Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[ECS, Fargate]: Support for building Docker containers #95

Closed
restfulhead opened this issue Jan 8, 2019 · 43 comments
Closed

[ECS, Fargate]: Support for building Docker containers #95

restfulhead opened this issue Jan 8, 2019 · 43 comments
Labels
Fargate AWS Fargate Proposed Community submitted issue

Comments

@restfulhead
Copy link

Tell us about your request
We're using Fargate for our CI builds. This works for most of our pipelines, except the ones building Docker images. Currently it's not possible to use Docker inside a Fargate container. Mainly I'd like to do docker build and docker push.

Which service(s) is this request for?
This only applies to Fargate.

Tell us about the problem you're trying to solve. What are you trying to do, and why is it hard?
We currently use ECS EC2 for pipelines building Docker images. However, we would love to use Fargate for all our pipelines (no EC2 maintenance, no autoscaling headache).

I understand that the usual ways of using Docker inside a container (mount host's socket or run container in privileged mode) probably won't be feasible (security) for Fargate. However, there are alternatives such as kaniko. It would be great to have something similar for Fargate.

Any thoughts on this?

@restfulhead restfulhead added the Proposed Community submitted issue label Jan 8, 2019
@copumpkin
Copy link

Privileged mode might also be less of a big deal once everything's moved over to Firecracker

@Nr18
Copy link

Nr18 commented Jan 8, 2019

You can build docker images in AWS CodeBuild any reason not to use CodeBuild?

@restfulhead
Copy link
Author

Thanks, yeah, CodeBuild is an option and it would work. However, it would require quite some effort on our end. It would mean changes to our pipeline scripts and additional effort to setup things outside of Jenkins (CodeBuild project, buildspec, etc...). We were hoping to run our pipelines just the way they are in Fargate instead of EC2. Now if CodeBuild would run as a Jenkins agent, that would be awesome.

@tabern tabern added the ECS Amazon Elastic Container Service label Jan 16, 2019
@lox
Copy link

lox commented Jan 21, 2019

We ended up building https://github.com/buildkite/codebuild-run-build for running commands in codebuild and streaming the output to stdout. Works nicely with CI systems and Fargate.

@dsouzajude
Copy link

Any update for any work to be done on this or put into consideration? This could be really useful for CI/CD on Fargate. Please let us know if there would be work into this proposal. Thanks!

@thomascclay
Copy link

thomascclay commented Aug 13, 2019

I also have an interest in using Fargate to run a job that produces an image of a database snapshot/dump. It's not of our code so CodeBuild doesn't seem to fit. I'll be looking at Kaniko. Still, wanted to voice that feature supporting these use cases via Fargate would be nice.
(edited for clarity)

@dsouzajude
Copy link

Another issue with Fargate for CI is that, even if you manage to succeed with Kaniko, the container launch times is just too long. It takes quite a long time (about 15s to sometimes 2 minutes) until the container is provisioned, up and running and ready to build. If the provisioning can be quicker, this would be an even more better fit for CI.

@sgabenov
Copy link

Also, there is a possibility to use Kaniko to build container images from a Dockerfile, inside a container.

@marcelmunarolo
Copy link

It would be fantastic for our company to have Fargate with permissions to building containers. Our platform generates code and containers dynamically, and currently we use Fargate for most of the customer source code build tasks. So this feature would be great for our architecture and for consolidation of our process (Code generation + Build images).

@srrengar srrengar added Fargate AWS Fargate and removed ECS Amazon Elastic Container Service labels Apr 1, 2020
@dezren39
Copy link

dezren39 commented May 9, 2020

+1 for this feature

@rshoderu-ubertas
Copy link

+1 for this feature as well. would be great to have

@fniko
Copy link

fniko commented Sep 9, 2020

+1 Our app is connection to the database during the build to generate some Java classes. This is must have for us!

@MikeKroell
Copy link

+1 We would like to be able to build containers using Jenkins on Fargate

@fniko
Copy link

fniko commented Oct 19, 2020

Sorry for off-topic, could someone share how he managed the solution running on ECS based on EC2?
This could save me until docker-in-docker on Fargate will be supported.

@MikeKroell
Copy link

MikeKroell commented Oct 19, 2020

Here are some quick snippets of what I did that seems to work so far:

in the launch template for the EC2 ECS Host CF:

        UserData:
          Fn::Base64: 
            !Sub |
              #!/bin/bash
              echo ECS_CLUSTER=${AWS::StackName}-agents >> /etc/ecs/ecs.config
              chmod 666 /var/run/docker.sock

For the Task of a Jenkins agent:

      Volumes: 
        - !If
          - UseEfs
          - Name: Efs
            EFSVolumeConfiguration:
              FilesystemId: !Ref EfsId
              TransitEncryption: ENABLED
              AuthorizationConfig:
                AccessPointId: !Ref 'EfsAp'
          - !Ref "AWS::NoValue"
        - !If
          - UseEc2
          - Name: docker_sock
            Host:
              SourcePath: "/var/run/docker.sock"
          - !Ref "AWS::NoValue"

Under container Settings:

          MountPoints:
            - !If
              - UseEfs
              - ContainerPath: !Ref EfsContainerMountPath
                SourceVolume: Efs
              - !Ref "AWS::NoValue"
            - !If
              - UseEc2
              - ContainerPath: "/var/run/docker.sock"
                SourceVolume: docker_sock
              - !Ref "AWS::NoValue"

@dimisjim
Copy link

@MikeKroell but this is for EC2 launch type not fargate?

@MikeKroell
Copy link

@MikeKroell but this is for EC2 launch type not fargate?

No, this was for @fniko who was asking for something off-topic for how to use EC2 ECS as a workaround.

@petersonsbuild
Copy link

+1 for this feature

@mwarkentin
Copy link

I'd also love to see a native build service which supported Cloud Native Buildpacks.

@rcmedeiros
Copy link

+1 for this feature.

@ollypom
Copy link

ollypom commented Mar 12, 2021

FYI there was recently an AWS blog post on building container images on EKS / Fargate with Kaniko.

I also wrote some guidance on building images on ECS / Fargate with Kaniko here

@SaloniSonpal
Copy link

SaloniSonpal commented Apr 2, 2021

And here's a corresponding blog post for building container images on ECS/Fargate using Kaniko.

@matthewchung74
Copy link

And here's a corresponding blog post for building container images on ECS/Fargate using Kaniko.

@SaloniSonpal or @ollypom thanks for both blog posts. I've never used Kaniko but my application has a lot of code written around docker-py (python library for talking to docker socket). Do you know if Kaniko has something similar or if it is run only at the command line?

@ollypom
Copy link

ollypom commented Aug 24, 2021

Hi @matthewchung74 I'm assuming here that you are using docker-py (the Docker Python Client) to run the docker build command against the underlying Container Runtime in your non-fargate deployments?

Kaniko is not a long running daemon, like Docker is, instead Kaniko would perform a single container image build and then stop. For each Docker Build that you wanted to run, you would bring up a single instance of Kaniko in an ECS Task, perform the build, push the image, and then the ECS Task would stop. For parallelization you could have multiple ECS Tasks running at the same time.

