[GitHub] [camel-k] joes opened a new issue #2685: Building with buildah not working

Mon, 11 Oct 2021 07:05:01 -0700 


joes opened a new issue #2685:
URL: https://github.com/apache/camel-k/issues/2685


   I have installed camel-k operator as follows on a microk8s cluster:
   
   ```bash
   microk8s kubectl -n camel-k-operator-system create secret docker-registry 
gitlab-regcred --docker-server=gitlab.somewhere.com:5050 
--docker-username=redacted --docker-password=redacted
   
   kamel install -n camel-k-operator-system --olm=false --cluster-type 
kubernetes --registry gitlab.somewhere.com:5050 --registry-secret 
gitlab-regcred --registry-insecure --organization 
integrations/camel-k/camel-k-builder-images --build-publish-strategy=Buildah
   ```
   
   I then test the integration platform as follows with the `hello.groovy` 
example:
   
   ```bash
   ./kamel-bin/v1.6.0/kamel run -n camel-k-operator-system hello.groovy'
   ./kamel run -n camel-k-operator-system hello.groovy
   ```
   
   However, the build fails.
   
   These are the logs from container `buildah` in pod 
`camel-k-kit-c5i39nueu3p4lqk7jg90-builder`:
   
   ```plain
   time="2021-10-11T13:03:34Z" level=warning msg="The cgroups manager is set to 
systemd but there is no systemd user session available"
   time="2021-10-11T13:03:34Z" level=warning msg="For using systemd, you may 
need to login using an user session"
   time="2021-10-11T13:03:34Z" level=warning msg="Alternatively, you can enable 
lingering with: `loginctl enable-linger 0` (possibly as root)"
   time="2021-10-11T13:03:34Z" level=warning msg="Falling back to 
--cgroup-manager=cgroupfs"
   STEP 1: FROM adoptopenjdk/openjdk11:slim
   Getting image source signatures
   Copying blob 
sha256:2136d49ac7f49a8cc79cc781c36b7484abc98dcec596cc3416bd22af8c67df40
   Copying blob 
sha256:35807b77a593c1147d13dc926a91dcc3015616ff7307cc30442c5a8e07546283
   Copying blob 
sha256:e24c25e8b19657017e6353caba3d02f77379337c951e3b244b85ee052a7ed425
   Copying blob 
sha256:8b8b474be7903f3839424fa2b2585e8a94407f7f6e46617af5bc1f56a6d8e258
   Copying config 
sha256:c7bb7c58c34f33fef5f47c4f47de229c0e716c37ec1ae23e84fec006debf6363
   Writing manifest to image destination
   Storing signatures
   level=error msg="Error while applying layer: ApplyLayer exit status 1 
stdout:  stderr: permission denied"
   error creating build container: The following failures happened while trying 
to pull image specified by "adoptopenjdk/openjdk11:slim" based on search 
registries in /etc/containers/registries.conf:
   * "localhost/adoptopenjdk/openjdk11:slim": Error initializing source 
docker://localhost/adoptopenjdk/openjdk11:slim: error pinging docker registry 
localhost: Get http://localhost/v2/: dial tcp [::1]:80: connect: connection 
refused
   * "docker.io/adoptopenjdk/openjdk11:slim": Error committing the finished 
image: error adding layer with blob 
"sha256:35807b77a593c1147d13dc926a91dcc3015616ff7307cc30442c5a8e07546283": 
ApplyLayer exit status 1 stdout:  stderr: permission denied
   * "registry.fedoraproject.org/adoptopenjdk/openjdk11:slim": Error 
initializing source 
docker://registry.fedoraproject.org/adoptopenjdk/openjdk11:slim: Error reading 
manifest slim in registry.fedoraproject.org/adoptopenjdk/openjdk11: manifest 
unknown: manifest unknown
   * "registry.access.redhat.com/adoptopenjdk/openjdk11:slim": Error 
initializing source 
docker://registry.access.redhat.com/adoptopenjdk/openjdk11:slim: Error reading 
manifest slim in registry.access.redhat.com/adoptopenjdk/openjdk11: name 
unknown: Repo not found
   * "registry.centos.org/adoptopenjdk/openjdk11:slim": Error initializing 
source docker://registry.centos.org/adoptopenjdk/openjdk11:slim: Error reading 
manifest slim in registry.centos.org/adoptopenjdk/openjdk11: manifest unknown: 
manifest unknown
   * "quay.io/adoptopenjdk/openjdk11:slim": Error initializing source 
docker://quay.io/adoptopenjdk/openjdk11:slim: Error reading manifest slim in 
quay.io/adoptopenjdk/openjdk11: unauthorized: access to the requested resource 
is not authorized
   level=error msg="exit status 1"
   ```
   
