buildah bud: mount file as volume not possible

[olivierGATSNCF]

Description

It is not possible to mount a file as a volume in a builded image with buildah

Steps to reproduce the issue:

1. build myImage with buildah 1.4 In my dockerfile

WORKDIR /opt/elasticsearch
COPY tocopy/config ./config
VOLUME /opt/elasticsearch/config/elasticsearch.yml

2. docker run -v /root/test/elasticsearch.yml:/opt/elasticsearch/config/elasticsearch.yml myImage 3.

Describe the results you received:

docker: Error response from daemon: rpc error: code = 2 desc = "oci runtime error: could not synchronise with container process: not a directory".

Describe the results you expected:

Output of rpm -q buildah or apt list buildah:

package buildah is not installed

Output of buildah version:

Version:         1.4
Go Version:      go1.9.4
Image Spec:      1.0.0
Runtime Spec:    1.0.0
CNI Spec:        0.4.0
libcni Version:  v0.7.0-alpha1
Git Commit:      608fa84
Built:           Mon Oct 22 14:53:00 2018
OS/Arch:         linux/amd64

Output of podman version if reporting a podman build issue:

(paste your output here)

*Output of `cat /etc/release`:**

CentOS Linux release 7.3.1611 (Core) 
NAME="CentOS Linux"
VERSION="7 (Core)"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="7"
PRETTY_NAME="CentOS Linux 7 (Core)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:centos:centos:7"
HOME_URL="https://www.centos.org/"
BUG_REPORT_URL="https://bugs.centos.org/"

CENTOS_MANTISBT_PROJECT="CentOS-7"
CENTOS_MANTISBT_PROJECT_VERSION="7"
REDHAT_SUPPORT_PRODUCT="centos"
REDHAT_SUPPORT_PRODUCT_VERSION="7"

CentOS Linux release 7.3.1611 (Core) 
CentOS Linux release 7.3.1611 (Core) 

Output of uname -a:

Linux jenkins-slave-52fwh-mhkn5 3.10.0-862.9.1.el7.x86_64 #1 SMP Wed Jun 27 04:30:39 EDT 2018 x86_64 x86_64 x86_64 GNU/Linux

Output of cat /etc/containers/storage.conf:

# storage.conf is the configuration file for all tools
# that share the containers/storage libraries
# See man 5 containers-storage.conf for more information
# The "container storage" table contains all of the server options.
[storage]

# Default Storage Driver
driver = "overlay"

# Temporary storage location
runroot = "/var/run/containers/storage"

# Primary Read/Write location of container storage
graphroot = "/var/lib/containers/storage"

[storage.options]
# Storage options to be passed to underlying storage drivers

# AdditionalImageStores is used to pass paths to additional Read/Only image stores
# Must be comma separated list.
additionalimagestores = [
]

# Size is used to set a maximum size of the container image.  Only supported by
# certain container storage drivers.
size = ""

# OverrideKernelCheck tells the driver to ignore kernel checks based on kernel version
override_kernel_check = "true"

# Remap-UIDs/GIDs is the mapping from UIDs/GIDs as they should appear inside of
# a container, to UIDs/GIDs as they should appear outside of the container, and
# the length of the range of UIDs/GIDs.  Additional mapped sets can be listed
# and will be heeded by libraries, but there are limits to the number of
# mappings which the kernel will allow when you later attempt to run a
# container.
#
# remap-uids = 0:1668442479:65536
# remap-gids = 0:1668442479:65536

# Remap-User/Group is a name which can be used to look up one or more UID/GID
# ranges in the /etc/subuid or /etc/subgid file.  Mappings are set up starting
# with an in-container ID of 0 and the a host-level ID taken from the lowest
# range that matches the specified name, and using the length of that range.
# Additional ranges are then assigned, using the ranges which specify the
# lowest host-level IDs first, to the lowest not-yet-mapped container-level ID,
# until all of the entries have been used for maps.
#
# remap-user = "storage"
# remap-group = "storage"

[storage.options.thinpool]
# Storage Options for thinpool

# autoextend_percent determines the amount by which pool needs to be
# grown. This is specified in terms of % of pool size. So a value of 20 means
# that when threshold is hit, pool will be grown by 20% of existing
# pool size.
# autoextend_percent = "20"

# autoextend_threshold determines the pool extension threshold in terms
# of percentage of pool size. For example, if threshold is 60, that means when
# pool is 60% full, threshold has been hit.
# autoextend_threshold = "80"

# basesize specifies the size to use when creating the base device, which
# limits the size of images and containers.
# basesize = "10G"

# blocksize specifies a custom blocksize to use for the thin pool.
# blocksize="64k"

# directlvm_device specifies a custom block storage device to use for the
# thin pool. Required if you setup devicemapper
# directlvm_device = ""

