podman: installing from ubuntu ppa on debian 9 (stretch) results in failing slirp4netns
Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)
/kind bug
Description
When using the Ubuntu PPA repo to install on a debian 9 (stretch) machine, containers are unable to run due to slirp4netns error.
slirp4netns version 0.2.1
commit: 1797e46728440e93f9229d5a34874befe00b4cab
Steps to reproduce the issue:
cat > /etc/apt/sources.list.d/podman.list <<EOF
deb http://ppa.launchpad.net/projectatomic/ppa/ubuntu bionic main
EOF
sudo apt-key adv --recv-key --keyserver keyserver.ubuntu.com 0x018ba5ad9df57a4448f0e6cf8becf1637ad8c79d
sudo apt update
sudo apt -y install podman
podman pull fedora
podman run --rm -ti fedora /bin/bash
Describe the results you received:
$ podman --log-level debug run --rm -ti fedora /bin/bash
INFO[0000] running as rootless
DEBU[0000] Initializing boltdb state at /home/maxamillion/.local/share/containers/storage/libpod/bolt_state.db
DEBU[0000] Using graph driver vfs
DEBU[0000] Using graph root /home/maxamillion/.local/share/containers/storage
DEBU[0000] Using run root /run/user/1000
DEBU[0000] Using static dir /home/maxamillion/.local/share/containers/storage/libpod
DEBU[0000] Using tmp dir /run/user/1000/libpod/tmp
DEBU[0000] Using volume path /home/maxamillion/.local/share/containers/storage/volumes
DEBU[0000] Set libpod namespace to ""
DEBU[0000] Not configuring container store
DEBU[0000] Using slirp4netns netmode
INFO[0000] running as rootless
DEBU[0000] Initializing boltdb state at /home/maxamillion/.local/share/containers/storage/libpod/bolt_state.db
DEBU[0000] Using graph driver vfs
DEBU[0000] Using graph root /home/maxamillion/.local/share/containers/storage
DEBU[0000] Using run root /run/user/1000
DEBU[0000] Using static dir /home/maxamillion/.local/share/containers/storage/libpod
DEBU[0000] Using tmp dir /run/user/1000/libpod/tmp
DEBU[0000] Using volume path /home/maxamillion/.local/share/containers/storage/volumes
DEBU[0000] Set libpod namespace to ""
DEBU[0000] [graphdriver] trying provided driver "vfs"
DEBU[0000] parsed reference into "[vfs@/home/maxamillion/.local/share/containers/storage+/run/user/1000]docker.io/library/fedora:latest"
DEBU[0000] parsed reference into "[vfs@/home/maxamillion/.local/share/containers/storage+/run/user/1000]@26ffec5b4a8ad65083424903b7aa175953329413fe5cc4c0dac6fedbe81f2fbb"
DEBU[0000] exporting opaque data as blob "sha256:26ffec5b4a8ad65083424903b7aa175953329413fe5cc4c0dac6fedbe81f2fbb"
DEBU[0000] parsed reference into "[vfs@/home/maxamillion/.local/share/containers/storage+/run/user/1000]@26ffec5b4a8ad65083424903b7aa175953329413fe5cc4c0dac6fedbe81f2fbb"
DEBU[0000] exporting opaque data as blob "sha256:26ffec5b4a8ad65083424903b7aa175953329413fe5cc4c0dac6fedbe81f2fbb"
DEBU[0000] parsed reference into "[vfs@/home/maxamillion/.local/share/containers/storage+/run/user/1000]@26ffec5b4a8ad65083424903b7aa175953329413fe5cc4c0dac6fedbe81f2fbb"
DEBU[0000] Using slirp4netns netmode
DEBU[0000] Allocated lock 5 for container d7460244ff725a88760420818821a6caf4287aecc22f7e9dee406ebaecfac719
DEBU[0000] parsed reference into "[vfs@/home/maxamillion/.local/share/containers/storage+/run/user/1000]@26ffec5b4a8ad65083424903b7aa175953329413fe5cc4c0dac6fedbe81f2fbb"
DEBU[0000] exporting opaque data as blob "sha256:26ffec5b4a8ad65083424903b7aa175953329413fe5cc4c0dac6fedbe81f2fbb"
DEBU[0001] created container "d7460244ff725a88760420818821a6caf4287aecc22f7e9dee406ebaecfac719"
