Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

"podman run" hang with "centos:7" image on MacOS M1 Pro #22628

Closed
75033us opened this issue May 6, 2024 · 2 comments
Closed

"podman run" hang with "centos:7" image on MacOS M1 Pro #22628

75033us opened this issue May 6, 2024 · 2 comments
Labels
kind/bug Categorizes issue or PR as related to a bug. remote Problem is in podman-remote

Comments

@75033us
Copy link

75033us commented May 6, 2024

Issue Description

Just run on version 5.0.2 on the MacOS with M1 Pro

podman run -it --rm centos:7

Steps to reproduce the issue

Steps to reproduce the issue

brew install podman
podman machine init --now

# this works
podman run --rm hello-world

# this will stuck
podman run -it --rm centos:7

Describe the results you received

After the download of the image, it will hang:

$ podman run --arch amd64 -it --rm centos:7
Resolved "centos" as an alias (/etc/containers/registries.conf.d/000-shortnames.conf)
Trying to pull quay.io/centos/centos:7...
Getting image source signatures
Copying blob sha256:2d473b07cdd5f0912cd6f1a703352c82b512407db6b05b43f2553732b55df3bc
Copying config sha256:8652b9f0cb4c0599575e5a003f5906876e10c1ceb2ab9fe1786712dac14a50cf
Writing manifest to image destination

ctrl-C cannot break from it, and I have to use podman kill to stop the container.

Describe the results you expected

I expect the container run and return me the bash prompt.

For example, if I run with centos:8, I get the following:

$ podman run --arch amd64 -it --rm centos:8
Resolved "centos" as an alias (/etc/containers/registries.conf.d/000-shortnames.conf)
Trying to pull quay.io/centos/centos:8...
Getting image source signatures
Copying blob sha256:a1d0c75327776413fa0db9ed3adcdbadedc95a662eb1d360dad82bb913f8a1d1
Copying config sha256:5d0da3dc976460b72c77d94c8a1ad043720b0416bfc16c52c45d4847e53fadb6
Writing manifest to image destination
[root@656af507ecf8 /]#

