I have the following Dockerfile:
# syntax=docker/dockerfile:1
FROM windows
CMD echo Hello World!
I go to the folder where it is contained and run the command:
docker build -t myapp .
Here is the output I am getting:
#1 [internal] load build definition from Dockerfile
#1 sha256:a1d3c4a6e12f4cddf4afffc562b1433934c473851b755b2abc3f2fde935a1a92
#1 transferring dockerfile: 31B done
#1 DONE 0.0s
#2 [internal] load .dockerignore
#2 sha256:fb211a3db6387cb686b1196a6ecf918d5e247355af1defb5650b7e56a616141b
#2 transferring context: 2B done
#2 DONE 0.0s
#3 [internal] load metadata for docker.io/library/windows:latest
#3 sha256:d7ef60db0c57c36d3b2205b072a719bb2fde4c4f6da14ba36cfb712dae5b2314
#3 ...
#4 [auth] library/windows:pull token for registry-1.docker.io
#4 sha256:f2ddcdfd41cd000ab0347326f1abf8fae77a85d55a3cccd4448d5b972ac3e584
#4 DONE 0.0s
#3 [internal] load metadata for docker.io/library/windows:latest
#3 sha256:d7ef62dd0c57c36a3b2205b072b719bb2fde4b7f6ea31ba36cfb723dae5b2314
#3 ERROR: pull access denied, repository does not exist or may require authorization: server message: insufficient_scope: authorization failed
------
> [internal] load metadata for docker.io/library/windows:latest:
------
failed to solve with frontend dockerfile.v0: failed to create LLB definition: pull access denied, repository does not exist or may require authorization: server message: insufficient_scope: authorization failed
I am very new to Docker, so I can not understand what is causing this error. I do not know how to check if I logged in in Dockedr Hub or not and I do not know how to check if the base image named windows exists.
This question is not helpful at all.
1 My file is called Dockerfile.
2 I do not know what is the buildkit and I do not know where to put the:
export DOCKER_BUILDKIT=0
export COMPOSE_DOCKER_CLI_BUILD=0
3 I just freshly installed the Docker. I tried this sample application tutorial and it worked just fine for me.
4 As you can see in my Dockerfile I am not trying to copy anything.
Also, I am getting the following error:
$ docker pull mcr.microsoft.com/windows
Using default tag: latest
Error response from daemon: manifest
for mcr.microsoft.com/windows:latest
not found: manifest unknown: manifest tagged by "latest" is not found
I can not even pull the servercore/insider:
$ docker pull mcr.microsoft.com/windows/servercore/insider
Using default tag: latest
Error response from daemon: manifest for mcr.microsoft.com/windows/servercore/insider:latest not found: manifest unknown: manifest tagged by "latest" is not found
Even though my local Docker is configured to use the Windows containers:
Feels kind of devastating, I do not know why it does not work and how to fix it.
FROM windows
is not a valid base image on Docker Hub. You can see the pull attempt here:
#3 [internal] load metadata for docker.io/library/windows:latest
...
#3 ERROR: pull access denied, repository does not exist or may require authorization: server message: insufficient_scope: authorization failed
For a list of Windows images, I'd look to mcr.microsoft.com, and windows has documented their base images here:
https://learn.microsoft.com/en-us/virtualization/windowscontainers/manage-containers/container-base-images
e.g. for one of the Go images, it uses FROM mcr.microsoft.com/windows/servercore:1809
Related
I am building an existing code base (python fast api) in docker (in windows). Docker-compose throws an error. I use corporate laptop with zscaler. It looks like repodata.json is ~240Mb, this is not getting downloaded or failed inside the container for some weird unknown reason.
Options I tried:
Googled and read conda docs , FAQ on HTTP 000 connection issue.
ssl verify to false
Exported root certificate from browser to container root
Set request_ca_bundle parameter to crt path
Increased remote_read_timeout_secs to 600 sec in condarc
I created docker from power shell and curl the repodata.json url . This can able to download huge repodata.json file quickly.
Please share some troubleshooting steps. I also used verbose flag in conda ; not much help.
base image : continuumio/miniconda3:4.9.2
The same code works great in MacOS or from Linux. FYI.
[ 8/17] RUN conda env update --name base: #0 0.672 Collecting package metadata (repodata.json): ...working... failed #0 608.5 #0 608.5 CondaHTTPError: HTTP 000 CONNECTION FAILED for url <https://conda.anaconda.org/conda- forge/linux-64/repodata.json> #0 608.5 Elapsed: - #0 608.5 #0 608.5 An HTTP error occurred when trying to retrieve this URL. #0 608.5 HTTP errors are often intermittent, and a simple retry will get you on your way.
channels:
- conda-forge
- nodefaults
dependencies:
- python=3.8
- pydantic==1.8.2
- pip
- pip:
- jaydebeapi==1.2.3
- pyOpenSSL==23.0.0
- certifi==2022.12.7
troubleshooting steps and tips
I've set up continuous deployment to Cloud Run from GitHub for my Spring Boot project, and while it's successfully building in Cloud Build, when I go over to Cloud Run, I get the following error under Creating Revision:
The user-provided container failed to start and listen on the port defined provided by the PORT=8080 environment variable.
