在Alpine Docker中添加openssh软件包。

huangapple go评论76阅读模式
英文:

Adding openssh package to alpine docker

问题

以下是您的翻译内容:

我有以下的Dockerfile:

FROM alpine:latest
RUN apk update
RUN apk add --no-cache curl openssh sshpass rsync
#等等

以及这个docker-compose.yml:

[...]
services:
  my-container:
    build:
      context: ./my-folder
      dockerfile: Dockerfile
    container_name: my-container
    restart: unless-stopped
    #等等

我运行以下命令:

docker-compose up -d --remove-orphans --build

在构建过程中我得到了这个错误:

=> ERROR [3/7] RUN apk add --no-cache curl openssh sshpass rsync                                                                                                                                               3.7s
------
 > [3/7] RUN apk add --no-cache curl openssh sshpass rsync:
#0 1.448 fetch https://dl-cdn.alpinelinux.org/alpine/v3.18/main/aarch64/APKINDEX.tar.gz                                                                                                                              
#0 1.859 fetch https://dl-cdn.alpinelinux.org/alpine/v3.18/community/aarch64/APKINDEX.tar.gz                                                                                                                         
#0 2.732 ERROR: unable to select packages:                                                                                                                                                                           
#0 2.741   openssh-client-common-9.3_p1-r3:
#0 2.741     breaks: openssh-client-default-9.3_p2-r0[openssh-client-common=9.3_p2-r0]

无论如何我都无法弄清楚这个问题。我尝试将alpine镜像版本更改为其他选项,我运行了docker builder prune,以防这是某种缓存问题。我还尝试强制使用openssh的特定版本号,并且只运行RUN apk add --no-cache openssh,但错误仍然出现。

非常感谢您的任何想法。

编辑:回答评论中的问题。

Docker在Raspberry Pi OS(64位)上运行,已完全更新。

$ docker version
Client: Docker Engine - Community
 Version:           24.0.4
 API version:       1.43
 Go version:        go1.20.5
 Git commit:        3713ee1
 Built:             Fri Jul  7 14:50:52 2023
 OS/Arch:           linux/arm64
 Context:           default

Server: Docker Engine - Community
 Engine:
  Version:          24.0.4
  API version:      1.43 (minimum version 1.12)
  Go version:       go1.20.5
  Git commit:       4ffc614
  Built:            Fri Jul  7 14:50:52 2023
  OS/Arch:          linux/arm64
  Experimental:     false
 containerd:
  Version:          1.6.21
  GitCommit:        3dce8eb055cbb6872793272b4f20ed16117344f8
 runc:
  Version:          1.1.7
  GitCommit:        v1.1.7-0-g860f061
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0
英文:

I have the following Dockerfile:

FROM alpine:latest
RUN apk update
RUN apk add --no-cache curl openssh sshpass rsync
#etc

And this docker-compose.yml:

[...]
services:
  my-container:
    build:
      context: ./my-folder
      dockerfile: Dockerfile
    container_name: my-container
    restart: unless-stopped
    #etc

And I'm running this command:

docker-compose up -d --remove-orphans --build

I'm getting this error on build:

 => ERROR [3/7] RUN apk add --no-cache curl openssh sshpass rsync                                                                                                                                               3.7s
------                                                                                                                                                                                                               
 > [3/7] RUN apk add --no-cache curl openssh sshpass rsync:                                                                                                                                                          
#0 1.448 fetch https://dl-cdn.alpinelinux.org/alpine/v3.18/main/aarch64/APKINDEX.tar.gz                                                                                                                              
#0 1.859 fetch https://dl-cdn.alpinelinux.org/alpine/v3.18/community/aarch64/APKINDEX.tar.gz                                                                                                                         
#0 2.732 ERROR: unable to select packages:                                                                                                                                                                           
#0 2.741   openssh-client-common-9.3_p1-r3:
#0 2.741     breaks: openssh-client-default-9.3_p2-r0[openssh-client-common=9.3_p2-r0]

And for the life of me I cannot figure this out. I tried changing the the alpine image version to a few other options, I ran docker builder prune just in case this was some kind of caching problem. I also tried forcing specific versions numbers for openssh and running just with RUN apk add --no-cache openssh, but the error still appeared.