As described in the blog post, you can trigger an ECS Task running Kaniko with the ECS Run Task command. So for your environment, you could replace the docker-py client with the boto3 client, and then through the boto3 ECS client you could trigger Run Task every time you wanted to start a Container Image build in Kaniko.

@matthewchung74
Copy link

Thanks @ollypom, and yes, the Docker Python Client. I do have a follow up question if that's ok. I am working on a CI/CD where I would need the output of the build logs as well as running the container (locally since it needs to be a fast test) for a verification test using AWS Lambda RIE, before pushing to ECR and AWS Lambda.

I see I could use cloudwatch for the logs, but then would I need to run docker anyways in order to do my verification test?

@m1n9o
Copy link

m1n9o commented Dec 13, 2021

+1 for this feature.

@chelto
Copy link

chelto commented Jan 6, 2022

+1 for this feature

1 similar comment
@joneal
Copy link

joneal commented Feb 8, 2022

+1 for this feature

@antgel
Copy link

antgel commented Apr 18, 2022

@SaloniSonpal Why was this closed? The Kaniko workaround doesn't fulfil the rquest. We bring up Jenkins slave Docker agents in Fargate using FROM jenkins/inbound-agent, but Kaniko requires FROM gcr.io/kaniko-project/executor:latest, so it's not compatible.

@TreeKat71
Copy link

Actually, you can combine them together.
jenkins/inbound-agent as your base image and COPY what you need from kaniko.
That works for me

@gauransh-dzip
Copy link

Any update on this, I need to run Docker-in-Docker or maybe use the fargate host docker deamon to spin up some containers from inside of an Pod but it isn't seems to be possible as, we cannot escalate to root privileges on the Pods and neither mount the docker socket of Fargate node (if it exists) to pod.

@cb-salaikumar
Copy link

Any updates on this request? Running Github Actions on Self Hosted runners with EKS. Would be helpful to evaluate EKS Fargate profiles for these use cases

@AllanOricil
Copy link

Would like to use Docker-in-Docker to enable github action jobs that run inside containers.

@tomas-sezima
Copy link

To get around the issue, one could also consider using Buildah Build action.

@nirpevo
Copy link

nirpevo commented Jun 5, 2023

Any updates? This is a must-have feature for a lot of organizations since 2019 at least.

@ryandiamond23
Copy link

+1

1 similar comment
@smartin-qb
Copy link

+1

@Sodki
Copy link

Sodki commented Dec 8, 2023

You actually don't need Docker to build Docker containers. Install podman, install podman-build and now you have a fully compatible, rootless, agentless, Docker replacement.

@smartin-qb
Copy link

Sodki

Using a debian image podman is nor working, similar issue with docker on a container.

