Open apexcz opened 5 years ago
@apexcz what version of Calr do you use? I have the same issue with the current master, but it works for many others (which is you got via go get
, not 2.3.0
). As workaround you may want to try binary from release.
@hashmap I use the latest version of Clair - image: quay.io/coreos/clair-git:latest and the Klar version is the version on the current master which I presume should be the latest release - 2.3.0 .
@apexcz thanks, I have the same version of Clair. No, another pr was merged after this release https://github.com/optiopay/klar/pull/113
@hashmap thank you and please let me know when it is merged.
@apexcz it was merged and it's why you have this issue:) it's not a part of any release yet, so please try the last release, not master branch
@hashmap I tried using the latest binary release - Klar 2.3.0 for osx and I still get the same error message as shown below. $ CLAIR_ADDR=localhost CLAIR_OUTPUT=High CLAIR_THRESHOLD=10 klarosx postgres:9.5.1 clair timeout 1m0s docker timeout: 1m0s no whitelist file Analysing 22 layers Failed to analyze using API v1: push image https://registry-1.docker.io/v2/library/postgres:9.5.1 to Clair failed: can't even read an error message: invalid character 'N' looking for beginning of value
Failed to analyze using API v3: push image https://registry-1.docker.io/v2/library/postgres:9.5.1 to Clair failed: rpc error: code = Unimplemented desc = unknown service clairpb.AncestryService
Failed to analyze, exiting
@hashmap I am still having the same issues with the latest binary release - Klar 2.3.0 for osx. I have even tried with other release versions down till version 2.0 where the error message changes to
Failed to analyze using API v3: push image https://registry-1.docker.io/v2/library/postgres:9.5.1 to Clair failed: rpc error: code = Unavailable desc = all SubConns are in TransientFailure
What do you suggest in this case?
The errors seems to occur because the /v1/layers endpoint is no longer supported. See my trace output after trying to scan the image kinihun/klar from hub.docker.com:
POST /v1/layers HTTP/1.1
Host: platform-os-clair-clair:6060
Content-Type: application/json
{"Layer":{"Name":"b78a4cc8ad0fef07d3ad4007ea6c99e4f5e73d0e430be43fba1b0d0e5388c238605ce1bd3f3164f2949a30501cc596f52a72de05da1306ab360055f0d7130c32","Path":"https://registry-1.docker.io/v2/kinihun/klar/blobs/sha256:605ce1bd3f3164f2949a30501cc596f52a72de05da1306ab360055f0d7130c32","ParentName":"","Format":"Docker","Features":null,"Headers":{"Authorization":"Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsIng1YyI6WyJNSUlDK2pDQ0FwK2dBd0lCQWdJQkFEQUtCZ2dxaGtqT1BRUURBakJHTVVRd1FnWURWUVFERXpzeVYwNVpPbFZMUzFJNlJFMUVVanBTU1U5Rk9reEhOa0U2UTFWWVZEcE5SbFZNT2tZelNFVTZOVkF5VlRwTFNqTkdPa05CTmxrNlNrbEVVVEFlRncweE9EQXlNVFF5TXpBMk5EZGFGdzB4T1RBeU1UUXlNekEyTkRkYU1FWXhSREJDQmdOVkJBTVRPMVpCUTFZNk5VNWFNenBNTkZSWk9sQlFTbGc2VWsxQlZEcEdWalpQT2xZMU1sTTZRa2szV2pwU1REVk9PbGhXVDBJNlFsTmFSanBHVTFRMk1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBMGtyTmgyZWxESnVvYjVERWd5Wi9oZ3l1ZlpxNHo0OXdvNStGRnFRK3VPTGNCMDRyc3N4cnVNdm1aSzJZQ0RSRVRERU9xNW5keEVMMHNaTE51UXRMSlNRdFY1YUhlY2dQVFRkeVJHUTl2aURPWGlqNFBocE40R0N0eFV6YTNKWlNDZC9qbm1YbmtUeDViOElUWXBCZzg2TGNUdmMyRFVUV2tHNy91UThrVjVPNFFxNlZKY05TUWRId1B2Mmp4YWRZa3hBMnhaaWNvRFNFQlpjWGRneUFCRWI2YkRnUzV3QjdtYjRRVXBuM3FXRnRqdCttKzBsdDZOR3hvenNOSFJHd3EwakpqNWtZbWFnWHpEQm5NQ3l5eDFBWFpkMHBNaUlPSjhsaDhRQ09GMStsMkVuV1U1K0thaTZKYVNEOFZJc2VrRzB3YXd4T1dER3U0YzYreE1XYUx3SURBUUFCbzRHeU1JR3ZNQTRHQTFVZER3RUIvd1FFQXdJSGdEQVBCZ05WSFNVRUNEQUdCZ1JWSFNVQU1FUUdBMVVkRGdROUJEdFdRVU5XT2pWT1dqTTZURFJVV1RwUVVFcFlPbEpOUVZRNlJsWTJUenBXTlRKVE9rSkpOMW82VWt3MVRqcFlWazlDT2tKVFdrWTZSbE5VTmpCR0JnTlZIU01FUHpBOWdEc3lWMDVaT2xWTFMxSTZSRTFFVWpwU1NVOUZPa3hITmtFNlExVllWRHBOUmxWTU9rWXpTRVU2TlZBeVZUcExTak5HT2tOQk5sazZTa2xFVVRBS0JnZ3Foa2pPUFFRREFnTkpBREJHQWlFQWdZTWF3Si9uMXM0dDlva0VhRjh2aGVkeURzbERObWNyTHNRNldmWTFmRTRDSVFEbzNWazJXcndiSjNmU1dwZEVjT3hNazZ1ZEFwK2c1Nkd6TjlRSGFNeVZ1QT09Il19.eyJhY2Nlc3MiOlt7InR5cGUiOiJyZXBvc2l0b3J5IiwibmFtZSI6ImtpbmlodW4va2xhciIsImFjdGlvbnMiOlsicHVsbCJdfV0sImF1ZCI6InJlZ2lzdHJ5LmRvY2tlci5pbyIsImV4cCI6MTUzMzEyMjM3NiwiaWF0IjoxNTMzMTIyMDc2LCJpc3MiOiJhdXRoLmRvY2tlci5pbyIsImp0aSI6Ikh0UTNGdHNXTm1PUHNBN3ZlOG5rIiwibmJmIjoxNTMzMTIxNzc2LCJzdWIiOiIifQ.toab6IcbEssbeB4CLHwYI5_K24-XwmUIYyX6eEYhkv0vFktEKoEp7v7lV3pgqsA2y5MbLjiM39S5vcGMe8AaaJMBFQMUaLIFWZwkQdPb--DF50Py7s7dnuBYSmQgHEcU_9WDD3tO2GVLBwCmyjz-dbWyLxw4faNIq6buWaY1P4uE4aWH85-tSZsRABVqHtUsimhIf1F7rY2c7yTepdAihZ7WhtqmNvJEocixF6kvtzyqupUbohOkRx3bC9Yo_HehhhSjJhcHlyjT5gOIp_DJLuo9cYZIrOW-B35IFfKyj7EIIKRJ6Pl920DVaDmPkSpHim-iJZLXuwJPa8A2MQyB-w"}}}
