Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

images/cross: should not use extremely large UID/GID #1403

Closed
AkihiroSuda opened this issue Jul 13, 2020 · 3 comments
Closed

images/cross: should not use extremely large UID/GID #1403

AkihiroSuda opened this issue Jul 13, 2020 · 3 comments
Labels
area/release-eng Issues or PRs related to the Release Engineering subproject kind/feature Categorizes issue or PR as related to a new feature. needs-priority sig/release Categorizes an issue or PR as relevant to SIG Release.

Comments

@AkihiroSuda
Copy link
Member

What would you like to be added:

The us.gcr.io/k8s-artifacts-prod/build-image/kube-cross image should not use UID/GID larger than > 65536.

Currently it contains files owned by 630384594:600260513

$ docker run --rm us.gcr.io/k8s-artifacts-prod/build-image/kube-cross:v1.14.4-2@sha256:a297fddaaa8f8e88620de1f94c44dbbf26aaaf5f256266bf5c7eca5f0f68f56d ls -l /usr/local/src/etcd
total 4
drwxr-xr-x 3 630384594 600260513 4096 May 21 19:54 etcd-v3.4.9-linux-amd64

Why is this needed:

For supporting Rootless Docker/Podman in kind build node-image.

On rootless Docker/Podman, the number of available UID/GID is constrained by the configuration of /etc/subuid and /etc/subgid.

On most distributions, only 65536 IDs are available by default, and extracting an image with UID/GID that exceeds 65536 fails.

$ docker --context=rootless pull  us.gcr.io/k8s-artifacts-prod/build-image/kube-cross:v1.14.4-2@sha256:a297fddaaa8f8e88620de1f94c44dbbf26aaaf5f256266bf5c7eca5f0f68f56d
sha256:a297fddaaa8f8e88620de1f94c44dbbf26aaaf5f256266bf5c7eca5f0f68f56d: Pulling from k8s-artifacts-prod/build-image/kube-cross
e9afc4f90ab0: Pull complete 
989e6b19a265: Pull complete 
af14b6c2f878: Pull complete 
5573c4b30949: Pull complete 
d4020e2aa747: Pull complete 
94fe4bf42ebf: Pull complete 
c24da2810430: Pull complete 
e8c6400dd796: Pull complete 
e25a5b8d1982: Pull complete 
321e1981dc98: Pull complete 
4c412dc30854: Pull complete 
62ee10cf606e: Pull complete 
fd7aefdaa420: Pull complete 
ddd50a4d0c25: Extracting [==================================================>]  17.53MB/17.53MB
180d49fdab31: Download complete 
failed to register layer: Error processing tar file(exit status 1): lchown /usr/local/src/etcd/etcd-v3.4.9-linux-amd64: invalid argument
@AkihiroSuda AkihiroSuda added area/release-eng Issues or PRs related to the Release Engineering subproject kind/feature Categorizes issue or PR as related to a new feature. sig/release Categorizes an issue or PR as relevant to SIG Release. labels Jul 13, 2020
@saschagrunert saschagrunert mentioned this issue Jul 13, 2020
Merged
@saschagrunert
Copy link
Member

Confirmed, preparing a fix in #1404

@saschagrunert
Copy link
Member

This should be fixed now
/close

@k8s-ci-robot
Copy link
Contributor

@saschagrunert: Closing this issue.

In response to this:

This should be fixed now
/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@ningziwen ningziwen mentioned this issue Dec 6, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/release-eng Issues or PRs related to the Release Engineering subproject kind/feature Categorizes issue or PR as related to a new feature. needs-priority sig/release Categorizes an issue or PR as relevant to SIG Release.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@saschagrunert @AkihiroSuda @k8s-ci-robot