Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Bug#1030930: podman: DNS resolution fails in 'podman build' but works in 'podman run'
234 views
Skip to first unread message
Kevin P. Fleming
Feb 9, 2023, 8:40:04 AM2/9/23
to
Package: podman
Version: 4.3.1+ds1-5+b1
Severity: important
Dear Maintainer,
I am seeing DNS resolution fail when using 'podman build' but succeed when
using 'podman run', with a Dockerfile which contains the same commands I run
manually in the 'podman run'-launched shell.
Dockerfile
----------
FROM alpine:3.10
RUN cat /etc/resolv.conf
RUN apk add tar
'podman run'
----------
kpfleming@nvr21:~/ctr-dns$ podman run --rm -it alpine:3.10 /bin/sh
/ # cat /etc/resolv.conf
nameserver 10.0.2.3
nameserver 2001:470:8afe:255::2
options edns0 trust-ad
/ # apk add tar
fetch http://dl-cdn.alpinelinux.org/alpine/v3.10/main/x86_64/APKINDEX.tar.gz
fetch http://dl-
cdn.alpinelinux.org/alpine/v3.10/community/x86_64/APKINDEX.tar.gz
(1/1) Installing tar (1.32-r1)
Executing busybox-1.30.1-r5.trigger
OK: 6 MiB in 15 packages
/ # exit
`podman build`
----------
kpfleming@nvr21:~/ctr-dns$ podman build .
STEP 1/3: FROM alpine:3.10
STEP 2/3: RUN cat /etc/resolv.conf
--> Using cache
6e684b0a8063a3c6ea051cc28b16ea19cc984ba9f154810cc3235d10e2ad4b2b
--> 6e684b0a806
STEP 3/3: RUN apk add tar
fetch http://dl-cdn.alpinelinux.org/alpine/v3.10/main/x86_64/APKINDEX.tar.gz
ERROR: http://dl-cdn.alpinelinux.org/alpine/v3.10/main: temporary error (try
again later)
WARNING: Ignoring http://dl-cdn.alpinelinux.org/alpine/v3.10/main: No such file
or directory
fetch http://dl-
cdn.alpinelinux.org/alpine/v3.10/community/x86_64/APKINDEX.tar.gz
ERROR: http://dl-cdn.alpinelinux.org/alpine/v3.10/community: temporary error
(try again later)
WARNING: Ignoring http://dl-cdn.alpinelinux.org/alpine/v3.10/community: No such
file or directory
ERROR: unable to select packages:
tar (no such package):
required by: world[tar]
Error: building at STEP "RUN apk add tar": while running runtime: exit status 1
When I add 'strace' to the image and trace the 'apk' invocation, I see that the
DNS queries sent to the servers listed in /etc/resolv.conf both time out, when
using 'podman build'.
I have tested the 4.4 package from 'experimental' with no change in behavior.
-- System Information:
Debian Release: bookworm/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 6.1.0-3-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages podman depends on:
ii conmon 2.1.3+ds1-1
ii crun 1.5+dfsg-1+b1
ii golang-github-containers-common 0.50.1+ds1-4
ii libc6 2.36-8
ii libdevmapper1.02.1 2:1.02.185-2
ii libgpgme11 1.18.0-3+b1
ii libseccomp2 2.5.4-1+b3
ii libsubid4 1:4.13+dfsg1-1
ii runc 1.1.4+ds1-1+b1
Versions of packages podman recommends:
ii buildah 1.28.2+ds1-1
ii catatonit 0.1.7-1+b1
ii dbus-user-session 1.14.4-1
ii fuse-overlayfs 1.9-1
ii slirp4netns 1.2.0-1
ii uidmap 1:4.13+dfsg1-1
Versions of packages podman suggests:
ii containers-storage 1.43.0+ds1-7
pn docker-compose <none>
ii iptables 1.8.9-2
-- no debconf information
Version: 4.3.1+ds1-5+b1
Severity: important
Dear Maintainer,
I am seeing DNS resolution fail when using 'podman build' but succeed when
using 'podman run', with a Dockerfile which contains the same commands I run
manually in the 'podman run'-launched shell.
Dockerfile
----------
FROM alpine:3.10
RUN cat /etc/resolv.conf
RUN apk add tar
'podman run'
----------
kpfleming@nvr21:~/ctr-dns$ podman run --rm -it alpine:3.10 /bin/sh
/ # cat /etc/resolv.conf
nameserver 10.0.2.3
nameserver 2001:470:8afe:255::2
options edns0 trust-ad
/ # apk add tar
fetch http://dl-cdn.alpinelinux.org/alpine/v3.10/main/x86_64/APKINDEX.tar.gz
fetch http://dl-
cdn.alpinelinux.org/alpine/v3.10/community/x86_64/APKINDEX.tar.gz
(1/1) Installing tar (1.32-r1)
Executing busybox-1.30.1-r5.trigger
OK: 6 MiB in 15 packages
/ # exit
`podman build`
----------
kpfleming@nvr21:~/ctr-dns$ podman build .
