all=1 parameter is marked as invalid using Docker Compose with Podman

nickiemc commented 1 week ago

Issue Description

Description

When attempting to run docker-compose on a RHEL8 server using Podman, it seems that the all=1 parameter is being marked as invalid.

Here are my debugging steps:

Executing docker-compose up web results in Error response from daemon: opening container config: open : invalid argument.

Looking at the output of journalctl -u podman after running the above command, I can see the underlying command that is being executed:

"GET /v1.41/containers/json?all=1&filters=%7B%22label%22%3A%7B%22com.docker.compose.config-hash%22%3Atrue%2C%22com.docker.compose.project%3Ddevops-debug-build%22%3Atrue%7D%7D HTTP/1.1" 500 106 "" "compose/v2.27.0"

If I attempt to run this manually using the command below, I get a 500 error with the same error message::


curl -iv --unix-socket /var/run/docker.sock http://v1.41/containers/json?all=1&filters=%7B%22label%22%3A%7B%22com.docker.compose.config-hash%22%3Atrue%2C%22com.docker.compose.project%3Ddevops-debug-build%22%3Atrue%7D%7D

[1] 1561271 [devops_user@devops_server devops-debug-build]$ * Trying /var/run/docker.sock...

Connected to v1.41 (/run/podman/podman.sock) port 80 (#0)

GET /containers/json?all=1 HTTP/1.1 Host: v1.41 User-Agent: curl/7.61.1 Accept: /

< HTTP/1.1 500 Internal Server Error HTTP/1.1 500 Internal Server Error < Api-Version: 1.41 Api-Version: 1.41 < Content-Type: application/json Content-Type: application/json < Libpod-Api-Version: 4.9.4-rhel Libpod-Api-Version: 4.9.4-rhel < Server: Libpod/4.9.4-rhel (linux) Server: Libpod/4.9.4-rhel (linux) < X-Reference-Id: 0xc0005a0018 X-Reference-Id: 0xc0005a0018 < Date: Wed, 03 Jul 2024 16:37:41 GMT Date: Wed, 03 Jul 2024 16:37:41 GMT < Content-Length: 106 Content-Length: 106

< {"cause":"invalid argument","message":"opening container config: open : invalid argument","response":500}

Connection #0 to host v1.41 left intact

* However, if I change `all=1` to simply `all`, the command runs successfully:

curl -iv --unix-socket /var/run/docker.sock http://v1.41/containers/json?all&filters=%7B%22label%22%3A%7B%22com.docker.compose.config-hash%22%3Atrue%2C%22com.docker.compose.project%3Dbsc_bsc-658-debug-build%22%3Atrue%7D%7D [1] 1562521 [nhlbi_epmapdevops@hllda-phpdocker BSC_BSC-658-debug-build]$ * Trying /var/run/docker.sock...

Connected to v1.41 (/run/podman/podman.sock) port 80 (#0)
GET /containers/json?all HTTP/1.1 Host: v1.41 User-Agent: curl/7.61.1 Accept: /

< HTTP/1.1 200 OK HTTP/1.1 200 OK < Api-Version: 1.41 Api-Version: 1.41 < Content-Type: application/json Content-Type: application/json < Libpod-Api-Version: 4.9.4-rhel Libpod-Api-Version: 4.9.4-rhel < Server: Libpod/4.9.4-rhel (linux) Server: Libpod/4.9.4-rhel (linux) < X-Reference-Id: 0xc0005e91e0 X-Reference-Id: 0xc0005e91e0 < Date: Wed, 03 Jul 2024 16:41:11 GMT Date: Wed, 03 Jul 2024 16:41:11 GMT < Content-Length: 997 Content-Length: 997

Steps to reproduce the issue

Environment Details

Red Hat Enterprise Linux v8.10
Podman v4.9.4-rhel
Docker Compose v2.27.0

docker-compose.yml

services:

    web:
      image: nginx:latest
      ports:
        - '80:80'

Steps to Reproduce

Execute the following command:

curl -iv --unix-socket /var/run/docker.sock http://v1.41/containers/json?all=1&filters=%7B%22label%22%3A%7B%22com.docker.compose.config-hash%22%3Atrue%2C%22com.docker.compose.project%3Ddevops-debug-build%22%3Atrue%7D%7D

Describe the results you received

The command returns a 500 Internal Server Error with the message opening container config: open : invalid argument.

Running docker-compose up web results in an error: Error response from daemon: opening container config: open : invalid argument.

Describe the results you expected

The command returns a 200 OK status.