root@b83899d26044:/home/jenkins# apt install -y podman
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following additional packages will be installed:
  buildah catatonit conmon containernetworking-plugins crun dbus dbus-user-session dconf-gsettings-backend dconf-service dirmngr dmsetup fuse-overlayfs fuse3 glib-networking glib-networking-common
  glib-networking-services gnupg gnupg-l10n gnupg-utils golang-github-containernetworking-plugin-dnsname golang-github-containers-common golang-github-containers-image gpg gpg-agent gpg-wks-client
  gpg-wks-server gpgconf gpgsm gsettings-desktop-schemas iptables libapparmor1 libarchive13 libargon2-1 libassuan0 libavahi-client3 libavahi-common-data libavahi-common3 libavahi-glib1 libcap2
  libcryptsetup12 libdbus-1-3 libdconf1 libdevmapper1.02.1 libfuse3-3 libglib2.0-0 libglib2.0-data libgpgme11 libicu67 libip4tc2 libip6tc2 libjansson4 libjson-c5 libkmod2 libksba8 libmnl0 libncursesw6
  libnetfilter-conntrack3 libnfnetlink0 libnftables1 libnftnl11 libnpth0 libnss-systemd libostree-1-1 libpam-systemd libproxy1v5 libreadline8 libslirp0 libsoup2.4-1 libsqlite3-0 libsystemd0 libtinfo6
  libxml2 libxtables12 libyajl2 nftables pinentry-curses readline-common shared-mime-info slirp4netns systemd systemd-sysv systemd-timesyncd uidmap xdg-user-dirs
Suggested packages:
  containers-storage pinentry-gnome3 tor parcimonie xloadimage scdaemon firewalld kmod lrzip pinentry-doc docker-compose readline-doc systemd-container policykit-1
The following NEW packages will be installed:
  buildah catatonit conmon containernetworking-plugins crun dbus dbus-user-session dconf-gsettings-backend dconf-service dirmngr dmsetup fuse-overlayfs fuse3 glib-networking glib-networking-common
  glib-networking-services gnupg gnupg-l10n gnupg-utils golang-github-containernetworking-plugin-dnsname golang-github-containers-common golang-github-containers-image gpg gpg-agent gpg-wks-client
  gpg-wks-server gpgconf gpgsm gsettings-desktop-schemas iptables libapparmor1 libarchive13 libargon2-1 libassuan0 libavahi-client3 libavahi-common-data libavahi-common3 libavahi-glib1 libcap2
  libcryptsetup12 libdbus-1-3 libdconf1 libdevmapper1.02.1 libfuse3-3 libglib2.0-0 libglib2.0-data libgpgme11 libicu67 libip4tc2 libip6tc2 libjansson4 libjson-c5 libkmod2 libksba8 libmnl0 libncursesw6
  libnetfilter-conntrack3 libnfnetlink0 libnftables1 libnftnl11 libnpth0 libnss-systemd libostree-1-1 libpam-systemd libproxy1v5 libreadline8 libslirp0 libsoup2.4-1 libsqlite3-0 libxml2 libxtables12
  libyajl2 nftables pinentry-curses podman readline-common shared-mime-info slirp4netns systemd systemd-sysv systemd-timesyncd uidmap xdg-user-dirs
The following packages will be upgraded:
  libsystemd0 libtinfo6
2 upgraded, 83 newly installed, 0 to remove and 20 not upgraded.
Need to get 56.8 MB of archives.
After this operation, 225 MB of additional disk space will be used.
Get:1 http://deb.debian.org/debian bullseye/main amd64 libsystemd0 amd64 247.3-7+deb11u4 [376 kB]
Get:2 http://deb.debian.org/debian bullseye/main amd64 libjansson4 amd64 2.13.1-1.1 [39.7 kB]
Get:3 http://deb.debian.org/debian bullseye/main amd64 libmnl0 amd64 1.0.4-3 [12.5 kB]
Get:4 http://deb.debian.org/debian bullseye/main amd64 libnftnl11 amd64 1.1.9-1 [63.7 kB]
Get:5 http://deb.debian.org/debian bullseye/main amd64 libxtables12 amd64 1.8.7-1 [45.1 kB]
Get:6 http://deb.debian.org/debian bullseye/main amd64 libnftables1 amd64 0.9.8-3.1+deb11u1 [261 kB]
Get:7 http://deb.debian.org/debian bullseye/main amd64 nftables amd64 0.9.8-3.1+deb11u1 [68.7 kB]
Get:8 http://deb.debian.org/debian bullseye/main amd64 libapparmor1 amd64 2.13.6-10 [99.3 kB]
Get:9 http://deb.debian.org/debian bullseye/main amd64 libcap2 amd64 1:2.44-1 [23.6 kB]
Get:10 http://deb.debian.org/debian bullseye/main amd64 libargon2-1 amd64 0~20171227-0.2 [19.6 kB]
Get:11 http://deb.debian.org/debian bullseye/main amd64 dmsetup amd64 2:1.02.175-2.1 [92.1 kB]
Get:12 http://deb.debian.org/debian bullseye/main amd64 libdevmapper1.02.1 amd64 2:1.02.175-2.1 [143 kB]
Get:13 http://deb.debian.org/debian bullseye/main amd64 libjson-c5 amd64 0.15-2+deb11u1 [42.9 kB]
Get:14 http://deb.debian.org/debian bullseye/main amd64 libcryptsetup12 amd64 2:2.3.7-1+deb11u1 [248 kB]
Get:15 http://deb.debian.org/debian bullseye/main amd64 libip4tc2 amd64 1.8.7-1 [34.6 kB]
Get:16 http://deb.debian.org/debian bullseye/main amd64 libkmod2 amd64 28-1 [55.6 kB]
Get:17 http://deb.debian.org/debian bullseye/main amd64 systemd amd64 247.3-7+deb11u4 [4502 kB]
Get:18 http://deb.debian.org/debian bullseye/main amd64 systemd-sysv amd64 247.3-7+deb11u4 [114 kB]
Get:19 http://deb.debian.org/debian bullseye/main amd64 libdbus-1-3 amd64 1.12.28-0+deb11u1 [223 kB]
Get:20 http://deb.debian.org/debian bullseye/main amd64 dbus amd64 1.12.28-0+deb11u1 [244 kB]
Get:21 http://deb.debian.org/debian bullseye/main amd64 libtinfo6 amd64 6.2+20201114-2+deb11u2 [342 kB]
Get:22 http://deb.debian.org/debian bullseye/main amd64 readline-common all 8.1-1 [73.7 kB]
Get:23 http://deb.debian.org/debian bullseye/main amd64 libreadline8 amd64 8.1-1 [169 kB]
Get:24 http://deb.debian.org/debian bullseye/main amd64 libnss-systemd amd64 247.3-7+deb11u4 [199 kB]
Get:25 http://deb.debian.org/debian bullseye/main amd64 libpam-systemd amd64 247.3-7+deb11u4 [283 kB]
Get:26 http://deb.debian.org/debian bullseye/main amd64 systemd-timesyncd amd64 247.3-7+deb11u4 [131 kB]
Get:27 http://deb.debian.org/debian bullseye/main amd64 uidmap amd64 1:4.8.1-1 [223 kB]
Get:28 http://deb.debian.org/debian bullseye/main amd64 golang-github-containers-image all 5.10.3-1 [29.1 kB]
Get:29 http://deb.debian.org/debian bullseye/main amd64 golang-github-containers-common all 0.33.4+ds1-1+deb11u2 [16.2 kB]
Get:30 http://deb.debian.org/debian bullseye/main amd64 libglib2.0-0 amd64 2.66.8-1 [1370 kB]
Get:31 http://deb.debian.org/debian bullseye/main amd64 libassuan0 amd64 2.5.3-7.1 [50.5 kB]
Get:32 http://deb.debian.org/debian bullseye/main amd64 gpgconf amd64 2.2.27-2+deb11u2 [548 kB]
Get:33 http://deb.debian.org/debian bullseye/main amd64 libksba8 amd64 1.5.0-3+deb11u2 [123 kB]
Get:34 http://deb.debian.org/debian bullseye/main amd64 libnpth0 amd64 1.6-3 [19.0 kB]
Get:35 http://deb.debian.org/debian bullseye/main amd64 dirmngr amd64 2.2.27-2+deb11u2 [763 kB]
Get:36 http://deb.debian.org/debian bullseye/main amd64 gnupg-l10n all 2.2.27-2+deb11u2 [1086 kB]
Get:37 http://deb.debian.org/debian bullseye/main amd64 gnupg-utils amd64 2.2.27-2+deb11u2 [905 kB]
Get:38 http://deb.debian.org/debian bullseye/main amd64 libsqlite3-0 amd64 3.34.1-3 [797 kB]
Get:39 http://deb.debian.org/debian bullseye/main amd64 gpg amd64 2.2.27-2+deb11u2 [928 kB]
Get:40 http://deb.debian.org/debian bullseye/main amd64 libncursesw6 amd64 6.2+20201114-2+deb11u2 [132 kB]
Get:41 http://deb.debian.org/debian bullseye/main amd64 pinentry-curses amd64 1.1.0-4 [64.9 kB]
Get:42 http://deb.debian.org/debian bullseye/main amd64 gpg-agent amd64 2.2.27-2+deb11u2 [669 kB]
