Open ykharko opened 1 year ago
Use cmd for build binary CGO_ENABLED=0 go build
Sorry please, silly question. What do you mean with "for build binary"? We don't build anything, just using Localstack docker image with KMS_PROVIDER = local-kms and this kms plugin is downloaded by Localstack automatically...
Then it is better to turn to Localstack, as they have built local-kms with a libc dependency.
@ykharko Looks like localstack is using quite an old version of Ubuntu for their base dicker image. At the moment I believe they always use the latest stable version of Local KMS v3. Let me look to see if I can pin it to 3.11.4
, as I suspect it will need to stay on that until they update to a new version of Ubuntu.
Okay, I've pinned localstack to Local KMS 3.11.4
, which should still support Ubuntu 20.04. I'm afraid I don't know much about how localstack brings in that binary to their container, but any new build of that container, should get the supported version.
@nsmithuk
Thank you very much for quick reply and help! Sorry, could you please clarify where exactly you've pinned 3.11.4 version? As I can see in Localstack official repo they just download already built versions from their S3 bucket. I guess probably there's one more repo where a stuff of building and putting local-kms to S3 is located? Could you please refer to it so that I can monitor it? If possible sure thing :)
@ykharko Pinned as in the binaries in s3://local-kms/localstack/v3/ are now all 3.11.4
, and will remain so until it's safe to update them.
Here's the one for Ubuntu, for example: https://local-kms.s3.eu-west-2.amazonaws.com/localstack/v3/local-kms.linux.bin
Ok, thank you. Sorry for being a pain but I have some other questions :)
This is from Localstack official repo: https://github.com/localstack/localstack/blob/master/localstack/services/kms/packages.py#L8
Please pay attention they use "/3/" path not a "/v3/" one.
I've also just checked and Localstack on my machine downloaded it from https://s3-eu-west-2.amazonaws.com/local-kms/3/local-kms_linux-amd64.bin
Could you please pin that version as well?
Okay, that's tricker as it's not only localstack referring to that path, and the assumption from people is that folder will always contain latest v3.
localstack might need to pin the version their side, at least until they are on a more recent OS.
Binaries with full versions in the path are available, so this should work: https://s3-eu-west-2.amazonaws.com/local-kms/3.11.4/local-kms_linux-amd64.bin
@ykharko Are you able to give that a test and see if it solves your issue?
@ykharko I think I've found a solution to this. There's a Go 1.20 image that's still build on Bullseye, which looks to use the same GLIBC version as Ubuntu 20.04. I've done a new tag, 3.11.6
, that's build using that. That should hopefully mean binary on the below URL should be happy now. Are you able to give it a test for me?
https://s3-eu-west-2.amazonaws.com/local-kms/3/local-kms_linux-amd64.bin
Hi there.
There's an issue with glibc library.
Possible conditions:
Issue: local-kms provider fails to start with repeated errors:``
Possible reason:
Is there anything what can be done with this issue?
Thanks in advance.