Running docker-compose up web successfully starts the web container.

podman info output

host:
  arch: amd64
  buildahVersion: 1.33.7
  cgroupControllers: []
  cgroupManager: cgroupfs
  cgroupVersion: v1
  conmon:
    package: conmon-2.1.10-1.module+el8.10.0+21077+98b84d8a.x86_64
    path: /usr/bin/conmon
    version: 'conmon version 2.1.10, commit: 80c4f656297773fb630a4d966add3242abab39a4'
  cpuUtilization:
    idlePercent: 96.78
    systemPercent: 1.07
    userPercent: 2.16
  cpus: 4
  databaseBackend: boltdb
  distribution:
    distribution: rhel
    version: "8.10"
  eventLogger: file
  freeLocks: 2027
  hostname: devops_server
  idMappings:
    gidmap:
    - container_id: 0
      host_id: 100132
      size: 1
    - container_id: 1
      host_id: 232000
      size: 65536
    uidmap:
    - container_id: 0
      host_id: 100132
      size: 1
    - container_id: 1
      host_id: 232000
      size: 65536
  kernel: 4.18.0-553.5.1.el8_10.x86_64
  linkmode: dynamic
  logDriver: k8s-file
  memFree: 778600448
  memTotal: 16526221312
  networkBackend: cni
  networkBackendInfo:
    backend: cni
    dns:
      package: podman-plugins-4.9.4-1.module+el8.10.0+21632+761e0d34.x86_64
      path: /usr/libexec/cni/dnsname
      version: |-
        CNI dnsname plugin
        version: 1.4.0-dev
        commit: unknown
        CNI protocol versions supported: 0.1.0, 0.2.0, 0.3.0, 0.3.1, 0.4.0, 1.0.0
    package: containernetworking-plugins-1.4.0-2.module+el8.10.0+21366+f9cb49f8.x86_64
    path: /usr/libexec/cni
  ociRuntime:
    name: runc
    package: runc-1.1.12-1.module+el8.10.0+21251+62b7388c.x86_64
    path: /usr/bin/runc
    version: |-
      runc version 1.1.12
      spec: 1.0.2-dev
      go: go1.21.3
      libseccomp: 2.5.2
  os: linux
  pasta:
    executable: ""
    package: ""
    version: ""
  remoteSocket:
    exists: false
    path: /run/user/100132/podman/podman.sock
  security:
    apparmorEnabled: false
    capabilities: CAP_NET_RAW,CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
    rootless: true
    seccompEnabled: true
    seccompProfilePath: /usr/share/containers/seccomp.json
    selinuxEnabled: true
  serviceIsRemote: false
  slirp4netns:
    executable: /usr/bin/slirp4netns
    package: slirp4netns-1.2.3-1.module+el8.10.0+21306+6be40ce7.x86_64
    version: |-
      slirp4netns version 1.2.3
      commit: c22fde291bb35b354e6ca44d13be181c76a0a432
      libslirp: 4.4.0
      SLIRP_CONFIG_VERSION_MAX: 3
      libseccomp: 2.5.2
  swapFree: 4292317184
  swapTotal: 4294963200
  uptime: 257h 11m 58.00s (Approximately 10.71 days)
  variant: ""
plugins:
  authorization: null
  log:
  - k8s-file
  - none
  - passthrough
  - journald
  network:
  - bridge
  - macvlan
  - ipvlan
  volume:
  - local
registries:
  search:
  - registry.access.redhat.com
  - registry.redhat.io
  - docker.io
store:
  configFile: /home/devops_user/.config/containers/storage.conf
  containerStore:
    number: 21
    paused: 0
    running: 0
    stopped: 21
  graphDriverName: overlay
  graphOptions: {}
  graphRoot: /home/devops_user/.local/share/containers/storage
  graphRootAllocated: 21464350720
  graphRootUsed: 4555976704
  graphStatus:
    Backing Filesystem: xfs
    Native Overlay Diff: "true"
    Supports d_type: "true"
    Supports shifting: "false"
    Supports volatile: "true"
    Using metacopy: "false"
  imageCopyTmpDir: /var/tmp
  imageStore:
    number: 52
  runRoot: /run/user/100132/containers
  transientStore: false
  volumePath: /home/devops_user/.local/share/containers/storage/volumes
version:
  APIVersion: 4.9.4-rhel
  Built: 1711986940
  BuiltTime: Mon Apr  1 11:55:40 2024
  GitCommit: ""
  GoVersion: go1.21.7 (Red Hat 1.21.7-1.module+el8.10.0+21318+5ea197f8)
  Os: linux
  OsArch: linux/amd64
  Version: 4.9.4-rhel

Podman in a container

No

Privileged Or Rootless

None

Upstream Latest Release

No

Additional environment details

N/A

Additional information

N/A

Luap99 commented 1 week ago

Are you sure this has to do anything with all? opening container config: open : invalid argument is a internal error that has nothing to do with the endpoint and or compose.

what happens if you run podman ps -a as root given in your example you connect to the root socket

nickiemc commented 1 week ago

Hi @Luap99, the issue seems to be with all=1. As I noted above, if I run with just all, the command completes successfully. I see the same behavior running as both root and devops_user.

Running podman ps -a as both root and devops_user successfully outputs a list of the running containers.

Luap99 commented 1 week ago

Hi @Luap99, the issue seems to be with all=1. As I noted above, if I run with just all, the command completes successfully. I see the same behavior running as both root and devops_user.

It is not related to how all is parsed at all. If you do not set all to true, wich you do by just using all instead of of all=1 you only list running containers.

The error you are getting is pretty internal and has nothing to do with how this is parsed or not it just means that it is related to a container that is not running. And quite frankly looking at the error message getting an EINVAL from the open syscall when passing an empty path looks wrong. Podman expects ENOENT here which is what I would expect.

Also note that we only support the latest version upstream. If you problems with the version in RHEL you should go through the Red Hat support channels.

containers / podman