clair-scanner: [CRIT] ▶ Could not analyze layer: Clair responded with a failure: Got response 400 with message {"Error":{"Message":"could not find layer"}}

Hi,

I’m using a docker container with the clair-scanner installed and the docker daemon of the host available to it, so that it can access the images and containers of the host.

So in order to do a scan for example I’m using the below: docker run -it --rm -v /var/run/docker.sock:/var/run/docker.sock -v /lib64/libdevmapper.so.1.02:/usr/lib/x86_64-linux-gnu/libdevmapper.so.1.02 -v /lib64/libudev.so.0:/usr/lib/x86_64-linux-gnu/libudev.so.0 --privileged=true myorg/clairscan ./clair-scanner --clair="http://$myip:6060" --ip=$myip $animage

However, I keep getting the below:

2018/01/24 09:50:57 [INFO] ▶ Start clair-scanner
2018/01/24 09:51:27 [INFO] ▶ Server listening on port 9279
2018/01/24 09:51:27 [INFO] ▶ Analyzing efd75b67cb976df08013762c6dc86092f41c07ca62f90d41291185703336d55d
2018/01/24 09:51:27 [CRIT] ▶ Could not analyze layer: Clair responded with a failure: Got response 400 with message {"Error":{"Message":"could not find layer"}}

Any suggestions?

About this issue

Most upvoted comments

If you want to run everything fully as containers you can also do something like this that runs both clair and clair-scanner in the same networking namespace so they can reference each other as localhost:

docker run -d --name db arminc/clair-db:latest
docker run -d --link db:postgres --name clair arminc/clair-local-scan:v2.0.6
docker run --rm  -v /var/run/docker.sock:/var/run/docker.sock --network=container:clair ovotech/clair-scanner clair-scanner alpine
+8
travisghansen on Feb 14, 2020

See https://github.com/arminc/clair-scanner/issues/63#issuecomment-516791930 and https://github.com/arminc/clair-scanner/issues/63#issuecomment-516810971 how I resolved it on Mac and Linux.

+2
lghakamo-paf on Jul 31, 2019
Read more comments on GitHub
← Pokemon-GO-node-api: Cannot build s2geometry-node
mbed-cli: CLI fails to compile →