The remote Docker seems to be well configured but when I try to download any image to my virtual docker It always fails with this trace :
2020-04-01T16:20:32.969Z [jfrt ] [INFO ] [b6e7232e6d2e0cb4] [DockerV2VirtualRepoHandler:117] [http-nio-8081-exec-8] - Fetching docker manifest for repo 'thanosio/thanos' and tag 'latest'
2020-04-01T16:20:33.874Z [jfrt ] [ERROR] [b6e7232e6d2e0cb4] [.DockerV2RemoteRepoHandler:448] [http-nio-8081-exec-8] - Missing Manifest from docker-via-intranet 'v2/thanosio/thanos/manifests/latest' not found at docker-via-intranet:thanosio/thanos/latest/list.manifest.json
2020-04-01T16:20:34.703Z [jfrt ] [ERROR] [b6e7232e6d2e0cb4] [.DockerV2RemoteRepoHandler:448] [http-nio-8081-exec-8] - Missing Manifest from docker-remote 'v2/thanosio/thanos/manifests/latest' not found at docker-remote:thanosio/thanos/latest/list.manifest.json
2020-04-01T16:20:35.545Z [jfrt ] [ERROR] [b6e7232e6d2e0cb4] [.DockerV2RemoteRepoHandler:448] [http-nio-8081-exec-8] - Missing Manifest from quay-io 'v2/thanosio/thanos/manifests/latest' not found at quay-io:thanosio/thanos/latest/list.manifest.json
DockerHub requires token authentication. You should check the "Enable Token Authentication" box. After doing this, try to pull an image you have never pulled before (since JFrog Container Registry caches 404s for a period of time). You can also go to the Advanced settings and set the missed metadata retrieval cache period to zero (instead of waiting for the cache period to expire).
Related
compose artifactory pro v6.9.0 running
In my compose I have two services :
image: docker.bintray.io/jfrog/artifactory-pro:6.9.0
image: docker.io/library/postgres:9.6.11
I was able to upgrade to 6.23.13 without any problem just by changing the version of the image.
When I try the same thing with any 7.X version (after upgrading to at least 6.10 as the doc says), I have errors.
For example, trying 7.21.3, I have these warnings
2022-08-01T08:41:30.343L [tomct] [WARNING] [ ] [org.apache.catalina.startup.HostConfig] [org.apache.catalina.startup.HostConfig deployDescriptor] - A docBase [/opt/jfrog/artifactory/app/artifactory/tomcat/webapps/access.war] inside the host appBase has been specified, and will be ignored
2022-08-01T08:41:30.343L [tomct] [WARNING] [ ] [org.apache.catalina.startup.HostConfig] [org.apache.catalina.startup.HostConfig deployDescriptor] - A docBase [/opt/jfrog/artifactory/app/artifactory/tomcat/webapps/artifactory.war] inside the host appBase has been specified, and will be ignored
...
2022-08-01T08:41:37.344Z [jfrt ] [WARN ] [ce1b2553475da56b] [c.z.h.p.ProxyConnection:182 ] [ocalhost-startStop-2] - HikariCP Main - Connection org.apache.derby.impl.jdbc.EmbedConnection#1597179442 (XID = 24), (SESSIONID = 3), (DATABASE = {db.home}), (DRDAID = null) marked as broken because of SQLSTATE(0A000), ErrorCode(20000)
java.sql.SQLFeatureNotSupportedException: Feature not implemented: No details.
and these errors
08:41:34,803 |-ERROR in ch.qos.logback.core.joran.action.AppenderAction - Could not create an Appender of type [org.artifactory.usage.appender.UsageTrafficTimeBasedRollingFileAppender]. ch.qos.logback.core.util.DynamicClassLoadingException: Failed to instantiate type org.artifactory.usage.appender.UsageTrafficTimeBasedRollingFileAppender
...
