker
Registry: http://localhost:5000
From: /tensorflow:latest

%runscript

    exec /usr/bin/python "$@"

%post

    echo "Post install stuffs!"