atomic run with short name will throw error about installing first
mike-nguyen opened this issue · 0 comments
mike-nguyen commented
After pulling and installing the cockpit/ws container by short name, I sometimes receive an error using atomic run cockpit/ws. If I re-run the command a few times, it will sometimes work and sometimes give me an error. Using the fully qualified name registry.centos.org/cockpit/ws or docker.io/cockpit/ws does not cause any errors.
Steps to Reproduce
- atomic pull cockpit/ws
- atomic install cockpit/ws
- atomic run cockpit/ws
Expected Result
Container runs since cockpit/ws was installed
Actual Result
Receives The image 'ws' appears to have not been installed and has an INSTALL label. You should install this image first. Re-run with --ignore to bypass this error. error intermittently.
Additional Information
[cloud-user@fedora ~]$ rpm -q atomic
atomic-1.22.1-27.gitb507039.fc29.x86_64
[cloud-user@fedora ~]$ sudo rpm-ostree status
State: idle
AutomaticUpdates: disabled
Deployments:
● ostree://custom:fedora/rawhide/x86_64/atomic-host
Version: Rawhide.20181009.n.0 (2018-10-09 09:11:53)
Commit: e5a128ed7bf3e95d3288aec285660af87cdee7a4411f3d55366d20db968a3394
ostree://fedora-atomic:fedora/28/x86_64/atomic-host
Version: 28.20180923.0 (2018-09-23 18:54:39)
Commit: 8b82902a0ca203645e9e288b8a0bbf9fe525749ec67cd674e6715daa64e5b7dd
GPGSignature: Valid signature by 128CF232A9371991C8A65695E08E7E629DB62FB1
[cloud-user@fedora ~]$ ls /var/lib/atomic/
sigstore
[cloud-user@fedora ~]$ sudo atomic pull cockpit/ws
Pulling docker.io/cockpit/ws:latest ...
Copying blob sha256:c8ae8b35783e3c6a895b4f69780f58ce3e6b1076e09d1ffd0f87b40a6f834351
77.53 MB / 77.53 MB [======================================================] 7s
Copying blob sha256:e04f2b2d93bd071daa86d29d1c0dac28ecdc0915030cebd9403c42d2b41e28f5
13.99 KB / 13.99 KB [======================================================] 0s
Copying blob sha256:3c117e853164fe3d5b2e1329fb5c6ddf210ebeb6ba6a9524843c1315c3e59d2b
337 B / 337 B [============================================================] 0s
Copying blob sha256:bf66d16037ef7236894860607b7036bf72e408051f39f1effc5fed2ffc7e5391
33.72 MB / 33.72 MB [======================================================] 3s
Copying config sha256:b90722396a3eddaca5cdaf662b9979ec62434c232da52d0c9ce312a699834c8e
4.86 KB / 4.86 KB [========================================================] 0s
Writing manifest to image destination
Storing signatures
[cloud-user@fedora ~]$ sudo atomic install cockpit/ws
/usr/bin/docker run --rm --privileged -v /:/host cockpit/ws /container/atomic-install
+ sed -e /pam_selinux/d -e /pam_sepermit/d /etc/pam.d/cockpit
+ mkdir -p /host/etc/cockpit/ws-certs.d /host/etc/cockpit/machines.d
+ chmod 755 /host/etc/cockpit/ws-certs.d /host/etc/cockpit/machines.d
+ chown root:root /host/etc/cockpit/ws-certs.d /host/etc/cockpit/machines.d
+ mkdir -p /host/var/lib/cockpit
+ chmod 775 /host/var/lib/cockpit
+ chown root:wheel /host/var/lib/cockpit
+ mkdir -p /etc/ssh
+ /bin/mount --bind /host/etc/cockpit /etc/cockpit
+ /usr/sbin/remotectl certificate --ensure
[cloud-user@fedora ~]$ ls /var/lib/atomic/
install.json install.json.lock sigstore
[cloud-user@fedora ~]$ sudo cat /var/lib/atomic/install.json
{"registry.centos.org/cockpit/ws:latest": [{"id": "b90722396a3eddaca5cdaf662b9979ec62434c232da52d0c9ce312a699834c8e", "container_name": "ws", "install_date": "2018-10-11 19:30:58"}]}[cloud-user@fedora ~]$ sudo atomic containers list
[cloud-user@fedora ~]$ sudo atomic images list
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE TYPE
docker.io/cockpit/ws latest b90722396a3e 2018-10-04 14:45 315.87 MB docker
[cloud-user@fedora ~]$ sudo atomic run cockpit/ws
The image 'ws' appears to have not been installed and has an INSTALL label. You should install this image first. Re-run with --ignore to bypass this error.
