Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

latest openjdk 11 images do not run on Docker with CentOS 7 #465

Closed
jpmaas opened this issue Aug 27, 2021 · 1 comment
Closed

latest openjdk 11 images do not run on Docker with CentOS 7 #465

jpmaas opened this issue Aug 27, 2021 · 1 comment

Comments

@jpmaas
Copy link

jpmaas commented Aug 27, 2021

We noticed that our maven builds were failing recently due to issues when using the official maven image based on openjdk 11.

However, after some investigation with the developers of the maven image, it was noted that at least the openjdk 11 images seem have a corrupted file system when run with a docker engine on CentOS 7.

The permissions of the file system inside the docker image run:

$ docker run -it openjdk:jdk-11-slim /bin/sh
# ls -la
ls: cannot access '.': Operation not permitted
ls: cannot access '..': Operation not permitted
ls: cannot access 'bin': Operation not permitted
ls: cannot access 'boot': Operation not permitted
ls: cannot access 'dev': Operation not permitted
ls: cannot access 'etc': Operation not permitted
ls: cannot access 'home': Operation not permitted
ls: cannot access 'lib': Operation not permitted
ls: cannot access 'lib64': Operation not permitted
ls: cannot access 'media': Operation not permitted
ls: cannot access 'mnt': Operation not permitted
ls: cannot access 'opt': Operation not permitted
ls: cannot access 'proc': Operation not permitted
ls: cannot access 'root': Operation not permitted
ls: cannot access 'run': Operation not permitted
ls: cannot access 'sbin': Operation not permitted
ls: cannot access 'srv': Operation not permitted
ls: cannot access 'sys': Operation not permitted
ls: cannot access 'tmp': Operation not permitted
ls: cannot access 'usr': Operation not permitted
ls: cannot access 'var': Operation not permitted
ls: cannot access '.dockerenv': Operation not permitted
total 0
d????????? ? ? ? ?            ? .
d????????? ? ? ? ?            ? ..
-????????? ? ? ? ?            ? .dockerenv
d????????? ? ? ? ?            ? bin
d????????? ? ? ? ?            ? boot
d????????? ? ? ? ?            ? dev
d????????? ? ? ? ?            ? etc
d????????? ? ? ? ?            ? home
d????????? ? ? ? ?            ? lib
d????????? ? ? ? ?            ? lib64
d????????? ? ? ? ?            ? media
d????????? ? ? ? ?            ? mnt
d????????? ? ? ? ?            ? opt
d????????? ? ? ? ?            ? proc
d????????? ? ? ? ?            ? root
d????????? ? ? ? ?            ? run
d????????? ? ? ? ?            ? sbin
d????????? ? ? ? ?            ? srv
d????????? ? ? ? ?            ? sys
d????????? ? ? ? ?            ? tmp
d????????? ? ? ? ?            ? usr
d????????? ? ? ? ?            ? var
# whoami
root

OS Information:

$ cat /etc/os-release 
NAME="CentOS Linux"
VERSION="7 (Core)"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="7"
PRETTY_NAME="CentOS Linux 7 (Core)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:centos:centos:7"
HOME_URL="https://www.centos.org/"
BUG_REPORT_URL="https://bugs.centos.org/"

CENTOS_MANTISBT_PROJECT="CentOS-7"
CENTOS_MANTISBT_PROJECT_VERSION="7"
REDHAT_SUPPORT_PRODUCT="centos"
REDHAT_SUPPORT_PRODUCT_VERSION="7"

Docker information:

$ sudo docker version
Client: Docker Engine - Community
 Version:           19.03.7
 API version:       1.40
 Go version:        go1.12.17
 Git commit:        7141c199a2
 Built:             Wed Mar  4 01:24:10 2020
 OS/Arch:           linux/amd64
 Experimental:      false

Server: Docker Engine - Community
 Engine:
  Version:          19.03.7
  API version:      1.40 (minimum version 1.12)
  Go version:       go1.12.17
  Git commit:       7141c199a2
  Built:            Wed Mar  4 01:22:45 2020
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.2.13
  GitCommit:        7ad184331fa3e55e52b890ea95e65ba581ae3429
 runc:
  Version:          1.0.0-rc10
  GitCommit:        dc9208a3303feef5b3839f4323d9beb36df0a9dd
 docker-init:
  Version:          0.18.0
  GitCommit:        fec3683

Our builds started failing yesterday after the update of the maven image has happened based on the update of openjdk two days ago. The issues can not be reproduced using the version openjdk:11.0.11-jdk-slim
@jpmaas jpmaas mentioned this issue Aug 27, 2021
Open
@tianon
Copy link
Member

tianon commented Aug 27, 2021

This is likely due to the update to Debian Bullseye -- you'll need to update Docker, runc, and likely libseccomp on your host.

Alternatively, you can pin to the Buster variants explicitly, but you'll want to deal with this properly sooner or later because the Buster variants won't be maintained forever (openjdk:11-jdk-slim-buster).

@tianon tianon closed this as completed Aug 27, 2021
@wglambert wglambert mentioned this issue Aug 30, 2021
Closed
@shwetha-manvinkurke shwetha-manvinkurke mentioned this issue Sep 8, 2021
Merged
This was referenced Sep 13, 2021
Closed
Closed
@wglambert wglambert mentioned this issue Sep 24, 2021
Closed
@Trjegul84 Trjegul84 mentioned this issue Feb 3, 2022
Closed
@sferich888 sferich888 mentioned this issue May 17, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tianon @jpmaas