Get:43 http://deb.debian.org/debian bullseye/main amd64 gpg-wks-client amd64 2.2.27-2+deb11u2 [524 kB]
Get:44 http://deb.debian.org/debian bullseye/main amd64 gpg-wks-server amd64 2.2.27-2+deb11u2 [516 kB]
Get:45 http://deb.debian.org/debian bullseye/main amd64 gpgsm amd64 2.2.27-2+deb11u2 [645 kB]
Get:46 http://deb.debian.org/debian bullseye/main amd64 gnupg all 2.2.27-2+deb11u2 [825 kB]
Get:47 http://deb.debian.org/debian bullseye/main amd64 libgpgme11 amd64 1.14.0-1+b2 [281 kB]
Get:48 http://deb.debian.org/debian bullseye/main amd64 libicu67 amd64 67.1-7 [8622 kB]
Get:49 http://deb.debian.org/debian bullseye/main amd64 libxml2 amd64 2.9.10+dfsg-6.7+deb11u4 [693 kB]
Get:50 http://deb.debian.org/debian bullseye/main amd64 libarchive13 amd64 3.4.3-2+deb11u1 [343 kB]
Get:51 http://deb.debian.org/debian bullseye/main amd64 libavahi-common-data amd64 0.8-5+deb11u2 [124 kB]
Get:52 http://deb.debian.org/debian bullseye/main amd64 libavahi-common3 amd64 0.8-5+deb11u2 [58.7 kB]
Get:53 http://deb.debian.org/debian bullseye/main amd64 libavahi-client3 amd64 0.8-5+deb11u2 [62.6 kB]
Get:54 http://deb.debian.org/debian bullseye/main amd64 libavahi-glib1 amd64 0.8-5+deb11u2 [44.5 kB]
Get:55 http://deb.debian.org/debian bullseye/main amd64 libproxy1v5 amd64 0.4.17-1 [59.5 kB]
Get:56 http://deb.debian.org/debian bullseye/main amd64 glib-networking-common all 2.66.0-2 [68.1 kB]
Get:57 http://deb.debian.org/debian bullseye/main amd64 glib-networking-services amd64 2.66.0-2 [17.5 kB]
Get:58 http://deb.debian.org/debian bullseye/main amd64 dbus-user-session amd64 1.12.28-0+deb11u1 [100 kB]
Get:59 http://deb.debian.org/debian bullseye/main amd64 libdconf1 amd64 0.38.0-2 [43.5 kB]
Get:60 http://deb.debian.org/debian bullseye/main amd64 dconf-service amd64 0.38.0-2 [37.4 kB]
Get:61 http://deb.debian.org/debian bullseye/main amd64 dconf-gsettings-backend amd64 0.38.0-2 [30.6 kB]
Get:62 http://deb.debian.org/debian bullseye/main amd64 gsettings-desktop-schemas all 3.38.0-2 [588 kB]
Get:63 http://deb.debian.org/debian bullseye/main amd64 glib-networking amd64 2.66.0-2 [67.6 kB]
Get:64 http://deb.debian.org/debian bullseye/main amd64 libsoup2.4-1 amd64 2.72.0-2 [280 kB]
Get:65 http://deb.debian.org/debian bullseye/main amd64 libostree-1-1 amd64 2020.8-2+deb11u1 [312 kB]
Get:66 http://deb.debian.org/debian bullseye/main amd64 buildah amd64 1.19.6+dfsg1-1+b6 [5817 kB]
Get:67 http://deb.debian.org/debian bullseye/main amd64 catatonit amd64 0.1.5-2 [248 kB]
Get:68 http://deb.debian.org/debian bullseye/main amd64 conmon amd64 2.0.25+ds1-1.1 [34.4 kB]
Get:69 http://deb.debian.org/debian bullseye/main amd64 containernetworking-plugins amd64 0.9.0-1+b6 [7288 kB]
Get:70 http://deb.debian.org/debian bullseye/main amd64 libyajl2 amd64 2.1.0-3+deb11u2 [24.2 kB]
Get:71 http://deb.debian.org/debian bullseye-updates/main amd64 crun amd64 0.17+dfsg-1+deb11u2 [241 kB]
Get:72 http://deb.debian.org/debian bullseye/main amd64 libfuse3-3 amd64 3.10.3-2 [85.3 kB]
Get:73 http://deb.debian.org/debian bullseye/main amd64 fuse3 amd64 3.10.3-2 [34.7 kB]
Get:74 http://deb.debian.org/debian bullseye/main amd64 fuse-overlayfs amd64 1.4.0-1 [42.6 kB]
Get:75 http://deb.debian.org/debian bullseye/main amd64 golang-github-containernetworking-plugin-dnsname amd64 1.1.1+ds1-4+b7 [1040 kB]
Get:76 http://deb.debian.org/debian bullseye/main amd64 libip6tc2 amd64 1.8.7-1 [35.0 kB]
Get:77 http://deb.debian.org/debian bullseye/main amd64 libnfnetlink0 amd64 1.0.1-3+b1 [13.9 kB]
Get:78 http://deb.debian.org/debian bullseye/main amd64 libnetfilter-conntrack3 amd64 1.0.8-3 [40.6 kB]
Get:79 http://deb.debian.org/debian bullseye/main amd64 iptables amd64 1.8.7-1 [382 kB]
Get:80 http://deb.debian.org/debian bullseye/main amd64 libglib2.0-data all 2.66.8-1 [1164 kB]
Get:81 http://deb.debian.org/debian bullseye/main amd64 libslirp0 amd64 4.4.0-1+deb11u2 [57.9 kB]
Get:82 http://deb.debian.org/debian bullseye/main amd64 podman amd64 3.0.1+dfsg1-3+deb11u4 [9519 kB]
Get:83 http://deb.debian.org/debian bullseye/main amd64 shared-mime-info amd64 2.0-1 [701 kB]
Get:84 http://deb.debian.org/debian bullseye/main amd64 slirp4netns amd64 1.0.1-2 [33.4 kB]
Get:85 http://deb.debian.org/debian bullseye/main amd64 xdg-user-dirs amd64 0.17-2 [53.8 kB]
Fetched 56.8 MB in 5s (10.7 MB/s)
debconf: delaying package configuration, since apt-utils is not installed
(Reading database ... 12598 files and directories currently installed.)
Preparing to unpack .../libsystemd0_247.3-7+deb11u4_amd64.deb ...
Unpacking libsystemd0:amd64 (247.3-7+deb11u4) over (247.3-7+deb11u2) ...
Setting up libsystemd0:amd64 (247.3-7+deb11u4) ...
Selecting previously unselected package libjansson4:amd64.
(Reading database ... 12598 files and directories currently installed.)
Preparing to unpack .../00-libjansson4_2.13.1-1.1_amd64.deb ...
Unpacking libjansson4:amd64 (2.13.1-1.1) ...
Selecting previously unselected package libmnl0:amd64.
Preparing to unpack .../01-libmnl0_1.0.4-3_amd64.deb ...
Unpacking libmnl0:amd64 (1.0.4-3) ...
Selecting previously unselected package libnftnl11:amd64.
Preparing to unpack .../02-libnftnl11_1.1.9-1_amd64.deb ...
Unpacking libnftnl11:amd64 (1.1.9-1) ...
Selecting previously unselected package libxtables12:amd64.
Preparing to unpack .../03-libxtables12_1.8.7-1_amd64.deb ...
Unpacking libxtables12:amd64 (1.8.7-1) ...
Selecting previously unselected package libnftables1:amd64.
Preparing to unpack .../04-libnftables1_0.9.8-3.1+deb11u1_amd64.deb ...
Unpacking libnftables1:amd64 (0.9.8-3.1+deb11u1) ...
Selecting previously unselected package nftables.
Preparing to unpack .../05-nftables_0.9.8-3.1+deb11u1_amd64.deb ...
Unpacking nftables (0.9.8-3.1+deb11u1) ...
Selecting previously unselected package libapparmor1:amd64.
Preparing to unpack .../06-libapparmor1_2.13.6-10_amd64.deb ...
Unpacking libapparmor1:amd64 (2.13.6-10) ...
Selecting previously unselected package libcap2:amd64.
Preparing to unpack .../07-libcap2_1%3a2.44-1_amd64.deb ...
Unpacking libcap2:amd64 (1:2.44-1) ...
Selecting previously unselected package libargon2-1:amd64.
Preparing to unpack .../08-libargon2-1_0~20171227-0.2_amd64.deb ...
Unpacking libargon2-1:amd64 (0~20171227-0.2) ...
Selecting previously unselected package dmsetup.
Preparing to unpack .../09-dmsetup_2%3a1.02.175-2.1_amd64.deb ...
Unpacking dmsetup (2:1.02.175-2.1) ...
Selecting previously unselected package libdevmapper1.02.1:amd64.
Preparing to unpack .../10-libdevmapper1.02.1_2%3a1.02.175-2.1_amd64.deb ...
Unpacking libdevmapper1.02.1:amd64 (2:1.02.175-2.1) ...
Selecting previously unselected package libjson-c5:amd64.
Preparing to unpack .../11-libjson-c5_0.15-2+deb11u1_amd64.deb ...
Unpacking libjson-c5:amd64 (0.15-2+deb11u1) ...
Selecting previously unselected package libcryptsetup12:amd64.
Preparing to unpack .../12-libcryptsetup12_2%3a2.3.7-1+deb11u1_amd64.deb ...
Unpacking libcryptsetup12:amd64 (2:2.3.7-1+deb11u1) ...
Selecting previously unselected package libip4tc2:amd64.
Preparing to unpack .../13-libip4tc2_1.8.7-1_amd64.deb ...
Unpacking libip4tc2:amd64 (1.8.7-1) ...