DEBU[0001] container "d7460244ff725a88760420818821a6caf4287aecc22f7e9dee406ebaecfac719" has work directory "/home/maxamillion/.local/share/containers/storage/vfs-containers/d7460244ff725a88760420818821a6caf4287aecc22f7e9dee406ebaecfac719/userdata"
DEBU[0001] container "d7460244ff725a88760420818821a6caf4287aecc22f7e9dee406ebaecfac719" has run directory "/run/user/1000/vfs-containers/d7460244ff725a88760420818821a6caf4287aecc22f7e9dee406ebaecfac719/userdata"
DEBU[0001] New container created "d7460244ff725a88760420818821a6caf4287aecc22f7e9dee406ebaecfac719"
DEBU[0001] container "d7460244ff725a88760420818821a6caf4287aecc22f7e9dee406ebaecfac719" has CgroupParent "/libpod_parent/libpod-d7460244ff725a88760420818821a6caf4287aecc22f7e9dee406ebaecfac719"
DEBU[0001] Handling terminal attach
DEBU[0001] mounted container "d7460244ff725a88760420818821a6caf4287aecc22f7e9dee406ebaecfac719" at "/home/maxamillion/.local/share/containers/storage/vfs/dir/9b389ee3d0a3ca98813491155cb84572381557832e53cc1f0f9d06d7c440c9a7"
DEBU[0001] Created root filesystem for container d7460244ff725a88760420818821a6caf4287aecc22f7e9dee406ebaecfac719 at /home/maxamillion/.local/share/containers/storage/vfs/dir/9b389ee3d0a3ca98813491155cb84572381557832e53cc1f0f9d06d7c440c9a7
DEBU[0001] /etc/system-fips does not exist on host, not mounting FIPS mode secret
DEBU[0001] Created OCI spec for container d7460244ff725a88760420818821a6caf4287aecc22f7e9dee406ebaecfac719 at /home/maxamillion/.local/share/containers/storage/vfs-containers/d7460244ff725a88760420818821a6caf4287aecc22f7e9dee406ebaecfac719/userdata/config.json
DEBU[0001] /usr/libexec/crio/conmon messages will be logged to syslog
DEBU[0001] running conmon: /usr/libexec/crio/conmon args=[-c d7460244ff725a88760420818821a6caf4287aecc22f7e9dee406ebaecfac719 -u d7460244ff725a88760420818821a6caf4287aecc22f7e9dee406ebaecfac719 -r /usr/bin/runc -b /home/maxamillion/.local/share/containers/storage/vfs-containers/d7460244ff725a88760420818821a6caf4287aecc22f7e9dee406ebaecfac719/userdata -p /run/user/1000/vfs-containers/d7460244ff725a88760420818821a6caf4287aecc22f7e9dee406ebaecfac719/userdata/pidfile -l /home/maxamillion/.local/share/containers/storage/vfs-containers/d7460244ff725a88760420818821a6caf4287aecc22f7e9dee406ebaecfac719/userdata/ctr.log --exit-dir /run/user/1000/libpod/tmp/exits --conmon-pidfile /home/maxamillion/.local/share/containers/storage/vfs-containers/d7460244ff725a88760420818821a6caf4287aecc22f7e9dee406ebaecfac719/userdata/conmon.pid --exit-command /usr/bin/podman --exit-command-arg --root --exit-command-arg /home/maxamillion/.local/share/containers/storage --exit-command-arg --runroot --exit-command-arg /run/user/1000 --exit-command-arg --log-level --exit-command-arg debug --exit-command-arg --cgroup-manager --exit-command-arg cgroupfs --exit-command-arg --tmpdir --exit-command-arg /run/user/1000/libpod/tmp --exit-command-arg --runtime --exit-command-arg runc --exit-command-arg --storage-driver --exit-command-arg vfs --exit-command-arg container --exit-command-arg cleanup --exit-command-arg --rm --exit-command-arg d7460244ff725a88760420818821a6caf4287aecc22f7e9dee406ebaecfac719 --socket-dir-path /run/user/1000/libpod/tmp/socket -t --log-level debug --syslog]
WARN[0001] Failed to add conmon to cgroupfs sandbox cgroup: mkdir /sys/fs/cgroup/systemd/libpod_parent: permission denied
DEBU[0001] Received container pid: 4324
DEBU[0001] Created container d7460244ff725a88760420818821a6caf4287aecc22f7e9dee406ebaecfac719 in OCI runtime
DEBU[0002] Cleaning up container d7460244ff725a88760420818821a6caf4287aecc22f7e9dee406ebaecfac719
DEBU[0002] Network is already cleaned up, skipping...
