Comments (9)
sshnaidm
commented on May 23, 2024
@atomlab please provide podman version and podman info --debug. Ansible playbook and its output would be useful too. export ANSIBLE_DEBUG=1; ansible -vvvv playbook.yaml
from ansible-podman-collections.
atomlab
commented on May 23, 2024
@sshnaidm Thank you for response.
root@podman:~# podman version
Version: 1.9.0
RemoteAPI Version: 1
Go Version: go1.10.1
OS/Arch: linux/amd64
root@podman:~# podman info --debug
debug:
compiler: gc
gitCommit: ""
goVersion: go1.10.1
podmanVersion: 1.9.0
host:
arch: amd64
buildahVersion: 1.14.8
cgroupVersion: v1
conmon:
package: 'conmon: /usr/libexec/podman/conmon'
path: /usr/libexec/podman/conmon
version: 'conmon version 2.0.15, commit: '
cpus: 12
distribution:
distribution: ubuntu
version: "18.04"
eventLogger: journald
hostname: podman
idMappings:
gidmap: null
uidmap: null
kernel: 4.15.0-72-generic
memFree: 64194744320
memTotal: 64331997184
ociRuntime:
name: runc
package: 'runc: /usr/sbin/runc'
path: /usr/sbin/runc
version: 'runc version spec: 1.0.1-dev'
os: linux
rootless: false
slirp4netns:
executable: ""
package: ""
version: ""
swapFree: 0
swapTotal: 0
uptime: 10m 4.78s
registries:
hub:9080:
Blocked: false
Insecure: true
Location: hub:9080
MirrorByDigestOnly: false
Mirrors: []
Prefix: hub:9080
hub:9090:
Blocked: false
Insecure: true
Location: hub:9090
MirrorByDigestOnly: false
Mirrors: []
Prefix: hub:9090
search:
- docker.io
- quay.io
store:
configFile: /etc/containers/storage.conf
containerStore:
number: 0
paused: 0
running: 0
stopped: 0
graphDriverName: overlay
graphOptions: {}
graphRoot: /var/lib/containers/storage
graphStatus:
Backing Filesystem: extfs
Native Overlay Diff: "true"
Supports d_type: "true"
Using metacopy: "false"
imageStore:
number: 1
runRoot: /var/run/containers/storage
volumePath: /var/lib/containers/storage/volumes
# export ANSIBLE_DEBUG=1; ansible-playbook playbook.yml -l podman -t deploy:node -Dvvv
...
fatal: [podman]: FAILED! => {
"changed": false,
"invocation": {
"module_args": {
"auth_file": "/root/.podman-auth.json",
"build": {
"annotation": null,
"cache": true,
"force_rm": null,
"format": "oci",
"rm": true,
"volume": null
},
"ca_cert_dir": null,
"executable": "podman",
"force": false,
"name": "hub:9080/cardano",
"password": null,
"path": null,
"pull": true,
"push": false,
"push_args": {
"compress": null,
"dest": null,
"format": null,
"remove_signatures": null,
"sign_by": null,
"transport": null
},
"state": "present",
"tag": "3.2.0-13",
"username": null,
"validate_certs": true
}
},
"msg": "Failed to pull image hub:9080/cardano:3.2.0-13"
}
...
Podman pull manually works fine.
root@podman:~# podman pull hub:9080/cardano:3.2.0-13
Trying to pull hub:9080/cardano:3.2.0-13...
Getting image source signatures
Copying blob 5bed26d33875 done
Copying blob acc60e104895 done
Copying blob 930bda195c84 done
Copying blob f11b29a9c730 done
Copying blob 40ee0d0205f4 done
Copying blob 78bf9a5ad49e done
Copying blob 91386f096b17 done
Copying blob b1e2f97182ff done
Copying blob d6c9c246832e done
Copying blob 731e8217b58b done
Copying blob 7c5ae171e9cc done
Copying blob a712c48838d0 done
Copying blob f2db5ba09cf6 done
Copying blob e551179d1940 done
Copying config 151ea90a6a done
Writing manifest to image destination
Storing signatures
151ea90a6aa201aa601e29d19807ccd3726156808a6473fce5209f6d73b24e5e
from ansible-podman-collections.
sshnaidm
commented on May 23, 2024
@atomlab could it be because of auth_file: /root/.podman-auth.json? Maybe you can try without it.
Try to use podman command with this arg: podman pull --authfile /root/.podman-auth.json hub:9080/cardano:3.2.0-13.
