containerd: [Arch Linux package] Error response from daemon: ttrpc: closed: unknown

Description

After upgrading to containerd 1.4.0, I am unable to run any docker images with the error docker: Error response from daemon: ttrpc: closed: unknown.. Downgrading to 1.3.4 does not have any error and runs successfully. Not sure if this is a bug with the software or a packaging issue for Arch.

Steps to reproduce the issue:

docker run hello-world

Describe the results you received: docker: Error response from daemon: ttrpc: closed: unknown. ERRO[0003] error waiting for container: context canceled

Describe the results you expected: Expected to see: Hello from Docker!

Output of containerd --version:

containerd github.com/containerd/containerd v1.4.0.m be75852b8d7849474a20192f9ed1bf34fdd454f1.m

Working containerd --version:

containerd github.com/containerd/containerd v1.3.4.m d76c121f76a5fc8a462dc64594aea72fe18e1178.m

Any other relevant information: Using Arch Linux (rolling).

About this issue

Original URL
State: closed
Created 4 years ago
Reactions: 6
Comments: 16 (5 by maintainers)

Most upvoted comments

I can confirm the issue. Rolling back to containerd 1.3.4 fixes the issue for now:

cd /var/cache/pacman/pkg/
sudo pacman -U containerd-1.3.4-2-x86_64.pkg.tar.zst

+19

chaitan94 on Aug 17, 2020

It seems the package has been fixed a few minutes ago. The broken version was 1.4.0-1, and the fixed version is 1.4.0-2.

+13

jolmg on Aug 17, 2020

The fix has been handled by the Arch community

estesp on Aug 18, 2020

For the sake of completeness containerd fails building any docker container having a RUN directive with the given compiler settings below.

export GOFLAGS="-buildmode=pie -trimpath"
make EXTRA_LDFLAGS="-linkmode external"

This is with go-1.15 without any source modifications to either.

The relevant change from the go compiler is changing from -linkmode=external to -linkmode=internal when building with -buildmode=pie, this prevents binary hardening which is why there is an attempt building it this way. The test-suite doesn’t catch this.

The linker now defaults to internal linking mode for -buildmode=pie on linux/amd64 and linux/arm64, so these configurations no longer require a C linker. External linking mode (which was the default in Go 1.14 for -buildmode=pie) can still be requested with -ldflags=-linkmode=external flag.

https://golang.org/doc/go1.15#linker

export GOFLAGS="-buildmode=pie -trimpath"
make

Does work with go-1.15.

Foxboron on Aug 17, 2020

Yo, Arch containerd maintainer.

Just to clear up any confusion the correct commit is https://github.com/containerd/containerd/commit/09814d48d50816305a8e6c1a4ae3e2bcc4ba725a, I didn’t update the commit hash from the previous release.

Foxboron on Aug 17, 2020

Thank you @chaitan94. Package version 1.3.4 works indeed. I was able to fetch it from the ArchLinux package archive: https://archive.archlinux.org/packages/c/containerd/containerd-1.3.4-2-x86_64.pkg.tar.zst

cviebig on Aug 17, 2020

Also got this issue, also on Arch:

$ containerd --version
containerd github.com/containerd/containerd v1.4.0.m be75852b8d7849474a20192f9ed1bf34fdd454f1.m

$ sudo ctr -a /var/run/docker/containerd/containerd.sock images pull docker.io/library/alpine:latest 
ctr: failed to dial "/var/run/docker/containerd/containerd.sock": context deadline exceeded

I’m trying the official binary now

pagdot on Aug 17, 2020