Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

podman-3.2.3 import result image is empty #10994

Closed
babykart opened this issue Jul 20, 2021 · 9 comments · Fixed by #11018
Closed

podman-3.2.3 import result image is empty #10994

babykart opened this issue Jul 20, 2021 · 9 comments · Fixed by #11018
Assignees
Labels
kind/bug Categorizes issue or PR as related to a bug. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.

Comments

@babykart
Copy link

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)

/kind bug

Description

podman-3.2.3 import result image is empty

Steps to reproduce the issue:

wget https://mirror.init7.net/gentoo/releases/amd64/autobuilds/current-stage3-amd64-hardened+nomultilib/stage3-amd64-hardened+nomultilib-20210630T214504Z.tar.xz
xzcat stage3-amd64-hardened+nomultilib-20210630T214504Z.tar.xz | bzip2 | podman import - kubler-gentoo/stage3-amd64-hardened-nomultilib:20210630T214504Z

Describe the results you received:

Getting image source signatures
Copying blob e3b0c44298fc done
Copying config 4c17b62dd9 done
Writing manifest to image destination
Storing signatures
sha256:ad8d30dbb5cc8c1c93d668cc6688f0301179270a3e19fc58c1c4f77a55604b31
podman images
localhost/kubler-gentoo/stage3-amd64-hardened-nomultilib  latest            ad8d30dbb5cc  2 minutes ago      1.09 kB

Describe the results you expected:

Getting image source signatures
Copying blob ceeec99a2999 done
Copying config e08265be09 done
Writing manifest to image destination
Storing signatures
e08265be09ba19106937104d11f71a3927d1b031584b4ed0522883fcf8232b9d
podman images
localhost/kubler-gentoo/stage3-amd64-hardened-nomultilib  latest            e08265be09ba  4 minutes ago       905 MB

Additional information you deem important (e.g. issue happens only occasionally):

It appears to be relative to the size of the archive because if I try a smaller archive, it works perfectly with 3.2.X

localhost/kubler-gentoo/portage                           latest            174eb8a7c4a7  2 hours ago     372 MB

Output of podman version:

Version:      3.2.3
API Version:  3.2.3
Go Version:   go1.16.6
Git Commit:   1e6fd46e91b21342f9454cf8105a92b90e398c52
Built:        Tue Jul 20 16:21:49 2021
OS/Arch:      linux/amd64

Output of podman info --debug:

host:
  arch: amd64
  buildahVersion: 1.21.3
  cgroupControllers:
  - cpuset
  - cpu
  - cpuacct
  - blkio
  - memory
  - devices
  - freezer
  - net_cls
  - perf_event
  - net_prio
  - hugetlb
  - pids
  - rdma
  cgroupManager: systemd
  cgroupVersion: v1
  conmon:
    package: app-emulation/conmon-2.0.29
    path: /usr/bin/conmon
    version: 'conmon version 2.0.29, commit: 7e6de6678f6ed8a18661e1d5721b81ccee293b9b'
  cpus: 8
  distribution:
    distribution: gentoo
    version: unknown
  eventLogger: journald
  hostname: babykart
  idMappings:
    gidmap: null
    uidmap: null
  kernel: 5.10.49-gentoo-r1
  linkmode: dynamic
  memFree: 3080859648
  memTotal: 16786358272
  ociRuntime:
    name: crun
    package: app-emulation/crun-0.20.1
    path: /usr/bin/crun
    version: |-
      crun version 0.20.1
      commit: 38271d1c8d9641a2cdc70acfa3dcb6996d124b3d
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +YAJL
  os: linux
  remoteSocket:
    path: /run/podman/podman.sock
  security:
    apparmorEnabled: false
    capabilities: CAP_AUDIT_WRITE,CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_MKNOD,CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
    rootless: false
    seccompEnabled: true
    seccompProfilePath: /usr/share/containers/seccomp.json
    selinuxEnabled: false
  serviceIsRemote: false
  slirp4netns:
    executable: ""
    package: ""
    version: ""
  swapFree: 0
  swapTotal: 0
  uptime: 142h 48m 23.18s (Approximately 5.92 days)
registries:
  search:
  - docker.io
  - quay.io
store:
  configFile: /etc/containers/storage.conf
  containerStore:
    number: 1
    paused: 0
    running: 0
    stopped: 1
  graphDriverName: overlay
  graphOptions:
    overlay.mountopt: nodev,metacopy=on
  graphRoot: /vol/containers/storage
  graphStatus:
    Backing Filesystem: btrfs
    Native Overlay Diff: "false"
    Supports d_type: "true"
    Using metacopy: "true"
  imageStore:
    number: 65
  runRoot: /run/containers/storage
  volumePath: /vol/containers/storage/volumes
version:
  APIVersion: 3.2.3
  Built: 1626790909
  BuiltTime: Tue Jul 20 16:21:49 2021
  GitCommit: 1e6fd46e91b21342f9454cf8105a92b90e398c52
  GoVersion: go1.16.6
  OsArch: linux/amd64
  Version: 3.2.3

