Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dockerslim comms port and ssl issues while running in Tekton task #528

Open
pashaimran opened this issue Jun 3, 2023 · 1 comment
Open

Dockerslim comms port and ssl issues while running in Tekton task #528

pashaimran opened this issue Jun 3, 2023 · 1 comment
Labels
triage

Comments

@pashaimran
Copy link

Expected Behavior

Image should be optimised and pushed to registry.

Actual Behavior

Dockerfile is failing with ssl issues, even though ports are open and firewall has no restrictions.

docker-slim: message='join the Gitter channel to ask questions or to share your feedback' info='https://gitter.im/docker-slim/community'
docker-slim: message='join the Discord server to ask questions or to share your feedback' info='https://discord.gg/9tDyxYS'
docker-slim: message='Github discussions' info='https://github.com/docker-slim/docker-slim/discussions'
docker-slim[build]: info=probe message='changing continue-after from probe to enter because http-probe is disabled'
cmd=build state=started
cmd=build info=params context=./file=demo1/manifests/ocp4-np1-lz-aws/Dockerfile continue.mode=enter rt.as.user=true keep.perms=true
cmd=build state=building message='building basic image'
cmd=build info=basic.image.info tag=docker-slim-tmp-fat-image.13.20230603123528 dockerfile=demo1/manifests/ocp4-np1-lz-aws/Dockerfile context=.
cmd=build build logs (standard image) ====================
Step 1/6 : FROM quay.apps.lz-np2.ent-ocp4-useast1.aws.internal.das/openshift-base-images/ubi8-nodejs16-oracle-nettools-image-with-certs:latest
---> ee7720cc4911
Step 2/6 : USER root
---> Using cache
---> b28ff6e44cd4
Step 3/6 : COPY ./cacerts/cacerts /etc/pki/ca-trust/extracted/java/cacerts
---> f994e77ffb93
Step 4/6 : COPY ./cacerts/cacerts /usr/share/pki/ca-trust-source/anchors/cacerts
---> 42d01648e776
Step 5/6 : COPY ./cacerts/cacerts /etc/pki/ca-trust/source/anchors/cacerts
---> 8d5e4d861ff3
Step 6/6 : RUN yum install curl -y
---> Running in bb2b58f69a7d
Updating Subscription Management repositories.
Unable to read consumer identity
Subscription Manager is operating in container mode.

This system is not registered with an entitlement server. You can use subscription-manager to register.

Red Hat Universal Base Image 8 (RPMs) - BaseOS 0.0 B/s | 0 B 00:00
Errors during downloading metadata for repository 'ubi-8-baseos-rpms':

If i remove any RUN command from dockerfile it is giving comms ports error

docker-slim: message='join the Gitter channel to ask questions or to share your feedback' info='https://gitter.im/docker-slim/community'
docker-slim: message='join the Discord server to ask questions or to share your feedback' info='https://discord.gg/9tDyxYS'
docker-slim: message='Github discussions' info='https://github.com/docker-slim/docker-slim/discussions'
docker-slim[build]: info=probe message='changing continue-after from probe to enter because http-probe is disabled'
cmd=build state=started
cmd=build info=params context=./file=demo1/manifests/ocp4-np1-lz-aws/Dockerfile continue.mode=enter rt.as.user=true keep.perms=true
cmd=build state=building message='building basic image'
cmd=build info=basic.image.info tag=docker-slim-tmp-fat-image.12.20230603125012 dockerfile=demo1/manifests/ocp4-np1-lz-aws/Dockerfile context=.
cmd=build state=basic.image.build.completed
cmd=build state=image.inspection.start
cmd=build info=image id=sha256:f946673b3b279928e0ef4a58f1a04e0751664ac27c7050735ceac37dd6a3630d size.bytes=1352761934 size.human=1.4 GB
cmd=build info=image.users exe='root' all='1001,root,1001,root,1001,root,1001,root'
cmd=build info=image.stack index=0 name='slim-tmp-fat-image.13.20230529165610:latest' id='sha256:ee7720cc49118c5a8280baf154006d8ebfeae5866c3897a6400635f61e1a5f34'
cmd=build info=image.stack index=1 name='docker-slim-tmp-fat-image.12.20230603125012:latest' id='sha256:f946673b3b279928e0ef4a58f1a04e0751664ac27c7050735ceac37dd6a3630d'
cmd=build info=image.exposed_ports list='8080'
cmd=build state=image.inspection.done
cmd=build state=container.inspection.start
cmd=build info=container status=created name=dockerslimk_12_20230603125014 id=7d0b000fb36d1a7583452b9ecfc3cc9a30c4c9db91570c434aaf06de25a85260

Steps to Reproduce the Problem

Specifications

  • Version: latest
  • Platform: Tekton
@kcq kcq added the triage label Jun 9, 2023
@kcq
Copy link
Member

kcq commented Jun 9, 2023

@pashaimran looks like you are using slim to build your regular image for you by pointing at your Dockerfile. And when the image is building Docker can't resolve the cdn-ubi.redhat.com domain. This is normally addressed with extra flags to the docker build command and slim has similar parameters (e.g., cbo-add-host and other cbo-* flags). Either way, I would recommend starting simple where you don's use slim to build the original image for you. You should also start with a local setup first before you do it in Tekton. It'll make it much easier to debug :-)

For additional debug information you should add the global --debug flag and the --show-clogs flag for build command: slim --debug build --show-clogs YOUR_OTHER_FLAGS_HERE YOUR_TARGET_IMAGE_NAME_HERE

It also appears you are using an older version of slim. The current version is 1.40.2. Note the executable name changes there.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
triage
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@kcq @pashaimran