podman info output

host:
  arch: arm64
  buildahVersion: 1.35.3
  cgroupControllers:
  - cpu
  - io
  - memory
  - pids
  cgroupManager: systemd
  cgroupVersion: v2
  conmon:
    package: conmon-2.1.10-1.fc39.aarch64
    path: /usr/bin/conmon
    version: 'conmon version 2.1.10, commit: '
  cpuUtilization:
    idlePercent: 98.34
    systemPercent: 0.6
    userPercent: 1.06
  cpus: 5
  databaseBackend: sqlite
  distribution:
    distribution: fedora
    variant: coreos
    version: "39"
  eventLogger: journald
  freeLocks: 2048
  hostname: localhost.localdomain
  idMappings:
    gidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 1000000
    uidmap:
    - container_id: 0
      host_id: 503
      size: 1
    - container_id: 1
      host_id: 100000
      size: 1000000
  kernel: 6.8.4-200.fc39.aarch64
  linkmode: dynamic
  logDriver: journald
  memFree: 197136384
  memTotal: 2047340544
  networkBackend: netavark
  networkBackendInfo:
    backend: netavark
    dns:
      package: aardvark-dns-1.10.0-1.fc39.aarch64
      path: /usr/libexec/podman/aardvark-dns
      version: aardvark-dns 1.10.0
    package: netavark-1.10.3-1.fc39.aarch64
    path: /usr/libexec/podman/netavark
    version: netavark 1.10.3
  ociRuntime:
    name: crun
    package: crun-1.14.4-1.fc39.aarch64
    path: /usr/bin/crun
    version: |-
      crun version 1.14.4
      commit: a220ca661ce078f2c37b38c92e66cf66c012d9c1
      rundir: /run/user/503/crun
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +LIBKRUN +WASM:wasmedge +YAJL
  os: linux
  pasta:
    executable: /usr/bin/pasta
    package: passt-0^20240405.g954589b-1.fc39.aarch64
    version: |
      pasta 0^20240405.g954589b-1.fc39.aarch64-pasta
      Copyright Red Hat
      GNU General Public License, version 2 or later
        <https://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
      This is free software: you are free to change and redistribute it.
      There is NO WARRANTY, to the extent permitted by law.
  remoteSocket:
    exists: true
    path: /run/user/503/podman/podman.sock
  security:
    apparmorEnabled: false
    capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
    rootless: true
    seccompEnabled: true
    seccompProfilePath: /usr/share/containers/seccomp.json
    selinuxEnabled: true
  serviceIsRemote: true
  slirp4netns:
    executable: /usr/bin/slirp4netns
    package: slirp4netns-1.2.2-1.fc39.aarch64
    version: |-
      slirp4netns version 1.2.2
      commit: 0ee2d87523e906518d34a6b423271e4826f71faf
      libslirp: 4.7.0
      SLIRP_CONFIG_VERSION_MAX: 4
      libseccomp: 2.5.3
  swapFree: 0
  swapTotal: 0
  uptime: 0h 21m 55.00s
  variant: v8
plugins:
  authorization: null
  log:
  - k8s-file
  - none
  - passthrough
  - journald
  network:
  - bridge
  - macvlan
  - ipvlan
  volume:
  - local
registries:
  search:
  - docker.io
store:
  configFile: /var/home/core/.config/containers/storage.conf
  containerStore:
    number: 0
    paused: 0
    running: 0
    stopped: 0
  graphDriverName: overlay
  graphOptions: {}
  graphRoot: /var/home/core/.local/share/containers/storage
  graphRootAllocated: 106769133568
  graphRootUsed: 9922105344
  graphStatus:
    Backing Filesystem: xfs
    Native Overlay Diff: "true"
    Supports d_type: "true"
    Supports shifting: "false"
    Supports volatile: "true"
    Using metacopy: "false"
  imageCopyTmpDir: /var/tmp
  imageStore:
    number: 4
  runRoot: /run/user/503/containers
  transientStore: false
  volumePath: /var/home/core/.local/share/containers/storage/volumes
version:
  APIVersion: 5.0.2
  Built: 1713312000
  BuiltTime: Tue Apr 16 19:00:00 2024
  GitCommit: ""
  GoVersion: go1.21.9
  Os: linux
  OsArch: linux/arm64
  Version: 5.0.2

Podman in a container

No

Privileged Or Rootless

None

Upstream Latest Release

Yes

Additional environment details

None

Additional information

As I mentioned before, I can run the container fine with "centos:8" or "centos:6".

I also hit the same issue with "docker.io/centos:7"

And, if I don't run /bin/bash, but any other command like ls, it will work:

$ podman run --arch amd64 -it --rm centos:7 ls
anaconda-post.log  bin	dev  etc  home	lib  lib64  media  mnt	opt  proc  root  run  sbin  srv  sys  tmp  usr	var

Something really strange about the /bin/bash on centos:7 doesn't work well with the podman.

I am able to run the centos:7 container with docker and no problem.
@75033us 75033us added the kind/bug Categorizes issue or PR as related to a bug. label May 6, 2024
@github-actions github-actions bot added the remote Problem is in podman-remote label May 6, 2024
@75033us
Copy link
Author

75033us commented May 6, 2024

Well, I dig deeper around the architecture mismatch, and usage of --arch.

So, I picked a centos:7 with arm64v8, and it works fine. I just ran the command in

$ podman run -it --rm arm64v8/centos:7
Resolving "arm64v8/centos" using unqualified-search registries (/etc/containers/registries.conf.d/999-podman-machine.conf)
Trying to pull docker.io/arm64v8/centos:7...
Getting image source signatures
Copying blob sha256:6717b8ec66cd6add0272c6391165585613c31314a43ff77d9751b53010e531ec
Copying config sha256:c9a1fdca3387618f8634949de4533419327736e2f5c618e3bfebe877aa331352
Writing manifest to image destination
[root@15d4a8b875e6 /]#

@ashley-cui
Copy link
Member

Closing, as it looks like it was an image issue. Please re-open if there is another issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/bug Categorizes issue or PR as related to a bug. remote Problem is in podman-remote
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ashley-cui @75033us