   Output of `kubectl get integrationplatform -o yaml -n 
camel-k-operator-system`:
   
   ```yaml
   apiVersion: v1
   items:
   - apiVersion: camel.apache.org/v1
     kind: IntegrationPlatform
     metadata:
       creationTimestamp: "2021-10-11T12:57:30Z"
       generation: 1
       labels:
         app: camel-k
       managedFields:
       - apiVersion: camel.apache.org/v1
         fieldsType: FieldsV1
         fieldsV1:
           f:metadata:
             f:labels:
               .: {}
               f:app: {}
           f:spec:
             .: {}
             f:build:
               .: {}
               f:maven:
                 .: {}
                 f:settings: {}
               f:publishStrategy: {}
               f:registry:
                 .: {}
                 f:address: {}
                 f:insecure: {}
                 f:organization: {}
                 f:secret: {}
             f:cluster: {}
             f:kamelet: {}
             f:resources: {}
           f:status:
             .: {}
             f:build:
               .: {}
               f:baseImage: {}
               f:buildStrategy: {}
               f:maven:
                 .: {}
                 f:localRepository: {}
                 f:settings:
                   .: {}
                   f:configMapKeyRef:
                     .: {}
                     f:key: {}
                     f:name: {}
               f:persistentVolumeClaim: {}
               f:publishStrategy: {}
               f:registry:
                 .: {}
                 f:address: {}
                 f:insecure: {}
                 f:organization: {}
                 f:secret: {}
               f:runtimeVersion: {}
               f:timeout: {}
             f:cluster: {}
             f:kamelet:
               .: {}
               f:repositories: {}
             f:phase: {}
             f:resources: {}
             f:version: {}
         manager: kamel
         operation: Update
         time: "2021-10-11T12:58:06Z"
       name: camel-k
       namespace: camel-k-operator-system
       resourceVersion: "13033415"
       selfLink: 
/apis/camel.apache.org/v1/namespaces/camel-k-operator-system/integrationplatforms/camel-k
       uid: f0f139a3-f3e5-4f65-a5f4-32dd8edd6a6b
     spec:
       build:
         maven:
           settings: {}
         publishStrategy: Buildah
         registry:
           address: gitlab.somewhere.com:5050
           insecure: true
           organization: integrations/camel-k/camel-k-builder-images
           secret: gitlab-regcred
       cluster: Kubernetes
       kamelet: {}
       resources: {}
     status:
       build:
         baseImage: adoptopenjdk/openjdk11:slim
         buildStrategy: pod
         maven:
           localRepository: /tmp/artifacts/m2
           settings:
             configMapKeyRef:
               key: settings.xml
               name: camel-k-maven-settings
         persistentVolumeClaim: camel-k
         publishStrategy: Buildah
         registry:
           address: gitlab.somewhere.com:5050
           insecure: true
           organization: integrations/camel-k/camel-k-builder-images
           secret: gitlab-regcred
         runtimeVersion: 1.9.0
         timeout: 5m0s
       cluster: Kubernetes
       kamelet:
         repositories:
         - uri: none
       phase: Ready
       version: 1.6.0
   kind: List
   metadata:
     resourceVersion: ""
     selfLink: ""
   ```
   Could it be that the build fails due to the private image registry not being 
marked as insecure in /etc/containers/registries.conf in the buildah container?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to