Error when pulling openjdk images

nestybox / sysbox-ee

Sysbox Enterprise-Edition repository. The enterprise version of the open-source Sysbox "runc" runtime (empowers rootless containers to run workloads such as Systemd, Docker, Kubernetes, just like VMs).

47 stars 7 forks source link

Error when pulling openjdk images #33

Closed c2nes closed 4 years ago

c2nes commented 4 years ago

Hi, I encountered the following issue when attempting to pull the openjdk image within a container using the sysbox-runc runtime,

# docker pull openjdk
Using default tag: latest
latest: Pulling from library/openjdk
977461c90301: Pull complete 
38d4dba4c275: Extracting [==================================================>]   14.8MB/14.8MB
2b949418b5d5: Download complete 
failed to register layer: Error processing tar file(exit status 1): operation not permitted

This was run inside a container started as follows,

docker run --runtime=sysbox-runc --rm --name nestybox-docker -it nestybox/alpine-docker

dockerd was started from another window via docker exec nestybox-docker dockerd -D.

I was able to reproduce the same error message building this smaller Dockerfile,

FROM oraclelinux:7-slim
RUN rm -rf /var/cache/yum

ctalledo commented 4 years ago

Hi Chris,

Thanks for giving Sysbox a shot and for filing the issue. I was able to reproduce it on my end too.

I don't know the exact cause and will investigate more, but I bumped into a similar problem a while back and found it to be related to some incompatibility between the docker version and the container's base image (alpine in your case).

I tried to reproduce it with a different image (nestybox/ubuntu-disco-systemd-docker) and it does not repro there, confirming my suspicion.

I'll investigate a bit more and get back to you soon.

Thanks again.

ctalledo commented 4 years ago

Hi Chris,

I confirmed that the problem occurs with alpine:latest + docker 18.09. I don't know the exact reason, but it does not appear to be specific to Sysbox itself.

The problem does not repro when I use alpine:latest + docker 19.03.

Thus, I updated the nestybox/alpine-docker image to use docker 19.03:

diff --git a/dockerfiles/alpine-docker/Dockerfile b/dockerfiles/alpine-docker/Dockerfile
index 741ec75..5885769 100644
--- a/dockerfiles/alpine-docker/Dockerfile
+++ b/dockerfiles/alpine-docker/Dockerfile
@@ -4,4 +4,4 @@

 FROM alpine:latest

-RUN apk update && apk add docker
+RUN sed -i 's/v3.10/latest-stable/g' /etc/apk/repositories && apk update && apk add docker

Give it a shot now, it should work. I'll upload the updated dockerfile shortly.

ctalledo commented 4 years ago

I'll upload the updated dockerfile shortly.

The updated dockerfile is here:

https://github.com/nestybox/sysbox-external/blob/master/dockerfiles/alpine-docker/Dockerfile

c2nes commented 4 years ago

Looks like that fixed it, thanks @ctalledo!

ctalledo commented 4 years ago

Great, thanks for filing the issue Chris.