qemu-img info https://ce.... dont work | ca-certificates is missing in the finale image

tianon / docker-qemu

Dockerization of supported QEMU releases

133 stars 34 forks source link

g$ docker run -it --rm --device /dev/kvm --name qemu-container -e QEMU_HDA_SIZE=100G -e QEMU_CPU=4 -e QEMU_RAM=4096 -e QEMU_BOOT='order=d' -e QEMU_PORTS='2375 2376' tianon/qemu qemu-img info https://centos.mirror.liteserver.nl/7/isos/x86_64/CentOS-7-x86_64-NetInstall-2009.iso qemu-img: Could not open 'https://centos.mirror.liteserver.nl/7/isos/x86_64/CentOS-7-x86_64-NetInstall-2009.iso': CURL: Error opening file: server certificate verification failed. CAfile: none CRLfile: none g$

g$ docker run -it --rm --device /dev/kvm --name qemu-container -e QEMU_HDA_SIZE=100G -e QEMU_CPU=4 -e QEMU_RAM=4096 -e QEMU_BOOT='order=d' -e QEMU_PORTS='2375 2376' tianon/qemu /bin/bash root@0297d5ae0d7b:/# apt update -qq All packages are up to date. root@0297d5ae0d7b:/# apt install --no-install-recommends openssl Reading package lists... Done Building dependency tree... Done Reading state information... Done Suggested packages: ca-certificates The following NEW packages will be installed: openssl 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. Need to get 851 kB of archives. After this operation, 1500 kB of additional disk space will be used. Get:1 http://deb.debian.org/debian bullseye/main amd64 openssl amd64 1.1.1k-1+deb11u1 [851 kB] Fetched 851 kB in 0s (3646 kB/s) debconf: delaying package configuration, since apt-utils is not installed Selecting previously unselected package openssl. (Reading database ... 7036 files and directories currently installed.) Preparing to unpack .../openssl_1.1.1k-1+deb11u1_amd64.deb ... Unpacking openssl (1.1.1k-1+deb11u1) ... Setting up openssl (1.1.1k-1+deb11u1) ... root@0297d5ae0d7b:/# qemu-img info https://centos.mirror.liteserver.nl/7/isos/x86_64/CentOS-7-x86_64-NetInstall-2009.iso qemu-img: Could not open 'https://centos.mirror.liteserver.nl/7/isos/x86_64/CentOS-7-x86_64-NetInstall-2009.iso': CURL: Error opening file: server certificate verification failed. CAfile: none CRLfile: none root@0297d5ae0d7b:/# apt install --no-install-recommends ca-certificates Reading package lists... Done Building dependency tree... Done Reading state information... Done The following NEW packages will be installed: ca-certificates 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. Need to get 158 kB of archives. After this operation, 391 kB of additional disk space will be used. Get:1 http://deb.debian.org/debian bullseye/main amd64 ca-certificates all 20210119 [158 kB] Fetched 158 kB in 0s (1286 kB/s) debconf: delaying package configuration, since apt-utils is not installed Selecting previously unselected package ca-certificates. (Reading database ... 7188 files and directories currently installed.) Preparing to unpack .../ca-certificates_20210119_all.deb ... Unpacking ca-certificates (20210119) ... Setting up ca-certificates (20210119) ... debconf: unable to initialize frontend: Dialog debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 78.) debconf: falling back to frontend: Readline debconf: unable to initialize frontend: Readline debconf: (Can't locate Term/ReadLine.pm in @INC (you may need to install the Term::ReadLine module) (@INC contains: /etc/perl /usr/local/lib/x86_64-linux-gnu/perl/5.3 2.1 /usr/local/share/perl/5.32.1 /usr/lib/x86_64-linux-gnu/perl5/5.32 /usr/share/perl5 /usr/lib/x86_64-linux-gnu/perl-base /usr/lib/x86_64-linux-gnu/perl/5.32 /usr/sh are/perl/5.32 /usr/local/lib/site_perl) at /usr/share/perl5/Debconf/FrontEnd/Readline.pm line 7.) debconf: falling back to frontend: Teletype Updating certificates in /etc/ssl/certs... 129 added, 0 removed; done. Processing triggers for ca-certificates (20210119) ... Updating certificates in /etc/ssl/certs... 0 added, 0 removed; done. Running hooks in /etc/ca-certificates/update.d... done. root@0297d5ae0d7b:/# qemu-img info https://centos.mirror.liteserver.nl/7/isos/x86_64/CentOS-7-x86_64-NetInstall-2009.iso image: https://centos.mirror.liteserver.nl/7/isos/x86_64/CentOS-7-x86_64-NetInstall-2009.iso file format: raw virtual size: 575 MiB (602931200 bytes) disk size: unavailable root@0297d5ae0d7b:/#

for qemu-system-x86_64 its the same error

$ qemu-img create -f qcow2 -o preallocation=off $HOME/hda.qcow2 10m
Formatting '/home/user/hda.qcow2', fmt=qcow2 cluster_size=65536 extended_l2=off preallocation=off compression_type=zlib size=10485760 lazy_refcounts=off refcount_bits=16