When I go over to the Logs, I see the following errors:
2022-09-23 09:42:47.881 BST
Error: Unable to access jarfile /app/target/educity-manager-0.0.1-SNAPSHOT.jar
{
insertId: "632d7187000d739d29eb84ad"
labels: {5}
logName: "projects/educity-manager/logs/run.googleapis.com%2Fstderr"
receiveTimestamp: "2022-09-23T08:42:47.883252595Z"
resource: {2}
textPayload: "Error: Unable to access jarfile /app/target/educity-manager-0.0.1-SNAPSHOT.jar"
timestamp: "2022-09-23T08:42:47.881565Z"
}
2022-09-23 09:43:48.800 BST
run.googleapis.com
…ager/revisions/educity-manager-00011-fod
Ready condition status changed to False for Revision educity-manager-00011-fod with message: Deploying Revision.
{
insertId: "w6ptr6d20ve"
logName: "projects/educity-manager/logs/cloudaudit.googleapis.com%2Fsystem_event"
protoPayload: {
#type: "type.googleapis.com/google.cloud.audit.AuditLog"
resourceName: "namespaces/educity-manager/revisions/educity-manager-00011-fod"
response: {6}
serviceName: "run.googleapis.com"
status: {2}}
receiveTimestamp: "2022-09-23T08:43:49.631015104Z"
resource: {2}
severity: "ERROR"
timestamp: "2022-09-23T08:43:48.800371Z"
}
Dockerfile is as follows (and looking at the build log all of the commands in it completed successfully):
FROM openjdk:17-jdk-alpine
RUN addgroup -S spring && adduser -S spring -G spring
USER spring:spring
COPY . /app
ENTRYPOINT [ "java","-jar","/app/target/educity-manager-0.0.1-SNAPSHOT.jar" ]
I've read that Cloud Run defaults to exposing Port 8080, but just to be on the safe side I've put server.port=${PORT:8080} in my application.properties file (but it seems to make no difference one way or the other).
I have run into similar issues in the past. Usually, I am able to resolve this issue by:
specifying the port in the application itself (as you indicated in your post), and
exposing the required port in my dockerfile eg. EXPOSE 8080
Oh my good god I have done it. After two full days of digging, I realised that because I was doing it through github, my .gitignore file was excluding the /target folder containing the jar file, so Cloud Build never got the jar file mentioned in the Dockerfile.
I am going to have a cry and then go to the pub.
I have generated a Yocto image to be used on all my target devices. When that image is running on target devices, it must be able to be updated using a rpm remote repository through https protocol.
To try doing that, I have added a dnf bbappend to my custom layer:
$ cat recipes-devtools/dnf/dnf_%.bbappend
FILESEXTRAPATHS_prepend := "${THISDIR}/files:"
SRC_URI += " \
file://yocto-adv-rpm.repo \
"
do_install_append () {
install -d ${D}/etc/yum.repos.d
install -m 0600 ${WORKDIR}/yocto-adv-rpm.repo ${D}/etc/yum.repos.d/yocto-adv-rpm.repo
}
FILES_${PN} += "/etc/yum.repos.d"
This is the content of repository configuration file included by dnf bbappend recipe:
$ cat recipes-devtools/dnf/files/yocto-adv-rpm.repo
[yocto-adv-rpm]
name=Rocko Yocto Repo
baseurl=https://storage.googleapis.com/my_repo/
gpgkey=https://storage.googleapis.com/my_repo/PACKAGEFEED-GPG-KEY-rocko
enabled=1
gpgcheck=1
This repository configuration breaks the build process of the image. When I try to build myimage recipe, I always get this error:
ERROR: myimage-1.0-r0 do_rootfs: [log_check] myimage: found 1 error message in the logfile:
[log_check] Failed to synchronize cache for repo 'yocto-adv-rpm', disabling.
ERROR: myimage-1.0-r0 do_rootfs: Function failed: do_rootfs
ERROR: Logfile of failure stored in: /home/yocto/yocto/build/tmp/work/machine-poky-linux/myimage/1.0-r0/temp/log.do_rootfs.731
ERROR: Task (/home/yocto/yocto/sources/meta-mylayer/recipes-images/myimage.bb:do_rootfs) failed with exit code '1'
However, when I replace the "https" by "http" in "baseurl" variable:
baseurl=http://storage.googleapis.com/my_repo/
Then the myimage recipe is built fine.
The host machine can download files from the https repository using wget:
$ wget https://storage.googleapis.com/my_repo/PACKAGEFEED-GPG-KEY-rocko
Previous commands works fine, so the problem is not related with the host machine, I think it must be something related with google certificates and yocto stuff.