# directlvm_device_force wipes device even if device already has a filesystem
# directlvm_device_force = "True"

# fs specifies the filesystem type to use for the base device.
# fs="xfs"

# log_level sets the log level of devicemapper.
# 0: LogLevelSuppress 0 (Default)
# 2: LogLevelFatal
# 3: LogLevelErr
# 4: LogLevelWarn
# 5: LogLevelNotice
# 6: LogLevelInfo
# 7: LogLevelDebug
# log_level = "7"

# min_free_space specifies the min free space percent in a thin pool require for
# new device creation to succeed. Valid values are from 0% - 99%.
# Value 0% disables
# min_free_space = "10%"

# mkfsarg specifies extra mkfs arguments to be used when creating the base
# device.
# mkfsarg = ""

# mountopt specifies extra mount options used when mounting the thin devices.
# mountopt = ""

# use_deferred_removal Marking device for deferred removal
# use_deferred_removal = "True"

# use_deferred_deletion Marking device for deferred deletion
# use_deferred_deletion = "True"

# xfs_nospace_max_retries specifies the maximum number of retries XFS should
# attempt to complete IO when ENOSPC (no space) error is returned by
# underlying storage device.
# xfs_nospace_max_retries = "0"

[rhatdan]

@umohnani8 if @TomSweeneyRedHat Does not have time could you look at this?

[gregoryboue]

Hi,

Is this Issue fixed with buildah 1.5 or 1.6 ?

[rhatdan]

Not sure anyone has looked at it, Could you point me to the git repo, where I could try to build the image ?

[gregoryboue]

It's reproducible by the steps listed in the description, Can you look at this ? It's a very useful feature

[gregoryboue]

Any news of this ?

[TomSweeneyRedHat]

I've not yet had a chance to dive into this, @umohnani8 have you?

[umohnani8]

@TomSweeneyRedHat no I haven't, been focusing on the CRD stuff. I can get to it once I am done with that, but feel free to look into it if you want to :)

[gregoryboue]

Hi,

Do you have some news on this subject ?

[TomSweeneyRedHat]

Sorry @gregoryboue no news as of yet. It's on the list but we've not yet popped it up to the top of the list.

[rhatdan]

@giuseppe What exactly is in the COPY directory? COPY tocopy/config ./config

[olivierGATSNCF]

Hi, in my sample, tocopy/config contains a default elasticsearch.yml and a file logging.yml

[TomSweeneyRedHat]

@olivierGATSNCF finally had some time to play with this and it worked for me. However, the files that I used were just empties that I touched, ie elasticsearch.yml. I used the latest Buildah from upstream, v1.7-dev.

# mkdir -p /opt/elasticsearch/config
# touch /opt/elasticsearch/config/elasticsearch.yml

# mkdir -p tocopy/config
# touch tocopy/config/tom.yml

# cat ~/Dockerfile.elastic
FROM alpine
WORKDIR /opt/elasticsearch
COPY tocopy/config ./config
VOLUME /opt/elasticsearch/config/elasticsearch.yml

# buildah bud -t tom -f ~/Dockerfile.elastic .
STEP 1: FROM alpine
STEP 2: WORKDIR /opt/elasticsearch
STEP 3: COPY tocopy/config ./config
STEP 4: VOLUME /opt/elasticsearch/config/elasticsearch.yml
STEP 5: COMMIT containers-storage:[overlay@/var/lib/containers/storage+/var/run/containers/storage]localhost/tom:latest
Getting image source signatures
Skipping blob 503e53e365f3 (already present): 5.52 MiB / 5.52 MiB [=========] 0s
Copying blob 74db0edfe583: 3.50 KiB / 3.50 KiB [============================] 0s
Copying config 3fc9014540d6: 799 B / 799 B [================================] 0s
Writing manifest to image destination
Storing signatures
--> 3fc9014540d6911067680b6084b3453e32d0ea5cf435cc29bcd0151ec7403555

# docker run -v /root/test/elasticsearch.yml:/opt/elasticsearch/config/elasticsearch.yml tom

# podman run -v /root/test/elasticsearch.yml:/opt/elasticsearch/config/elasticsearch.yml tom

Can you try with the latest and greatest or try again using different files that include a touched file rather than that particular *.yml.

Also I don't think your Dockerfile is complete in the example as there's at least no FROM directive there. If you could update that, that would be appreciated.

[olivierGATSNCF]

Thanks for your attention. It seems that deleting VOLUME instruction solve our problem

[TomSweeneyRedHat]

@olivierGATSNCF thanks for the initial issue and the follow ups. I'm going to close this now. If you run into this again, please feel free to reopen or start a new issue as you feel appropriate.