Package info (e.g. output of eix app-emulation/podman):

[I] app-emulation/podman
     Available versions:  (~)3.1.2^t (~)3.2.1^t (~)3.2.3^t[1] {apparmor btrfs +fuse +rootless selinux}
     Installed versions:  3.2.3^t[1](04:23:28 PM 07/20/2021)(btrfs rootless -apparmor -fuse -selinux)
     Homepage:            https://github.com/containers/podman/
     Description:         Library and podman tool for running OCI-based containers in Pods

Have you tested with the latest version of Podman and have you checked the Podman Troubleshooting Guide? (https://github.com/containers/podman/blob/master/troubleshooting.md)

Yes

Additional environment details (AWS, VirtualBox, physical, etc.):

Physical node.

@openshift-ci openshift-ci bot added the kind/bug Categorizes issue or PR as related to a bug. label Jul 20, 2021
@vrothberg vrothberg self-assigned this Jul 20, 2021
@vrothberg
Copy link
Member

Thanks, @babykart! I will take a look at this.

@hoshsadiq
Copy link

Got the same issue. Both for rootless and rootfull.

@vrothberg
Copy link
Member

Interesting. From reproducing locally, it seems that problem relates to when reading the archive from stdin. Importing the file directly podman import archive.tar works.

@hoshsadiq
Copy link

That would make sense. The only times I've used it is by reading from stdin!

@hoshsadiq
Copy link

FWIW when using docker import - image_name pointed to podman.socket it imports it (although the image itself doesn't get tagged)

@vrothberg
Copy link
Member

I opened #11018 to fix the issue.

@vrothberg
Copy link
Member

Got the same issue. Both for rootless and rootfull.

@hoshsadiq, can you share a reproducer? I am looking into adding a regression test but podam export; cat ... | podman import - does not trigger the error.

@hoshsadiq
Copy link

[ -r /tmp/DietPi_RPi-ARMv6-Buster.7z ] || curl -fsSL -o /tmp/DietPi_RPi-ARMv6-Buster.7z https://dietpi.com/downloads/images/DietPi_RPi-ARMv6-Buster.7z

tmp_dir="$(mktemp --directory -t dietpi.XXXXXXXX)"
trap '{ sudo umount -lf $tmp_dir/root || true; } && sudo rm -rf $tmp_dir' EXIT

/usr/bin/7za x /tmp/DietPi_RPi-ARMv6-Buster.7z -o"$tmp_dir" "*.img"

disk_img="$(basename "$(find "$tmp_dir" -name "*.img" -printf "%f")" .img)"
offset="$(fdisk -lu "${tmp_dir}/${disk_img}.img" | sed -n "s/\(^[^ ]*img2\)\s*\([0-9]*\)\s*\([0-9]*\)\s*\([0-9]*\).*/\2/p")"

podman run --rm -it -v "$tmp_dir:/workdir" -w /workdir --entrypoint sh multiarch/qemu-user-static -c 'cp /usr/bin/qemu-arm-static /workdir'

disk_root="$tmp_dir/root"
mkdir "$disk_root"
sudo mount -o loop,offset=$((offset * 512)) "${tmp_dir}/${disk_img}.img" "$disk_root"
sudo mv "$disk_root/etc/ld.so.preload" "$disk_root/etc/ld.so.preload.bak"
sudo cp "$tmp_dir/qemu-arm-static" "$disk_root/usr/bin"
sudo tar -C "$disk_root" -c . | podman import - "dietpi:$disk_img"

I've ripped this out of the full script I've got so a variable or two may be missing but I don't think it should.

vrothberg added a commit to vrothberg/libpod that referenced this issue Jul 23, 2021
If importing an archive via stdin write it to a temporary file such that
the temporary file can be opened multiple times later on.  Otherwise, we
may end up with an empty image.

Also fix a bug in the URL parsing code; we need to check whether there's
actually a scheme.

Add system tests for `podman import` exercising the basics.

Fixes: containers#10994
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
@vrothberg
Copy link
Member

Thanks everybody!

@github-actions github-actions bot added the locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. label Sep 21, 2023
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 21, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
kind/bug Categorizes issue or PR as related to a bug. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.
Projects
None yet
Development

Successfully merging a pull request may close this issue.

3 participants