search

linka-cloud / d2vm

Build Virtual Machine Image from Dockerfile or Docker image
Apache License 2.0
208 stars 31 forks source link

Running d2vm behind proxy #5

Closed sanketIntel closed 1 year ago

sanketIntel commented 1 year ago

My system is behind proxy and it fails to convert image, so I added http_proxy and https_proxy in ubuntu.Dockerfile to make it work. Is there any other way to make it work?

Adphi commented 1 year ago

I don't know. I have no experience with running behind proxy. It seems to be more of a problem with docker / ubuntu than with d2vm...

Adphi commented 1 year ago

From the docker documentation : the proxy is configurable on the Docker client side.

sanketIntel commented 1 year ago

This config file will be useful to run or create a docker container. But for building dockerfile behind proxy I have to add http_proxy variable in the dockerfile. Or I have to pass --build-arg option while building but I see that while with convert we cannot pass any --build-arg option.

Adphi commented 1 year ago

You are right, the convert command does not support build flags.

As written in the docker documentation:

If your container needs to use an HTTP, HTTPS, or FTP proxy server, you can configure it in different ways:

In Docker 17.07 and higher, you can configure the Docker client to pass proxy information to containers automatically.

In Docker 17.06 and earlier versions, you must set the appropriate environment variables within the container. You can do this when you build the image (which makes the image less portable) or when you create or run the container.

I don't think that using the old method is what you want as it makes the image less portable.

Have you tried to configure the docker client ?

sanketIntel commented 1 year ago

Yes it is already configured in my ~/.docker/config.json file. But as I said earlier this will not be passed while building dockerfile. This will be passed during create or run container.

As written in docker documentation:

When you create or start new containers, the environment variables are set automatically within the container.

Adphi commented 1 year ago

Oops, sorry... the links are for the docker client... the Dockerfile build steps are executed by the daemon so you need to configure the docker daemon to use the proxy: https://docs.docker.com/config/daemon/systemd/#httphttps-proxy

sanketIntel commented 1 year ago

This proxies are configured is my docker daemon.

Now here is my observation:

  1. when I run d2vm convert with out sudo it takes proxy settings from daemon but while creating raw image it is throwing an error 'permission denied'.

INFO[0049] creating vm image

INFO[0049] creating raw image

$ parted -s /tmp/d2vm/a0028e7b-659b-4609-a722-4408c4d1c0e4/disk0.d2vm.raw mklabel msdos mkpart primary 1Mib 100% set 1 boot on

INFO[0050] mounting raw image

ERRO[0050] Build failed error="losetup --show -f /tmp/d2vm/a0028e7b-659b-4609-a722-4408c4d1c0e4/disk0.d2vm.raw: stdout: stderr: losetup: /tmp/d2vm/a0028e7b-659b-4609-a722-4408c4d1c0e4/disk0.d2vm.raw: failed to set up loop device: Permission denied\n error: exit status 1"

My /tmp folder is having 777 permission.

  1. To overcome this error I have to run sudo d2vm convert . As my docker daemon is not configured to use proxy with sudo user I have to add proxy manually in dockerfile and this command can convert image successfully.

So, if you can address this permission denied issue, proxy related issue can be avoided.

Adphi commented 1 year ago

It is losetup that requires root permissions to configure the loop device.

Since the proxy configuration works without sudo, you may need to duplicate your docker client proxy configuration for the root user in /root/.docker/config.json.

sanketIntel commented 1 year ago

All permissions are granted to losetup.

-rwxrwxrwx 1 user user 112992 Feb 7 2022 /usr/sbin/losetup (user is not root)

For proxy I am not allowed to duplicate those docker config for root user.

Adphi commented 1 year ago

The problem is not the binary permissions, it is the operation performed by losetup which requires root privileges.

sanketIntel commented 1 year ago

How to address that? Or I will have to go for sudo every time. As document is mentioning d2vm without sudo, I think there could be some workaround to avoid this issue.

Adphi commented 1 year ago

How to address that?

Can you try:

alias d2vm='docker run --rm -i -t --privileged -v /var/run/docker.sock:/var/run/docker.sock -v $PWD:/build -w /build -v $HOME/.docker:/root/.docker linkacloud/d2vm:v0.0.6-19e3a69'

Then run the convert command ?

As document is mentioning d2vm without sudo

All commands in the documentation (except --help) are executed with sudo. As far as I know, building a virtual machine image requires root privileges to configure looping devices and mounts.

sanketIntel commented 1 year ago

Can you try:

I tried but same problem 'permission denied'.

Adphi commented 1 year ago

Did you launch the d2vm command in the terminal session where you run the alias command ?


> alias d2vm='docker run --rm -i -t --privileged -v /var/run/docker.sock:/var/run/docker.sock -v $PWD:/build -w /build -v $HOME/.docker:/root/.docker linkacloud/d2vm:v0.0.6-19e3a69'

> which d2vm

d2vm: aliased to docker run --rm -i -t --privileged -v /var/run/docker.sock:/var/run/docker.sock -v $PWD:/build -w /build -v $HOME/.docker:/root/.docker linkacloud/d2vm:v0.0.6-19e3a69

> d2vm convert --debug  (# the rest of the command)
sanketIntel commented 1 year ago

Yes.

But for me

$ which d2vm
/home/user//go/bin/d2vm
Adphi commented 1 year ago

can you move the binary out of your $PATH or rename it (mv ~/go/bin/d2vm ~/go/bin/d2vm.bak) and retry ?

sanketIntel commented 1 year ago

Ok now it is facing proxy issue. (not running with sudo)

Adphi commented 1 year ago

ok, can you retry but with the docker --user flag in the alias:


> alias d2vm='docker run --rm -i -t --privileged --user=$UID -v /var/run/docker.sock:/var/run/docker.sock -v $PWD:/build -w /build -v $HOME/.docker:/root/.docker linkacloud/d2vm:v0.0.6-19e3a69'

> which d2vm

d2vm: aliased to docker run --rm -i -t --privileged --user=$UID -v /var/run/docker.sock:/var/run/docker.sock -v $PWD:/build -w /build -v $HOME/.docker:/root/.docker linkacloud/d2vm:v0.0.6-19e3a69

> d2vm convert --debug  (# the rest of the command)
sanketIntel commented 1 year ago

Got an error

stderr: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock. dial unix /var/run/docker.sock: connect: permission denied error: exit status 1

Adphi commented 1 year ago

... of course... sorry about that one.

I have one last idea: 

# remove the alias
> unalias d2vm
# restore the `d2vm` binary 
> cp ~/go/bin/d2vm.bak ~/go/bin/d2vm

# validate d2vm command
> which d2vm

/home/user/go/bin/d2vm

# and retry with 'sudo' but with environment preservation: 
> sudo -E d2vm convert ...
sanketIntel commented 1 year ago

Ohh....yes!! this works.

Thank you so much for your awesome support @Adphi.

Appreciate your efforts.

Adphi commented 1 year ago

@sanketIntel You're welcome.