2022-08-01T08:41:37.113Z [jfrt ] [ERROR] [ce1b2553475da56b] [d.d.l.DbDistributeLocksDao:506] [ocalhost-startStop-2] - Unable to detect database version Unable to get connection from unique lock data source
2022-08-01T08:41:37.353Z [jfrt ] [ERROR] [ce1b2553475da56b] [tifactoryHomeConfigListener:55] [ocalhost-startStop-2] - Failed initializing Home. Caught exception:
java.lang.IllegalStateException: Could not find database table: db_properties
After reading the docs I do not clearly understand if I have to download the new docker-compose package from jfrog. I've tried but once there, the config.sh ask for external database and no question about reusing existing image directory.
Thx for help
Not sure if this is still relevant for you, but I got the same problem. As far as I see there are new DB connection environment variables, that must be set. This error message is just a symptom, because without the new DB connection env, Artifactory will try to use an in-memory database (Apache Derby). Something like this is needed to fix it (as Docker Compose config of the Artifactory container):
environment:
- JF_SHARED_DATABASE_TYPE=postgresql
- JF_SHARED_DATABASE_USERNAME=${POSTGRESQL_USERNAME}
- JF_SHARED_DATABASE_PASSWORD=${POSTGRESQL_PASSWORD}
- JF_SHARED_DATABASE_URL=jdbc:postgresql://postgresql:5432/artifactory
- JF_SHARED_DATABASE_DRIVER=org.postgresql.Driver
I'm trying to upload a docker image to GCR(Google Container Registry) with Cloud Shell but I got this error message:
ERROR: (gcloud.builds.submit) INVALID_ARGUMENT:
could not resolve source: googleapi: Error 403:
354778943856#cloudbuild.gserviceaccount.com does not have
storage.objects.get access to the Google Cloud Storage object.,
forbidden
This is the steps which I've done.
(1st step) I ran this command:
gcloud builds submit --tag gcr.io/my_project_id/hello_world
(2nd step) Then, I was asked whether or not enabling and retrying "API [cloudbuild.googleapis.com]" then, I put and ran "y":
Creating temporary tarball archive of 2 file(s) totalling 478 bytes
before compression. Uploading tarball of [.] to
[gs://my_project_id_cloudbuild/source/1642137449.192753-983fc894e2f24fa086f55fa3b56d58aa.tgz]
API [cloudbuild.googleapis.com] not enabled on project [354778943856].
Would you like to enable and retry (this will take a few minutes)?
(y/N)? y
(3rd step) Finally, I got this message with the error message:
Enabling service [cloudbuild.googleapis.com] on project
[354778943856]... Operation
"operations/acf.p2-354778943856-e99f6fd8-78ec-4cbd-94a2-07e0697d5455"
finished successfully. ERROR: (gcloud.builds.submit) INVALID_ARGUMENT:
could not resolve source: googleapi: Error 403:
354778943856#cloudbuild.gserviceaccount.com does not have
storage.objects.get access to the Google Cloud Storage object.,
forbidden
Even though I enabled "API [cloudbuild.googleapis.com]" by running "y", I got the error message.
ERROR: (gcloud.builds.submit) INVALID_ARGUMENT:
could not resolve source: googleapi: Error 403:
354778943856#cloudbuild.gserviceaccount.com does not have
storage.objects.get access to the Google Cloud Storage object.,
forbidden
Are there any ways to solve this error?
Did you find the message below at the end of the message of 2nd step?:
Would you like to enable and retry (this will take a few minutes)?
(y/N)? y
As the message says, it takes a few minutes after enabling "API [cloudbuild.googleapis.com]" by running "y".
So run the command again a few minutes after enabling "API [cloudbuild.googleapis.com]" by running "y":
gcloud builds submit --tag gcr.io/my_project_id/hello_world
Then, it will be successful:
ID: f4478e51-557b-407d-9c30-c379ef707258 CREATE_TIME:
2022-01-14T05:22:29+00:00 DURATION: 19S SOURCE:
gs://my_project_id_cloudbuild/source/1642137748.745566-d75b61b6c6bc4acb9aba900650f201b2.tgz
IMAGES: gcr.io/my_project_id/hello_world(+1 more) STATUS: SUCCESS
I want to use buildah from gitlab-ci, in order to build an image, run a container from it and do some tests against it.