Usually the default for auth file is ${XDG_RUNTIME_DIR}/containers/auth.json
If you can try to use this file http://paste.openstack.org/show/792416/ as podman_image.py, just copy it to ~/.ansible/collections/ansible_collections/containers/podman/plugins/modules/podman_image.py. I added a few more logs there.
from ansible-podman-collections.
sshnaidm
commented on May 23, 2024
@atomlab just to be sure, the registries config is configured on host where module runs, right? Not on host that ansible runs on.
from ansible-podman-collections.
atomlab
commented on May 23, 2024
@atomlab just to be sure, the registries config is configured on host where module runs, right? Not on host that ansible runs on.
Of course. This is host system where podman module runs. Not ansible host.
root@podman:~# cat /etc/containers/registries.conf
[registries.search]
registries = ['docker.io', 'quay.io']
[registries.insecure]
registries = ['hub:9080', 'hub:9090']
- I have updated podman_image.py.
- I Have run
podman loginandauth.jsonhave been saved into/run/containers/0/auth.json
root@podman:~# cat /run/containers/0/auth.json
{
"auths": {
"hub:9080": {
"auth": "amVua2luczpFVGVCWThLUWpod0RibnR5d0Y1Mg=="
},
"hub:9090": {
"auth": "amVua2luczpFVGVCWThLUWpod0RibnR5d0Y1Mg=="
}
}
}
Output playbook
fatal: [podman]: FAILED! => {
"changed": false,
"invocation": {
"module_args": {
"auth_file": null,
"build": {
"annotation": null,
"cache": true,
"force_rm": null,
"format": "oci",
"rm": true,
"volume": null
},
"ca_cert_dir": null,
"executable": "podman",
"force": false,
"name": "hub:9080/cardano",
"password": null,
"path": null,
"pull": true,
"push": false,
"push_args": {
"compress": null,
"dest": null,
"format": null,
"remove_signatures": null,
"sign_by": null,
"transport": null
},
"state": "present",
"tag": "3.2.0-13",
"username": null,
"validate_certs": true
}
},
"msg": "Failed to pull image hub:9080/cardano:3.2.0-13stdout: stderr: Error: error pulling image \"hub:9080/cardano:3.2.0-13\": unable to pull hub:9080/cardano:3.2.0-13: unable to pull image: Error initializing source docker://hub:9080/cardano:3.2.0-13: error pinging docker registry hub:9080: Get https://hub:9080/v2/: http: server gave HTTP response to HTTPS client\n"
}
Error
"msg": "Failed to pull image hub:9080/cardano:3.2.0-13stdout: stderr: Error: error pulling image "hub:9080/cardano:3.2.0-13": unable to pull hub:9080/cardano:3.2.0-13: unable to pull image: Error initializing source docker://hub:9080/cardano:3.2.0-13: error pinging docker registry hub:9080: Get https://hub:9080/v2/: http: server gave HTTP response to HTTPS client\n"
Get podman info --debug with ansible
- name: get podman info --debug
command: podman info --debug
register: podman_info
Output
"stdout_lines": [
"debug:",
" compiler: gc",
" gitCommit: \"\"",
" goVersion: go1.10.1",
" podmanVersion: 1.9.0",
"host:",
" arch: amd64",
" buildahVersion: 1.14.8",
" cgroupVersion: v1",
" conmon:",
" package: 'conmon: /usr/libexec/podman/conmon'",
" path: /usr/libexec/podman/conmon",
" version: 'conmon version 2.0.15, commit: '",
" cpus: 12",
" distribution:",
" distribution: ubuntu",
" version: \"18.04\"",
" eventLogger: journald",
" hostname: podman",
" idMappings:",
" gidmap: null",
" uidmap: null",
" kernel: 4.15.0-72-generic",
" memFree: 63848034304",
" memTotal: 64331997184",
" ociRuntime:",
" name: runc",
" package: 'runc: /usr/sbin/runc'",
" path: /usr/sbin/runc",
" version: 'runc version spec: 1.0.1-dev'",
" os: linux",
" rootless: false",
" slirp4netns:",
" executable: \"\"",
" package: \"\"",
" version: \"\"",
" swapFree: 0",
" swapTotal: 0",
" uptime: 2h 46m 3.98s (Approximately 0.08 days)",
"registries:",
" hub:9080:",
" Blocked: false",
" Insecure: true",
" Location: hub:9080",
" MirrorByDigestOnly: false",
" Mirrors: []",
" Prefix: hub:9080",
" hub:9090:",
" Blocked: false",
" Insecure: true",
" Location: hub:9090",
" MirrorByDigestOnly: false",
" Mirrors: []",
" Prefix: hub:9090",
" search:",
" - docker.io",
" - quay.io",
"store:",
" configFile: /etc/containers/storage.conf",
" containerStore:",
" number: 0",
" paused: 0",
" running: 0",
" stopped: 0",
" graphDriverName: overlay",
" graphOptions: {}",
" graphRoot: /var/lib/containers/storage",
" graphStatus:",
" Backing Filesystem: extfs",
