new lab pulled from external docker repository fails to start

[gcschmit]

I downloaded the VirtualBox VM Appliance a couple of days ago from the NPS site. After importing, I ran the update-designer script. I successful created a new lab based on labtainer.base2 image. It launched successfully via the rebuild command. I then followed the instructions in section 10.5.2 of the LabDesigner manual to publish this lab, which appeared to be successful as it was pushed to my Docker Hub repository.

To test this new lab, I imported the VM Appliance to start with a clean student image. I ran the update-labtainer script to update the framework and then the imodule command to add my new lab. When I attempted to start the lab with the labtainers command, it would build the container, but the container would fail:

[2022-07-14 06:19:35,365 - ERROR : labutils.py:1413 - DoStartOne() ] failed docker exec find-the-secrets.find-the-secretStarted 1 containers, 1 completed initialization. Done.
[2022-07-14 06:19:35,539 - ERROR : labutils.py:2558 - DoStopOne() ] container find-the-secrets.find-the-secrets.student not running

Looking at the docker logs for the container, the failure was due to cgroups:

systemd 245.4-4ubuntu3.6 running in system mode. (+PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD +IDN2 -IDN +PCRE2 default-hierarchy=hybrid)
Detected virtualization docker.
Detected architecture x86-64.

Welcome to Ubuntu 20.04.2 LTS!

Set hostname to <find-the-secrets>.
Cannot determine cgroup we are running in: No medium found
Failed to allocate manager object: No medium found
[!!!!!!] Failed to allocate manager object.
Exiting PID 1...

As a result, I compared the docker create command invoked via the rebuild command in the designer environment and the docker create command invoked via the labtainer command in the student environment. The docker create command invoked via the labtainer command was missing the -v /sys/fs/cgroup:/sys/fs/cgroup:ro option.

The function that determines if this option should be added appears to be the isUbuntuSystemd function in the labutils.py script in that it detects ubuntu20. This function returns ubuntu20 in the context of the rebuild script because the image built in this manner doesn't have a "Config.Labels.Base" property, while the image built using publish.py adds this property. While the behavior is different, I don't think it is necessary problematic. However, the isUbuntuSystemd function fails to return ubuntu20 since the image passed to the docker history command contains the name of my Docker Hub repository and the name of the labtainers image: nnhsse/labtainer.base2

https://github.com/mfthomps/Labtainers/blob/0be122d9061edca110a782eda0263ec265b561e1/scripts/labtainer-student/bin/labutils.py#L446-L453

I worked around this issue in my particular case by commenting out line 449 which results in the variable base being left as labtainers/labtainer.base2

I wasn't sure how best to resolve this issue; so, I didn't attempt a robust fix and pull request.

[mfthomps]

Hi Geoff, Thanks for the report. I'm on travel but hope to have time to look at this, at least by the weekend. Can you tell me what base image you used for the container, or better yet, a link to the docker image? Thanks, --Mike

On Thu, Jul 14, 2022 at 9:20 AM Geoff Schmit @.***> wrote:

I downloaded the VirtualBox VM Appliance a couple of days ago from the NPS site https://nps.edu/web/c3o/virtual-machine-images. After importing, I ran the update-designer script. I successful created a new lab. It launched successfully via the rebuild command. I then followed the instructions in section 10.5.2 of the LabDesigner manual to publish this lab, which appeared to be successful as it was pushed to my Docker Hub repository https://hub.docker.com/r/nnhsse/find-the-secrets.find-the-secrets.student .

To test this new lab, I imported the VM Appliance to start with a clean student image. I ran the update-labtainer script to update the framework and then the imodule command to add my new lab. When I attempted to start the lab with the labtainers command, it would build the container, but the container would fail:

I compared the docker create command invoked via the rebuild command in the designer environment and the docker create command invoked via the labtainer command in the student environment. The docker create command invoked via the labtainer command was missing the "-v /sys/fs/cgroup:/sys/fs/cgroup:ro" option.

— Reply to this email directly, view it on GitHub https://github.com/mfthomps/Labtainers/issues/61, or unsubscribe https://github.com/notifications/unsubscribe-auth/AFCIJW5QQZBPZMCSSDHNHVTVUAH3BANCNFSM53SHUELA . You are receiving this because you are subscribed to this thread.Message ID: @.***>

[mfthomps]

Can you send me the url of your imodule so I can confirm a fix works with your lab? (mfthomps@nps.edu).

[mfthomps]

Fixed in version 1.3.7d

[gcschmit]

Mike,

No rush at all! I accidentally submitted the issue before I finished typing it. It now contains more information.

My base image is labtainer.base2 and my image is here: https://hub.docker.com/r/nnhsse/find-the-secrets.find-the-secrets.student

Thanks!

geoff On Jul 14, 2022, 12:36 PM -0500, Mike Thompson @.***>, wrote:

Hi Geoff, Thanks for the report. I'm on travel but hope to have time to look at this, at least by the weekend. Can you tell me what base image you used for the container, or better yet, a link to the docker image? Thanks, --Mike

On Thu, Jul 14, 2022 at 9:20 AM Geoff Schmit @.***> wrote:

I downloaded the VirtualBox VM Appliance a couple of days ago from the NPS site https://nps.edu/web/c3o/virtual-machine-images. After importing, I ran the update-designer script. I successful created a new lab. It launched successfully via the rebuild command. I then followed the instructions in section 10.5.2 of the LabDesigner manual to publish this lab, which appeared to be successful as it was pushed to my Docker Hub repository https://hub.docker.com/r/nnhsse/find-the-secrets.find-the-secrets.student .

To test this new lab, I imported the VM Appliance to start with a clean student image. I ran the update-labtainer script to update the framework and then the imodule command to add my new lab. When I attempted to start the lab with the labtainers command, it would build the container, but the container would fail:

I compared the docker create command invoked via the rebuild command in the designer environment and the docker create command invoked via the labtainer command in the student environment. The docker create command invoked via the labtainer command was missing the "-v /sys/fs/cgroup:/sys/fs/cgroup:ro" option.

— Reply to this email directly, view it on GitHub https://github.com/mfthomps/Labtainers/issues/61, or unsubscribe https://github.com/notifications/unsubscribe-auth/AFCIJW5QQZBPZMCSSDHNHVTVUAH3BANCNFSM53SHUELA . You are receiving this because you are subscribed to this thread.Message ID: @.***>

— Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you authored the thread.Message ID: @.***>

[mfthomps]

Were you able to confirm that the latest version fixed the problem?

[mfthomps]

... Ah, it seems github has some delayed posting issues. My guess is you did not post that 7 hours ago.