search

containers / podman

Podman: A tool for managing OCI containers and pods.
https://podman.io
Apache License 2.0
23.83k stars 2.42k forks source link

pipe to rootless podman container hangs #8916

Closed someone-somenet-org closed 3 years ago

someone-somenet-org commented 3 years ago

/kind bug

Description running echo "asdf" | podman run --rm -it --entrypoint /bin/cat centos:7 hangs indefinitely.

Describe the results you expected: Expected getting printed "asdf", the cointainer to exit and get back to shell.

Output of podman version:

Version:      2.2.1
API Version:  2.1.0
Go Version:   go1.14.10
Built:        Tue Dec  8 15:37:43 2020
OS/Arch:      linux/amd64

Output of podman info --debug:

host:
  arch: amd64
  buildahVersion: 1.18.0
  cgroupManager: systemd
  cgroupVersion: v2
  conmon:
    package: conmon-2.0.22-2.fc32.x86_64
    path: /usr/bin/conmon
    version: 'conmon version 2.0.22, commit: c93fb161acdf210143641c432bd8c448788bb093'
  cpus: 6
  distribution:
    distribution: fedora
    version: "32"
  eventLogger: journald
  hostname: [redacted]
  idMappings:
    gidmap:
    - container_id: 0
      host_id: 10100
      size: 1
    - container_id: 1
      host_id: 1010200000
      size: 65536
    uidmap:
    - container_id: 0
      host_id: 10102
      size: 1
    - container_id: 1
      host_id: 1010200000
      size: 65536
  kernel: 5.9.16-100.fc32.x86_64
  linkmode: dynamic
  memFree: 783147008
  memTotal: 8236179456
  ociRuntime:
    name: crun
    package: crun-0.16-3.fc32.x86_64
    path: /usr/bin/crun
    version: |-
      crun version 0.16
      commit: eb0145e5ad4d8207e84a327248af76663d4e50dd
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +YAJL
  os: linux
  remoteSocket:
    path: /run/user/10102/podman/podman.sock
  rootless: true
  slirp4netns:
    executable: /usr/bin/slirp4netns
    package: slirp4netns-1.1.8-1.fc32.x86_64
    version: |-
      slirp4netns version 1.1.8
      commit: d361001f495417b880f20329121e3aa431a8f90f
      libslirp: 4.3.1
      SLIRP_CONFIG_VERSION_MAX: 3
      libseccomp: 2.5.0
  swapFree: 8338272256
  swapTotal: 8338272256
  uptime: 217h 34m 9.18s (Approximately 9.04 days)
registries:
[redacted]
store:
  configFile: /home/user/.config/containers/storage.conf
  containerStore:
    number: 1
    paused: 0
    running: 1
    stopped: 0
  graphDriverName: overlay
  graphOptions:
    overlay.mount_program:
      Executable: /usr/bin/fuse-overlayfs
      Package: fuse-overlayfs-1.3.0-1.fc32.x86_64
      Version: |-
        fusermount3 version: 3.9.1
        fuse-overlayfs: version 1.3
        FUSE library version 3.9.1
        using FUSE kernel interface version 7.31
  graphRoot: /home/user/.local/share/containers/storage
  graphStatus:
    Backing Filesystem: extfs
    Native Overlay Diff: "false"
    Supports d_type: "true"
    Using metacopy: "false"
  imageStore:
    number: 1
  runRoot: /run/user/10102/containers
  volumePath: /home/user/.local/share/containers/storage/volumes
version:
  APIVersion: 2.1.0
  Built: 1607438263
  BuiltTime: Tue Dec  8 15:37:43 2020
  GitCommit: ""
  GoVersion: go1.14.10
  OsArch: linux/amd64
  Version: 2.2.1

Package info (e.g. output of rpm -q podman or apt list podman):

podman-2.2.1-1.fc32.x86_64

Have you tested with the latest version of Podman and have you checked the Podman Troubleshooting Guide?

Yes

rhatdan commented 3 years ago

Did you try it without the -it?

zhangguanzhang commented 3 years ago

what about this

$ echo "asdf" | podman run --rm -i --entrypoint /bin/cat $IMG
asdf
rhatdan commented 3 years ago

Is the use of -t hanging expected?

mheon commented 3 years ago

Yep - we've encountered this issue in the past. Our behavior matches Docker here. In brief, -t isn't required in a lot of cases, and is actively detrimental in cases where IO based on pipes, redirecting STDIN/STDOUT, etc are in use.

rhatdan commented 3 years ago

Looks like we document this in the man page.

#### **--tty**, **-t**=**true**|**false**

Allocate a pseudo-TTY. The default is **false**.

When set to **true**, Podman will allocate a pseudo-tty and attach to the standard
input of the container. This can be used, for example, to run a throwaway
interactive shell. The default is **false**.

**NOTE**: The **-t** option is incompatible with a redirection of the Podman client
standard input.
eriksjolund commented 3 years ago

Interestingly Docker fails immediately without having to download any container image

esjolund@laptop:~$ docker --version
Docker version 20.10.5, build 55c4c88
esjolund@laptop:~$ echo "asdf" | docker run --rm -it --entrypoint /bin/cat centos:7
the input device is not a TTY
esjolund@laptop:~$ docker images | grep centos
esjolund@laptop:~$
rhatdan commented 3 years ago

We could probably add this check, easy enough. Would you like to take a stab at it?

eriksjolund commented 3 years ago

I first need to get into programming in Golang. Sorry, I can't right now.