" Native Overlay Diff: \"true\"",
" Supports d_type: \"true\"",
" Using metacopy: \"false\"",
" imageStore:",
" number: 0",
" runRoot: /var/run/containers/storage",
" volumePath: /var/lib/containers/storage/volumes"
]
}
Run podman info --debug manually on the podman host
root@podman:~# podman info --debug
debug:
compiler: gc
gitCommit: ""
goVersion: go1.10.1
podmanVersion: 1.9.0
host:
arch: amd64
buildahVersion: 1.14.8
cgroupVersion: v1
conmon:
package: 'conmon: /usr/libexec/podman/conmon'
path: /usr/libexec/podman/conmon
version: 'conmon version 2.0.15, commit: '
cpus: 12
distribution:
distribution: ubuntu
version: "18.04"
eventLogger: journald
hostname: podman
idMappings:
gidmap: null
uidmap: null
kernel: 4.15.0-72-generic
memFree: 63875788800
memTotal: 64331997184
ociRuntime:
name: runc
package: 'runc: /usr/sbin/runc'
path: /usr/sbin/runc
version: 'runc version spec: 1.0.1-dev'
os: linux
rootless: false
slirp4netns:
executable: ""
package: ""
version: ""
swapFree: 0
swapTotal: 0
uptime: 2h 38m 23.83s (Approximately 0.08 days)
registries:
hub:9080:
Blocked: false
Insecure: true
Location: hub:9080
MirrorByDigestOnly: false
Mirrors: []
Prefix: hub:9080
hub:9090:
Blocked: false
Insecure: true
Location: hub:9090
MirrorByDigestOnly: false
Mirrors: []
Prefix: hub:9090
search:
- docker.io
- quay.io
store:
configFile: /etc/containers/storage.conf
containerStore:
number: 0
paused: 0
running: 0
stopped: 0
graphDriverName: overlay
graphOptions: {}
graphRoot: /var/lib/containers/storage
graphStatus:
Backing Filesystem: extfs
Native Overlay Diff: "true"
Supports d_type: "true"
Using metacopy: "false"
imageStore:
number: 0
runRoot: /var/run/containers/storage
volumePath: /var/lib/containers/storage/volumes
root@podman:~#
from ansible-podman-collections.
sshnaidm
commented on May 23, 2024
@atomlab any progress on that or new info?
Is it still an issue?
from ansible-podman-collections.
atomlab
commented on May 23, 2024
@sshnaidm unfortunately I don't found solution of this problem at the moment. I will try debug podman python library later.
from ansible-podman-collections.
swarred
commented on May 23, 2024
@atomlab @sshnaidm / To whom this helps, this is resolved by acknowledging the parameter documented here, setting validate_certs: false, not sure why the registries.conf is not acknowledged, assuming this might be related to ansible default user that is used?
from ansible-podman-collections.
commented on May 23, 2024
I am experiencing the same problem.
I think this is because validate_certs defaults to True here:
So later --tls-verify is always added, because it is not None:
ansible-podman-collections/plugins/modules/podman_image.py
Lines 525 to 529 in 2979955
Workaround
Set validate_certs to null in your ansible task.
from ansible-podman-collections.
Related Issues (20)
- Not idemponent when port is bound to `0.0.0.0` HOT 2
- Alias parameters "stop_timeout" and "time" for podman generate systemd HOT 3
- rootless always want to change the user HOT 3
- Incorrect documentation for `podman_image_info` return value HOT 1
- containers.podman.podman_secret fails if identical secret was create in playbook before HOT 1
- podman_network not idempotent when disable_dns is explicitly set
- No values returned from podman_container_exec on failures HOT 3
- `AttributeError: 'list' object has no attribute 'get'` trying to use collection on recent Fedora (podman 5.0?) HOT 2
- Env in container exec are wrongly double quoted HOT 2
- podman_container: pasta network breaks idempotency
- podman_login: why are tlsverify certdir mutually exclusive? HOT 6
- podman_pod_info raises JSONDecodeError for non-existant pod HOT 3
- Pushing an image with `/` in the name to a remote registry does not work HOT 4
- Issues pulling images with similar tags (cannot pull one with a shorter left substring than a pre-existing image) HOT 2
- podman network: support for "--route" option HOT 1
- podman_container: support for "--pull" option HOT 4
- Absent state with quadlet should remove quadlet file as well as podman resource. HOT 1
- Wrong Podman Secret Creation Behavior HOT 3
- Support shm-size when specifying a pod
- Pod not idemponent when port is bound to 0.0.0.0/ maybe same as issue #679
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ansible-podman-collections.