[pkg-go] Bug#1009376: running foreign architecture containers hits the network every time and confuses future `podman run` invocations

Reinhard Tartler siretart at gmail.com
Fri Apr 15 22:25:31 BST 2022 

Control: tag -1 upstream

Hi Antonio,

Can you please file a report upstream here:
https://github.com/containers/podman/issues -- upstream is really friendly
with reports from other Distros, in particular from Debian. I'm not sure
what value I can bring as a package maintainer here.

Thanks. Regards,
-rt

On Tue, Apr 12, 2022 at 2:27 PM Antonio Terceiro <terceiro at debian.org>
wrote:

> Package: podman
> Version: 3.4.4+ds1-1
> Severity: normal
>
> When running containers for a foreign architecture, podman run will hit
> the networking looking for images on every invocation:
>
> ----------------8<----------------8<----------------8<-----------------
> terceiro at host:~$ podman run --arch=arm64 debian arch
> Resolved "debian" as an alias
> (/etc/containers/registries.conf.d/shortnames.conf)
> Trying to pull docker.io/library/debian:latest...
> Getting image source signatures
> Copying blob fa223d8c149d done
> Copying config 05e8051d05 done
> Writing manifest to image destination
> Storing signatures
> aarch64
> terceiro at host:~$ podman run --arch=arm64 debian arch
> Resolved "debian" as an alias
> (/etc/containers/registries.conf.d/shortnames.conf)
> Trying to pull docker.io/library/debian:latest...
> Getting image source signatures
> Copying blob fa223d8c149d [-----------------] 0.0b / 0.0b
> Copying config 05e8051d05 done
> Writing manifest to image destination
> Storing signatures
> aarch64
> ----------------8<----------------8<----------------8<-----------------
>
> This means that if I try run a foreign container while I'm offline, I
> can't:
>
> ----------------8<----------------8<----------------8<-----------------
> terceiro at host:~$ podman run --arch=arm64 debian arch
> Resolved "debian" as an alias
> (/etc/containers/registries.conf.d/shortnames.conf)
> Trying to pull docker.io/library/debian:latest...
> Error: initializing source docker://debian:latest: pinging container
> registry registry-1.docker.io: Get "https://registry-1.docker.io/v2/":
> dial tcp: lookup registry-1.docker.io on 10.0.2.3:53: dial udp 10.0.2.3:53:
> connect: network is unreachable
> ----------------8<----------------8<----------------8<-----------------
>
> Weirder than that, is that from this point on, a plain `podman run` will
> run the foreign container, instead of a native one (but will not hit the
> network, as I'm able to do that while still offline):
>
> ----------------8<----------------8<----------------8<-----------------
> terceiro at host:~$ podman run debian arch
> aarch64
> ----------------8<----------------8<----------------8<-----------------
>
> To "fix" this, I have to explicitly pull the same image without any
> architecture request after coming online again:
>
> ----------------8<----------------8<----------------8<-----------------
> terceiro at host:~$ podman pull debian
> Trying to pull docker.io/library/debian:latest...
> Getting image source signatures
> Copying blob dbba69284b27 done
> Copying config d69c6cd3a2 done
> Writing manifest to image destination
> Storing signatures
> d69c6cd3a20d21ec91b677c3bcd10d9975f4fe67eff81afb5a09bdef5134afeb
> terceiro at host:~$ podman run debian arch
> x86_64
> ----------------8<----------------8<----------------8<-----------------
>
> I have checked the version in experimental, and this bug still applies
> to it.
>
> -- System Information:
> Debian Release: bookworm/sid
>   APT prefers testing-debug
>   APT policy: (900, 'testing-debug'), (900, 'testing'), (500,
> 'unstable-debug'), (500, 'unstable'), (1, 'experimental-debug'), (1,
> 'experimental')
> Architecture: amd64 (x86_64)
>
> Kernel: Linux 5.16.0-6-amd64 (SMP w/4 CPU threads; PREEMPT)
> Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8),
> LANGUAGE=pt_BR:pt:en
> Shell: /bin/sh linked to /usr/bin/dash
> Init: systemd (via /run/systemd/system)
> LSM: AppArmor: enabled
>
> Versions of packages podman depends on:
> ii  conmon                           2.0.25+ds1-1.1
> ii  containernetworking-plugins      1.1.0+ds1-1
> ii  crun                             0.17+dfsg-1.1
> ii  golang-github-containers-common  0.47.2+ds1-1
> ii  init-system-helpers              1.62
> ii  libc6                            2.33-7
> ii  libdevmapper1.02.1               2:1.02.175-2.1
> ii  libgpgme11                       1.16.0-1.2
> ii  libseccomp2                      2.5.3-2
> ii  runc                             1.1.1+ds1-1
>
> Versions of packages podman recommends:
> ii  buildah                                           1.24.1+ds1-1
> ii  catatonit                                         0.1.7-1
> ii  fuse-overlayfs                                    1.8.2-1
> ii  golang-github-containernetworking-plugin-dnsname  1.3.1+ds1-2
> ii  slirp4netns                                       1.0.1-2
> ii  tini                                              0.19.0-1
> ii  uidmap                                            1:4.11.1+dfsg1-2
>
> Versions of packages podman suggests:
> pn  containers-storage  <none>
> ii  docker-compose      1.29.2-1
> ii  iptables            1.8.7-1
>
> -- no debconf information
>


-- 
regards,
    Reinhard
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-go-maintainers/attachments/20220415/5a10685a/attachment-0003.htm>

More information about the Pkg-go-maintainers mailing list