<---- HTTP RESPONSE:
HTTP/1.1 404 Not Found
Content-Length: 10
Content-Type: text/plain; charset=utf-8
Date: Wed, 01 Aug 2018 11:14:36 GMT
X-Content-Type-Options: nosniff
Not Found
Failed to analyze using API v1: push image https://registry-1.docker.io/v2/kinihun/klar:latest to Clair failed: can't even read an error message: invalid character 'N' looking for beginning of value
Failed to analyze using API v3: push image https://registry-1.docker.io/v2/kinihun/klar:latest to Clair failed: rpc error: code = Unimplemented desc = unknown service clairpb.AncestryService
Failed to analyze, exiting
@a-zen, I agree with you. I had to use coreos/clair v2.0.4 (the stable release) instead of coreos/clair-git:latest (development release).
Delete current version of Clair and modify $HOME/docker-compose.yml file from image: quay.io/coreos/clair-git:latest to image: quay.io/coreos/clair:v2.0.4
@apexcz so this is a clair bug and not an klar one?
@a-zen Yes, because the latest clair-git version doesn't support /v1/layers. Although Klar should fully support v3.
Not really, clair-git
introduces a new API (v3
) which is subject to change, so something must be changed. Stable release supports v1
, it should work fine. I'll take a look at changes in v3
.
@apexcz thanks I can confirm it works with the latest stable version of clair (2.0.4). @hashmap Maybe we can put this information into the README and close this bug?
With the clair-git:latest version clair is up and running
but the error when trying with klar is
docker run --env-file=env-file.env docker.io/poojatbabu/klar postgres:9.5.1 clair timeout 1m0s docker timeout: 1m0s no whitelist file Analysing 22 layers Failed to analyze using API v1: push image https://registry-1.docker.io/v2/library/postgres:9.5.1 to Clair failed: can't push layer to Clair: Post http://127.0.0.1:6060/v1/layers: dial tcp 127.0.0.1:6060: getsockopt: connection refused
Failed to analyze using API v3: push image https://registry-1.docker.io/v2/library/postgres:9.5.1 to Clair failed: rpc error: code = Unavailable desc = all SubConns are in TransientFailure
when i try with clair:v2.0.7 / clair:v2.0.5 / clair:latest
clair is not up and running error says
{"Event":"pgsql: could not open database: dial tcp 127.0.0.1:5432: getsockopt: connection refused","Level":"fatal","Location":"main.go:96","Time":"2019-02-10 16:25:57.674339"}
where as the postgres:9.6 is up and running fine eec593d07cf6 postgres:9.6 "docker-entrypoint..." 25 hours ago Up 25 hours 0.0.0.0:5432->5432/tcp youthful_hamilton
am i missing something, am trying to set up clair for the first time, help is highly appreciated.
@hashmap I just installed the latest version of klar - 2.3.0 (as at the time of writing) by the go get github.com/optiopay/klar command. This is the result I get
$ CLAIR_ADDR=localhost CLAIR_OUTPUT=High CLAIR_THRESHOLD=10 klar postgres:9.5.1 clair timeout 1m0s docker timeout: 1m0s no whitelist file Analysing 22 layers Failed to analyze using API v1: push image https://registry-1.docker.io/v2/library/postgres:9.5.1 to Clair failed: can't even read an error message: invalid character 'N' looking for beginning of value
Failed to analyze using API v3: push image https://registry-1.docker.io/v2/library/postgres:9.5.1 to Clair failed: rpc error: code = Unimplemented desc = unknown service clairpb.AncestryService
Failed to analyze, exiting $
Meanwhile, my previous version (last week) was working fine with the above command, but I was having issues implementing Klar's Dockerized version so I had to uninstall and re-install klar and clair. Please help me look into this issue.