[cloud-user@fedora ~]$ sudo atomic run cockpit/ws
/usr/bin/docker run -d --privileged --pid=host -v /:/host cockpit/ws /container/atomic-run --local-ssh
This container uses privileged security switches:
INFO: --privileged
This container runs without separation and should be considered the same as root on your system.
INFO: --pid=host
Processes in this container can see and interact with all processes on the host and disables SELinux within the container.
For more information on these switches and their security implications, consult the manpage for 'docker run'.
315073d203e260797ff6605ad07dd83052dfc7450d4f6534b53838f2d0e8422c
[cloud-user@fedora ~]$ sudo cat /var/lib/atomic/install.json
{"registry.centos.org/cockpit/ws:latest": [{"id": "b90722396a3eddaca5cdaf662b9979ec62434c232da52d0c9ce312a699834c8e", "container_name": "ws", "install_date": "2018-10-11 19:30:58"}]}[cloud-user@fedora ~]$ sudo cat /var/lib/atomic/install.jsonatomic run cockpit/ws^C
[cloud-user@fedora ~]$ sudo atomic run cockpit/ws
/usr/bin/docker run -d --privileged --pid=host -v /:/host cockpit/ws /container/atomic-run --local-ssh
This container uses privileged security switches:
INFO: --privileged
This container runs without separation and should be considered the same as root on your system.
INFO: --pid=host
Processes in this container can see and interact with all processes on the host and disables SELinux within the container.
For more information on these switches and their security implications, consult the manpage for 'docker run'.
a88c62c50c2f1c0234a54eb0eaf7667957fd99ea37e4561920856722bc1afc63
[cloud-user@fedora ~]$ sudo atomic run cockpit/ws
The image 'ws' appears to have not been installed and has an INSTALL label. You should install this image first. Re-run with --ignore to bypass this error.
[cloud-user@fedora ~]$ sudo atomic run cockpit/ws
/usr/bin/docker run -d --privileged --pid=host -v /:/host cockpit/ws /container/atomic-run --local-ssh
This container uses privileged security switches:
INFO: --privileged
This container runs without separation and should be considered the same as root on your system.
INFO: --pid=host
Processes in this container can see and interact with all processes on the host and disables SELinux within the container.
For more information on these switches and their security implications, consult the manpage for 'docker run'.
41e47b4704a8741a76d9f25d9d942e7767260ff8b4289e4cdec1724557f2bf45
[cloud-user@fedora ~]$ sudo atomic run cockpit/ws
The image 'ws' appears to have not been installed and has an INSTALL label. You should install this image first. Re-run with --ignore to bypass this error.
[cloud-user@fedora ~]$ sudo atomic run cockpit/ws
/usr/bin/docker run -d --privileged --pid=host -v /:/host cockpit/ws /container/atomic-run --local-ssh
This container uses privileged security switches:
INFO: --privileged
This container runs without separation and should be considered the same as root on your system.
INFO: --pid=host
Processes in this container can see and interact with all processes on the host and disables SELinux within the container.
For more information on these switches and their security implications, consult the manpage for 'docker run'.
cc364d09d60ff970fe85e14fdb9eae6d3bdf1cc911c2fd125bca5800b8dff86f
[cloud-user@fedora ~]$ sudo atomic run cockpit/ws
The image 'ws' appears to have not been installed and has an INSTALL label. You should install this image first. Re-run with --ignore to bypass this error.
[cloud-user@fedora ~]$ sudo atomic run cockpit/ws
The image 'ws' appears to have not been installed and has an INSTALL label. You should install this image first. Re-run with --ignore to bypass this error.
[cloud-user@fedora ~]$ sudo atomic run cockpit/ws
/usr/bin/docker run -d --privileged --pid=host -v /:/host cockpit/ws /container/atomic-run --local-ssh
This container uses privileged security switches:
INFO: --privileged
This container runs without separation and should be considered the same as root on your system.
INFO: --pid=host
Processes in this container can see and interact with all processes on the host and disables SELinux within the container.
For more information on these switches and their security implications, consult the manpage for 'docker run'.
77ce2b35838b343122ef98aad6f58f170118666235f583410e63932d2de5167e
[cloud-user@fedora ~]$ sudo atomic run cockpit/ws
The image 'ws' appears to have not been installed and has an INSTALL label. You should install this image first. Re-run with --ignore to bypass this error.
[cloud-user@fedora ~]$ sudo atomic run cockpit/ws
The image 'ws' appears to have not been installed and has an INSTALL label. You should install this image first. Re-run with --ignore to bypass this error.