<div dir="ltr"><div class="gmail_default" style="font-family:courier new,monospace">Control: tag -1 upstream</div><div class="gmail_default" style="font-family:courier new,monospace"><br></div><div class="gmail_default" style="font-family:courier new,monospace">Hi Antonio,</div><div class="gmail_default" style="font-family:courier new,monospace"><br></div><div class="gmail_default" style="font-family:courier new,monospace">Can you please file a report upstream here: <a href="https://github.com/containers/podman/issues">https://github.com/containers/podman/issues</a> -- upstream is really friendly with reports from other Distros, in particular from Debian. I'm not sure what value I can bring as a package maintainer here.<br><br>Thanks. Regards,</div><div class="gmail_default" style="font-family:courier new,monospace">-rt</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Apr 12, 2022 at 2:27 PM Antonio Terceiro <<a href="mailto:terceiro@debian.org">terceiro@debian.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Package: podman<br>
Version: 3.4.4+ds1-1<br>
Severity: normal<br>
<br>
When running containers for a foreign architecture, podman run will hit<br>
the networking looking for images on every invocation:<br>
<br>
----------------8<----------------8<----------------8<-----------------<br>
terceiro@host:~$ podman run --arch=arm64 debian arch<br>
Resolved "debian" as an alias (/etc/containers/registries.conf.d/shortnames.conf)<br>
Trying to pull <a href="http://docker.io/library/debian:latest." rel="noreferrer" target="_blank">docker.io/library/debian:latest.</a>..<br>
Getting image source signatures<br>
Copying blob fa223d8c149d done<br>
Copying config 05e8051d05 done<br>
Writing manifest to image destination<br>
Storing signatures<br>
aarch64<br>
terceiro@host:~$ podman run --arch=arm64 debian arch<br>
Resolved "debian" as an alias (/etc/containers/registries.conf.d/shortnames.conf)<br>
Trying to pull <a href="http://docker.io/library/debian:latest." rel="noreferrer" target="_blank">docker.io/library/debian:latest.</a>..<br>
Getting image source signatures<br>
Copying blob fa223d8c149d [-----------------] 0.0b / 0.0b<br>
Copying config 05e8051d05 done<br>
Writing manifest to image destination<br>
Storing signatures<br>
aarch64<br>
----------------8<----------------8<----------------8<-----------------<br>
<br>
This means that if I try run a foreign container while I'm offline, I<br>
can't:<br>
<br>
----------------8<----------------8<----------------8<-----------------<br>
terceiro@host:~$ podman run --arch=arm64 debian arch<br>
Resolved "debian" as an alias (/etc/containers/registries.conf.d/shortnames.conf)<br>
Trying to pull <a href="http://docker.io/library/debian:latest." rel="noreferrer" target="_blank">docker.io/library/debian:latest.</a>..<br>
Error: initializing source docker://debian:latest: pinging container registry <a href="http://registry-1.docker.io" rel="noreferrer" target="_blank">registry-1.docker.io</a>: Get "<a href="https://registry-1.docker.io/v2/" rel="noreferrer" target="_blank">https://registry-1.docker.io/v2/</a>": dial tcp: lookup <a href="http://registry-1.docker.io" rel="noreferrer" target="_blank">registry-1.docker.io</a> on <a href="http://10.0.2.3:53" rel="noreferrer" target="_blank">10.0.2.3:53</a>: dial udp <a href="http://10.0.2.3:53" rel="noreferrer" target="_blank">10.0.2.3:53</a>: connect: network is unreachable<br>
----------------8<----------------8<----------------8<-----------------<br>
<br>
Weirder than that, is that from this point on, a plain `podman run` will<br>
run the foreign container, instead of a native one (but will not hit the<br>
network, as I'm able to do that while still offline):<br>
<br>
----------------8<----------------8<----------------8<-----------------<br>
terceiro@host:~$ podman run debian arch<br>
aarch64<br>
----------------8<----------------8<----------------8<-----------------<br>
<br>
To "fix" this, I have to explicitly pull the same image without any<br>
architecture request after coming online again:<br>
<br>
----------------8<----------------8<----------------8<-----------------<br>
terceiro@host:~$ podman pull debian<br>
Trying to pull <a href="http://docker.io/library/debian:latest." rel="noreferrer" target="_blank">docker.io/library/debian:latest.</a>..<br>
Getting image source signatures<br>
Copying blob dbba69284b27 done<br>
Copying config d69c6cd3a2 done<br>
Writing manifest to image destination<br>
Storing signatures<br>
d69c6cd3a20d21ec91b677c3bcd10d9975f4fe67eff81afb5a09bdef5134afeb<br>
terceiro@host:~$ podman run debian arch<br>
x86_64<br>
----------------8<----------------8<----------------8<-----------------<br>
<br>
I have checked the version in experimental, and this bug still applies<br>
to it.<br>
<br>
-- System Information:<br>
Debian Release: bookworm/sid<br>
APT prefers testing-debug<br>
APT policy: (900, 'testing-debug'), (900, 'testing'), (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental-debug'), (1, 'experimental')<br>
Architecture: amd64 (x86_64)<br>
<br>
Kernel: Linux 5.16.0-6-amd64 (SMP w/4 CPU threads; PREEMPT)<br>
Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8), LANGUAGE=pt_BR:pt:en<br>
Shell: /bin/sh linked to /usr/bin/dash<br>
Init: systemd (via /run/systemd/system)<br>
LSM: AppArmor: enabled<br>
<br>
Versions of packages podman depends on:<br>
ii conmon 2.0.25+ds1-1.1<br>
ii containernetworking-plugins 1.1.0+ds1-1<br>
ii crun 0.17+dfsg-1.1<br>
ii golang-github-containers-common 0.47.2+ds1-1<br>
ii init-system-helpers 1.62<br>
ii libc6 2.33-7<br>
ii libdevmapper1.02.1 2:1.02.175-2.1<br>
ii libgpgme11 1.16.0-1.2<br>
ii libseccomp2 2.5.3-2<br>
ii runc 1.1.1+ds1-1<br>
<br>
Versions of packages podman recommends:<br>
ii buildah 1.24.1+ds1-1<br>
ii catatonit 0.1.7-1<br>
ii fuse-overlayfs 1.8.2-1<br>
ii golang-github-containernetworking-plugin-dnsname 1.3.1+ds1-2<br>
ii slirp4netns 1.0.1-2<br>
ii tini 0.19.0-1<br>
ii uidmap 1:4.11.1+dfsg1-2<br>
<br>
Versions of packages podman suggests:<br>
pn containers-storage <none><br>
ii docker-compose 1.29.2-1<br>
ii iptables 1.8.7-1<br>
<br>
-- no debconf information<br>
</blockquote></div><br clear="all"><div><br></div>-- <br><div dir="ltr" class="gmail_signature">regards,<br> Reinhard</div>