Toolbox broken again (crun update in 31.20191112.0)

cobratbq · 2019-11-19T18:19:30.138Z

Hmm, yeah. From first impression, it seems that rpm-ostree concludes that the manually upgraded crun-override is now ineffective. Consequently, one cannot reset the override. However, it seems that with a next upgrade, it might pin crun to the overridden version again.
So the reset needs to be performed upon the next upgrade. That makes it a bit nasty, as you’ll need to remember to do that then.

pluto · 2019-11-19T18:23:18.876Z

cobratbq:

Consequently, one cannot reset the override. However, it seems that with a next upgrade, it might pin crun to the overridden version again.

Known bug, if you mention the full package name on the reset rather than the package name, it should reset.

freelibre · 2019-11-19T20:24:57.751Z

Thanks @garrett everything is working fine after the update.

cryobry · 2019-11-20T03:17:22.002Z

I’m still having the same problem across all containers on F31 crun-0.10.6.

eskse · 2019-11-20T07:30:41.838Z

@cryobry, is your F31 upgraded from F30? If so check this https://fedoraproject.org/wiki/Common_F31_bugs#Podman_fails_to_run_containers_on_upgraded_systems_.28due_to_use_of_runc_runtime_with_cgroups_v2.29

stephan · 2019-11-20T08:54:37.486Z

I too had to perform rpm-ostree override reset crun like @blaster9678 mentioned before the latest crun package would be used instead of the earlier override. Latest crun package indeed fixes the issue.

cryobry · 2019-11-20T14:44:39.623Z

Yes, I’m using an upgraded F30->F31. podman info suggests I’m already using crun.

$ podman info
host:
  BuildahVersion: 1.11.3
  CgroupVersion: v2
  Conmon:
    package: conmon-2.0.2-1.fc31.x86_64
    path: /usr/bin/conmon
    version: 'conmon version 2.0.2, commit: 186a550ba0866ce799d74006dab97969a2107979'
  Distribution:
    distribution: fedora
    version: "31"
  IDMappings:
    gidmap:
    - container_id: 0
      host_id: 1001
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
    uidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
  MemFree: 2333261824
  MemTotal: 16659312640
  OCIRuntime:
    name: crun
    package: crun-0.10.6-1.fc31.x86_64
    path: /usr/bin/crun
    version: |-
      crun version 0.10.6
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +YAJL
  SwapFree: 17179865088
  SwapTotal: 17179865088
  arch: amd64
  cpus: 8
  eventlogger: journald
  hostname: fedora-laptop
  kernel: 5.3.11-300.fc31.x86_64
  os: linux
  rootless: true
  slirp4netns:
    Executable: /usr/bin/slirp4netns
    Package: slirp4netns-0.4.0-20.1.dev.gitbbd6f25.fc31.x86_64
    Version: |-
      slirp4netns version 0.4.0-beta.3+dev
      commit: bbd6f25c70d5db2a1cd3bfb0416a8db99a75ed7e
  uptime: 11h 52m 9.73s (Approximately 0.46 days)
registries:
  blocked: null
  insecure: null
  search:
  - docker.io
  - registry.fedoraproject.org
  - registry.access.redhat.com
  - registry.centos.org
  - quay.io
store:
  ConfigFile: /home/bryan/.config/containers/storage.conf
  ContainerStore:
    number: 5
  GraphDriverName: overlay
  GraphOptions:
    overlay.mount_program:
      Executable: /usr/bin/fuse-overlayfs
      Package: fuse-overlayfs-0.7-1.fc31.x86_64
      Version: |-
        fusermount3 version: 3.6.2
        fuse-overlayfs: version 0.7
        FUSE library version 3.6.2
        using FUSE kernel interface version 7.29
  GraphRoot: /home/bryan/.local/share/containers/storage
  GraphStatus:
    Backing Filesystem: extfs
    Native Overlay Diff: "false"
    Supports d_type: "true"
    Using metacopy: "false"
  ImageStore:
    number: 21
  RunRoot: /run/user/1000
  VolumePath: /home/bryan/.local/share/containers/storage/volumes

And libpod.conf (It had already been regenerated as part of my troubleshooting):

$ cat ~/.config/containers/libpod.conf 
volume_path = "/home/bryan/.local/share/containers/storage/volumes"
image_default_transport = "docker://"
runtime = "crun"
runtime_supports_json = ["crun", "runc"]
runtime_supports_nocgroups = ["crun"]
conmon_path = ["/usr/libexec/podman/conmon", "/usr/local/libexec/podman/conmon", "/usr/local/lib/podman/conmon", "/usr/bin/conmon", "/usr/sbin/conmon", "/usr/local/bin/conmon", "/usr/local/sbin/conmon", "/run/current-system/sw/bin/conmon"]
conmon_env_vars = ["PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"]
cgroup_manager = "systemd"
init_path = ""
static_dir = "/home/bryan/.local/share/containers/storage/libpod"
tmp_dir = "/run/user/1000/libpod/tmp"
max_log_size = -1
no_pivot_root = false
cni_config_dir = "/etc/cni/net.d/"
cni_plugin_dir = ["/usr/libexec/cni", "/usr/lib/cni", "/usr/local/lib/cni", "/opt/cni/bin"]
infra_image = "k8s.gcr.io/pause:3.1"
infra_command = "/pause"
enable_port_reservation = true
label = true
network_cmd_path = ""
num_locks = 2048
lock_type = "shm"
events_logger = "journald"
events_logfile_path = ""
detach_keys = "ctrl-p,ctrl-q"
SDNotify = false
cgroup_check = true
[runtimes]
crun = ["/usr/bin/crun", "/usr/local/bin/crun"]
runc = ["/usr/bin/runc", "/usr/sbin/runc", "/usr/local/bin/runc", "/usr/local/sbin/runc", "/sbin/runc", "/bin/runc", "/usr/lib/cri-o-runc/sbin/runc", "/run/current-system/sw/bin/runc"]

zyklon · 2019-12-07T17:10:59.841Z

I still had this issue with most recent FSB31 (crun v0.10.6-1) and my container was created in F31. I had to delete whole ~/.local/share/containers and re-create. Two questions:

Can we specify ostree to retain more than two images?
Are both old and new toolbox containers now included in CI, that would be really nice!