STEP 1/3: FROM alpine:3.10
STEP 2/3: RUN cat /etc/resolv.conf
--> Using cache
6e684b0a8063a3c6ea051cc28b16ea19cc984ba9f154810cc3235d10e2ad4b2b
--> 6e684b0a806
STEP 3/3: RUN apk add tar
fetch http://dl-cdn.alpinelinux.org/alpine/v3.10/main/x86_64/APKINDEX.tar.gz
ERROR: http://dl-cdn.alpinelinux.org/alpine/v3.10/main: temporary error (try
again later)
WARNING: Ignoring http://dl-cdn.alpinelinux.org/alpine/v3.10/main: No such file
or directory
fetch http://dl-
cdn.alpinelinux.org/alpine/v3.10/community/x86_64/APKINDEX.tar.gz
ERROR: http://dl-cdn.alpinelinux.org/alpine/v3.10/community: temporary error
(try again later)
WARNING: Ignoring http://dl-cdn.alpinelinux.org/alpine/v3.10/community: No such
file or directory
ERROR: unable to select packages:
tar (no such package):
required by: world[tar]
Error: building at STEP "RUN apk add tar": while running runtime: exit status 1
When I add 'strace' to the image and trace the 'apk' invocation, I see that the
DNS queries sent to the servers listed in /etc/resolv.conf both time out, when
using 'podman build'.
I have tested the 4.4 package from 'experimental' with no change in behavior.
-- System Information:
Debian Release: bookworm/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 6.1.0-3-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages podman depends on:
ii conmon 2.1.3+ds1-1
ii crun 1.5+dfsg-1+b1
ii golang-github-containers-common 0.50.1+ds1-4
ii libc6 2.36-8
ii libdevmapper1.02.1 2:1.02.185-2
ii libgpgme11 1.18.0-3+b1
ii libseccomp2 2.5.4-1+b3
ii libsubid4 1:4.13+dfsg1-1
ii runc 1.1.4+ds1-1+b1
Versions of packages podman recommends:
ii buildah 1.28.2+ds1-1
ii catatonit 0.1.7-1+b1
ii dbus-user-session 1.14.4-1
ii fuse-overlayfs 1.9-1
ii slirp4netns 1.2.0-1
ii uidmap 1:4.13+dfsg1-1
Versions of packages podman suggests:
ii containers-storage 1.43.0+ds1-7
pn docker-compose <none>
ii iptables 1.8.9-2
-- no debconf information
Reinhard Tartler
Apr 10, 2023, 6:00:05 PM4/10/23
to
Control: tag -1 + unreproducible moreinfo
Hi Kevin,
great to hear from you in this space!
On Thu, Feb 9, 2023 at 8:36 AM Kevin P. Fleming <ke...@km6g.us> wrote:
Package: podman
Version: 4.3.1+ds1-5+b1
Severity: important
Dear Maintainer,
I am seeing DNS resolution fail when using 'podman build' but succeed when
using 'podman run', with a Dockerfile which contains the same commands I run
manually in the 'podman run'-launched shell.
Dockerfile
----------
FROM alpine:3.10
RUN cat /etc/resolv.conf
RUN apk add tar
Unfortunately, I can't reproduce. Please help me to reproduce this issue. Also, maybe upstream has an idea, can you please report this issue at https://github.com/containers/podman/issues/new/choose. In any case, here is the output that I get:
siretart@x1:/tmp/dnstest$ cat >> Containerfile
siretart@x1:/tmp/dnstest$ cat >> Containerfile
FROM alpine:3.10
RUN cat /etc/resolv.conf
RUN apk add tar
siretart@x1:/tmp/dnstest$ cat Containerfile
FROM alpine:3.10
RUN cat /etc/resolv.conf
RUN apk add tar
siretart@x1:/tmp/dnstest$ podman build .
STEP 1/3: FROM alpine:3.10
Resolved "alpine" as an alias (/etc/containers/registries.conf.d/shortnames.conf)
Trying to pull docker.io/library/alpine:3.10...
Getting image source signatures
Copying blob 396c31837116 done
Copying config e7b300aee9 done
Writing manifest to image destination
Storing signatures
Trying to pull docker.io/library/alpine:3.10...
Getting image source signatures
Copying blob 396c31837116 done
Copying config e7b300aee9 done
Writing manifest to image destination
Storing signatures
STEP 2/3: RUN cat /etc/resolv.conf
STEP 3/3: RUN apk add tar
fetch http://dl-cdn.alpinelinux.org/alpine/v3.10/main/x86_64/APKINDEX.tar.gz
(1/1) Installing tar (1.32-r1)
Executing busybox-1.30.1-r5.trigger
OK: 6 MiB in 15 packages
COMMIT
--> 7c1bfd9e030
7c1bfd9e030f07b05cc9427a97c0bc5ff73bca5436bce389ad81da1a64f64a11
--> 7c1bfd9e030
7c1bfd9e030f07b05cc9427a97c0bc5ff73bca5436bce389ad81da1a64f64a11
regards,
Reinhard
Reinhard
0 new messages