Any ideas would be very much appreciated.

EDIT: answers to comments.

Docker is running on Raspberry Pi OS (64 bit), fully updated.

$ docker version
Client: Docker Engine - Community
 Version:           24.0.4
 API version:       1.43
 Go version:        go1.20.5
 Git commit:        3713ee1
 Built:             Fri Jul  7 14:50:52 2023
 OS/Arch:           linux/arm64
 Context:           default

Server: Docker Engine - Community
 Engine:
  Version:          24.0.4
  API version:      1.43 (minimum version 1.12)
  Go version:       go1.20.5
  Git commit:       4ffc614
  Built:            Fri Jul  7 14:50:52 2023
  OS/Arch:          linux/arm64
  Experimental:     false
 containerd:
  Version:          1.6.21
  GitCommit:        3dce8eb055cbb6872793272b4f20ed16117344f8
 runc:
  Version:          1.1.7
  GitCommit:        v1.1.7-0-g860f061
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

答案1

得分: 3

我们在过去的一周左右在我们的GitLab管道上遇到了相同的问题,这些管道在按需的AWS t2.Large实例上运行脚本,运行在docker:git容器中(运行平台架构=amd64,操作系统=Linux,修订版=79704081,版本=16.0.1)。

.gitlab-ci.yml

deploy:
    stage: deploy
    image: docker:git
    services: 
        - docker:dind
    before_script:
        - apk update
        - apk add openssh gettext ca-certificates

结果是:

> $ apk add openssh gettext ca-certificates
ERROR: unable to select packages:
openssh-client-common-9.3_p1-r3:
breaks: openssh-client-default-9.3_p2-r0[openssh-client-common=9.3_p2-r0]

修复方法是从apk add中删除openssh

我认为这个问题与Alpine的这个发布有关,其中包含了OpenSSH的安全修复。注意到openssh-client-default已经存在于Alpine中,并且与我们尝试添加的版本冲突,这使我们意识到我们可以只删除add

英文:

We got the same issue for the last week or so on our gitlab pipelines running on on-demand aws t2.Large instances running scripts in docker:git containers (Runtime platform arch=amd64 os=linux revision=79704081 version=16.0.1).

.gitlab-ci.yml

deploy:
    stage: deploy
    image: docker:git
    services: 
        - docker:dind
    before_script:
        - apk update
        - apk add openssh gettext ca-certificates

Resulting in:

> $ apk add openssh gettext ca-certificates
ERROR: unable to select packages:
openssh-client-common-9.3_p1-r3:
breaks: openssh-client-default-9.3_p2-r0[openssh-client-common=9.3_p2-r0]

The fix was to remove the openssh from apk add

I think the issue was related to this Alpine release with a security fix for OpenSSH. Noticing that openssh-client-default is already in Alpine, and is conflicting with the version that we are trying to add, made us realize that we can just remove the add.

答案2

得分: 0

The openssh-client(及其依赖项openssh-client-common)在镜像中安装的版本比软件包仓库中的版本旧。当您尝试安装更新的openssh服务器软件包时,会与旧的公共软件包发生冲突。我认为升级镜像上的软件包应该可以解决这个问题:

RUN apk update && apk --no-cache upgrade
# 或者,为了减小影响:
RUN apk update && apk --no-cache upgrade openssh-client

或者您可以等待较新的Alpine版本发布(应该已经可以使用)。

英文:

The openssh-client (and it's dependency openssh-client-common) that is installed in an image is older then the one in package repository. When you are trying to install a newer openssh server package, the conflict with older common packages occurs. I think upgrading the packages on the image should fix the issue:

RUN apk update && apk --no-cache upgrade
# or, for smaller impact:
RUN apk update && apk --no-cache upgrade openssh-client

Or you can wait for newer alpine version to be released (should work already).

huangapple
  • 本文由 发表于 2023年7月24日 18:42:36
  • 转载请务必保留本文链接:https://go.coder-hub.com/76753689.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定