Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Failures when building images with newer versions of the docker API #537

Closed
jalaziz opened this issue Oct 2, 2023 · 10 comments
Closed

Failures when building images with newer versions of the docker API #537

jalaziz opened this issue Oct 2, 2023 · 10 comments
Labels
bug Something isn't working

Comments

@jalaziz
Copy link
Contributor

jalaziz commented Oct 2, 2023

This project uses the shiplift crate to help access the Docker API in Rust. Unfortunately, the crate has not been updated to support newer versions of the Docker API. When attempting to build an enclave image using newer Docker API versions, the image build fails with:

[ E50 ] Docker image pull error. Such error appears when trying to build an EIF file, but pulling the corresponding docker image fails. In this case, the error backtrace provides detailed informatino on the failure reason.

I have traced this to shiplift not supporting the latest changes in the Docker API. This can be easily reproduced by testing with a newer version of Docker Desktop using the containerd image store.

Given that the shiplift crate has not been updated in some time, it may be best to replace the dependency.
@gram-signal
Copy link

Ran into this with the most recent released version of docker on Ubuntu 22.04 not being able to work with nitro-cli anymore. Prior to this, I was building my docker container in Ubuntu, then running nitro-cli within a container with -v /var/run/docker.sock:/var/run/docker.sock to expose the image for building. This no longer works, with the above error. Downgrading docker on Ubuntu to 5:23.0.0-1~ubuntu.22.04~jammy has allowed me to work around this for the moment. If you're like me and need to know how to do this, see the https://docs.docker.com/engine/install/ubuntu/#install-using-the-repository instructions clicking the Specific version tab in step 2.

@jplock
Copy link

jplock commented Mar 18, 2024

I'm consistently running into this with the latest version of Docker available on AmazonLinux2023

[ec2-user@i-xxxxxxx]$ docker version
Client:
 Version:           25.0.3
 API version:       1.44
 Go version:        go1.20.12
 Git commit:        4debf41
 Built:             Mon Feb 12 00:00:00 2024
 OS/Arch:           linux/amd64
 Context:           default

Server:
 Engine:
  Version:          25.0.3
  API version:      1.44 (minimum version 1.24)
  Go version:       go1.20.12
  Git commit:       f417435
  Built:            Mon Feb 12 00:00:00 2024
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.7.11
  GitCommit:        64b8a811b07ba6288238eefc14d898ee0b5b99ba
 runc:
  Version:          1.1.11
  GitCommit:        4bccb38cc9cf198d52bebf2b3a90cd14e7af8c06
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

@jplock
Copy link

jplock commented Mar 18, 2024

Confirmed that downgrading to Docker 24 (dnf downgrade docker), fixed the issue for me:

Client:
 Version:           24.0.5
 API version:       1.43
 Go version:        go1.20.10
 Git commit:        ced0996
 Built:             Tue Nov 14 00:00:00 2023
 OS/Arch:           linux/amd64
 Context:           default

Server:
 Engine:
  Version:          24.0.5
  API version:      1.43 (minimum version 1.12)
  Go version:       go1.20.10
  Git commit:       a61e2b4
  Built:            Tue Nov 14 00:00:00 2023
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.7.11
  GitCommit:        64b8a811b07ba6288238eefc14d898ee0b5b99ba
 runc:
  Version:          1.1.11
  GitCommit:        4bccb38cc9cf198d52bebf2b3a90cd14e7af8c06
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

@meerd
Copy link
Contributor

meerd commented Mar 18, 2024

We acknowledge this issue and will provide a fix soon. Currently, the only workaround is downgrading to Docker V24. @jalaziz

@meerd meerd added the bug Something isn't working label Mar 18, 2024
jalaziz added a commit to bastionplatforms/aws-nitro-enclaves-cli that referenced this issue Mar 19, 2024
@jalaziz
fix: Switch to bollard for docker API interaction
3563d1d 
The `shiplift` library which is currently used to interact with the
docker API is unmaintained. Switch to `bollard` which is an actively
maintained and fairly popular library.

This fixes aws#537
@jalaziz jalaziz mentioned this issue Mar 19, 2024
Closed
jalaziz added a commit to bastionplatforms/aws-nitro-enclaves-cli that referenced this issue Mar 19, 2024
@jalaziz
fix: Switch to bollard for docker API interaction
792f412 
The `shiplift` library which is currently used to interact with the
docker API is unmaintained. Switch to `bollard` which is an actively
maintained and fairly popular library.

This fixes aws#537
@jalaziz
Copy link
Contributor Author

jalaziz commented Mar 19, 2024

@meerd I've been working on a fix for this already. I've pushed it to #594. It's currently untested, but will be testing it soon.

@meerd
Copy link
Contributor

meerd commented Mar 19, 2024

@jalaziz Thank you for your valuable contribution to the project! It seems we were both working on the same issue concurrently, and I apologize for not noticing your submission earlier. 😊 I have reverted my changes and cherry-picked your commit into this pull request #595, with some minor modifications.

If you don't mind, I would like to continue working on my branch as I need to perform additional testing. Thank you again for your collaboration and understanding!

-Erdem

@jalaziz
Copy link
Contributor Author

jalaziz commented Mar 19, 2024

@jalaziz Thank you for your valuable contribution to the project! It seems we were both working on the same issue concurrently, and I apologize for not noticing your submission earlier. 😊 I have reverted my changes and cherry-picked your commit into this pull request #595, with some minor modifications.

If you don't mind, I would like to continue working on my branch as I need to perform additional testing. Thank you again for your collaboration and understanding!

-Erdem

I don't mind at all! Just wanted to help 🙏🏼

meerd pushed a commit to meerd/aws-nitro-enclaves-cli that referenced this issue Mar 20, 2024
@jalaziz @meerd
fix: Switch to bollard for docker API interaction
b7a3d8b 
The `shiplift` library which is currently used to interact with the
docker API is unmaintained. Switch to `bollard` which is an actively
maintained and fairly popular library.

This fixes aws#537

Signed-off-by: Erdem Meydanli <meydanli@amazon.com>
meerd pushed a commit to meerd/aws-nitro-enclaves-cli that referenced this issue Mar 29, 2024
@jalaziz @meerd
fix: Switch to bollard for docker API interaction
666c3dd 
The `shiplift` library which is currently used to interact with the
docker API is unmaintained. Switch to `bollard` which is an actively
maintained and fairly popular library.

This fixes aws#537

Signed-off-by: Erdem Meydanli <meydanli@amazon.com>
@meerd meerd closed this as completed in b371017 Apr 9, 2024
@thyagram-aws thyagram-aws mentioned this issue Apr 19, 2024
Closed
@volphy
Copy link

volphy commented Apr 26, 2024

When will the RPM package in Amazon Linux 2023 be available?

@volphy
Copy link

volphy commented May 14, 2024

It has been added to the latest AL 2023 release:
https://docs.aws.amazon.com/linux/al2023/release-notes/relnotes-2023.4.20240513.html#major-updates-2023.4.20240513

@erickearns
Copy link

It looks like the images on docker are several releases behind: https://hub.docker.com/_/amazonlinux

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@jplock @jalaziz @meerd @erickearns @volphy @gram-signal