My current gitlab-ci is:
tests:
tags:
- docker
image: quay.io/buildah/stable
stage: test
variables:
STORAGE_DRIVER: "vfs"
BUILDAH_FORMAT: "docker"
BUILDAH_ISOLATION: "rootless"
only:
refs:
- merge_requests
changes:
- **/*
script:
- buildah info --debug
- buildah unshare docker/test/run.sh
My runner is private gitlab runner, I don't want to change its configuration (to not break other CI).
The content of run.sh is:
#!/usr/bin/env bash
set -euo pipefail
container=$(buildah --ulimit nofile=8192 --name my-container from phusion/baseimage:bionic-1.0.0-amd64)
The error is:
level=warning msg="error reading allowed ID mappings: error reading subuid mappings for user \"root\" and subgid mappings for group \"root\": No subuid ranges found for user \"root\" in /etc/subuid" level=warning msg="Found no UID ranges set aside for user \"root\" in /etc/subuid." level=warning msg="Found no GID ranges set aside for user \"root\" in /etc/subgid." No buildah sali-container already exists... Package Sali Creating sali-container Completed short name "phusion/baseimage" with unqualified-search registries (origin: /etc/containers/registries.conf) Getting image source signatures Copying blob
sha256:36505266dcc64eeb1010bd2112e6f73981e1a8246e4f6d4e287763b57f101b0b Copying blob
sha256:1907967438a7f3c5ff54c8002847fe52ed596a9cc250c0987f1e2205a7005ff9 Copying blob
sha256:23884877105a7ff84a910895cd044061a4561385ff6c36480ee080b76ec0e771 Copying blob
sha256:2910811b6c4227c2f42aaea9a3dd5f53b1d469f67e2cf7e601f631b119b61ff7 Copying blob
sha256:bc38caa0f5b94141276220daaf428892096e4afd24b05668cd188311e00a635f Copying blob
sha256:53c90fd859186b7b770d65adcb6ae577d4c61133f033e628530b1fd8dc0af643 Copying blob
sha256:d039079bb3a9bf1acf69e7c00db0e6559a86148c906ba5dab06b67c694bbe87c Copying config
sha256:32c929dd2961004079c1e35f8eb5ef25b9dd23f32bc58ac7eccd72b4aa19f262 Writing manifest to image destination Storing signatures level=error msg="Error while applying layer: ApplyLayer
exit status 1 stdout: stderr: potentially insufficient UIDs or GIDs available in user namespace (requested 0:42 for /etc/gshadow): Check /etc/subuid and /etc/subgid: lchown /etc/gshadow: invalid argument" 4 errors occurred while pulling:
* Error initializing source docker://registry.fedoraproject.org/phusion/baseimage:bionic-1.0.0-amd64: Error reading manifest bionic-1.0.0-amd64 in registry.fedoraproject.org/phusion/baseimage: manifest unknown: manifest unknown
* Error initializing source docker://registry.access.redhat.com/phusion/baseimage:bionic-1.0.0-amd64: Error reading manifest bionic-1.0.0-amd64 in registry.access.redhat.com/phusion/baseimage: name unknown: Repo not found
* Error initializing source docker://registry.centos.org/phusion/baseimage:bionic-1.0.0-amd64: Error reading manifest bionic-1.0.0-amd64 in registry.centos.org/phusion/baseimage: manifest unknown: manifest unknown
* Error committing the finished image: error adding layer with blob "sha256:23884877105a7ff84a910895cd044061a4561385ff6c36480ee080b76ec0e771": ApplyLayer exit status 1 stdout: stderr: potentially insufficient UIDs or GIDs available in user namespace (requested 0:42 for /etc/gshadow): Check /etc/subuid and /etc/subgid: lchown /etc/gshadow: invalid argument level=error msg="exit status 125" level=error msg="exit status 125"
The result of buildah info --debug:
{
"debug": {
"buildah version": "1.18.0",
"compiler": "gc",
"git commit": "",
"go version": "go1.15.2"
},
"host": {
"CgroupVersion": "v1",
"Distribution": {
"distribution": "fedora",
"version": "33"
},
"MemFree": 9021378560,
"MemTotal": 15768850432,
"OCIRuntime": "runc",
"SwapFree": 0,
"SwapTotal": 0,
"arch": "amd64",
"cpus": 4,
"hostname": "runner-cvBUQadt-project-2197143-concurrent-0",
"kernel": "4.14.83+",
"os": "linux",
"rootless": false,
"uptime": "6391h 28m 15.45s (Approximately 266.29 days)"