Selecting previously unselected package libkmod2:amd64.
Preparing to unpack .../14-libkmod2_28-1_amd64.deb ...
Unpacking libkmod2:amd64 (28-1) ...
Selecting previously unselected package systemd.
Preparing to unpack .../15-systemd_247.3-7+deb11u4_amd64.deb ...
Unpacking systemd (247.3-7+deb11u4) ...
Setting up libapparmor1:amd64 (2.13.6-10) ...
Setting up libcap2:amd64 (1:2.44-1) ...
Setting up libargon2-1:amd64 (0~20171227-0.2) ...
Setting up libjson-c5:amd64 (0.15-2+deb11u1) ...
Setting up libip4tc2:amd64 (1.8.7-1) ...
Setting up libkmod2:amd64 (28-1) ...
Setting up libdevmapper1.02.1:amd64 (2:1.02.175-2.1) ...
Setting up libcryptsetup12:amd64 (2:2.3.7-1+deb11u1) ...
Setting up systemd (247.3-7+deb11u4) ...
Created symlink /etc/systemd/system/getty.target.wants/getty@tty1.service → /lib/systemd/system/getty@.service.
Created symlink /etc/systemd/system/multi-user.target.wants/remote-fs.target → /lib/systemd/system/remote-fs.target.
Created symlink /etc/systemd/system/sysinit.target.wants/systemd-pstore.service → /lib/systemd/system/systemd-pstore.service.
Initializing machine ID from random generator.
Setting up dmsetup (2:1.02.175-2.1) ...
Selecting previously unselected package systemd-sysv.
(Reading database ... 13519 files and directories currently installed.)
Preparing to unpack .../systemd-sysv_247.3-7+deb11u4_amd64.deb ...
Unpacking systemd-sysv (247.3-7+deb11u4) ...
Selecting previously unselected package libdbus-1-3:amd64.
Preparing to unpack .../libdbus-1-3_1.12.28-0+deb11u1_amd64.deb ...
Unpacking libdbus-1-3:amd64 (1.12.28-0+deb11u1) ...
Selecting previously unselected package dbus.
Preparing to unpack .../dbus_1.12.28-0+deb11u1_amd64.deb ...
Unpacking dbus (1.12.28-0+deb11u1) ...
Preparing to unpack .../libtinfo6_6.2+20201114-2+deb11u2_amd64.deb ...
Unpacking libtinfo6:amd64 (6.2+20201114-2+deb11u2) over (6.2+20201114-2+deb11u1) ...
Setting up libtinfo6:amd64 (6.2+20201114-2+deb11u2) ...
Selecting previously unselected package readline-common.
(Reading database ... 13587 files and directories currently installed.)
Preparing to unpack .../00-readline-common_8.1-1_all.deb ...
Unpacking readline-common (8.1-1) ...
Selecting previously unselected package libreadline8:amd64.
Preparing to unpack .../01-libreadline8_8.1-1_amd64.deb ...
Unpacking libreadline8:amd64 (8.1-1) ...
Selecting previously unselected package libnss-systemd:amd64.
Preparing to unpack .../02-libnss-systemd_247.3-7+deb11u4_amd64.deb ...
Unpacking libnss-systemd:amd64 (247.3-7+deb11u4) ...
Selecting previously unselected package libpam-systemd:amd64.
Preparing to unpack .../03-libpam-systemd_247.3-7+deb11u4_amd64.deb ...
Unpacking libpam-systemd:amd64 (247.3-7+deb11u4) ...
Selecting previously unselected package systemd-timesyncd.
Preparing to unpack .../04-systemd-timesyncd_247.3-7+deb11u4_amd64.deb ...
Unpacking systemd-timesyncd (247.3-7+deb11u4) ...
Selecting previously unselected package uidmap.
Preparing to unpack .../05-uidmap_1%3a4.8.1-1_amd64.deb ...
Unpacking uidmap (1:4.8.1-1) ...
Selecting previously unselected package golang-github-containers-image.
Preparing to unpack .../06-golang-github-containers-image_5.10.3-1_all.deb ...
Unpacking golang-github-containers-image (5.10.3-1) ...
Selecting previously unselected package golang-github-containers-common.
Preparing to unpack .../07-golang-github-containers-common_0.33.4+ds1-1+deb11u2_all.deb ...
Unpacking golang-github-containers-common (0.33.4+ds1-1+deb11u2) ...
Selecting previously unselected package libglib2.0-0:amd64.
Preparing to unpack .../08-libglib2.0-0_2.66.8-1_amd64.deb ...
Unpacking libglib2.0-0:amd64 (2.66.8-1) ...
Selecting previously unselected package libassuan0:amd64.
Preparing to unpack .../09-libassuan0_2.5.3-7.1_amd64.deb ...
Unpacking libassuan0:amd64 (2.5.3-7.1) ...
Selecting previously unselected package gpgconf.
Preparing to unpack .../10-gpgconf_2.2.27-2+deb11u2_amd64.deb ...
Unpacking gpgconf (2.2.27-2+deb11u2) ...
Selecting previously unselected package libksba8:amd64.
Preparing to unpack .../11-libksba8_1.5.0-3+deb11u2_amd64.deb ...
Unpacking libksba8:amd64 (1.5.0-3+deb11u2) ...
Selecting previously unselected package libnpth0:amd64.
Preparing to unpack .../12-libnpth0_1.6-3_amd64.deb ...
Unpacking libnpth0:amd64 (1.6-3) ...
Selecting previously unselected package dirmngr.
Preparing to unpack .../13-dirmngr_2.2.27-2+deb11u2_amd64.deb ...
Unpacking dirmngr (2.2.27-2+deb11u2) ...
Selecting previously unselected package gnupg-l10n.
Preparing to unpack .../14-gnupg-l10n_2.2.27-2+deb11u2_all.deb ...
Unpacking gnupg-l10n (2.2.27-2+deb11u2) ...
Selecting previously unselected package gnupg-utils.
Preparing to unpack .../15-gnupg-utils_2.2.27-2+deb11u2_amd64.deb ...
Unpacking gnupg-utils (2.2.27-2+deb11u2) ...
Selecting previously unselected package libsqlite3-0:amd64.
Preparing to unpack .../16-libsqlite3-0_3.34.1-3_amd64.deb ...
Unpacking libsqlite3-0:amd64 (3.34.1-3) ...
Selecting previously unselected package gpg.
Preparing to unpack .../17-gpg_2.2.27-2+deb11u2_amd64.deb ...
Unpacking gpg (2.2.27-2+deb11u2) ...
Selecting previously unselected package libncursesw6:amd64.
Preparing to unpack .../18-libncursesw6_6.2+20201114-2+deb11u2_amd64.deb ...
Unpacking libncursesw6:amd64 (6.2+20201114-2+deb11u2) ...
Selecting previously unselected package pinentry-curses.
Preparing to unpack .../19-pinentry-curses_1.1.0-4_amd64.deb ...
Unpacking pinentry-curses (1.1.0-4) ...
Selecting previously unselected package gpg-agent.
Preparing to unpack .../20-gpg-agent_2.2.27-2+deb11u2_amd64.deb ...
Unpacking gpg-agent (2.2.27-2+deb11u2) ...
Selecting previously unselected package gpg-wks-client.
Preparing to unpack .../21-gpg-wks-client_2.2.27-2+deb11u2_amd64.deb ...
Unpacking gpg-wks-client (2.2.27-2+deb11u2) ...
Selecting previously unselected package gpg-wks-server.
Preparing to unpack .../22-gpg-wks-server_2.2.27-2+deb11u2_amd64.deb ...
Unpacking gpg-wks-server (2.2.27-2+deb11u2) ...
Selecting previously unselected package gpgsm.
Preparing to unpack .../23-gpgsm_2.2.27-2+deb11u2_amd64.deb ...
Unpacking gpgsm (2.2.27-2+deb11u2) ...
Selecting previously unselected package gnupg.
Preparing to unpack .../24-gnupg_2.2.27-2+deb11u2_all.deb ...
Unpacking gnupg (2.2.27-2+deb11u2) ...
Selecting previously unselected package libgpgme11:amd64.
Preparing to unpack .../25-libgpgme11_1.14.0-1+b2_amd64.deb ...
Unpacking libgpgme11:amd64 (1.14.0-1+b2) ...
Selecting previously unselected package libicu67:amd64.
Preparing to unpack .../26-libicu67_67.1-7_amd64.deb ...
Unpacking libicu67:amd64 (67.1-7) ...
Selecting previously unselected package libxml2:amd64.
Preparing to unpack .../27-libxml2_2.9.10+dfsg-6.7+deb11u4_amd64.deb ...
Unpacking libxml2:amd64 (2.9.10+dfsg-6.7+deb11u4) ...
Selecting previously unselected package libarchive13:amd64.
Preparing to unpack .../28-libarchive13_3.4.3-2+deb11u1_amd64.deb ...
Unpacking libarchive13:amd64 (3.4.3-2+deb11u1) ...
Selecting previously unselected package libavahi-common-data:amd64.
Preparing to unpack .../29-libavahi-common-data_0.8-5+deb11u2_amd64.deb ...