$ docker run -it --rm \
        --device /dev/kvm \
        --name qemu-container \
        -v $HOME/hda.qcow2:/tmp/hda.qcow2 \
        -e QEMU_HDA=/tmp/hda.qcow2 \
        -e QEMU_HDA_SIZE=100G \
        -e QEMU_CPU=4 \
        -e QEMU_RAM=4096 \
        -e QEMU_CDROM=https://dl-cdn.alpinelinux.org/alpine/v3.15/releases/x86_64/alpine-virt-3.15.0-x86_64.iso \
        -e QEMU_BOOT='order=d' \
        -e QEMU_PORTS='2375 2376' \
        tianon/qemu:native
+ exec qemu-system-x86_64 -enable-kvm -smp 4 -m 4096 -drive file=/tmp/hda.qcow2,index=0,media=disk,discard=unmap,detect-zeroes=unmap,if=none,id=hda -device virtio-scsi-pci -device scsi-hd,drive=hda -cdrom https://dl-cdn.alpinelinux.org/alpine/v3.15/releases/x86_64/alpine-virt-3.15.0-x86_64.iso -boot order=d -netdev user,hostname=dc2c4cb24da7,hostfwd=tcp::22-:22,hostfwd=udp::22-:22,hostfwd=tcp::2375-:2375,hostfwd=udp::2375-:2375,hostfwd=tcp::2376-:2376,hostfwd=udp::2376-:2376,id=net -device virtio-net-pci,netdev=net -serial stdio -vnc :0
qemu-system-x86_64: -cdrom https://dl-cdn.alpinelinux.org/alpine/v3.15/releases/x86_64/alpine-virt-3.15.0-x86_64.iso: CURL: Error opening file: server certificate verification failed. CAfile: none CRLfile: none
$

without https/ssl it works

$ docker run -it --rm \
        --device /dev/kvm \
        --name qemu-container \
        -v $HOME/hda.qcow2:/tmp/hda.qcow2 \
        -e QEMU_HDA=/tmp/hda.qcow2 \
        -e QEMU_HDA_SIZE=100G \
        -e QEMU_CPU=4 \
        -e QEMU_RAM=4096 \
        -e QEMU_CDROM=http://dl-cdn.alpinelinux.org/alpine/v3.15/releases/x86_64/alpine-virt-3.15.0-x86_64.iso \
        -e QEMU_BOOT='order=d' \
        -e QEMU_PORTS='2375 2376' \
        tianon/qemu:native
+ exec qemu-system-x86_64 -enable-kvm -smp 4 -m 4096 -drive file=/tmp/hda.qcow2,index=0,media=disk,discard=unmap,detect-zeroes=unmap,if=none,id=hda -device virtio-scsi-pci -device scsi-hd,drive=hda -cdrom http://dl-cdn.alpinelinux.org/alpine/v3.15/releases/x86_64/alpine-virt-3.15.0-x86_64.iso -boot order=d -netdev user,hostname=6e22a7287b1d,hostfwd=tcp::22-:22,hostfwd=udp::22-:22,hostfwd=tcp::2375-:2375,hostfwd=udp::2375-:2375,hostfwd=tcp::2376-:2376,hostfwd=udp::2376-:2376,id=net -device virtio-net-pci,netdev=net -serial stdio -vnc :0

ISOLINUX 6.04 6.04-pre1  Copyright (C) 1994-2015 H. Peter Anvin et al
boot: 

   OpenRC 0.44.7.88ce4d9bb0 is starting up Linux 5.15.4-0-virt (x86_64)

 * /proc is already mounted
 * Mounting /run ... * /run/openrc: creating directory
 * /run/lock: creating directory
 * /run/lock: correcting owner
 * Caching service dependencies ... [ ok ]
 * Remounting devtmpfs on /dev ... [ ok ]
 * Mounting /dev/mqueue ... [ ok ]
 * Mounting modloop  ... * Verifying modloop
 [ ok ]
 * Mounting security filesystem ... [ ok ]
 * Mounting debug filesystem ... [ ok ]
 * Mounting persistent storage (pstore) filesystem ... [ ok ]
 * Starting busybox mdev ... [ ok ]
 * Loading hardware drivers ... [ ok ]
 * Loading modules ... [ ok ]
 * Setting system clock using the hardware clock [UTC] ... [ ok ]
 * Checking local filesystems  ... [ ok ]
 * Remounting filesystems ... [ ok ]
 * Mounting local filesystems ... [ ok ]
 * Configuring kernel parameters ... [ ok ]
 * Migrating /var/lock to /run/lock ... [ ok ]
 * Creating user login records ... [ ok ]
 * Cleaning /tmp directory ... [ ok ]
 * Setting hostname ... [ ok ]
 * Starting busybox syslog ... [ ok ]
 * Starting firstboot ... [ ok ]

Welcome to Alpine Linux 3.15
Kernel 5.15.4-0-virt on an x86_64 (/dev/ttyS0)

localhost login: root
Welcome to Alpine!

The Alpine Wiki contains a large amount of how-to guides and general
information about administrating Alpine systems.
See <http://wiki.alpinelinux.org/>.

You can setup the system with the command: setup-alpine

You may change this message by editing /etc/motd.

localhost:~# poweroff 
localhost:~#  * Stopping busybox syslog ... [ ok ]
 * Unmounting loop devices
 *   Remounting /.modloop read only ... [ ok ]
 * Unmounting filesystems
 *   Unmounting /media/cdrom ... [ ok ]
 * Setting hardware clock using the system clock [UTC] ... [ ok ]
 * Stopping busybox mdev ... [ ok ]
 [ ok ]
 * Terminating remaining processes ... [ ok ]
 * Killing remaining processes ... [ ok ]
 * Saving dependency cache ... [ ok ]
 [ ok ]
 * Remounting remaining filesystems read-only ... *   Remounting / read only ... [ ok ]
 [ ok ]
The system is going down NOW!
Sent SIGTERM to all processes
Sent SIGKILL to all processes
Requesting system poweroff
[   32.789353] reboot: Power down
$

tianon / docker-qemu

qemu-img info https://ce.... dont work | ca-certificates is missing in the finale image #30