},
"store": {
"ContainerStore": {
"number": 0
},
"GraphDriverName": "vfs",
"GraphOptions": [
"vfs.imagestore=/var/lib/shared"
],
"GraphRoot": "/var/lib/containers/storage",
"GraphStatus": {},
"ImageStore": {
"number": 0
},
"RunRoot": "/var/run/containers/storage"
}
}
I read other posts about the errors I had and came to this configuration, which is not enough. I choose buildah by thinking it would be easy to use from a CI as it is supposed to run rootless, but this is a real nightmare... I am poor lonesome developer and not a sysadmin, I don't understand how to setup linux for buildah... Can somebody help me?
Buildah is going to need to run as root or within a user namespace with sufficent UIDs to install files with different UID.
This looks like for some reason buildah thought it should run within a user namespace and then did not find root listed within the user namespace. This usually happens when you did not run with enough privileges.
While trying to build an awx image (Ansible works) for ppc64le, the following comes up:
TASK [image_build : Build AWX distribution using container] ***************************************************************************************************************************************************
fatal: [localhost -> localhost]: FAILED! => {"changed": false, "msg": "Error creating container: 400 Client Error: Bad Request (\"invalid reference format\")"}
to retry, use: --limit #/root/awx/installer/install.retry
PLAY RECAP ****************************************************************************************************************************************************************************************************
localhost : ok=10 changed=3 unreachable=0 failed=1
How can I see what really happens in the background? Any verbose docker logs that I can look at? The message itself is somewhat useless to me. I already set Ansible to verbose but this also was of no help.
Docker image names can only consist of lowercase (a-z) characters.
Either you are giving a un-supported image name or the variable(or paths) passed to the buid(or the container) cannot be resolved.
To enable debug logs, add "--debug" to docker daemon (/etc/systemd/system/multi-user.target.wants/docker.service for systemd based linux env)
For reference: https://docs.docker.com/config/daemon/#configure-the-docker-daemon
I am trying to start up network using following command
./network_setup.sh up
After running this command I am receiving this errro
#
# Generating anchor peer update for Org2MSP
########################################################### 2017-06-05 18:16:35.716 CST [common/configtx/tool] main -> INFO 001
Loading configuration 2017-06-05 18:16:35.719 CST
[common/configtx/tool] doOutputAnchorPeersUpdate -> INFO 002
Generating anchor peer update 2017-06-05 18:16:35.719 CST
[common/configtx/tool] doOutputAnchorPeersUpdate -> INFO 003 Writing
anchor peer update
Pulling cli (hyperledger/fabric-tools:latest)...
ERROR: repository hyperledger/fabric-tools not found: does not exist or no pull access
ERROR !!!! Unable to pull the images
How I can remove this error?please help me
You can manually pull this (and any other Hyperledger Fabric image) image from DockerHub. There was a period when the fabric-tools image was not included in the helper script download-dockerimages.sh.
docker pull hyperledger/fabric-tools:x86_64-1.0.0-beta
docker tag hyperledger/fabric-tools:x86_64-1.0.0-beta hyperledger/fabric-tools
Note that it might be worth reviewing the set of published tags on DockerHub to be sure you are getting the latest.
https://hub.docker.com/u/hyperledger/
you write the command line : this :
docker pull hyperledger/fabric-tools:x86_64-1.1.0-rc1
after that
docker tag hyperledger/fabric-tools:x86_64-1.1.0-rc1 hyperledger/fabric-tools:latest