Unpacking libavahi-common-data:amd64 (0.8-5+deb11u2) ...
Selecting previously unselected package libavahi-common3:amd64.
Preparing to unpack .../30-libavahi-common3_0.8-5+deb11u2_amd64.deb ...
Unpacking libavahi-common3:amd64 (0.8-5+deb11u2) ...
Selecting previously unselected package libavahi-client3:amd64.
Preparing to unpack .../31-libavahi-client3_0.8-5+deb11u2_amd64.deb ...
Unpacking libavahi-client3:amd64 (0.8-5+deb11u2) ...
Selecting previously unselected package libavahi-glib1:amd64.
Preparing to unpack .../32-libavahi-glib1_0.8-5+deb11u2_amd64.deb ...
Unpacking libavahi-glib1:amd64 (0.8-5+deb11u2) ...
Selecting previously unselected package libproxy1v5:amd64.
Preparing to unpack .../33-libproxy1v5_0.4.17-1_amd64.deb ...
Unpacking libproxy1v5:amd64 (0.4.17-1) ...
Selecting previously unselected package glib-networking-common.
Preparing to unpack .../34-glib-networking-common_2.66.0-2_all.deb ...
Unpacking glib-networking-common (2.66.0-2) ...
Selecting previously unselected package glib-networking-services.
Preparing to unpack .../35-glib-networking-services_2.66.0-2_amd64.deb ...
Unpacking glib-networking-services (2.66.0-2) ...
Selecting previously unselected package dbus-user-session.
Preparing to unpack .../36-dbus-user-session_1.12.28-0+deb11u1_amd64.deb ...
Unpacking dbus-user-session (1.12.28-0+deb11u1) ...
Selecting previously unselected package libdconf1:amd64.
Preparing to unpack .../37-libdconf1_0.38.0-2_amd64.deb ...
Unpacking libdconf1:amd64 (0.38.0-2) ...
Selecting previously unselected package dconf-service.
Preparing to unpack .../38-dconf-service_0.38.0-2_amd64.deb ...
Unpacking dconf-service (0.38.0-2) ...
Selecting previously unselected package dconf-gsettings-backend:amd64.
Preparing to unpack .../39-dconf-gsettings-backend_0.38.0-2_amd64.deb ...
Unpacking dconf-gsettings-backend:amd64 (0.38.0-2) ...
Selecting previously unselected package gsettings-desktop-schemas.
Preparing to unpack .../40-gsettings-desktop-schemas_3.38.0-2_all.deb ...
Unpacking gsettings-desktop-schemas (3.38.0-2) ...
Selecting previously unselected package glib-networking:amd64.
Preparing to unpack .../41-glib-networking_2.66.0-2_amd64.deb ...
Unpacking glib-networking:amd64 (2.66.0-2) ...
Selecting previously unselected package libsoup2.4-1:amd64.
Preparing to unpack .../42-libsoup2.4-1_2.72.0-2_amd64.deb ...
Unpacking libsoup2.4-1:amd64 (2.72.0-2) ...
Selecting previously unselected package libostree-1-1:amd64.
Preparing to unpack .../43-libostree-1-1_2020.8-2+deb11u1_amd64.deb ...
Unpacking libostree-1-1:amd64 (2020.8-2+deb11u1) ...
Selecting previously unselected package buildah.
Preparing to unpack .../44-buildah_1.19.6+dfsg1-1+b6_amd64.deb ...
Unpacking buildah (1.19.6+dfsg1-1+b6) ...
Selecting previously unselected package catatonit.
Preparing to unpack .../45-catatonit_0.1.5-2_amd64.deb ...
Unpacking catatonit (0.1.5-2) ...
Selecting previously unselected package conmon.
Preparing to unpack .../46-conmon_2.0.25+ds1-1.1_amd64.deb ...
Unpacking conmon (2.0.25+ds1-1.1) ...
Selecting previously unselected package containernetworking-plugins.
Preparing to unpack .../47-containernetworking-plugins_0.9.0-1+b6_amd64.deb ...
Unpacking containernetworking-plugins (0.9.0-1+b6) ...
Selecting previously unselected package libyajl2:amd64.
Preparing to unpack .../48-libyajl2_2.1.0-3+deb11u2_amd64.deb ...
Unpacking libyajl2:amd64 (2.1.0-3+deb11u2) ...
Selecting previously unselected package crun.
Preparing to unpack .../49-crun_0.17+dfsg-1+deb11u2_amd64.deb ...
Unpacking crun (0.17+dfsg-1+deb11u2) ...
Selecting previously unselected package libfuse3-3:amd64.
Preparing to unpack .../50-libfuse3-3_3.10.3-2_amd64.deb ...
Unpacking libfuse3-3:amd64 (3.10.3-2) ...
Selecting previously unselected package fuse3.
Preparing to unpack .../51-fuse3_3.10.3-2_amd64.deb ...
Unpacking fuse3 (3.10.3-2) ...
Selecting previously unselected package fuse-overlayfs.
Preparing to unpack .../52-fuse-overlayfs_1.4.0-1_amd64.deb ...
Unpacking fuse-overlayfs (1.4.0-1) ...
Selecting previously unselected package golang-github-containernetworking-plugin-dnsname.
Preparing to unpack .../53-golang-github-containernetworking-plugin-dnsname_1.1.1+ds1-4+b7_amd64.deb ...
Unpacking golang-github-containernetworking-plugin-dnsname (1.1.1+ds1-4+b7) ...
Selecting previously unselected package libip6tc2:amd64.
Preparing to unpack .../54-libip6tc2_1.8.7-1_amd64.deb ...
Unpacking libip6tc2:amd64 (1.8.7-1) ...
Selecting previously unselected package libnfnetlink0:amd64.
Preparing to unpack .../55-libnfnetlink0_1.0.1-3+b1_amd64.deb ...
Unpacking libnfnetlink0:amd64 (1.0.1-3+b1) ...
Selecting previously unselected package libnetfilter-conntrack3:amd64.
Preparing to unpack .../56-libnetfilter-conntrack3_1.0.8-3_amd64.deb ...
Unpacking libnetfilter-conntrack3:amd64 (1.0.8-3) ...
Selecting previously unselected package iptables.
Preparing to unpack .../57-iptables_1.8.7-1_amd64.deb ...
Unpacking iptables (1.8.7-1) ...
Selecting previously unselected package libglib2.0-data.
Preparing to unpack .../58-libglib2.0-data_2.66.8-1_all.deb ...
Unpacking libglib2.0-data (2.66.8-1) ...
Selecting previously unselected package libslirp0:amd64.
Preparing to unpack .../59-libslirp0_4.4.0-1+deb11u2_amd64.deb ...
Unpacking libslirp0:amd64 (4.4.0-1+deb11u2) ...
Selecting previously unselected package podman.
Preparing to unpack .../60-podman_3.0.1+dfsg1-3+deb11u4_amd64.deb ...
Unpacking podman (3.0.1+dfsg1-3+deb11u4) ...
Selecting previously unselected package shared-mime-info.
Preparing to unpack .../61-shared-mime-info_2.0-1_amd64.deb ...
Unpacking shared-mime-info (2.0-1) ...
Selecting previously unselected package slirp4netns.
Preparing to unpack .../62-slirp4netns_1.0.1-2_amd64.deb ...
Unpacking slirp4netns (1.0.1-2) ...
Selecting previously unselected package xdg-user-dirs.
Preparing to unpack .../63-xdg-user-dirs_0.17-2_amd64.deb ...
Unpacking xdg-user-dirs (0.17-2) ...
Setting up libksba8:amd64 (1.5.0-3+deb11u2) ...
Setting up systemd-sysv (247.3-7+deb11u4) ...
Setting up libproxy1v5:amd64 (0.4.17-1) ...
Setting up libicu67:amd64 (67.1-7) ...
Setting up xdg-user-dirs (0.17-2) ...
Setting up libip6tc2:amd64 (1.8.7-1) ...
Setting up libglib2.0-0:amd64 (2.66.8-1) ...
Setting up uidmap (1:4.8.1-1) ...
Setting up libsqlite3-0:amd64 (3.34.1-3) ...
Setting up libyajl2:amd64 (2.1.0-3+deb11u2) ...
Setting up libnss-systemd:amd64 (247.3-7+deb11u4) ...
First installation detected...
Checking NSS setup...
Setting up libnpth0:amd64 (1.6-3) ...
Setting up libassuan0:amd64 (2.5.3-7.1) ...
Setting up libjansson4:amd64 (2.13.1-1.1) ...
Setting up libdconf1:amd64 (0.38.0-2) ...
Setting up golang-github-containers-image (5.10.3-1) ...
Setting up libglib2.0-data (2.66.8-1) ...
Setting up gnupg-l10n (2.2.27-2+deb11u2) ...
Setting up conmon (2.0.25+ds1-1.1) ...
Setting up containernetworking-plugins (0.9.0-1+b6) ...
Setting up catatonit (0.1.5-2) ...
Setting up libavahi-common-data:amd64 (0.8-5+deb11u2) ...
Setting up libdbus-1-3:amd64 (1.12.28-0+deb11u1) ...