DEBU[0002] unmounted container "d7460244ff725a88760420818821a6caf4287aecc22f7e9dee406ebaecfac719"
DEBU[0002] Cleaning up container d7460244ff725a88760420818821a6caf4287aecc22f7e9dee406ebaecfac719
DEBU[0002] Network is already cleaned up, skipping...
DEBU[0002] Storage is already unmounted, skipping...
DEBU[0002] Storage is already unmounted, skipping...
ERRO[0002] slirp4netns failed
Describe the results you expected:
Additional information you deem important (e.g. issue happens only occasionally):
Output of podman version:
Version: 1.2.0-dev
RemoteAPI Version: 1
Go Version: go1.10.4
OS/Arch: linux/amd64
Output of podman info --debug:
debug:
compiler: gc
git commit: ""
go version: go1.10.4
podman version: 1.2.0-dev
host:
BuildahVersion: 1.8-dev
Conmon:
package: 'conmon: /usr/libexec/crio/conmon'
path: /usr/libexec/crio/conmon
version: 'conmon version , commit: '
Distribution:
distribution: debian
version: "9"
MemFree: 2668261376
MemTotal: 5195935744
OCIRuntime:
package: 'cri-o-runc: /usr/bin/runc'
path: /usr/bin/runc
version: 'runc version spec: 1.0.1-dev'
SwapFree: 0
SwapTotal: 0
arch: amd64
cpus: 4
hostname: penguin
kernel: 4.19.4-02480-gd44d301822f0
os: linux
rootless: true
uptime: 2h 23m 53.99s (Approximately 0.08 days)
insecure registries:
registries: []
registries:
registries:
- docker.io
- registry.fedoraproject.org
- quay.io
- registry.access.redhat.com
- registry.centos.org
store:
ConfigFile: /home/maxamillion/.config/containers/storage.conf
ContainerStore:
number: 0
GraphDriverName: vfs
GraphOptions: null
GraphRoot: /home/maxamillion/.local/share/containers/storage
GraphStatus: {}
ImageStore:
number: 1
RunRoot: /tmp/1000
VolumePath: /home/maxamillion/.local/share/containers/storage/volumes
About this issue
- Original URL
- State: closed
- Created 5 years ago
- Comments: 28 (18 by maintainers)
@lsm5 thanks! no worries about lag, I barely ever use the debian machine because I live primarily on Fedora and RHEL, but when I do … I like to use podman 😉
Done: https://launchpad.net/ubuntu/+source/slirp4netns/0.3.0-1
I’ll fix this later today once I’m done with some RHEL stuff. I’ve yet to enable travis auto-builds on slirp, will get that done as well while I’m at it. Sorry about the lag.
It is an issue with slirp4netns being too old. We started using some new features that make it more secure (such as no access to 127.0.0.1 on the host), and we need an updated package for that (or an older podman).