I found some relevant information inside this file:
yocto/build/tmp/work/machine-poky-linux/myimage/1.0-r0/temp/dnf.librepo.log
The relevant part:
15:56:41 lr_download: Downloading started
15:56:41 check_transfer_statuses: Transfer finished: repodata/repomd.xml (Effective url: https://storage.googleapis.com/my_repo/repodata/repomd.xml)
15:56:41 check_finished_transfer_status: Fatal error - Curl code (77): Problem with the SSL CA cert (path? access rights?) for https://storage.googleapis.com/my_repo/repodata/repomd.xml [error setting certificate verify locations:
CAfile: /home/yocto/yocto/build/tmp/work/x86_64-linux/curl-native/7.54.1-r0/recipe-sysroot-native/etc/ssl/certs/ca-certificates.crt
CApath: none]
15:56:41 lr_yum_download_repomd: repomd.xml download was unsuccessful
Can some of you provide any useful advice to try to fix this?
Thank you in advance for your time! :-)
I finally fixed my issue removing completely my dnf bbappend recipe from my custom layer and adding this variable to my distro.conf file:
PACKAGE_FEED_URIS = "https://storage.googleapis.com/my_repo/"
After that, at the end of the build process the image contains a valid /etc/yum.d/oe-remote-repo file and all the necesary stuff to manage it. There is no need to copy "ca-certificates.crt" manually at all.
Also, it's important to execute this command after finishing the build of the image:
$ bitbake package-index
This command generates a "repodata" directory within the package feed needed by the target device once it uses the repo to update packages using dnf client.
I found a temporal hack to fix my issue:
$ cp /etc/ssl/certs/ca-certificates.crt /home/yocto/yocto/build/tmp/work/x86_64-linux/curl-native/7.54.1-r0/recipe-sysroot-native/etc/ssl/certs/
After that, I was finally able to build the image using the "https" repo.
Now I am in the process of fixing this issue in the right way. I'll come back with the final solution.
I've deployed Nexus OSS 3.6 and it's being served on http://server:8082/nexus
I have configured a docker-hub proxy using the instructions in http://www.sonatype.org/nexus/2017/02/16/using-nexus-3-as-your-repository-part-3-docker-images/ and have configured the docker-group to serve under port 18000
I can perform the following:
docker login server:18000
docker search server:18000/jenkins
but when I run:
docker pull server:18000/jenkins
i get the following error:
Error response from daemon: Get http://10.105.139.17:18000/v2/jenkins/manifests/latest:
error parsing HTTP 400 response body: invalid character '<'
looking for beginning of value:
"<html>\n<head>\n<meta http-equiv=\"Content-Type\"
content=\"text/html;charset=ISO-8859-1\"/>\n<title>
Error 400 </title>\n</head>\n<body>\n<h2>HTTP ERROR: 400</h2>\n
<p>Problem accessing /nexus/v2/token.
Reason:\n<pre> Not a Docker request</pre></p>\n<hr />
Powered by Jetty:// 9.3.20.v20170531<hr/>\n
</body>\n</html>\n"
My jetty nexus.properties config file is:
# Jetty section
application-port=8082
application-host=0.0.0.0
# nexus-args=${jetty.etc}/jetty.xml,${jetty.etc}/jetty-http.xml,${jetty.etc}/jetty-requestlog.xml
nexus-context-path=/nexus
# Nexus section
# nexus-edition=nexus-pro-edition
# nexus-features=\
# nexus-pro-feature
Could anyone offer any suggestions on how to fix this please?
I have the same problem when I enabled the anonymous read on some docker repository.
Repositories->Docker hosted->Check the checkbox (Disable to allow anonymous pull) from the repository.
seems you need to upgrade Nexus to 3.6.1 according to :
https://issues.sonatype.org/browse/NEXUS-14488
in order to allow anonymous read again
I am getting the following Error while pushing the Sample Hello World spring application on CloudFoundry.
Using manifest file C:\Users\I321571\Desktop\helo\Hello\manifest.yml
Updating app Hello in org trial / space I321571 as I321571...
OK
Uploading Hello...
Uploading app files from: C:\Users\I321571\Desktop\helo\Hello
Uploading 20.1K, 46 files
Done uploading
OK
Stopping app Hello in org trial / space I321571 as I321571...
OK
Starting app Hello in org trial / space I321571 as I321571...
-----> Downloaded app package (12K)
Cloning into '/tmp/buildpacks/java-buildpack'...
-----> Java Buildpack Version: b050954 | https://github.com/cloudfoundry/java-buildpack.git#b050954
[Buildpack] ERROR Compile failed with exception #<RuntimeError: No container can run this application. Please ensure that you've pushed a valid JVM artifact or artifacts using the
-p command line argument or path manifest entry. Information about valid JVM artifacts can be found at https://github.com/cloudfoundry/java-buildpack#additional-documentation. >
No container can run this application. Please ensure that you've pushed a valid JVM artifact or artifacts using the -p command line argument or path manifest entry. Information about valid JVM artifac
ts can be found at https://github.com/cloudfoundry/java-buildpack#additional-documentation.
Staging failed: Buildpack compilation step failed
FAILED
Error restarting application: BuildpackCompileFailed
TIP: use 'cf logs Hello --recent' for more information
this is my manifest.yml
applications:
- name: Hello
memory: 512M
instances: 1
Please help me in resolving the issue.
I encountered this error too!
Make sure the command given is valid
cf push {your-app-name} -p {path to your executable jar}