Setting up dbus (1.12.28-0+deb11u1) ...
invoke-rc.d: could not determine current runlevel
invoke-rc.d: policy-rc.d denied execution of start.
Setting up libmnl0:amd64 (1.0.4-3) ...
Setting up systemd-timesyncd (247.3-7+deb11u4) ...
Created symlink /etc/systemd/system/dbus-org.freedesktop.timesync1.service → /lib/systemd/system/systemd-timesyncd.service.
Created symlink /etc/systemd/system/sysinit.target.wants/systemd-timesyncd.service → /lib/systemd/system/systemd-timesyncd.service.
Setting up libncursesw6:amd64 (6.2+20201114-2+deb11u2) ...
Setting up libfuse3-3:amd64 (3.10.3-2) ...
Setting up libxtables12:amd64 (1.8.7-1) ...
Setting up golang-github-containernetworking-plugin-dnsname (1.1.1+ds1-4+b7) ...
Setting up libslirp0:amd64 (4.4.0-1+deb11u2) ...
Setting up libnfnetlink0:amd64 (1.0.1-3+b1) ...
Setting up libpam-systemd:amd64 (247.3-7+deb11u4) ...
debconf: unable to initialize frontend: Dialog
debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 78.)
debconf: falling back to frontend: Readline
Setting up golang-github-containers-common (0.33.4+ds1-1+deb11u2) ...
Setting up glib-networking-common (2.66.0-2) ...
Setting up readline-common (8.1-1) ...
Setting up libxml2:amd64 (2.9.10+dfsg-6.7+deb11u4) ...
Setting up pinentry-curses (1.1.0-4) ...
Setting up glib-networking-services (2.66.0-2) ...
Setting up slirp4netns (1.0.1-2) ...
Setting up libarchive13:amd64 (3.4.3-2+deb11u1) ...
Setting up crun (0.17+dfsg-1+deb11u2) ...
Setting up libreadline8:amd64 (8.1-1) ...
Setting up libavahi-common3:amd64 (0.8-5+deb11u2) ...
Setting up libnftnl11:amd64 (1.1.9-1) ...
Setting up fuse3 (3.10.3-2) ...
Setting up dbus-user-session (1.12.28-0+deb11u1) ...
Setting up shared-mime-info (2.0-1) ...
Setting up libnetfilter-conntrack3:amd64 (1.0.8-3) ...
Setting up gpgconf (2.2.27-2+deb11u2) ...
Setting up libavahi-glib1:amd64 (0.8-5+deb11u2) ...
Setting up fuse-overlayfs (1.4.0-1) ...
Setting up libavahi-client3:amd64 (0.8-5+deb11u2) ...
Setting up gpg (2.2.27-2+deb11u2) ...
Setting up gnupg-utils (2.2.27-2+deb11u2) ...
Setting up libnftables1:amd64 (0.9.8-3.1+deb11u1) ...
Setting up gpg-agent (2.2.27-2+deb11u2) ...
Created symlink /etc/systemd/user/sockets.target.wants/gpg-agent-browser.socket → /usr/lib/systemd/user/gpg-agent-browser.socket.
Created symlink /etc/systemd/user/sockets.target.wants/gpg-agent-extra.socket → /usr/lib/systemd/user/gpg-agent-extra.socket.
Created symlink /etc/systemd/user/sockets.target.wants/gpg-agent-ssh.socket → /usr/lib/systemd/user/gpg-agent-ssh.socket.
Created symlink /etc/systemd/user/sockets.target.wants/gpg-agent.socket → /usr/lib/systemd/user/gpg-agent.socket.
Setting up nftables (0.9.8-3.1+deb11u1) ...
Setting up iptables (1.8.7-1) ...
update-alternatives: using /usr/sbin/iptables-legacy to provide /usr/sbin/iptables (iptables) in auto mode
update-alternatives: using /usr/sbin/ip6tables-legacy to provide /usr/sbin/ip6tables (ip6tables) in auto mode
update-alternatives: using /usr/sbin/iptables-nft to provide /usr/sbin/iptables (iptables) in auto mode
update-alternatives: using /usr/sbin/ip6tables-nft to provide /usr/sbin/ip6tables (ip6tables) in auto mode
update-alternatives: using /usr/sbin/arptables-nft to provide /usr/sbin/arptables (arptables) in auto mode
update-alternatives: using /usr/sbin/ebtables-nft to provide /usr/sbin/ebtables (ebtables) in auto mode
Setting up gpgsm (2.2.27-2+deb11u2) ...
Setting up dconf-service (0.38.0-2) ...
Setting up libgpgme11:amd64 (1.14.0-1+b2) ...
Setting up dirmngr (2.2.27-2+deb11u2) ...
Created symlink /etc/systemd/user/sockets.target.wants/dirmngr.socket → /usr/lib/systemd/user/dirmngr.socket.
Setting up gpg-wks-server (2.2.27-2+deb11u2) ...
Setting up gpg-wks-client (2.2.27-2+deb11u2) ...
Setting up dconf-gsettings-backend:amd64 (0.38.0-2) ...
Setting up podman (3.0.1+dfsg1-3+deb11u4) ...
Created symlink /etc/systemd/user/sockets.target.wants/podman.socket → /usr/lib/systemd/user/podman.socket.
Created symlink /etc/systemd/system/sockets.target.wants/podman.socket → /lib/systemd/system/podman.socket.
Created symlink /etc/systemd/system/multi-user.target.wants/podman-auto-update.service → /lib/systemd/system/podman-auto-update.service.
Created symlink /etc/systemd/system/timers.target.wants/podman-auto-update.timer → /lib/systemd/system/podman-auto-update.timer.
Setting up gnupg (2.2.27-2+deb11u2) ...
Setting up gsettings-desktop-schemas (3.38.0-2) ...
Setting up glib-networking:amd64 (2.66.0-2) ...
Setting up libsoup2.4-1:amd64 (2.72.0-2) ...
Setting up libostree-1-1:amd64 (2020.8-2+deb11u1) ...
Setting up buildah (1.19.6+dfsg1-1+b6) ...
Processing triggers for libc-bin (2.31-13+deb11u6) ...
root@b83899d26044:/home/jenkins# podman run -it alpine
ERRO[0000] unable to write system event: "write unixgram @7f81b->/run/systemd/journal/socket: sendmsg: no such file or directory"
Resolved "alpine" as an alias (/etc/containers/registries.conf.d/shortnames.conf)
Trying to pull docker.io/library/alpine:latest...
Getting image source signatures
Copying blob 661ff4d9561e done
Copying config f8c20f8bbc done
Writing manifest to image destination
Storing signatures
ERRO[0002] Error while applying layer: ApplyLayer exit status 1 stdout: Error while loading /var/lib/containers/storage/vfs/dir/5af4f8f59b764c64c6def53f52ada809fe38d528441d08d01c206dfb3fc3b691: Permission denied
 stderr:
  ApplyLayer exit status 1 stdout: Error while loading /var/lib/containers/storage/vfs/dir/5af4f8f59b764c64c6def53f52ada809fe38d528441d08d01c206dfb3fc3b691: Permission denied
Error: Error committing the finished image: error adding layer with blob "sha256:661ff4d9561e3fd050929ee5097067c34bafc523ee60f5294a37fd08056a73ca": ApplyLayer exit status 1 stdout: Error while loading /var/lib/containers/storage/vfs/dir/5af4f8f59b764c64c6def53f52ada809fe38d528441d08d01c206dfb3fc3b691: Permission denied
 stderr:
root@b83899d26044:/home/jenkins# chmod -R 777 /var/lib/containers/storage/vfs/dir/
root@b83899d26044:/home/jenkins# podman run -it alpine
Resolved "alpine" as an alias (/etc/containers/registries.conf.d/shortnames.conf)
Trying to pull docker.io/library/alpine:latest...
Getting image source signatures
Copying blob 661ff4d9561e done
Copying config f8c20f8bbc done
Writing manifest to image destination
Storing signatures
ERRO[0002] Error while applying layer: ApplyLayer exit status 1 stdout: Error while loading /var/lib/containers/storage/vfs/dir/5af4f8f59b764c64c6def53f52ada809fe38d528441d08d01c206dfb3fc3b691: Permission denied
 stderr:
  ApplyLayer exit status 1 stdout: Error while loading /var/lib/containers/storage/vfs/dir/5af4f8f59b764c64c6def53f52ada809fe38d528441d08d01c206dfb3fc3b691: Permission denied
Error: Error committing the finished image: error adding layer with blob "sha256:661ff4d9561e3fd050929ee5097067c34bafc523ee60f5294a37fd08056a73ca": ApplyLayer exit status 1 stdout: Error while loading /var/lib/containers/storage/vfs/dir/5af4f8f59b764c64c6def53f52ada809fe38d528441d08d01c206dfb3fc3b691: Permission denied
 stderr:

