snirkatriel
commented
2 years ago Happens to us while using both centos:8 and centos:latest images, this issue is quite critical as it prevents from installing any package in these docker images
Open sarveswarreddy opened 2 years ago
snirkatriel
commented
2 years ago Happens to us while using both centos:8 and centos:latest images, this issue is quite critical as it prevents from installing any package in these docker images
20008484
commented
2 years ago Hello ! In order to go through this problem you can temporarly first run these commands below on your image then run your target commands :
This will comment mirrolist lines, uncomment baseurl lines, change target baseurl to vault.centos.org
find /etc/yum.repos.d/ -type f -exec sed -i 's/mirrorlist=/#mirrorlist=/g' {} + find /etc/yum.repos.d/ -type f -exec sed -i 's/#baseurl=/baseurl=/g' {} + find /etc/yum.repos.d/ -type f -exec sed -i 's/mirror.centos.org/vault.centos.org/g' {} +
Regards !
photex
commented
2 years ago Wild. Pretty excellent way to be sure people only consider Windows and Ubuntu the only "stable" enterprise development systems worth investing in.
Totktonada
commented
2 years ago NB: The same problem is reported in https://bugs.centos.org/view.php?id=18394.
NeilHanlon
commented
2 years ago Wild. Pretty excellent way to be sure people only consider Windows and Ubuntu the only "stable" enterprise development systems worth investing in.
For what it's worth, this change has been coming for a long time and has been posted on the centos-devel mailing list, as well as propagated through many other channels.
vikinghts
commented
2 years ago We are hit by this issue. No problem that there is a move to vault. But please update your base docker image centos 8. We use this image for a lot of our previous releases. Our newest are running on stream 8 already but patching the old ones is a lot of work for us. And little for you.
NeilHanlon
commented
2 years ago @vikinghts - CentOS 8 is end of life. You should not be using this container any longer as it will become vulnerable over time. The image also will likely not be updated, in accordance with the CentOS EOL.
photex
commented
2 years ago Centos 8 is an ideal place to build toolchains for compatibility with the wider Linux ecosystem. Although it seems that we're better off using Ubuntu for that too.
The fact I even have to write this is an indictment of Linux in general though.
barooi
commented
2 years ago We're experiencing the same since today.
@NeilHanlon I understand your reasoning, and we also switched to stream for our new versions. Alas, we do have provide fixes to customers on older releases and definitely try to push them forward too. I wish they would, but wishing does not work sometimes.
Effectively the docker image is still hosted on Dockerhub, while being EOL. Packages are also hosted in vault repos now, while being EOL.
So, we understand the product is EOL, believe me. To play hardball, I could argue that both the Docker image and package repo's should be pulled completely as the product is EOL. I guess there's a reason to not do that.
So, the humble requests I see here is to make the update in the Docker image and prevent many fixes downstream to make it work by applying the workaround posted by 20008484.
NeilHanlon
commented
2 years ago I'm not part of the CentOS cloud sig, for the record -- just giving out some information.
Likely instead of continuing to use an EOL image, you should migrate either to stream, or to one of the many rebuilds such as Rocky Linux (Disclosure: I am the infra team lead for Rocky), AlmaLinux, Oracle Linux, Springdale, etc.
I suspect that the centos cloud sig will not be updating this image, but I do not speak for them.
0x501D
commented
2 years ago Hello ! In order to go through this problem you can temporarly first run these commands below on your image then run your target commands :
This will comment mirrolist lines, uncomment baseurl lines, change target baseurl to vault.centos.org
find /etc/yum.repos.d/ -type f -exec sed -i 's/mirrorlist=/#mirrorlist=/g' {} + find /etc/yum.repos.d/ -type f -exec sed -i 's/#baseurl=/baseurl=/g' {} + find /etc/yum.repos.d/ -type f -exec sed -i 's/mirror.centos.org/vault.centos.org/g' {} +
Regards !
vault.centos.org has a problem. It uses DNS RR and one of the server (3.22.185.178) is not responding sometimes:
$ curl --connect-timeout 30 -v -L http://vault.centos.org/centos/8/AppStream/x86_64/os/repodata/768e088faaaba73d00aee49f134e22d5d1803171ffb167260c8b55f4165e0372-filelists.xml.gz --output 1.out
* Trying 3.22.185.178:80...
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- 0:00:07 --:--:-- 0* Connected to vault.centos.org (3.22.185.178) port 80 (#0)
> GET /centos/8/AppStream/x86_64/os/repodata/768e088faaaba73d00aee49f134e22d5d1803171ffb167260c8b55f4165e0372-filelists.xml.gz HTTP/1.1
> Host: vault.centos.org
> User-Agent: curl/7.79.1
> Accept: */*
>
0 0 0 0 0 0 0 0 --:--:-- 0:00:10 --:--:-- 0* Mark bundle as not supporting multiuse
< HTTP/1.1 301 Moved Permanently
< Date: Tue, 15 Feb 2022 17:11:05 GMT
< Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
< X-Xss-Protection: 1; mode=block
< X-Content-Type-Options: nosniff
< Referrer-Policy: same-origin
< X-Frame-Options: SAMEORIGIN
< Location: https://vault.centos.org/centos/8/AppStream/x86_64/os/repodata/768e088faaaba73d00aee49f134e22d5d1803171ffb167260c8b55f4165e0372-filelists.xml.gz
< Content-Length: 352
< Content-Type: text/html; charset=iso-8859-1
<
* Ignoring the response-body
{ [352 bytes data]
100 352 100 352 0 0 31 0 0:00:11 0:00:11 --:--:-- 87
* Connection #0 to host vault.centos.org left intact
* Issue another request to this URL: 'https://vault.centos.org/centos/8/AppStream/x86_64/os/repodata/768e088faaaba73d00aee49f134e22d5d1803171ffb167260c8b55f4165e0372-filelists.xml.gz'
* Trying 3.22.185.178:443...
0 0 0 0 0 0 0 0 --:--:-- 0:00:12 --:--:-- 0* Connected to vault.centos.org (3.22.185.178) port 443 (#1)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: /etc/ssl/certs
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
0 0 0 0 0 0 0 0 --:--:-- 0:00:40 --:--:-- 0* SSL connection timeout
0 0 0 0 0 0 0 0 --:--:-- 0:00:41 --:--:-- 0
* Closing connection 1
curl: (28) SSL connection timeoutI do not know where I should report this problem.
NeilHanlon
commented
2 years ago @0x501D vault.c.o is just that, a vault -- so it doesn't have really any availability guarantees, and is pretty limited, bandwidth wise.
The Rocky Linux project is hosting a mirror at http://dl.rockylinux.org/vault/centos/ of the last 8.5.2111 content which anyone is free to use. It isn't the fastest or anything by a mile, but it's best not to hit the centos vault too too much.
http://mirror.centos.org/centos/8/readme
Error: Failed to download metadata for repo 'appstream': Cannot prepare internal mirrorlist: No URLs in mirrorlistCan you enable baseurl using vault mirrors in docker image?