@Sodki
Copy link

Sodki commented Dec 11, 2023

@smartin-qb Apologies, indeed it does require namespace support, which Fargate doesn't have.

@espower
Copy link

espower commented Jan 11, 2024

+1 for this feature.
Many CI/CD system are now designed using containers to run tasks with specific tool requirements. The agent does not need to have the correct version of python/gradle-java/npm/etc installed but can just pull the official published containers for runtime/buildtime, do the task within the container, and keep the agents clean and minimal. This allowing for a much larger agent pool and less maintenance of the agent containers,

Sadly does not work on Fargate, please please add this feature.

@DominiqueAbouSamah
Copy link

DominiqueAbouSamah commented May 12, 2024

+1 for this feature. any updates? or did they just close the issue and ignore the whole request?

@tdalbo92
Copy link

Kaniko is an imperfect solution to this problem.

Issue #1 is that it trashes the container it's running on.
Issue #2 is that usage of it beyond their supported base image is mega YMMV

This is problematic because you can't use it for future pipeline steps in a CI system without spinning up a whole new container after it's done building. Our specific case is nohup - it's simply corrupted after kaniko has run, causing our system to hang and not report back build success.

We can't use the official kaniko base image because we're using the jenkins:inbound-agent.

I understand why AWS has chosen to keep Fargate pretty locked down and inflexible, but it means it's pretty useless to us as a CI agent runner type.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Fargate AWS Fargate Proposed Community submitted issue
Projects
None yet
Development

No branches or pull requests